roadmap

what's shipping next.

short, themed milestones — every issue links straight to github. updated live from the milestone api on each request, with a 5-minute cache. no dates, just status. closed milestones drop to the changelog.

3 active milestones30 issues filed2 help-wanted →

v1.2

in progresson github →

Operator daily-driver layer — fill the everyday-pane features still missing after v1.1, with GPU + AI workload visibility as the headline.

●●●○○○○○○○○○○○○3 / 13 closed4 themes13 issues2 help-wanted

gpu + ai workload visibility

— pod ↔ gpu mapping layer (podresources gRPC + dcgm + dra + cost), idle gpu finder, dcgm reconciler.

8 issues

#202GPU + AI workload visibility — Pod↔GPU map, Idle GPU finder, DCGM reconciler (v1.2)epic #203gpu — backend: per-node DaemonSet with kubelet PodResources gRPC client #204gpu — backend: DCGM exporter service-discovery + Prometheus exposition scraper through agent tunnel #205gpu — frontend: Pod ↔ GPU map view (cluster → node → GPU → MIG/slice → bound pods + filters + sparklines)frontend #206gpu — frontend: Idle GPU finder view + cost estimation + namespace-owner attributionfrontend #207gpu — DCGM reconciler view (side-by-side raw vs. reconciled, label-gap auto-fix, confidence indicators)#208gpu — backend: DRA ResourceClaim/ResourceSlice/DeviceClass watcher + join with PodResources #209gpu — docs: usage/gpu.md + setup/gpu.md + architecture/gpu-visibility.md + Helm values referencedocumentation

operator shells

— in-browser cluster shell with single-row audit + rbac pre-flight; ssm-into-eks-nodes with per-user impersonation.

2 issues

#104web: in-browser cluster shell with impersonation + single-log audithelp wantedfrontend #105web: in-browser SSM shell into EKS nodes with per-user AWS impersonationfrontend

related-resources foundation

— rfc 0005 phase 0 — relationshipindex skeleton + pod ownerreferences extractor + <RelatedList> on the pod detail pane.

1 issue

#210relationships — Phase 0: RelationshipIndex skeleton + Pod ownerReferences extractor + <RelatedList> on pod detail pane (RFC 0005)

helm private oci

— pull from private ECR / GHCR / artifact registry via pod identity / IRSA — no static creds.

1 issue

#121Helm — private OCI auth via Pod Identity / IRSA (deferred from #76)help wanted

other

— issues not yet themed

1 issue

#224Drop retained-ownership SSA pattern in favor of pure minimal-diff appliestech-debt

v1.3

plannedon github →

AWS depth + observability + relationships — closes the loops v1.1 named, ingests every-identity audit, generalizes pod-relationship code into one centralized index.

○○○○○○○○○○○○○○○0 / 5 closed4 themes5 issues

iam effective-access

— conditions evaluated, SCPs + permission boundaries applied, cross-account sts:AssumeRole chain walking, fleet-wide reverse lookup, cloudtrail-driven cache invalidation.

1 issue

#211IAM effective-access — conditions, SCPs, boundaries, cross-account chains, fleet-wide reverse (v1.3)epic

compliance lens

— cloudtrail pod-correlation table + cluster-wide kube-apiserver audit ingestion — every action by every identity, one feed.

1 issue

#212AWS compliance lens — CloudTrail pod-correlation + cluster-wide kube-apiserver audit ingestion (v1.3)epic

related-resources bulk

— rfc 0005 phases 1+2 — ref-by-name extractors across 9 kinds + selector resolution (service / networkpolicy / pdb / endpointslice).

1 issue

cve polish

— cronjob cve-ownership chain on the security tab + per-nodegroup + per-nodepool cve chip rollup.

2 issues

#214cve — CronJob CVE-ownership chain on the Security tab (Pod → Job → CronJob walk)#215cve — frontend: per-NodeGroup + per-NodePool CVE chip rollup on the Nodes / Karpenter pagesfrontend

v1.4

plannedon github →

Agent-native — Periscope as an MCP-style tool host with an in-app chat surface.

○○○○○○○○○○○○○○○0 / 12 closed1 themes12 issues

agent-native

— llm provider abstraction + mcp-style tool registry over v1.1-v1.3 wire shapes + in-app chat surface (chatwidget + searchpalette /ask mode) + cost counter + prompt-injection mitigations.

12 issues

#151AI agent — in-app chat + tool registry (v1.4)epicagent #152agent — backend: LLM provider abstraction (Anthropic / OpenAI / Bedrock / Ollama)agent #153agent — backend: tool registry + ~15 read-only K8s/Helm/audit/EKS tool wrappersagent #154agent — backend: SSE /api/agent/chat handler + per-session permission stateagent #155agent — backend: agent_tool_call audit verb + Extra fields + cost integrationagent #156agent — backend: prompt-injection mitigations (tool-output framing + sanitization + per-turn tool restriction)agent #157agent — backend: cost counter + per-call/session/user/day limits + Helm valuesagent #158agent — frontend: foundation (zustand store, SSE transport, assistant-ui setup)agent #159agent — frontend: bottom-right ChatWidget (bubble + drag-resize + tool-call cards)agent #160agent — frontend: extend SearchPalette with /ask mode + permission UI (inline + destructive modal)agent #161agent — frontend: cost counter UI + audit AI Activity pageagent #162agent — docs: promote RFC draft to docs/rfcs/0005-ai-agent.md + operator guide + Helm values referenceagent

get involved

every roadmap issue links straight into github. PRs welcome — bug reports and feature requests use the issue templates so first-time contributions arrive with the context the maintainer keeps needing.

good first issue →help wanted →all v1.1 →contributing →