Title
feat(audit): structured export inventory recording discovered, exported, and skipped resources
Output: what changes
After this issue — crane export writes an inventory alongside the exported resources:
$ crane export -n my-app -e ./export
... (normal output) ...
$ cat export/.crane-export-inventory.json
{
"schemaVersion": "v1",
"namespace": "my-app",
"timestamp": "2026-04-18T14:32:01Z",
"apiResourcesDiscovered": 127,
"apiResourcesAdmitted": 43,
"apiResourcesSkipped": 84,
"skippedReasons": {
"clusterScoped": 62,
"noObjects": 18,
"events": 1,
"unsupportedVerbs": 3
},
"resources": [
{
"apiVersion": "apps/v1",
"kind": "Deployment",
"count": 3,
"names": ["frontend", "backend", "worker"]
}
],
"failures": [
{
"kind": "ConfigMap",
"error": "Forbidden: configmaps is forbidden",
"errorType": "RBAC"
}
],
"totalExported": 47,
"totalFailed": 2
}
Description
Context
Today, export records failures in failures/<ns>/ but has no structured record of successes or skipped resources. There is no way to know how many API types were discovered vs. admitted without re-running with --debug.
User outcome
- Auditors can see exactly what was exported, what was skipped, and why.
- Support engineers can diagnose "missing resource" reports without cluster access.
Scope
- Define
ExportInventory struct in internal/audit/export_inventory.go.
- Collect discovery counts during
ExportOptions.Run() — admitted, skipped (with reasons), failed.
- Write
.crane-export-inventory.json at end of export.
Acceptance criteria
Title
feat(audit): structured export inventory recording discovered, exported, and skipped resourcesOutput: what changes
After this issue —
crane exportwrites an inventory alongside the exported resources:Description
Context
Today, export records failures in
failures/<ns>/but has no structured record of successes or skipped resources. There is no way to know how many API types were discovered vs. admitted without re-running with--debug.User outcome
Scope
ExportInventorystruct ininternal/audit/export_inventory.go.ExportOptions.Run()— admitted, skipped (with reasons), failed..crane-export-inventory.jsonat end of export.Acceptance criteria
crane exportwritesexport/.crane-export-inventory.json.go test ./...passes.