-
Notifications
You must be signed in to change notification settings - Fork 700
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature]: Enable "--input" flag for parsing k8s information from files instead of requiring k8s connection #942
Comments
It's a really interesting idea, but there would be a lot of "State" to download and capture locally. Storing the initial data
Retrieving from files
|
This would be an excellent solution. |
I don't think it's difficult technically, just a little time consuming, because you'd need to pull all of the resources that we have analysers for. Probably one of the easiest ways would be to extend the analyser interface to explain the types it needs to go get, then iterate through that and store locally into files. I would say it's a few days of work |
That would be a great start, but double check if there are any missing needed resources when running "get all". I don't think you will get any custom CRD resources that might be relevant for instance. It would also be great if you can choose to mask any sensitive values such as "secrets" when running the "--save" command. |
@the-tech-pilot how you doing on this? Anything you want to have peer reviewed or help with? |
@ronaldpetty @the-tech-pilot I have been working on getting something like this done for my internal use case and I got it working without too much of code changes using the client-go' fake client and prepend reactor. I would be more than happy to contribute a full working version of this if it is acceptable. |
Right now, In my case, the files are named as |
Checklist
Is this feature request related to a problem?
None
Problem Description
Currently, the k8sgpt tool requires direct access to a kubeconfig and network access to the Kubernetes cluster to perform the scanning. This requirement creates some limitations, especially in environments with strict security policies or limited network connectivity.
This requirement, in combination with the need for a network connection to an instance running localAI further limits the flexibility.
This limitation makes it challenging to use the tool in isolated, on-prem solutions with limited internet access, or highly secure environments where such access is restricted or not feasible.
Solution Description
Introduce an --input flag for the gpt4all command that allows users to directly provide YAML files as input. These input files should be generated by running e.g. "kubectl get nodes -o yaml" or whatever input format k8sgpt can parse.
This feature would enable comprehensive scanning and analysis without the need for direct access to a kubeconfig or live connection to a Kubernetes cluster.
Additionally, also expand the documentation to inform the users what (e.g. kubectl) commands would need to be run to generate these files.
Benefits
Enables the use of k8sgpt in secure, isolated, or air-gapped environments by removing the direct dependency on kubeconfig and live cluster access.
Expands the tool's usability by facilitating offline analysis and testing against pre-generated data.
Potential Drawbacks
No response
Additional Information
No response
The text was updated successfully, but these errors were encountered: