github/KubeDiagrams
1
0
Fork 0
mirror of https://github.com/philippemerle/KubeDiagrams.git synced 2026-02-14 10:00:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add External Secrets Operator example as discussed in https://github.com/philippemerle/KubeDiagrams/issues/62

Browse Source
This commit is contained in:
Philippe Merle
2025-10-24 14:20:53 +02:00
parent 60a009d255
commit e71aa716f8
10 changed files with 122 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@@ -104,6 +104,7 @@ Many other architecture diagrams are available into [examples/](https://github.c
1. [Argo](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/argo/)
1. [cert-manager](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/cert-manager/)
1. [External Secrets Operator](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/external-secrets/)
1. [Istio](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/istio/)
1. [Kube Prometheus Stack](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/kube-prometheus-stack/)
1. [LeaderWorkerSet API](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/lws/)
@@ -441,8 +442,8 @@ Currently, there are 16 unsupported Kubernetes resource types:
### Kubernetes custom resources
The mapping for any Kubernetes custom resources can be also defined into **KubeDiagrams** configuration files as illustrated in [examples/k0s/KubeDiagrams.yml](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/k0s/KubeDiagrams.yml#L10), [examples/kube-prometheus-stack/monitoring.coreos.com.kdc](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/kube-prometheus-stack/monitoring.coreos.com.kdc#L4), [examples/lws/KubeDiagrams.yml](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/lws/KubeDiagrams.yml#L19), and
[examples/argo/KubeDiagrams.yaml](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/argo/KubeDiagrams.yaml#L22).
The mapping for any Kubernetes custom resources can be also defined into **KubeDiagrams** configuration files as illustrated in [examples/k0s/KubeDiagrams.yml](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/k0s/KubeDiagrams.yml#L10), [examples/kube-prometheus-stack/monitoring.coreos.com.kdc](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/kube-prometheus-stack/monitoring.coreos.com.kdc#L4), [examples/lws/KubeDiagrams.yml](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/lws/KubeDiagrams.yml#L19),
[examples/argo/KubeDiagrams.yaml](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/argo/KubeDiagrams.yaml#L22), and [examples/external-secrets/external-secrets.io.kdc](https://github.com/philippemerle/KubeDiagrams/blob/main/examples/external-secrets/external-secrets.io.kdc#L1).
Following lists some custom resources already supported in [examples](https://github.com/philippemerle/KubeDiagrams/blob/main/examples).
| Kind | ApiGroup | Versions | Icon |
@@ -468,6 +469,8 @@ Following lists some custom resources already supported in [examples](https://gi
| `Certificate` | `cert-manager.io` | `v1alpha1` `v1alpha2` `v1` | ![Certificate](https://raw.githubusercontent.com/mingrammer/diagrams/refs/heads/master/resources/azure/web/app-service-certificates.png) |
| `ClusterIssuer` | `cert-manager.io` | `v1alpha1` `v1alpha2` `v1` | ![ClusterIssuer](https://raw.githubusercontent.com/mingrammer/diagrams/refs/heads/master/resources/aws/security/certificate-authority.png) |
| `Issuer` | `cert-manager.io` | `v1alpha1` `v1alpha2` `v1` | ![Issuer](https://raw.githubusercontent.com/mingrammer/diagrams/refs/heads/master/resources/aws/security/certificate-authority.png) |
| `ExternalSecret` | `external-secrets.io` | `v1alpha1` `v1beta1` `v1` | ![ExternalSecret](https://raw.githubusercontent.com/philippemerle/KubeDiagrams/refs/heads/main/examples/external-secrets/icons/ExternalSecret.png) |
| `SecretStore` | `external-secrets.io` | `v1alpha1` `v1beta1` `v1` | ![SecretStore](https://raw.githubusercontent.com/philippemerle/KubeDiagrams/refs/heads/main/examples/external-secrets/icons/SecretStore.png) |
### Kubernetes resources clustering

