This list contains 212 configuration management tools, 42 secret management tools, and 4 related tools. Contributions are welcome.
Note that tools marked unreviewed may be out of scope for this repository.
- Generation (G): Given some non-Kubernetes configuration, returns Kubernetes manifests.
- Mutation (M): Given Kubernetes manifests, returns (possibly different) Kubernetes manifests.
- Validation (V): Given Kubernetes manifests, returns validation results.
- Deployment (D): Given Kubernetes manifest, makes Kubernetes API calls.
- Promotion (P): Enables promotion of Kubernetes manifests across environments.
- Sharing (S): Enables the packaging and/or distribution of Kubernetes manifests.
- In cluster (I): Runs in cluster.
- Local (L): Runs locally.
| Features | Languages | Notes | |
|---|---|---|---|
| Acorn | DI | ||
| Ansible | GDL | YAML, Jinja2, Python (for plugins) | Related: Kubernetes Collection; |
| apollo | Unreviewed; | ||
| AppController | DI | Abandoned; | |
| Archipa | Unreviewed; | ||
| Argo CD | DI | ||
| armada | Unreviewed; | ||
| autoapply | DI | YAML | |
| Bazel | DL | Starlark | Related: rules_gitops, rules_k8s; |
| Bicep | GDSL | Bicep | Related: Kubernetes provider, Kubernetes type definitions; |
| Broadway | Unreviewed; | ||
| cdk8s | GSL | TypeScript, Python, Java, Go | Related: cdk8s+; |
| Chartify | Unreviewed; | ||
| Checkov | VIL | YAML, Python | |
| clusterlint | VL | ||
| compose2kube | GL | YAML | Abandoned; |
| Config Sync | DI | ||
| config-lint | VL | Abandoned; | |
| configula | Unreviewed; | ||
| Conftest | VL | Rego | Related: Kubernetes policies; |
| Copper | VL | JavaScript | Abandoned; |
| Crossplane | GDI | Related: Ansible provider, Argo CD provider, Helm provider, Kubernetes provider, Terraform provider; | |
| CUE | GVSL | CUE | |
| Cuegen | GVSL | CUE | |
| Cyclops | GDI | graphical UI | |
| Datree | VIL | JSON schema, Rego | Abandoned; |
| Deis workflow | Unreviewed; | ||
| dekorate | GL | Java | |
| Deploymentizer | Unreviewed; | ||
| devspace | Unreviewed; | ||
| devtron | Unreviewed; | ||
| Dhall | GSL | Dhall | Related: dhall-kubernetes; |
| Draft | Unreviewed; | ||
| dxcfg | GL | JavaScript, TypeScript | Abandoned; |
| environment-operator | Unreviewed; | ||
| ERB-Hiera | Unreviewed; | ||
| fabric8 client | Unreviewed; | ||
| fabric8-mvn-plugin | Unreviewed; | ||
| fabrikate | Unreviewed; | ||
| flagger | Unreviewed; | ||
| flekszible | Unreviewed; | ||
| Flux v1 | DI | Abandoned; | |
| Flux v2 | DI | Related: Weave GitOps; | |
| foremast | Unreviewed; | ||
| Forge | Unreviewed; | ||
| Gatekeeper | MVI | Rego | External data support; |
| generator-kubegen | Unreviewed; | ||
| Gimlet | DI | Abandoned; | |
| gitkube | Unreviewed; | ||
| Glasskube | DSI | ||
| habitat | Unreviewed; | ||
| Helm | GDSL | Go Template | |
| helm-app-operator-kit | Unreviewed; | ||
| Helmfile | DL | YAML | |
| Helmsman | DL | TOML | |
| Helmwave | DL | YAML | |
| hull | Unreviewed; | ||
| Isopod | GVDL | Starlark | Abandoned; |
| jk | GL | JavaScript, TypeScript | Abandoned; Related: kubernetes module; |
| Jsonnet | GML | Jsonnet | Related: kube-libsonnet, k8s-gen, k8s-libsonnet; |
| jsPolicy | MVI | JavaScript, TypeScript | "Controller policies" support; |
