Find configuration drifts on Kubernetes resources or Helm charts running in your cluster.
Drifter scans your cluster for installed kubernetes components , installed Helm charts, then cross-checks them against the passed expectation file .
Using Drifter is easy. First, use go get to install the latest version
of the library.
go get -u github.com/ajayk/drifter@latest
Next, include Drifter in your application:
import "github.com/ajayk/drifter"drifter check -k /Users/drifter/.kube/config -c examples/gcp-gke-check.yamlDrifter check returns either an exit code of 0 (pass) or 2 (fail)
Usage Demo
Drifter yaml is easy to configure to check the expectations Currently supports 10 different type of validators
- helm
- namespaces
- deployments
- daemonsets
- statefulsets
- secrets
- configmaps
- ingress classes
- storage classes
- serviceaccounts
- clusterroles
check examples directory for each different type of validator
helm:
components:
- name: ingress-nginx
version: 4.2.3
appVersion: 1.2.0
- name: external-secrets-operator
version: 0.6.8 # just chart version check not checking for appVersion here
kubernetes:
namespaces:
- name: kube-system
- name: es
daemonsets:
- namespace: kube-system
names:
- anetd
- nvidia-gpu-device-plugin
- namespace: gmp-public
names:
- node-exporter
deployments:
- namespace: kube-system
names:
- kube-dns
statefulsets:
- namespace: gkebackup
names:
- gkebackup-agent
storage:
classes:
- filestore-premium-rwx
- filestore-standard-rwx
ingress:
classes:
- nginx