Skip to content
/ qube Public

GraphQL API for Kubernetes cluster. Supports queries and mutations.

puzl.cloud

License

Apache-2.0 license
6 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

puzl-cloud/qube

BranchesTags

Repository files navigation

qube

qube is a GraphQL API provider for your Kubernetes cluster. It's working as a separate proxy above native Kubernetes API.

GraphQL schema is dynamically built from the openapi/swagger API specification exposed by the Kubernetes cluster.

What GraphQL primitives are working now

  • Queries
  • Mutations
  • Subscriptions

Authorization

qube supports the Bearer token auth flow in the same manner as Kubernetes API. Set Authorization header with your Kubernetes account token to pass the request.

Running

Requirements

node > 10

Run

npm start

Navigate to http://localhost:49020/ in your browser - this will launch the GraphQL Playground which you can use to interact with API.

Environment variables (settings)

NODE_ENV - string, set to production to mute stacktrace proxying to a client, see more here

IN_CLUSTER- bool, set to false if you run outside of Kubernetes cluster

KUBERNETES_HOST - string, path to Kubernetes cluster API, use with IN_CLUSTER=false

API_SCHEMA_FILE_PATH - string, set path to swagger.json, if you run qube outside of Kubernetes cluster and do not want provide it with any KUBE_SCHEMA_TOKEN

KUBE_SCHEMA_TOKEN - string, a token from account, which will be used to request OpenAPI schema of Kubernetes cluster, use with IN_CLUSTER=false and without API_SCHEMA_FILE_PATH

USE_JWT_AUTH - bool, set to false if you do not want to proxify client Authorization header to Kubernetes

REMOVE_PATHS - string, contains a comma-separated list of path strings that should be removed from the OpenAPI Specification (OAS) object. It's useful for dynamically excluding certain API endpoints or paths based on runtime configuration.

Notice: In case of USE_JWT_AUTH=false default token (or KUBE_SCHEMA_TOKEN) will be used for all user requests, which can be unsecure.

Examples

Create namespaced Secret

Query

mutation CreateSecretMutation($namespace: String!, $name: String!, $data: JSON) {
  createCoreV1NamespacedSecret(namespace: $namespace, ioK8sApiCoreV1SecretInput: {kind: "Secret", stringData: $data, metadata: {name: $name}}) {
    data
    type
    metadata {
      name
    }
  }
}

Variables

{
  "data": {"key": "value"},
  "namespace": "my-namespace",
  "name": "my-secret"
}

Get namespaced pods

Query

query GetPodsQuery($namespace: String!) {
  ioK8sApiCoreV1PodList(namespace: $namespace) {
    items {
      metadata {
        name
      }
      spec {
        hostname
        containers {
          image
          name
        }
      }
    }
  }
}

Variables

{
  "namespace": "my-namespace"
}

About

GraphQL API for Kubernetes cluster. Supports queries and mutations.

puzl.cloud

Topics

graphql kubernetes mutations kubernetes-api oas-to-graphql

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

6 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages