Keel extracts configuration from your cluster and does it's best to reduce complexity

Here are some frequently asked questions and answers:

Wait, does Keel monitor my git repository for changes?

No, Keel is only interested in your Docker image repositories like DockerHub, Quay, etc… Once the image update is detected via webhooks, polling or GCR pubsub Keel updates affected resources.

How does Keel know what repositories it should monitor?

Keel scans your Kubernetes environment, checking deployments and Helm charts looking for Keel configuration. In Kubernetes provider case it’s looking for a label keel.sh/policy=minor where value can be all/major/minor/patch. And if you are using Helm - it expects to find Keel config in values.yaml of your chart, more info here: https://keel.sh/user-guide/providers/#helm

If I have a private repository, how does Keel get credentials to authenticate to it?

Keel uses the same pod secrets that Kubernetes uses to pull the image so no additional configuration is required.

Can Keel monitor Helm chart updates?

No, Keel monitors only the image, if the chart is updated there is no way for Keel to know it. There were some requests to implement this feature so Keel could add support for this in the future.

Can I still have a final say whether to approve/reject updates?

Yes. You can specify how many approvals an update needs and vote via Slack, more info here: https://keel.sh/user-guide/approvals

Don’t you know I could just do it manually instead? Kubectl apply -f is so easy bleah bleah


How can I help?

Check Keel’s issues list and feel free to contribute. Donations are more than welcome on Patreon or Paypal.