Skip to content

feat: add kubernetes plugin for kubectl, helm, stern, k9s#2

Open
solcik wants to merge 3 commits intomainfrom
feature/kubernetes-plugin
Open

feat: add kubernetes plugin for kubectl, helm, stern, k9s#2
solcik wants to merge 3 commits intomainfrom
feature/kubernetes-plugin

Conversation

@solcik
Copy link
Owner

@solcik solcik commented Feb 3, 2026

Summary

Add a new kubernetes plugin that provisions kubeconfig files for Kubernetes CLI tools.

Supported executables

  • kubectl - Kubernetes command-line tool
  • helm - Kubernetes package manager
  • stern - Multi-pod log tailing
  • k9s - Terminal UI for Kubernetes

How it works

  • Uses file-based provisioning to create a temporary kubeconfig file
  • Sets KUBECONFIG environment variable pointing to the temp file
  • Credential stored as complete kubeconfig YAML in "Credential" field
  • Includes importer to detect existing ~/.kube/config

Test plan

  • make kubernetes/validate passes
  • make kubernetes/build succeeds
  • Unit tests pass (go test ./plugins/kubernetes/...)
  • Full test suite passes (go test ./...)

@solcik solcik force-pushed the feature/kubernetes-plugin branch 2 times, most recently from e6fdca8 to 3f57f46 Compare February 3, 2026 15:33
@solcik
feat: add kubernetes and sops plugins
3a1d9c8 
Kubernetes plugin:
- kubectl, helm, stern, k9s support
- Base64-encoded kubeconfig stored in 1Password

SOPS plugin:
- sops, helm support
- Age secret key provisioning
@solcik solcik force-pushed the feature/kubernetes-plugin branch from 3f57f46 to 3a1d9c8 Compare February 3, 2026 16:17
solcik added 2 commits February 4, 2026 16:29
@solcik
feat(sops): add kubernetes credential to helm executable
00b79f0 
Helm with helm-secrets plugin now uses both SOPS and Kubernetes
credentials via cross-plugin reference. This enables helm to:
- Decrypt secrets using SOPS age key (SOPS_AGE_KEY env var)
- Connect to Kubernetes clusters (KUBECONFIG env var)

Removed ForCommand("secrets") auth restriction since helm always
needs kubeconfig for cluster operations.
@solcik
feat(sops): add helmfile executable for SOPS secret decryption
bc44dda 
Helmfile transparently calls helm-secrets during sync/lint/apply,
so it needs the SOPS_AGE_KEY injected via op plugin run.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@solcik