29
examples/external-secrets/README.md Normal file
View File

@@ -0,0 +1,29 @@
# External Secrets Operator Example
This example is dedicated to **[External Secrets Operator](https://external-secrets.io/)**.
## Instructions
Generate the Kubernetes architecture diagrams for **[External Secrets Operator](https://external-secrets.io/)**:
```sh
$ generate.sh
```
## Generated architecture diagrams
Architecture diagram for **[External Secrets Operator](https://external-secrets.io/)** Helm Chart:
![diagrams/external-secrets-helm-chart.png](diagrams/external-secrets-helm-chart.png)
Architecture diagram for **[Hazelops Web Helm Chart](https://artifacthub.io/packages/helm/hazelops/web)** using **[External Secrets Operator](https://external-secrets.io/)**:
![diagrams/hazelops-web.png](diagrams/hazelops-web.png)
Architecture diagram for **[Helmingapp Myapp Helm Chart](https://artifacthub.io/packages/helm/helmingapp/myapp)** using **[External Secrets Operator](https://external-secrets.io/)**:
![diagrams/helmingapp-myapp.png](diagrams/helmingapp-myapp.png)
Architecture diagram for **[create-databases/job-database Helm Chart](https://artifacthub.io/packages/helm/create-databases/job-database)** using **[External Secrets Operator](https://external-secrets.io/)**:
![diagrams/create-databases-job-database.png](diagrams/create-databases-job-database.png)

BIN
examples/external-secrets/diagrams/create-databases-job-database.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 70 KiB

BIN
examples/external-secrets/diagrams/external-secrets-helm-chart.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 381 KiB

BIN
examples/external-secrets/diagrams/hazelops-web.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 83 KiB

BIN
examples/external-secrets/diagrams/helmingapp-myapp.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 68 KiB

77
examples/external-secrets/external-secrets.io.kdc Normal file
View File

@@ -0,0 +1,77 @@
nodes:
#
# ExternalSecret
#
ExternalSecret/external-secrets.io/v1:
scope: Namespaced
custom_icon: icons/ExternalSecret.png
edges: |
# Edge to the secret store of this external secret
edges.add_edge_to(
"spec.secretStoreRef",
query_path(resource, "spec.secretStoreRef.name"),
get_namespace(resource),
query_path(resource, "spec.secretStoreRef.kind"),
query_path(resource, "apiVersion"),
"REFERENCE"
)
# Edge to the generated secret
edges.add_edge_to(
None,
get_name(resource),
get_namespace(resource),
"Secret",
"v1",
"OWNER"
)
nodes: |
# Create the secret for this external secret
nodes.append({
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
"name": get_name(resource),
"namespace": get_namespace(resource),
"labels": query_path(resource, "metadata.labels"),
"annotations": query_path(resource, "metadata.annotations")
}
})
ExternalSecret/external-secrets.io/v1alpha1: ExternalSecret/external-secrets.io/v1
ExternalSecret/external-secrets.io/v1beta1: ExternalSecret/external-secrets.io/v1
#
# SecretStore
#
SecretStore/external-secrets.io/v1:
scope: Namespaced
custom_icon: icons/SecretStore.png
edges: |
# Edge to the AWS Secrets Manager of this secret store
edges.add_edge_to(
"spec.provider.aws.service",
".",
None,
"SecretsManager",
"aws/v1",
"REFERENCE"
)
nodes: |
# Create an AWS Secrets Manager node if defined
provider_aws_service = query_path(resource, "spec.provider.aws.service")
if provider_aws_service is not None:
nodes.append({
"kind": "SecretsManager",
"apiVersion": "aws/v1",
"metadata": {
"name": provider_aws_service
}
})
SecretStore/external-secrets.io/v1alpha1: SecretStore/external-secrets.io/v1
SecretStore/external-secrets.io/v1beta1: SecretStore/external-secrets.io/v1
#
# AWS Secrets Manager
#
SecretsManager/aws/v1:
scope: Outside # of the Kubernetes world
diagram_node_classname: diagrams.aws.security.SecretsManager

11
examples/external-secrets/generate.sh Executable file
View File

@@ -0,0 +1,11 @@
#! /bin/sh
BIN=../../bin
# Generate diagrams for External Secrets Operator's Helm Chart
$BIN/helm-diagrams https://charts.external-secrets.io/external-secrets -o diagrams/external-secrets-helm-chart.png
# Generate diagrams for Helm Charts using External Secrets Operator
$BIN/helm-diagrams https://hazelops.github.io/charts/web -c external-secrets.io.kdc -o diagrams/hazelops-web.png
$BIN/helm-diagrams https://muhammedgamal760.github.io/Helm/myapp -c external-secrets.io.kdc -o diagrams/helmingapp-myapp.png
$BIN/helm-diagrams https://kubediscovery.github.io/helm-repo/job-database -c external-secrets.io.kdc -o diagrams/create-databases-job-database.png

BIN
examples/external-secrets/icons/ExternalSecret.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 30 KiB

BIN
examples/external-secrets/icons/SecretStore.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB