Open Source Insurance Innovation: Cover Whale Releases Password Generator, Tools for Kubernetes and Go to the Developer Community

open source

Harnessing the collective intelligence of a global community to solve complex problems. This was the bold strategy that enabled tech notables like Linux, Docker, and MongoDB to revolutionize their industries. How did they do it? By making their products’ source code freely available, allowing anyone to view, use, modify, and distribute their versions of the project. This process, called open sourcing, is a well-known concept in the software community that encourages product uptake and innovation.

Now, as the open-source ethos makes its way to the insurtech industry, we’re set for an exciting transformation that promises a generation of more robust, innovative, and user-focused solutions.

Many of the initiatives that have so far been called “open source” within the insurtech space, like Lemonade’s Policy 2.0—which enhances transparency by encouraging community input on policy structure—differ slightly from full spectrum open source development. They have, however,  created an initial dialogue between the provider and the user in a traditionally opaque industry.

For Cover Whale’s technology team, open-source software is a big deal. But we see it as more than a useful tool driving the creation of cleaner, more efficient products. It’s also a way to give back and build meaningful connections to the broader developer community.

Cover Whale’s Commitment to Open Source

In making good on our belief in open-source innovation, Cover Whale is committed to sharing as many of the utilities developed in-house as feasible with the broader developer community. We believe in the potential of collaboration and are excited to contribute to the evolving open source landscape.

That’s why we are releasing three new tools that will make life easier for the developer community under an Apache-2.0 license:

  • Kopts: A utility designed to simplify the creation process of Kubernetes manifests, helping developers achieve consistency and reliability across environments.
  • Logr: Built as an improvement over the standard Go logger for versions prior to 1.21, Logr fills in the gaps left by Go’s standard logger, offering a more comprehensive and useful logging system for developers.
  • Gopass: A password generator tool that adheres to strict security rules, providing developers with a focused solution for creating secure and rule-compliant passwords.

Unpacking Cover Whale’s Open Source Utilities

Now that we’ve introduced them, it’s time to delve deeper into each of these tools—what makes them tick, why they are helpful, and how they can streamline a developer’s daily tasks.


Born out of a need to simplify the process of creating Kubernetes object manifests, Kopts is an internal tool that helps us achieve consistency, reproducibility, and reliability across environments. It facilitates rapid generation of deployment configurations and other objects required for deploying applications on Kubernetes.

It’s not uncommon for Kubernetes developers to grapple with vast amounts of boilerplate when constructing API objects. The process becomes even more complex due to the detailed knowledge required for each object type and manual construction of the YAML. Kopts tackles these hurdles, allowing developers to focus on the desired configuration while it takes care of the manifest generation behind the scenes.

An example of Kopts in action:

Without using kopts:

var replicas = int32(1)
deployment := appsv1.Deployment{
    TypeMeta: metav1.TypeMeta{}
    ObjectMeta: metav1.ObjectMeta{
        Name: "mydeployment",
        Namespace: "mynamespace"
    Spec: appsv1.DeploymentSpec{
        Replicas: &replicas,
        Selector: &metav1.LabelSelector{
                MatchLabels: map[string]string{
                        "app": "myapp",
        Template: corev1.PodTemplateSpec{
            ObjectMeta: metav1.ObjectMeta{
                Name: "mypod",
                Labels: map[string]string{
                    "app": "myapp",
            Spec: corev1.PodSpec{
                Colntainers: []corev1.Container{
                        Name: "myapp",
                        Image: "myapp/myapp",
                        ImagePullPolicy: "IfNotPresent",
                        Env: []corev1.EnvVar{
                                Name: "SERVER_PORT",
                                Value: fmt.Sprintf("%d, 8080),

With Kopts:

c := kopts.NewContainer("myapp",
    kopts.ContainerEnvVar("SERVER_PORT", "8080"),

p := kopts.NewPodSpec("myapp",
    kopts.PodLabel("foo", "bar"),

d := kopts.NewDeployment("mydeployment",
    kopts.DeploymentSelector("app", "myapp"),

The Kopts library handles tasks like converting integers to strings when needed and ensuring output adheres to the API object specifications. Developers can operate at a higher level of intent without worrying about Kubernetes object structural minutiae. The tool shoulders the detailed tasks, significantly reducing the cognitive load on developers.

Developed using a functional option pattern, Kopts aligns closely with idiomatic practices common across many Go projects in the open-source ecosystem. It brings together the application and its deployment mechanism in one place, accelerating the development process. With Kopts, when we compile our code to generate containers, we can use that same binary to give us the deployment. This level of cohesion allows for rapid, consistent deployments while minimizing the opportunity for errors from managing changes across multiple locations.

