Glasskube is a next-generation package manager for Kubernetes that eliminates the complexity of Helm charts and raw manifests by providing a unified CLI and GUI for installing, configuring, and updating Kubernetes applications. It’s designed for DevOps engineers, platform teams, and SREs who need to manage multiple Kubernetes workloads reliably and at scale. Glasskube solves the pain points of undocumented values.yaml files, manual dependency resolution, and inconsistent update workflows.
Built in Go using Kubernetes Custom Resource Definitions (CRDs), Glasskube leverages the Package and PackageInfo CRDs to manage package metadata and deployment state. It integrates with Artifact Hub, supports private repositories, and is GitOps-ready via standard Kubernetes manifests. Deployment options include CLI, GUI, and automated GitOps pipelines with Renovate integration.
What You Get
- GUI Package Browser - A web-based interface to discover, install, and manage Kubernetes packages with visual dependency trees and real-time status updates, eliminating the need to search Helm repos manually.
- Typesafe Package Configuration - Interactive CLI and UI forms for configuring packages with validated input fields, eliminating untyped values.yaml files and allowing injection from ConfigMaps and Secrets.
- Automatic Dependency Resolution - Packages automatically resolve and install dependencies in the correct namespaces, mimicking package managers like Homebrew and eliminating manual dependency chaining.
- Safe, Previewable Updates - Preview pending updates before applying them; all updates are validated by Glasskube’s test suite to prevent breaking changes in production clusters.
- GitOps-Ready CRDs - All packages are Kubernetes Custom Resources (Package and PackageInfo), enabling version-controlled, declarative management via Argo CD, Flux, or any GitOps tool.
- Multi-Repository Support - Use public repositories like Artifact Hub and configure private repositories to manage internal services, ensuring consistent, secure package distribution across teams.
Common Use Cases
- Managing multi-team Kubernetes workloads - A platform team uses Glasskube to centrally manage cert-manager, ingress-nginx, and Prometheus for 20+ development teams, ensuring consistent configurations and automatic updates.
- Deploying internal microservices - An engineering org publishes private Glasskube packages for internal APIs and databases, allowing developers to install them with one command instead of cloning and templating Helm charts.
- Reducing onboarding time for new engineers - New hires install monitoring stacks like Kube Prometheus with a few clicks in the GUI, without needing deep Helm or Kustomize expertise.
- Automating cluster upgrades in GitOps pipelines - A DevOps team uses Renovate to auto-update Glasskube Package CRs in their Git repo, triggering Argo CD to apply safe, tested updates across staging and production clusters.
Under The Hood
Architecture
- Clear separation of concerns through distinct command binaries for CLI, package operator, and certificate management, each with dedicated responsibilities
- Modular codebase organized with pkg/ for reusable components and internal/ for encapsulated implementation details, preventing external dependencies
- Kubernetes operator pattern implemented via CRDs, controllers, and auto-generated manifests, with dependency injection through explicit initialization in configuration and controller packages
- Frontend assets decoupled from the Go backend via static file serving and API endpoints, managed through a separate npm-based build system with HTMX and custom theming
Tech Stack
- Go 1.24 backend with static, CGO-free binaries for all components, deployed in minimal distroless containers for security and size efficiency
- Kubernetes operator framework powered by controller-gen and kubebuilder, with auto-generated CRDs and RBAC manifests ensuring consistency and compliance
- Comprehensive CI/CD pipeline using Goreleaser, Renovate, and GitHub Actions for reproducible builds, automated dependency updates, and container image publishing
- Frontend built with HTMX and Bootstrap, bundled via esbuild, and integrated into the Go monorepo through npm scripts for seamless asset compilation
Code Quality
- Extensive BDD-style testing with Ginkgo and Gomega, featuring structured test setups and realistic Kubernetes client mocks for controllers and webhooks
- Strong type safety through well-defined API structs, custom error types, and robust validation logic, particularly in semver and dependency resolution modules
- Consistent naming conventions aligned with Kubernetes standards and clear interface-based dependency injection improving maintainability and testability
- Comprehensive test coverage for core logic including validation, dependency graphs, and webhook behavior, though some test suites lack explicit assertions
What Makes It Unique
- Native Kubernetes CRDs enable declarative, GitOps-style package management directly within the cluster, eliminating external package managers
- Built-in secret-backed authentication for package repositories integrated into CRDs, enabling secure, policy-driven sourcing without CLI dependencies
- Cluster-scoped package resources with automatic dependency resolution and namespace isolation create a unified, multi-tenant deployment model unique to Kubernetes-native package managers
- Annotation-driven default repository configuration allows dynamic, cluster-wide package source prioritization without hardcoded defaults
- Web UI features like one-click YAML clipboard integration and version datalists are deeply embedded in the control plane, enhancing operator experience without external tools