| k-rail | MVI | any (gRPC) | Abandoned; |
| k82-icl | Unreviewed; | ||
| k8comp | GL | ERB (Ruby templating) | Abandoned; |
| k8s-app-engine | Unreviewed; | ||
| k8s-handle | GDL | Python, Jinja2 | |
| k8s-kotlin-dsl | Unreviewed; | ||
| k8sec | Unreviewed; | ||
| k8skonf | GSL | TypeScript | |
| k8spkg | MDL | Abandoned; | |
| kadet | GL | Python | |
| Kapitan | GML | YAML, Jsonnet, Jinja2, Python | |
| kapp | DL | ||
| kapp-controller | DI | ||
| karavel | Unreviewed; | ||
| Kargo | PI | Integrates with GitOps tools to promote changes across environments; | |
| Kargo Render | GL | YAML | |
| Kasane | ML | YAML, Jsonnet | Abandoned; |
| kb8or | GDL | YAML | Abandoned; |
| KCL | GMVSL | KCL | Related: Run KCL scripts as KRM functions; |
| kdeploy | Unreviewed; | ||
| KDL | GL | KDL | |
| Kedge | GDL | YAML | Abandoned; |
| Keel | DI | Updates container image version; | |
| kenv | ML | YAML | Abandoned; Injects environment variables in Pods; |
| Keptn | DI | ||
| kexpand | Unreviewed; | ||
| khelm | GML | ||
| kinitiras | MVI | CUE, YAML | Abandoned; Related: Run mutation policies locally; |
| Kluctl | GDIL | YAML, Jinja2 | |
| knot8 | Unreviewed; | ||
| ko | MDL | Limited to Go applications; | |
| Koki | Unreviewed; | ||
| Kompose | GL | YAML | |
| konfd | GI | Go template | Abandoned; |
| Konfigurator | Unreviewed; | ||
| konstellate | Unreviewed; | ||
| kontemplate | Unreviewed; | ||
| Kosko | GVL | JavaScript, TypeScript | |
| KOTS | DSIL | ||
| kploy | Unreviewed; | ||
| KPM | Unreviewed; | ||
| kpt | GMVDSL | YAML, Go, Typescript, Starlark, any (w/o SDK) | |
| kr8 | GL | Jsonnet | |
| kraan | DI | ||
| krane | GDL | ERB (Ruby templating) | |
| Kratix | GDI | ||
| kreate-kube | GL | YAML | |
| KSON | GL | KSON | |
| ksonnet | GVDSL | Jsonnet | Abandoned; Related: ksonnet-lib; |
| ktmpl | GL | Abandoned; | |
| kube-applier | DI | Abandoned; | |
| kube-score | VL | ||
| kubeapply | GDL | YAML, Starlark | Related: Terraform provider; |
| kubecfg | GDL | Jsonnet | |
| kubechecks | VI | ||
| Kubeconform | VL | ||
| kubectl | GVDL | ||
| kubectl-neat | ML | ||
| kubed | Unreviewed; | ||
| kubegen | GL | YAML, JSON, HCL | Abandoned; |
| Kubehiera | Unreviewed; | ||
| KubeLinter | VL | YAML | |
| kubenix | GL | Nix | Related: GTrunSec/kubenix, blaggacao/kubenix, xtruder/kubenix; |
| kuberig | Unreviewed; | ||
| kubernetes-deploy | Unreviewed; | ||
| Kubes | GDL | DSL | |
| Kubescape | VIL | Rego | External data support; |
| Kubeval | VL | Abandoned; | |
| KubeVela | GDIL | ||
| Kubevious | VL | DSL | |
| Kubewarden | MVI | any (WebAssembly) | |
| kubor | Unreviewed; | ||
| kuby | Unreviewed; | ||
| kuku | Unreviewed; | ||
| Kusion | GVDL | KCL | |
| kustomize | ML | YAML | |
| kustomizer | GMSL | ||
| kvert | GL | edn (Clojure) | Abandoned; |
| KY | Unreviewed; | ||
| Kyverno | GMVIL | YAML, CEL | External data support; |
| landscaper | Unreviewed; | ||
| Lingon | GL | Go | Abandoned; |
| lostromos | Unreviewed; | ||
| MAML | GL | MAML | |
| Marvin | VL | CEL | |
| Meshery | GDI | YAML | |
| Metaparticle | Unreviewed; | ||
| Microconfig | GL | ||
| mimic | GL | Go | |
| Monokle | GVDL | ||
| mortar | Unreviewed; | ||
| NAML | GDL | Go | |
