Deprecation notice

Since I do no longer work for a company uses KKP - nor do I personally run my own instance of KKP - I suspend all activity on this project. I do not have the resources (A KKP Platform to test against nor the time necessary) to maintain this project any longer.

If you consider using KKP and want to use it via CLI I highly recomment you fork this project.

I won't provide any updates to this repository in the future!

kkpctl

This tool aims to implement the KKP API as a useful CLI tool. The usage should remind of kubectl.

Usage

The usage of kkpctl should remind of kubectl. For the full usage documentation see the docs.

kkpctl comes with auto-completion right out of the box for bash, zsh, fish, and PowerShell.

kkpctl completion --help

Quick-Start

Download kkpctl and install it to your $GOPATH/bin folder

pushd /tmp

# Get the Download URL for your system
DOWNLOAD_PATH=$(curl -s https://api.github.com/repos/cedi/kkpctl/releases/latest | jq -r ".assets[]?.browser_download_url" | grep --color=never --ignore-case $(uname -s) | grep --color=never $(uname -m | sed 's/x86_64/amd64/g'))

FILENAME=$(echo $DOWNLOAD_PATH | awk -F'/' '{print $NF}')
FOLDER_NAME=$(echo $FILENAME | sed 's/.tar.gz//g')

# Download the tar.gz archive
curl -s -L $DOWNLOAD_PATH -o $FILENAME

# unpack the tar.gz archive
mkdir $FOLDER_NAME
tar -xzf $FILENAME -C $FOLDER_NAME

# install kkpctl to $GOPATH/bin/
cp $FOLDER_NAME/kkpctl $GOPATH/bin/kkpctl

popd

Configure your KKP Cloud

Service Account Token

The simplest way to access your KKP Cloud is trough Service Account Token. Please see the KKP Documentation for how to retrieve a service account token.

Once you got your Token, you can configure kkpctl to use the service account token instead of OIDC authentication using

kkpctl config add cloud imke --url https://imke.cloud --auth_token akdfjhklqwerhli2uh=

OIDC

Retrieve OIDC ClientID and Secret from your KKP installation

NOTE: Make sure, that http://localhost:8000 is a valid RedirectURI in your dex configuration for the kubermatic client if you use this method. Security Advise: It is better, if you register a separate OIDC Application for kkpctl that only allows redirect to http://localhost:8080. This is just meant a quick demo! Never do this in production!

# get the kubermatic client-secret
CLIENT_SECRET=$(kubectl get configmap -n oauth dex -ojson | jq '.data."config.yaml"' --raw-output | yq eval --tojson | jq '.staticClients | [ .[] | select( .id | contains("kubermatic")) ] | .[].secret' --raw-output)

# Add the kkp cloud with a name
kkpctl config add cloud kubermatic_dev --url https://dev.kubermatic.io --client_id kubermatic --client_secret $CLIENT_SECRET

# Set your context to use the freshly added cloud
kkpctl ctx set cloud kubermatic_dev

Login to kkp

kkpctl oidc-login

And you're done! Now, let's head over to the working with kkpctl document where we go into more detail.

Contributing

devcontainer

The easiest way to get your development enviroment up and running is using the devcontainer. Simply clone the repository, open the folder in your VSCode and accept the popup which asks if VSCode should restart in the dev-container.

Install from source

Pre-Requirement:

• Having the go installed
• your $GOPATH environment variable is set
• $GOPATH/bin is part of your $PATH environment variable
• Having git installed

mkdir -p $GOPATH/src/github.com/cedi/
git clone https://github.com/cedi/kkpctl.git $GOPATH/src/github.com/cedi/kkpctl
cd $GOPATH/src/github.com/cedi/kkpctl
make install_release

Makefile

The repository ships with a makefile which makes it easier to build and install the application. Useful Makefile targets are build, release, test, test_all, install, install_release, clean, and vet.

Most of them are self-explaining. I just want to point out the difference between a "development" and a "release" build.

• The development build is a regular go build with the -race flag enabled to detect race conditions easier.
• The release build is a regular go build withouth the -race flag, but with -ldflags "-s -w" to strip the debug symbols from the binary.

The build and release targets depend on fmt and tidy, so your code is always formated and your go.mod file is always tidy.

Repository layout

├── .devcontainer   # the kkpctl repository comes with a devcontainer, so you can easily get started using VSCode
├── .github         # all github related configuration lays here
│   └── workflows   # contains the CI pipelines for kkpctl
├── .vscode         # contains a launch.json to get started with debugging the code
├── Makefile        # all the usefull aliases to build and test the project
├── cmd             # everything related to command line parsing is located in here. This is where you probably wanna start looking at
├── docs            # contains documentation
├── hack            # contains scripts for development
├── main.go         # the main entry point to the application
├── pkg             # most of the code is located here
│   ├── client      # the code that connects to the KKP API is here
│   ├── config      # contains the logic around the configuration of kkpctl
│   ├── describe    # the code that displays advanced information (describe) of a KKP API object
│   ├── model       # some additional data models we defined
│   ├── output      # similar as describe, but focuses on a simple output of an object
│   └── utils       # some utility functions which are usefull :)
└── tests           # contains mocks and test-files

Pull requests

I warmly welcome pull requests. Feel free to dig through the issues and jump in with whatever you feel comfortable with. If you have new feature ideas, feel free to open a new issue and we can have a discussion.