One of the significant advantages brought by Kopts is its tight integration with source code. Our applications can now construct their own Kubernetes manifests programmatically. Being able to collocate the deployment definition within the service’s codebase itself empowers our developers to deploy faster and with confidence. This approach means things like controllers or manifest generation can be much simpler than before.

Looking forward, we see Kopts evolving mostly through the addition of extra API objects. It’s a fairly simple setup: we just wrap object creation into something that’s a little easier to type out. We encourage collaborative improvements to Kopts from the open source community. We’ve engineered Kopts to make it straightforward for users to contribute missing manifest types based on their real-world use cases.

Overall, Kopts aligns well with our vision for Kubernetes development. It enables us to harmonize our Go-based applications and standardizes our methods of building manifests across all of our microservices. While Kopts’ reach may not extend to changing standard practices across the larger Kubernetes ecosystem, we believe it can drastically improve many developers’ experience working with Kubernetes by reducing the manifest boilerplate burden.


Logr is a lightweight logging tool designed as an enhancement to the standard Go logger. Its inception stems from the desire to provide a more comprehensive and flexible logging system. While Go 1.21 introduced the slog package to ease some of the issues addressed by Logr, we still feel it has a place in the community, given that many enterprises—particularly large ones—tend to rigorously stick to certain language versions due to compatibility considerations and thorough testing needs. Enterprises for whom an update to Go 1.21 is not in the immediate cards will find Logr a worthy alternative.

One of Logr’s main differentiators is its additional log levels—Debug, Info, Error, and Fatal. Where the standard library only offers Print and Fatal, Logr expands on this functionality, providing developers with more levels of communication with their applications. Depending on the environment, logging can be set to produce varying amounts of information. This behind-the-scenes dialogue is crucial to effective debugging and software optimization.

But Logr is not just about extension, it’s also about elegance. It has an intentionally streamlined design, adding advanced features without heavy dependencies or excessive options. Developers handling large or complex services can navigate their log data in a cleaner, smarter way.

While Go’s recent release now includes a structured logger, Logr’s value remains intact for those using older versions. Keeping the standard library’s features and adding its own, Logr eases the potential transition to Go 1.21. It’s a testament to the beauty of open source development—not just about bigger and better but about creating adaptive solutions for diverse needs.

The story of Logr underlines our commitment here at Cover Whale, to create tools benefiting our community of developers. Its development was a process of simplicity, with the prime focus on setting levels—an easy, but effective adjustment. Logr’s lightweight nature and simplicity may appeal to those developers seeking to optimize their applications’ size.


Standard password generators often fall short because while they work within set rules, they don’t guarantee every password they churn out will meet all required criteria. For example, if a rule needs a combination of lowercase and uppercase letters and numbers, the generator might exclude the lowercase letters, and this doesn’t fly for services mandating every type of required character.

Gopass was born out of the necessity to plug these gaps. Delivering on its promise of security, Gopass ensures every generated password contains all of the required characters. More than just rule-based password generation, Gopass broadens its versatile functionality with options to specify only certain special characters and supports custom verification functions. For example, users wanting to use the default set of special characters but exclude a single one will find Gopass useful.

Our development and operations teams have already reaped the benefits of Gopass. Utilizing its flexibility, our services can now auto-generate their passwords and confirm their adherence to strict or non-strict password guidelines. This lean approach eliminates manual errors while still conforming to the strictest of guidelines.

The current generation process guarantees password rule adherence via an iterative approach, repeatedly generating new passwords until the rules are fulfilled. While it may seem resource-intensive, this process is remarkably fast, capable of generating 10,000 complex secrets in under 100ms. Despite its efficiency, we acknowledge that enhancements in the verification process can refine Gopass’ efficiencies even further.

All in all, while Gopass is a secure, rule-abiding password generator, it’s more than that. It’s our pledge to the open-source insurance community to deliver reliable, user-friendly solutions without compromising on data security.

The Road Ahead

By resolving specific challenges in Kubernetes deployment, logging in Go, and password generation, Kopts, Logr, and Gopass will help make the lives of developers easier. Moreover, the impact will extend beyond Cover Whale’s use cases to make a dent in the broader development sphere.

With an eye toward releasing tools under an open source license whenever feasible, looking ahead, we see the potential for further evolution and scalability of these tools. We’re committed to continuing to iterate with new utilities as internal development opportunities arise.

As we continue to invest in innovation, we remain committed to building and refining tools such as Kopts, Logr, and Gopass to keep up with the dynamically evolving needs of our policyholders, agent partners and the developer community.
To keep up to date on Cover Whale’s open source releases, follow us on GitHub.

Let's grow together.