clemo/kubeviz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
61e08198531e7508b3e41013d926ddc4aa87b78c
kubeviz/README.md
Clemens Hering aafc95a551
All checks were successful
Deploy KubeViz / deploy (push) Successful in 12s
Details
CSP-Flag
2026-03-01 11:45:20 +01:00

127 lines
3.3 KiB
Markdown
Raw Blame History

# KubeViz
No-Node Kubernetes manifest visualizer built with Go + server-rendered HTML (HTMX + Alpine.js).
## Features
- Upload one or more Kubernetes manifest files, or paste YAML/JSON text
- Import manifests directly from a Git repository path
- Render Helm charts directly from Git repositories (`helm template`) and visualize output
- Parse multi-document manifests and `List.items`
- Visual graph with resource relationships and details panel
- Grouping/collapsing by namespace or kind
- Security and validation checks (privileged containers, missing limits/requests, unresolved refs, selector mismatch, duplicates)
- Configurable checks in UI (enable/disable individual rules)
- Manifest diff between base and target states
- Supported first-class resources:
- Deployment, StatefulSet, DaemonSet
- Service, Ingress
- ConfigMap, Secret
- PersistentVolumeClaim
- HorizontalPodAutoscaler
- Generic CRD/custom resource nodes
- Secret redaction (never exposes decoded secret values)
- Session-scoped in-memory dataset storage (no DB)
- SVG and PNG graph export endpoints
## Run locally
```bash
go run ./cmd/server
```
Open [http://localhost:8080](http://localhost:8080).
## Run locally with Docker
Build and run directly:
```bash
docker build -t kubeviz:local .
docker run --rm -p 8080:8080 \
-e ADDR=:8080 \
-e SESSION_TTL=30m \
-e MAX_UPLOAD_SIZE=5242880 \
-e COOKIE_SECURE=false \
-e LOG_LEVEL=info \
kubeviz:local
```
Optional Helm version override during build:
```bash
docker build --build-arg HELM_VERSION=v3.16.4 -t kubeviz:local .
```
Or with Compose:
```bash
docker compose up --build
```
Then open [http://localhost:8080](http://localhost:8080).
## Environment variables
- `ADDR` (default `:8080`)
- `SESSION_TTL` (default `30m`)
- `MAX_UPLOAD_SIZE` (bytes, default `5242880`)
- `COOKIE_SECURE` (`true`/`false`, default `true`)
- `APP_CSP_ENABLED` (`true`/`false`, default `true`) - disable when CSP is enforced by reverse proxy
- `GIT_ALLOWED_HOSTS` (CSV allowlist, default `github.com,gitlab.com,bitbucket.org`)
- `LOG_LEVEL` (default `info`)
## API endpoints
- `POST /api/manifests/parse`
- `POST /api/git/import`
- `POST /api/helm/render`
- `GET /api/graph`
- `POST /api/diff`
- `GET /api/resources/{id}`
- `GET /api/export/svg`
- `GET /api/export/png`
- `POST /api/session/clear`
## Test
```bash
GOCACHE=$(pwd)/.gocache go test ./...
```
## Deploy to Kubernetes
Manifests are in `deploy/k8s/`:
```bash
kubectl apply -f deploy/k8s/namespace.yaml
kubectl apply -f deploy/k8s/configmap.yaml
kubectl apply -f deploy/k8s/deployment.yaml
kubectl apply -f deploy/k8s/service.yaml
kubectl apply -f deploy/k8s/ingress.yaml
```
## Notes
- The built-in YAML parser is dependency-free and optimized for common Kubernetes manifest structures.
- v1 scope is visualization only (no apply/edit back to cluster).
- Container images use `dhi.io/golang:1.26` (builder and runtime) with a non-root runtime user.
- Runtime image includes `git` and `helm` for Git/Helm import endpoints.
## Deploy via Gitea (Podman + Quadlet on same VM)
- Workflow: `.gitea/workflows/deploy-kubeviz.yml`
- Script: `scripts/deploy-with-podman.sh`
Pipeline flow:
1. Build image locally on server with Podman
2. Tag as `localhost/kubeviz:prod`
3. Restart `kubeviz.service`
Use this in your Quadlet:
```ini
Image=localhost/kubeviz:prod
Pull=never
```
Reference in New Issue View Git Blame Copy Permalink