KubeBuddy Radar API

← Back to Docs

KubeBuddy Radar API

Track releases and automate your DevOps workflows with the KubeBuddy Radar API.

Base URL

https://radar.kubebuddy.io/api/kb-radar/v1

Authentication

All endpoints require authentication. Use HTTP Basic Auth for API clients, or a logged-in browser session.

Go to Account -> Developer API Access
Create a key and copy it (shown once)
Keys are WordPress Application Passwords tied to your user
Use your WordPress username + the generated key

Example header:

Authorization: Basic base64(username:app_password)

How responses are formatted

Most responses include a success flag and a payload object or list.

Examples below are illustrative; fields may grow over time.

{
  "success": true,
  "data": {
    "example": "value"
  }
}

Endpoint matrix

Catalog Endpoints (Auth Required)

Requires authentication via browser session or API key. Responses are cached server-side for performance.

Endpoint	Purpose	Access
`GET /projects`	List projects (paginated, optional full releases)	Auth required
`GET /projects/{id}`	Single project with full release history	Auth required
`GET /projects/{id}/releases`	Paginated releases for a project	Auth required
`GET /stats`	Global statistics and totals	Auth required
`GET /recent-releases`	Recent release highlights	Auth required
`GET /popular-projects`	Most followed projects	Auth required

User Data Endpoints

Authentication required. These endpoints return personalized data for the authenticated user.

Endpoint	Purpose	Auth
`GET /subscriptions`	Your tracked projects	Required
`GET /feed`	Release feed from your subscriptions	Required
`GET /dashboard`	Account metadata and plan info	Required

Account Management Endpoints

Authentication required. Manage API keys and access credentials. Requires Pro or Pro Plus plan.

⚠️ Security Notice: These endpoints manage authentication credentials. Only use over HTTPS. Keys are shown once at creation. Rotate regularly and revoke unused keys.

Endpoint	Purpose	Auth
`GET /api-keys`	List your application passwords	Required
`POST /api-keys`	Create new application password	Required
`DELETE /api-keys/{uuid}`	Revoke application password	Required

Endpoint details

GET /projects

List all projects with pagination support.

Use this when you need a catalog to browse or index projects in your own UI. Returns basic project metadata by default, or full release history with include_releases=true. Supports search and CNCF status filtering.

Query params:

page (integer, default 1) – Page number for pagination
per_page (integer, default 20, max 100) – Results per page
search (string, optional) – Search term for project name, description, category, or repo URL
cncf_status (string, optional) – Filter by CNCF maturity: “graduated”, “incubating”, “sandbox”, or “open-source”
include_releases (string, “true” or “false”, default “false”) – Include full release history

# Basic pagination
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects?page=1&per_page=3"

# Search for projects
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects?search=kubernetes"

# Filter by CNCF status
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects?cncf_status=graduated&per_page=10"

{
  "page": 1,
  "per_page": 3,
  "total": 256,
  "total_pages": 86,
  "items": [
    {
      "id": 12,
      "name": "Argo CD",
      "description": "Declarative GitOps CD for Kubernetes",
      "category": "CI/CD",
      "cncf_status": "graduated",
      "homepage": "https://argo-cd.readthedocs.io",
      "docs_url": "https://argo-cd.readthedocs.io",
      "repo_url": "https://github.com/argoproj/argo-cd",
      "helm_chart_repo": null,
      "logo_url": "https://radar.kubebuddy.io/logos/argocd.png",
      "latest_version": "v2.10.4",
      "latest_published_at": "2024-06-02 10:35:20"
    }
  ]
}

With full release history:

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects?page=1&per_page=3&include_releases=true"

{
  "page": 1,
  "per_page": 3,
  "total": 256,
  "total_pages": 86,
  "items": [
    {
      "id": 12,
      "name": "Argo CD",
      "...": "...",
      "releases": {
        "app": [
          {
            "version": "v2.10.4",
            "published_at": "2024-06-02 10:35:20",
            "type": "app"
          }
        ],
        "helm": [],
        "pre": []
      }
    }
  ]
}

GET /projects/{id}

Get a single project with full release history and subscription details.

Use this to hydrate a project detail page with complete information including all releases.

Path params: id (project ID)

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects/12"

{
  "product": {
    "id": 12,
    "name": "Argo CD",
    "description": "Declarative GitOps CD for Kubernetes",
    "category": "CI/CD",
    "cncf_status": "graduated",
    "repo_url": "https://github.com/argoproj/argo-cd",
    "homepage": "https://argo-cd.readthedocs.io",
    "docs_url": "https://argo-cd.readthedocs.io",
    "logo_url": "https://radar.kubebuddy.io/logos/argocd.png",
    "releases": {
      "app": [
        {
          "version": "v2.10.4",
          "published_at": "2024-06-02 10:35:20",
          "type": "app",
          "notes": "Bug fixes and improvements"
        }
      ],
      "helm": [],
      "pre": []
    }
  }
}

GET /projects/{id}/releases

List releases for a project with pagination and filtering by release type.

