lukaszraczylo/kubemirror
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/kubemirror.git synced 2026-06-14 03:02:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add lazy watcher, improving resource usage; update website.

Browse Source
This commit is contained in:
Lukasz Raczylo
2025-12-27 01:28:46 +00:00
parent e560e183ec
commit 19e72e136a
11 changed files with 1813 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/discovery/discovery.go
+166 -1
View File
@@ -127,6 +127,7 @@ var deniedKinds = map[string]bool{
"ControllerRevision": true,
"PodMetrics": true,
"NodeMetrics": true,
"ReplicaSet": true, // Usually managed by Deployment
// Lease resources (used for leader election)
"Lease": true,
@@ -146,7 +147,171 @@ var deniedKinds = map[string]bool{
"APIService": true,
"ValidatingWebhookConfiguration": true,
"MutatingWebhookConfiguration": true,
}
// Storage resources - usually shouldn't be mirrored
"PersistentVolumeClaim": true,
"VolumeSnapshot": true,
"VolumeSnapshotContent": true,
// Longhorn resources - storage controller specific
"Engine": true,
"Replica": true,
"InstanceManager": true,
"ShareManager": true,
"BackingImageManager": true,
"BackingImageDataSource": true,
"Orphan": true,
"RecurringJob": true,
"EngineImage": true,
"BackingImage": true,
"BackupTarget": true,
"BackupVolume": true,
"Setting": true,
// ArgoCD/Argo resources - gitops/workflow specific
"Application": true,
"ApplicationSet": true,
"AppProject": true,
"Workflow": true,
"WorkflowTemplate": true,
"CronWorkflow": true,
"EventSource": true,
"EventBus": true,
"Sensor": true,
"AnalysisRun": true,
"AnalysisTemplate": true,
"Experiment": true,
"Rollout": true,
"WorkflowArtifactGCTask": true,
"WorkflowEventBinding": true,
"WorkflowTaskResult": true,
"WorkflowTaskSet": true,
// Cert-manager resources - certificate operator specific
"Certificate": true,
"CertificateRequest": true,
"Issuer": true,
"ClusterIssuer": true,
// External Secrets resources - secrets operator specific
"ExternalSecret": true,
"SecretStore": true,
"ClusterSecretStore": true,
"PushSecret": true,
// Generator resources
"ACRAccessToken": true,
"CloudsmithAccessToken": true,
"ECRAuthorizationToken": true,
"Fake": true,
"GCRAccessToken": true,
"GeneratorState": true,
"GithubAccessToken": true,
"Grafana": true,
"MFA": true,
"Password": true,
"QuayAccessToken": true,
"SSHKey": true,
"STSSessionToken": true,
"UUID": true,
"VaultDynamicSecret": true,
"Webhook": true,
// Kyverno resources - policy operator specific
"Policy": true,
"ClusterPolicy": true,
"PolicyException": true,
"NamespacedDeletingPolicy": true,
"NamespacedImageValidatingPolicy": true,
"NamespacedValidatingPolicy": true,
"CleanupPolicy": true,
"AdmissionReport": true,
"BackgroundScanReport": true,
"ClusterAdmissionReport": true,
"ClusterBackgroundScanReport": true,
"EphemeralReport": true,
"PolicyReport": true,
"UpdateRequest": true,
// Cilium resources - networking operator specific
"CiliumNetworkPolicy": true,
"CiliumClusterwideNetworkPolicy": true,
"CiliumEndpoint": true,
"CiliumIdentity": true,
"CiliumNode": true,
"CiliumExternalWorkload": true,
"CiliumLocalRedirectPolicy": true,
"CiliumEgressGatewayPolicy": true,
"CiliumGatewayClassConfig": true,
"CiliumNodeConfig": true,
"CiliumEnvoyConfig": true,
"CiliumClusterwideEnvoyConfig": true,
// Traefik Hub resources - API management specific
"API": true,
"APIAccess": true,
"APIAuth": true,
"APIBundle": true,
"APICatalogItem": true,
"APIPlan": true,
"APIPortal": true,
"APIPortalAuth": true,
"APIRateLimit": true,
"APIVersion": true,
"AIService": true,
"ManagedApplication": true,
"ManagedSubscription": true,
// Kong resources - API gateway specific
"KongConsumer": true,
"KongIngress": true,
"KongPlugin": true,
"KongClusterPlugin": true,
"KongUpstreamPolicy": true,
"KongConsumerGroup": true,
"TCPIngress": true,
"UDPIngress": true,
"IngressClassParameters": true,
// System Upgrade Controller
"Plan": true,
// Tor operator resources
"OnionService": true,
"OnionBalancedService": true,
"Tor": true,
// Gateway API resources - usually not mirrored
"Gateway": true,
"GatewayClass": true,
"HTTPRoute": true,
"TLSRoute": true,
"TCPRoute": true,
"UDPRoute": true,
"GRPCRoute": true,
"ReferenceGrant": true,
"BackendTLSPolicy": true,
// VictoriaMetrics operator resources
"VMAgent": true,
"VMAlert": true,
"VMAlertmanager": true,
"VMAlertmanagerConfig": true,
"VMAuth": true,
"VMCluster": true,
"VMNodeScrape": true,
"VMPodScrape": true,
"VMProbe": true,
"VMRule": true,
"VMServiceScrape": true,
"VMSingle": true,
"VMStaticScrape": true,
"VMScrapeConfig": true,
"VMUser": true,
"VMAnomaly": true,
// Jobs and workloads - usually shouldn't be mirrored
"Job": true,
"CronJob": true}
func isDeniedResourceType(kind string) bool {
return deniedKinds[kind]
pkg/discovery/discovery_test.go
+1 -1
View File
@@ -67,6 +67,7 @@ func TestIsDeniedResourceType(t *testing.T) {
{name: "Lease", kind: "Lease", want: true},
{name: "Namespace", kind: "Namespace", want: true},
{name: "ClusterRole", kind: "ClusterRole", want: true},
{name: "Certificate", kind: "Certificate", want: true}, // cert-manager resources are denied
// Should NOT be denied
{name: "Secret", kind: "Secret", want: false},
@@ -76,7 +77,6 @@ func TestIsDeniedResourceType(t *testing.T) {
{name: "Deployment", kind: "Deployment", want: false},
{name: "StatefulSet", kind: "StatefulSet", want: false},
{name: "Middleware", kind: "Middleware", want: false},
{name: "Certificate", kind: "Certificate", want: false},
}
for _, tt := range tests {