kubectl-protected is a kubectl plugin that verifies if the current context points to a protected cluster, helping prevent accidental actions.
To install the kubectl-protected plugin, you have two options: compile from source or download from the releases page.
-
Clone the repository:
git clone https://github.com/bivas/kubectl-protected.git cd kubectl-protected -
Build the plugin:
go build -o kubectl-protected cmd/protected/main.go
-
Move the binary to a directory in your PATH:
mv kubectl-protected /usr/local/bin/
-
Verify the installation:
kubectl protected --help
-
Visit the releases page of the project.
-
Download the appropriate binary for your operating system.
-
Move the binary to a directory in your PATH:
mv kubectl-protected /usr/local/bin/
-
Verify the installation:
kubectl protected --help
To use the kubectl-protected plugin, you need to create a YAML file that lists the protected clusters. By default, the plugin looks for this file at $HOME/.kube/protected.yaml.
protected:
- cluster1
- .*pattern.*To check if the current Kubernetes cluster is protected, run:
kubectl protected--silence-error-on-protected: Exit without error if the cluster is protected.--protected-file-path: Path to the file containing the list of protected clusters (default:$HOME/.kube/protected.yaml).
kubectl protected --protected-file-path /path/to/protected.yaml --silence-error-on-protectedThis command will check if the current cluster is protected based on the patterns defined in the specified YAML file and will not exit with an error if the cluster is protected.
Contributions are welcome! Please open an issue or submit a pull request on GitHub.
This project is licensed under the MIT License. See the LICENSE file for details.