← Back to Visual Guide Index

🧩 Konflux Components Map

Complete directory of all 50+ microservices and infrastructure components

Konflux Ecosystem Statistics

50+ Total Components
13+ Core Service Repos
3 Environments (dev/staging/prod)
100% GitOps Managed via ArgoCD

📚 See the Architecture Repository for detailed service designs and ADRs

Component Categories
Core CI/CD Services (Build, Release, Integration)
Platform Services (Security, Dependencies, Multi-arch)
Developer Tools (UI, Templates, Quality)
Infrastructure (Auth, Secrets, Networking)
Monitoring & Operations (Metrics, Logs, Alerts)

💡 Source: All components shown here are deployed from the components/ directory in infra-deployments.

🔴

Core CI/CD Services

5 components
build-service
Kubernetes operator that manages the build lifecycle for Konflux applications. Creates Component CRs that reference Tekton PipelineRuns for container image builds. Supports multi-platform builds and integration with Tekton Chains for supply chain security.
Go Kubernetes Operator Tekton View on GitHub →
release-service
Kubernetes operator that manages the release lifecycle from snapshot to production. Creates Release CRs from validated Snapshots, executes ReleasePlans via Tekton pipelines to push artifacts to external registries, and creates GitHub/GitLab releases with release notes and SBOMs.
Go Kubernetes Operator Tekton View on GitHub →
integration-service
Kubernetes operator that orchestrates integration testing for application builds. Creates Snapshot CRs combining multiple components, triggers IntegrationTestScenarios via Tekton pipelines, and reports status back to GitHub PRs. Supports both PR-based and push-based triggers.
Go Kubernetes Operator Tekton View on GitHub →
pipeline-service
Tekton Pipelines service configuration and custom tasks. Provides the execution engine for CI/CD workflows.
Tekton YAML Kubernetes View on GitHub →
has (Hybrid Application Service)
Application management service that provides APIs for creating and managing applications and components in Konflux.
Go Kubernetes API REST View on GitHub →
🔵

Platform Services

8 components
multi-platform-controller
Manages multi-architecture container builds (x86_64, arm64, ppc64le, s390x). Coordinates remote builds across different architectures.
Go Multi-arch AWS/Azure View on GitHub →
enterprise-contract
Policy enforcement for supply chain security. Validates container images against security policies and compliance rules.
Go Policy as Code Conftest View on GitHub →
mintmaker
Dependency update management service. Automates dependency updates similar to Renovate bot for Konflux components.
Go Automation Kubernetes View on GitHub →
image-controller
Manages container image metadata and repository configuration. Handles image promotion and registry operations.
Go Quay.io Kubernetes Operator View on GitHub →
caching
Caching proxy service for hermetic builds. Provides dependency caching to ensure reproducible, offline-capable builds.
Go Squid Proxy Mage View on GitHub →
build-templates
Pre-built Tekton pipeline templates for common build scenarios. Provides reusable build configurations.
Tekton YAML Templates View on GitHub →
repository-validator
Validates source code repositories for security and compliance before allowing builds.
Go Security View on GitHub →
internal-services
Internal service request management. Handles internal API access and service-to-service communication.
Go Kubernetes Operator View on GitHub →
🟢

Developer Tools & Interfaces

6 components
konflux-ui
Web-based user interface for Konflux. React/TypeScript application providing visual interface for managing applications and pipelines.
React TypeScript PatternFly View on GitHub →
quality-dashboard
Quality metrics and analytics dashboard. Provides visibility into build success rates, test coverage, and quality trends.
React Grafana Metrics View on GitHub →
ci-helper-app
Helper tools and utilities for CI operations. Provides automation helpers for common CI/CD tasks.
Go CI/CD View on GitHub →
dora-metrics
DORA (DevOps Research and Assessment) metrics collection and reporting. Tracks deployment frequency, lead time, etc.
Python Metrics View on GitHub →
notification-controller
Manages notifications and alerts for pipeline events. Sends notifications via Slack, email, webhooks.
Go Webhooks View on GitHub →
smee-client
Webhook proxy client for development environments. Forwards GitHub webhooks to local Konflux instances.
Node.js Webhooks View on GitHub →
🟠