| Nelm | GDSL | Go Template | Not yet extracted from werf as a standalone CLI; |
| Nickel | GMVL | Nickel | Related: nickel-kubernetes; |
| Nulecule | Unreviewed; | ||
| OpenCompose | GL | Abandoned; | |
| OpenRewrite | MVL | ||
| OpenShift templates | Unreviewed; | ||
| pack | Unreviewed; | ||
| PipeCD | DI | ||
| pipeline | Unreviewed; | ||
| Pkl | GSL | Pkl | Related: Kubernetes Pkl templates, Kubernetes Pkl examples, Other Pkl (Kubernetes) packages; |
| Pluto | VL | ||
| Podex | Unreviewed; | ||
| Polaris | MVIL | YAML, JSON Schema | |
| Popeye | VL | ||
| Project Syn | GMDSIL | YAML, Jsonnet, Jinja2, Python | Related: Commodore, Lieutenant API, Lieutenant Operator, Steward; |
| Psykube | GDL | YAML | Abandoned; |
| Puccini | Unreviewed; | ||
| Pulumi | GDL | JavaScript, TypeScript, Python, Go, C#, Visual Basic, F#, Java, YAML | Related: Kubernetes provider, Operator; |
| Puppet | Unreviewed; | ||
| puppetlabs-helm | Unreviewed; | ||
| qbec | Unreviewed; | ||
| Radius | DI | Bicep | |
| Razee | GDI | Abandoned; | |
| RCL | GL | RCL | |
| Rio | Unreviewed; | ||
| rok8s-scripts | Unreviewed; | ||
| Rubiks | Unreviewed; | ||
| Score | GL | YAML | Related: Helm integration; |
| SDLang | GL | SDLang | |
| Ship | DL | Abandoned; | |
| shipcat | GDL | YAML | Abandoned; |
| Shipit | DL | ERB (Ruby templating) | |
| shipper | Unreviewed; | ||
| Short | Unreviewed; | ||
| skaffold | Unreviewed; | ||
| Skipper | Unreviewed; | ||
| Skycfg | GL | Starlark, Go | |
| Skylark | Unreviewed; | ||
| Smith | Unreviewed; | ||
| specctl | GL | YAML | Supports generating manifests from docker compose files, and ECS Fargate task and service definitions; |
| Spread | Unreviewed; | ||
| Srvexpand | Unreviewed; | ||
| StackSet | Unreviewed; | ||
| sugarkube | Unreviewed; | ||
| Sveltos | DI | ||
| Tanka | GDSL | Jsonnet | |
| Telefonistka | PL | YAML | |
| Terraform | GDL | HCL | Related: Kubernetes provider, k8s provider, Kustomize provider, Helm provider; |
| Tilt | GMDL | Starlark | |
| Timoni | GDSL | CUE | |
| Trivy | VIL | ||
| Tye | GDL | Limited to .NET applications; | |
| Untrak | DL | YAML | Abandoned; Garbage collect untracked resources; |
| ValidatingAdmissionPolicy | VI | CEL | |
| ValidKube | MVL | ||
| werf | GDSL | YAML | |
| YAMLScript | GL | YAMLScript | |
| ytt | GMVL | YAML, Starlark | |
| Zora | VI | CEL |
- In cluster (I): Runs in cluster.
- Local (L): Runs locally.
- Application (A): Runs side-by-side with the application.
| Notes | |
|---|---|
| Argo Rollouts | Controller and set of CRDs which provide progressive delivery features; |
| Knative Serving | Set of CRDs used to define serverless workloads; |
| koreo | Orchestrates multi-step processes that react to events and manage Kubernetes resources; |
| kro | Define higher-level Kubernetes resources, composed of a multiple lower-level ones; |
- Kubernetes application management tools spreadsheet, retrieved 2024-11-18
- Kubetools, retrieved 2024-11-18
- Awesome Kubernetes Resources, retrieved 2024-11-18
- Awesome Kubernetes, retrieved 2024-11-18
- Awesome K8s, retrieved 2024-11-18
- Declarative application management in Kubernetes, retrieved 2025-02-09
- Kubernetes Configuration in 2024, retrieved 2025-02-09