Use this when you need a changelog timeline or release history view with pagination support.

Path params: id (project ID)

Query params:

type (string, default “app”) – Release type: app, helm, or pre
page (integer, default 1) – Page number
per_page (integer, default 20, max 100) – Items per page

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects/12/releases?type=app&page=1&per_page=5"

{
  "page": 1,
  "per_page": 5,
  "total": 42,
  "total_pages": 9,
  "items": [
    {
      "id": 1234,
      "version": "v2.10.4",
      "type": "app",
      "published_at": "2024-06-02 10:35:20",
      "notes": "Bug fixes and improvements"
    }
  ]
}

GET /stats

Global stats for dashboards and reporting.

Use this for quick aggregate counts without pulling full lists.

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/stats"

{
  "success": true,
  "total_projects": 256,
  "total_releases": 4021,
  "total_security_fixes": 82,
  "releases_last_7d": 45,
  "releases_last_30d": 178,
  "releases_last_90d": 534
}

GET /recent-releases

Highlight recent releases for landing pages and newsletters. Supports filtering by category and security status.

Use this to show what is new without scanning the entire catalog, with optional filters for security-focused monitoring or category-specific updates.

Query params:

limit (integer, default 2, max 20) – Number of releases to return
category (string, optional) – Filter by project category (e.g., “CI/CD”, “Networking”, “Storage”)
security_only (string, optional) – Set to “1” to show only releases with security fixes

# Basic recent releases
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/recent-releases?limit=2"

# Security releases only
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/recent-releases?limit=10&security_only=1"

# Recent CI/CD tool releases
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/recent-releases?limit=10&category=CI/CD"

{
  "success": true,
  "releases": [
    {
      "id": 12,
      "name": "Argo CD",
      "version": "v2.10.4",
      "published_at": "2024-06-02 10:35:20"
    }
  ]
}

GET /popular-projects

Most followed projects for discovery and onboarding.

Use this to surface trending tools or recommend popular projects.

Query params: limit (default 6)

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/popular-projects?limit=5"

{
  "success": true,
  "projects": [
    {
      "id": 12,
      "name": "Argo CD",
      "subscriber_count": 220
    }
  ]
}

GET /subscriptions

Return the projects the authenticated user is tracking.

Use this to build a user dashboard or sync tracked projects to another system.

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/subscriptions"

{
  "success": true,
  "subscriptions": [
    {
      "product_id": 12,
      "name": "Argo CD"
    }
  ]
}

GET /feed

Return recent releases from your subscriptions.

Use this to drive notifications or a personalized activity stream.

Query params: days (default 7)

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/feed?days=7"

{
  "success": true,
  "releases": [
    {
      "product_id": 12,
      "name": "Argo CD",
      "version": "v2.10.4",
      "published_at": "2024-06-02 10:35:20"
    }
  ]
}

GET /dashboard

Account metadata for the dashboard (plan, limits, counts).

Use this to show plan status and limits in your UI.

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/dashboard"

{
  "success": true,
  "plan": "Pro",
  "subscription_count": 8,
  "limit": 10
}

GET /api-keys

List application passwords for the authenticated user.

Use this to display active keys and allow rotation workflows.

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/api-keys"

{
  "keys": [
    {
      "uuid": "08f5c3f1-1f1c-4b3f-9c6f-7a9a1f0ddf7a",
      "name": "Staging",
      "created": "2024-06-02 10:35:20"
    }
  ],
  "limit": 3,
  "count": 1,
  "remaining": 2
}

POST /api-keys

Create a new application password for your account.

Use this when your user needs a new token for CI/CD or an integration.

Body: { "name": "Staging" }

curl -u "username:app_password" \
  -H "Content-Type: application/json" \
  -d "{\"name\":\"Staging\"}" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/api-keys"

{
  "success": true,
  "password": "abcd efgh ijkl mnop",
  "item": {
    "uuid": "08f5c3f1-1f1c-4b3f-9c6f-7a9a1f0ddf7a",
    "name": "Staging",
    "created": "2024-06-02 10:35:20"
  }
}

DELETE /api-keys/{uuid}

Revoke an application password so it can no longer be used.

