Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Node.js client library for Google's Kubernetes Kubectl And API
git clone https://github.com/Goyoo/node-k8s-client.git
npm install
npm run build
#test for test please install minikube
mocha test
npm install k8s
var K8s = require('k8s')
// use kubectl
var kubectl = K8s.kubectl({
endpoint: 'http://192.168.10.10:8080'
, namespace: 'namespace'
, binary: '/usr/local/bin/kubectl'
})
//use restful api
var kubeapi = K8s.api({
endpoint: 'http://192.168.10.10:8080'
, version: '/api/v1'
})
// Configure using kubeconfig
var kube = K8s.kubectl({
binary: '/bin/kubectl'
,kubeconfig: '/etc/cluster1.yaml'
,version: '/api/v1'
});
endpoint : URL for API
version : API Version
binary : Path to binary file
kubeconfig : Path to kubeconfig
:auth See below authentication section
:strictSSL If set to false, use of the API will not validate SSL certificate. Defualt is true.
Authentication to REST API is done via the auth
option. Currently supported authentication method types are username/password, token and client certificate. Presence of authentication details is checked in this order so if a token is specified as well as a client certificate then a token will be used.
Username/password:
{
"auth": {
"username": "admin",
"password": "123123"
}
}
Token:
{
"auth": {
"token": "hcc927ndkcka12"
}
}
Client certificate:
{
"auth": {
"clientKey": fs.readFileSync('k8s-client-key.pem'),
"clientCert": fs.readFileSync('k8s-client-cert.pem'),
"caCert": fs.readFileSync('k8s-ca-crt.pem')
}
}
// method GET
kubeapi.get('namespaces/default/replicationcontrollers', function(err, data){})
// method POST
kubeapi.post('namespaces/default/replicationcontrollers', require('./rc/nginx-rc.json'), function(err, data){})
// method PUT
kubeapi.put('namespaces/default/replicationcontrollers/nginx', require('./rc/nginx-rc.json'), function(err, data){})
// method PATCH
kubeapi.patch('namespaces/default/replicationcontrollers/nginx', [{ op: 'replace', path: '/spec/replicas', value: 2 }], function(err, data){})
// method DELETE
kubeapi.delete('namespaces/default/replicationcontrollers/nginx', function(err, data){})
// method GET
kubeapi.get('namespaces/default/replicationcontrollers').then(function(data){}).catch(function(err){})
// method POST
kubeapi.post('namespaces/default/replicationcontrollers', require('./rc/nginx-rc.json')).then(function(data){}).catch(function(err){})
// method PUT
kubeapi.put('namespaces/default/replicationcontrollers/nginx', require('./rc/nginx-rc.json')).then(function(data){}).catch(function(err){})
// method PATCH
kubeapi.patch('namespaces/default/replicationcontrollers/nginx', [{ op: 'replace', path: '/spec/replicas', value: 2 }]).then(function(data){}).catch(function(err){})
// method DELETE
kubeapi.delete('namespaces/default/replicationcontrollers/nginx').then(function(data){}).catch(function(err){})
!async function()
{
try
{
// method GET
const data1 = await kubeapi.get('namespaces/default/replicationcontrollers')
// method POST
const data2 = await kubeapi.post('namespaces/default/replicationcontrollers', require('./rc/nginx-rc.json'))
// method PUT
const data3 = await kubeapi.put('namespaces/default/replicationcontrollers/nginx', require('./rc/nginx-rc.json'))
// method PATCH
const data4 = await kubeapi.patch('namespaces/default/replicationcontrollers/nginx', [{ op: 'replace', path: '/spec/replicas', value: 2 }])
// method DELETE
const data5 = await kubeapi.delete('namespaces/default/replicationcontrollers/nginx')
}
catch(err){
console.log(err)
}
}()
var res = kubeapi.watch('watch/namespaces/default/pods', function(data){
// message
}, function(err){
// exit
}, [timeout])
kubeapi.watch('watch/namespaces/default/pods', [timeout]).subscribe(data=>{
// message
}, err=>{
// exit
})
//kubectl['type']['action]([arguments], [flags], [callback]): Promise
//callback
kubect.pod.delete('pod_name', function(err, data){})
kubect.pod.delete('pod_name', ['--grace-period=0'], function(err, data){})
//promise
kubect.pod.delete('pod_name').then()
kubect.pod.delete('pod_name', ['--grace-period=0']).then()
//async/await
const data = kubect.pod.delete('pod_name')
const data = kubect.pod.delete('pod_name',['--grace-period=0'])
kubectl.command('get pod pod_name --output=json', function(err, data){})
kubectl.command('get pod pod_name --output=json').then()
const data = await kubectl.command('get pod pod_name --output=json')
kubectl.pod.list(function(err, pods){})
//selector
var label = { name: nginx }
kubectl.pod.list(label, function(err, pods){})
kubectl.pod.get('nginx', function(err, pod){})
// label selector
kubectl.pod.list({ app: 'nginx' }, function(err, pods){})
kubectl.pod.create('/:path/pods/nginx.yaml'), function(err, data){})
kubectl.pod.delete('nginx', function(err, data){})
kubectl.pod.log('pod_id1 pod_id2 pod_id3', function(err, log){})
kubectl.rc.list(function(err, pods){})
kubectl.rc.get('nginx', function(err, pod){})
kubectl.rc.create('/:path/pods/nginx.yaml'), function(err, data){})
kubectl.rc.delete('nginx', function(err, data){})
kubectl.rc.rollingUpdate('nginx', 'nginx:vserion', function(err, data){})
kubectl.rc.rollingUpdateByFile('nginx', '/:path/rc/nginx-v2.yaml', function(err, data){})
kubectl.rc.scale('nginx', 3, function(err, data){})
kubectl.service.list(function(err, pods){})
kubectl.service.get('nginx', function(err, pod){})
kubectl.service.create('/:path/service/nginx.yaml'), function(err, data){})
kubectl.service.delete('nginx', function(err, data){})
kubectl.node.list(function(err, pods){})
kubectl.node.get('nginx', function(err, pod){})
kubectl.node.create('/:path/nodes/node1.yaml'), function(err, data){})
kubectl.node.delete('nginx', function(err, data){})
kubectl.namespace['fn']
kubectl.daemonset['fn']
kubectl.deployment['fn']
kubectl.secrets['fn']
kubectl.endpoint['fn']
kubectl.ingress['fn']
FAQs
Node.js client library for Google's Kubernetes Kubectl And API
The npm package k8s receives a total of 474 weekly downloads. As such, k8s popularity was classified as not popular.
We found that k8s demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.