{"id":22598946,"url":"https://github.com/projectsveltos/sveltosctl","last_synced_at":"2026-03-08T09:06:10.306Z","repository":{"id":61661799,"uuid":"543223979","full_name":"projectsveltos/sveltosctl","owner":"projectsveltos","description":"A CLI to nicely display resources/helm charts deployed in CAPI Cluster by Sveltos. Collect tech-support from managed Kubernetes clusters.","archived":false,"fork":false,"pushed_at":"2024-07-12T14:10:46.000Z","size":1179,"stargazers_count":19,"open_issues_count":4,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-07-13T11:35:24.243Z","etag":null,"topics":["add-on","clusterapi","dryrun","helm","kubernetes","kubernetes-cluster","multi-tenancy","tech-support"],"latest_commit_sha":null,"homepage":"https://projectsveltos.github.io/sveltos/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/projectsveltos.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-09-29T16:40:47.000Z","updated_at":"2024-07-17T14:08:18.655Z","dependencies_parsed_at":"2023-10-25T09:49:11.988Z","dependency_job_id":"79faa061-8334-4d86-a58d-96a044619b3b","html_url":"https://github.com/projectsveltos/sveltosctl","commit_stats":{"total_commits":166,"total_committers":5,"mean_commits":33.2,"dds":0.5542168674698795,"last_synced_commit":"2bdfccb50806447de0efdbf694d66806bdc70bd3"},"previous_names":[],"tags_count":73,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectsveltos%2Fsveltosctl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectsveltos%2Fsveltosctl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectsveltos%2Fsveltosctl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectsveltos%2Fsveltosctl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/projectsveltos","download_url":"https://codeload.github.com/projectsveltos/sveltosctl/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248323474,"owners_count":21084514,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["add-on","clusterapi","dryrun","helm","kubernetes","kubernetes-cluster","multi-tenancy","tech-support"],"created_at":"2024-12-08T11:07:33.993Z","updated_at":"2026-03-08T09:06:10.299Z","avatar_url":"https://github.com/projectsveltos.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![CI](https://github.com/projectsveltos/sveltosctl/actions/workflows/main.yaml/badge.svg)](https://github.com/projectsveltos/sveltosctl/actions)\n[![Go Report Card](https://goreportcard.com/badge/github.com/projectsveltos/sveltosctl)](https://goreportcard.com/report/github.com/projectsveltos/sveltosctl)\n[![Slack](https://img.shields.io/badge/join%20slack-%23projectsveltos-brighteen)](https://join.slack.com/t/projectsveltos/shared_invite/zt-1hraownbr-W8NTs6LTimxLPB8Erj8Q6Q)\n[![License](https://img.shields.io/badge/license-Apache-blue.svg)](LICENSE)\n[![Twitter Follow](https://img.shields.io/twitter/follow/projectsveltos?style=social)](https://twitter.com/projectsveltos)\n\n# sveltosctl\n\n\u003cimg src=\"https://raw.githubusercontent.com/projectsveltos/sveltos/main/docs/assets/logo.png\" width=\"200\"\u003e\n\nPlease refere to sveltos [documentation](https://projectsveltos.github.io/sveltos/).\n\n**sveltosctl** is the command line client for Sveltos. **sveltosctl** nicely displays resources and helm charts info in custer deployed using [ClusterProfile/Profile](https://github.com/projectsveltos/addon-controller).\n\nIt assumes:\n1. [ClusterProfile/Profile](https://github.com/projectsveltos/addon-controller) is used to programmatically define which resources/helm charts need to be deployed in which CAPI Clusters;\n2. management cluster can be accessed\n\n\u003e Note: sveltosctl can run as binary though it is advised to run it as pod in a management cluster to get access to all of its features.