Use this to disable compromised keys or clean up unused credentials.

curl -u "username:app_password" \
  -X DELETE \
  "https://radar.kubebuddy.io/api/kb-radar/v1/api-keys/08f5c3f1-1f1c-4b3f-9c6f-7a9a1f0ddf7a"

{
  "success": true
}

API key management & security

Key Management Overview

GET /api-keys returns keys for the logged-in user only (cannot view other users’ keys)
New keys are shown once at creation time – store them securely immediately
Keys are WordPress Application Passwords tied to your user account
Each key has a UUID for management and a friendly name for identification

Key Limits by Plan

Free: No API key access (requires Pro or Pro Plus)
Pro: 3 active keys
Pro Plus: 10 active keys

Security Best Practices

🔒 Key Security Guidelines

Never commit keys to git – Use environment variables or secret managers
Use separate keys per integration – Makes rotation and revocation easier
Rotate keys regularly – Create new key, update integration, revoke old key
Revoke unused keys immediately – Reduce attack surface
Use descriptive names – “Production CI”, “Staging Server”, etc.
Monitor key usage – Check dashboard logs for suspicious activity
Store securely – Use password managers or secrets vaults (1Password, HashiCorp Vault, AWS Secrets Manager)

Key Rotation Example

Automated key rotation workflow:

# 1. Create new key with current credentials
curl -u "$CURRENT_USER:$CURRENT_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name":"Production CI - New"}' \
  "https://radar.kubebuddy.io/api/kb-radar/v1/api-keys"

# 2. Extract new password from response
NEW_KEY="rVkQ yW8m..."

# 3. Test new key
curl -u "$CURRENT_USER:$NEW_KEY" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/dashboard"

# 4. Update your CI/CD environment variable
# (implementation depends on your CI system)

# 5. Revoke old key
curl -u "$CURRENT_USER:$NEW_KEY" \
  -X DELETE \
  "https://radar.kubebuddy.io/api/kb-radar/v1/api-keys/OLD_UUID"

Performance Best Practices

Use pagination: Don’t fetch all projects at once. Use per_page=100 and iterate through pages.
Use server-side filtering: Use search, cncf_status, category, and security_only parameters to filter data on the server rather than fetching everything and filtering client-side.
Conditional release data: Only request include_releases=true when you need full history. Omit it for listing pages.
Cache responses: Catalog responses are cached server-side. Cache on your side for 1-5 minutes for better performance.
Filter early: Use query parameters to filter data server-side rather than fetching everything and filtering client-side.
Batch requests: If you need data for multiple projects, consider using /projects with filters instead of multiple single-project requests.
Monitor security efficiently: Use security_only=1 on /recent-releases for focused security monitoring instead of scanning all releases.

Error Responses

401 Unauthorized
You are not authenticated.

403 Forbidden
You are authenticated but not allowed (plan or role restriction).

429 Too Many Requests
Rate limit exceeded on authenticated endpoints.

Quick Examples

Basic cURL Examples

Catalog endpoint (auth required):

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects?per_page=3"

Search and filter projects:

# Search for Kubernetes-related projects
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects?search=kubernetes&per_page=10"

# Get only CNCF graduated projects
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/projects?cncf_status=graduated&per_page=20"

Filter recent releases:

# Get recent security releases only
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/recent-releases?limit=10&security_only=1"

# Get recent CI/CD tool releases
curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/recent-releases?limit=10&category=CI/CD"

Authenticated endpoint:

curl -u "username:app_password" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/feed?days=7"

PowerShell Example

Catalog endpoints (auth required):

$base = "https://radar.kubebuddy.io/api/kb-radar/v1"
$user = "your_username"
$pass = "your application password"
$token = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes("$user`:$pass"))
$headers = @{ Authorization = "Basic $token" }

# Search for projects
$projects = Invoke-RestMethod -Uri "$base/projects?search=kubernetes&per_page=10" -Headers $headers
$projects.items | ForEach-Object { Write-Host "$($_.name) - $($_.category)" }

# Get CNCF graduated projects
$graduated = Invoke-RestMethod -Uri "$base/projects?cncf_status=graduated&per_page=20" -Headers $headers
Write-Host "Found $($graduated.total) graduated projects"

# Get recent security releases
$security = Invoke-RestMethod -Uri "$base/recent-releases?limit=10&security_only=1" -Headers $headers
$security.releases | ForEach-Object { Write-Host "$($_.name) $($_.version) - $($_.security_severity)" }

Authenticated endpoints:

$base = "https://radar.kubebuddy.io/api/kb-radar/v1"
$user = "your_username"
$pass = "your application password"

$token = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes("$user`:$pass"))
$headers = @{ Authorization = "Basic $token" }

Invoke-RestMethod -Uri "$base/feed?days=7" -Headers $headers

Python Example

import requests
from requests.auth import HTTPBasicAuth

base_url = "https://radar.kubebuddy.io/api/kb-radar/v1"
auth = HTTPBasicAuth("your_username", "your_app_password")

# Get your subscriptions
response = requests.get(f"{base_url}/subscriptions", auth=auth)
data = response.json()

for sub in data.get('subscriptions', []):
    print(f"{sub['name']} - {sub['latest_version']}")