Infrastructure & Platform

15+ components
authentication
Authentication and authorization configuration. Manages RBAC, SSO, and access control for Konflux.
Kubernetes RBAC OAuth View Config →
external-secrets-operator
Integrates external secret management systems (AWS Secrets Manager, Vault). Syncs secrets into Kubernetes.
Kubernetes Operator Vault AWS View on GitHub →
cluster-secret-store
Cluster-wide secret store configuration. Provides centralized secret management across namespaces.
Kubernetes Secrets View Config →
cert-manager
Automatic TLS certificate management. Handles certificate issuance, renewal, and distribution.
Kubernetes TLS/SSL Let's Encrypt View on GitHub →
openshift-gitops (ArgoCD)
GitOps continuous delivery tool. Automatically syncs Git repository state to Kubernetes clusters.
ArgoCD GitOps Kubernetes View on GitHub →
kyverno
Kubernetes-native policy management. Validates, mutates, and generates Kubernetes resources based on policies.
Policy Engine Kubernetes View on GitHub →
knative-eventing
Event-driven architecture components. Provides event sources, channels, and subscriptions for async communication.
Knative Events View on GitHub →
kueue
Job queueing and resource management for batch workloads. Manages fair sharing of cluster resources.
Kubernetes Batch Processing View on GitHub →
crossplane-control-plane
Infrastructure as code using Kubernetes. Manages cloud resources (AWS, Azure, GCP) via Kubernetes APIs.
Crossplane IaC Multi-cloud View on GitHub →
backup
Backup and disaster recovery using Velero. Handles cluster backup, migration, and restore operations.
Velero S3 View on GitHub →
squid
HTTP caching proxy for hermetic builds. Provides network-level caching for build dependencies.
Squid Proxy Caching View Config →
project-controller
Multi-tenancy and project management. Creates and manages isolated project namespaces with quotas and RBAC.
Go Kubernetes Operator View on GitHub →
namespace-lister
Provides API for listing and discovering project namespaces. Used by UI and CLI tools.
Go REST API View on GitHub →
konflux-rbac
Role-based access control configuration for Konflux. Defines roles, permissions, and access policies.
Kubernetes RBAC YAML View Config →
policies
Centralized policy definitions for Konflux. Includes security policies, compliance rules, and governance.
OPA Policy as Code View Config →
🟣

Monitoring, Observability & Operations

10+ components
monitoring/prometheus
Prometheus metric collection and alerting. Scrapes metrics from all Konflux components and triggers alerts.
Prometheus PromQL Alerts View Config →
monitoring/grafana
Grafana dashboards for Konflux metrics. Provides visual dashboards for monitoring system health and performance.
Grafana Dashboards View Config →
o11y (Observability)
Observability stack configuration. Integrates metrics, logs, and traces for complete system visibility.
OpenTelemetry Jaeger Loki View on GitHub →
tracing
Distributed tracing infrastructure. Tracks requests across microservices for debugging and performance analysis.
Jaeger OpenTelemetry View Config →
monitoring/logging
Centralized log aggregation and querying using Loki. Collects logs from all Konflux components.
Loki Promtail View Config →
kubearchive
Kubernetes resource history and audit trail. Archives all Kubernetes resource changes for compliance and debugging.
Go PostgreSQL View on GitHub →
vector-tekton-logs-collector
Collects and forwards Tekton pipeline logs. Uses Vector for efficient log processing and routing.
Vector Tekton View Config →
monitoring/blackbox
Blackbox monitoring and synthetic checks. Probes external endpoints to verify system availability.
Prometheus Blackbox HTTP/TCP Probes View Config →
cost-management
Cloud cost tracking and optimization. Monitors and reports on infrastructure spending across environments.
FinOps Cost Tracking View Config →
etcd-shield
etcd backup and protection service. Ensures Kubernetes cluster state can be recovered in disaster scenarios.
etcd Backup View Config →