Security

does kubegrade execute changes directly in my cluster? kubegrade supports controlled execution models and is designed to keep humans in the loop in gitops workflows, changes are proposed as prs and applied through your gitops system after review/merge ( kubegrade ) can kubegrade run in private or regulated environments? yes, kubegrade publicly positions support for cloud, on prem, and hybrid environments exact deployment architecture depends on your setup and requirements ( kubegrade ) what permissions does the agent need? permissions depend on enabled modules and whether you use read only or execution enabled workflows start with least privilege and expand only as needed does kubegrade collect secrets? kubegrade should not collect secret values unless explicitly required for a configured integration secret handling behavior must be documented by deployment mode and integration