Node.js Example

const axios = require('axios');

const baseURL = 'https://radar.kubebuddy.io/api/kb-radar/v1';
const auth = {
  username: 'your_username',
  password: 'your_app_password'
};

async function getRecentReleases() {
  try {
    const response = await axios.get(`${baseURL}/feed?days=7`, { auth });
    console.log(response.data);
  } catch (error) {
    console.error('Error:', error.response?.data || error.message);
  }
}

getRecentReleases();

Real-World Use Cases

Use Case 1: Slack Bot for Release Notifications

# Run every 15 minutes via cron
#!/bin/bash
USER="your_username"
PASS="your_app_password"
SLACK_WEBHOOK="https://hooks.slack.com/services/YOUR/WEBHOOK"

# Get releases from last 30 minutes
RESPONSE=$(curl -s -u "$USER:$PASS" \
  "https://radar.kubebuddy.io/api/kb-radar/v1/feed?days=1")

# Parse and post to Slack
echo "$RESPONSE" | jq -r '.releases[] | 
  select(.published_at > (now - 1800 | todate)) | 
  "New release: \(.name) \(.version)"' | \
while read line; do
  curl -X POST -H 'Content-type: application/json' \
    --data "{\"text\":\"$line\"}" \
    "$SLACK_WEBHOOK"
done

Use Case 2: Dashboard Widget

// Fetch and display tracked projects in a web dashboard
async function loadTrackedProjects() {
  const response = await fetch(
    'https://radar.kubebuddy.io/api/kb-radar/v1/subscriptions',
    {
      headers: {
        'Authorization': 'Basic ' + btoa('username:password')
      }
    }
  );
  
  const data = await response.json();
  const container = document.getElementById('projects');
  
  data.subscriptions.forEach(project => {
    container.innerHTML += `
      
        ${project.name}
        ${project.latest_version}
      
    `;
  });
}

Use Case 3: CI/CD Pipeline Check

# GitHub Actions workflow to check if dependency has new release
- name: Check Argo CD Version
  run: |
    LATEST=$(curl -s -u "$USER:$PASS" \
      "https://radar.kubebuddy.io/api/kb-radar/v1/projects/12" | \
      jq -r '.project.releases.app[0].version')
    CURRENT=$(cat .argocd-version)
    
    if [ "$LATEST" != "$CURRENT" ]; then
      echo "::warning::New Argo CD version available: $LATEST (current: $CURRENT)"
      echo "latest_version=$LATEST" >> $GITHUB_OUTPUT
    fi

FAQ

Authentication & Keys

Do Free accounts get API keys?
API key management (creating/listing/deleting keys) requires a Pro or Pro Plus subscription. However, all users (including free accounts) can authenticate using browser sessions to access catalog endpoints like /projects, /stats, and /recent-releases.

Where do I find my username?
It is shown in Account → Developer API Access. This is your WordPress username (user_login), not your email.

Can I use my email address for authentication?
No. You must use your WordPress username (shown in your account dashboard).

Why does my key only show once?
For security. Application passwords are hashed and cannot be retrieved later. Store it safely when created, or revoke and create a new one.

What happens if I lose my API key?
Revoke it and create a new one. Old keys cannot be recovered.

Can I see other users’ API keys?
No. You can only view and manage your own keys. This prevents unauthorized access.

API Usage

How do I get all projects with their releases?
Use GET /projects?include_releases=true&per_page=100 and paginate through all pages.

What’s the difference between /projects and /projects?include_releases=true?
Without the parameter, you get basic metadata only (faster, smaller). With it, you get full release history (slower, larger). Use the basic version for listings, full version for detail views.

Are responses cached?
Catalog responses are cached server-side with WordPress transients. Browser sessions also cache privately for a short TTL.

Can I filter projects by category or CNCF status?
Yes! Use ?cncf_status=graduated on /projects, ?category=CI/CD on /recent-releases, and ?security_only=1 for security-focused queries.

Caching & Performance

How can I optimize API performance?

Use pagination instead of fetching all data
Only request include_releases=true when needed
Cache responses on your end for 5-15 minutes
Use conditional requests with ETag headers

Troubleshooting

I’m getting 401 Unauthorized errors
Check that: (1) You’re using your WordPress username, not email. (2) Your application password is correct. (3) The Authorization header is properly formatted.

I’m getting 403 Forbidden errors
You’re authenticated but don’t have permission. This usually means: (1) Your plan doesn’t include this feature. (2) You’ve hit your subscription limit.

My requests are timing out
Reduce per_page size or don’t use include_releases=true for large datasets. Break requests into smaller chunks.

Need help?

If something doesn’t work, contact support and include any error details.

Contact support

← Back to Docs