\n\n## Quick start\n\n### Run sveltosctl as a binary\nIf you decide to run it as a binary:\n1. make sure management cluster can be accessed;\n2. run`make build`\n3. Use `./bin/sveltosctl --help` to see help message\n\n- [sveltosctl](#sveltosctl)\n - [Quick start](#quick-start)\n - [Run sveltosctl as a binary](#run-sveltosctl-as-a-binary)\n - [Run sveltosctl as a pod](#run-sveltosctl-as-a-pod)\n - [Display deployed Kubernetes add-ons](#display-deployed-addons)\n - [Display resources in managed clusters](#display-information-about-resources-in-managed-cluster)\n - [Display usage](#display-usage)\n - [Multi-tenancy: display admin permissions](#multi-tenancy-display-admin-permissions)\n - [Log severity settings](#log-severity-settings)\n - [Display outcome of ClusterProfile/Profile in DryRun mode](#display-outcome-of-clusterprofile-in-dryrun-mode)\n - [Admin RBACs](#admin-rbacs)\n - [Contributing](#contributing)\n - [License](#license)\n\n## Display deployed add-ons\n\n**show addons** can be used to display list of Kubernetes addons (resources/helm) releases deployed in CAPI clusters.\nDisplayed information contains:\n1. the CAPI Cluster in the form \u003cnamespace\u003e/\u003cname\u003e\n2. resource/helm chart information\n3. list of ClusterProfiles/Profiles currently (at the time the command is run) having resource/helm release deployed in the CAPI cluster.\n\n```\n./bin/sveltosctl show addons\n+-------------------------------------+---------------+-----------+----------------+---------+-------------------------------+------------------+\n| CLUSTER | RESOURCE TYPE | NAMESPACE | NAME | VERSION | TIME | CLUSTER PROFILE |\n+-------------------------------------+---------------+-----------+----------------+---------+-------------------------------+------------------+\n| default/sveltos-management-workload | helm chart | kyverno | kyverno-latest | v2.5.0 | 2022-09-30 11:48:45 -0700 PDT | clusterfeature1 |\n| default/sveltos-management-workload | :Pod | default | nginx | N/A | 2022-09-30 13:41:05 -0700 PDT | clusterfeature2 |\n+-------------------------------------+---------------+-----------+----------------+---------+-------------------------------+------------------+\n```\n\n**show addons** command has some argurments which allow filtering by:\n1. clusters' namespace\n2. clusters' name\n3. ClusterProfile/Profile\n\n```\n./bin/sveltosctl show addons --help\nUsage:\n sveltosctl show addons [options] [--namespace=\u003cname\u003e] [--cluster=\u003cname\u003e] [--profile=\u003cname\u003e] [--verbose]\n\n --namespace=\u003cname\u003e Show addons deployed in clusters in this namespace. If not specified all namespaces are considered.\n --cluster=\u003cname\u003e Show addons deployed in cluster with name. If not specified all cluster names are considered.\n --profile=\u003ckind/name\u003e Show addons deployed because of this clusterprofile/profile. If not specified all clusterprofiles/profiles are considered.\n```\n\n## Register a cluster\n\nIf there is kubeconfig with multiple contexts, the option __fleet-cluster-context__\nallows to specify the context for the cluster to be managed.\n\nSo with default context pointing to the management cluster, following command will:\n1. create a ServiceAccount in the managed cluster (using cluster-1 context)\n2. grant this ServiceAccount cluster-admin permission\n3. create a TokenRequest for such account and a Kubeconfig with bearer token from the TokenRequest\n4. create a SveltosCluster in the management cluster (so using default context) and a Secret\nwith kubeconfig generated in the step above\n\n```\nsveltosctl register cluster --namespace=gcp --cluster=cluster-1 --fleet-cluster-context=cluster-1 --labels=k1=v1,k2=v2\n```\n\n## Display information about resources in managed cluster\n\n**show resources** looks at all the HealthCheckReport instances and display information about those.\nDefining ClusterHealthCheck/HealthCheck you can define which information to collect from which managed clusters.\nPlease see [documentation](https://projectsveltos.github.io/sveltos/)\n\nFor instance:\n\n```\n+-------------------------------------+--------------------------+----------------+-------------------------+----------------------------+\n| CLUSTER | GVK | NAMESPACE | NAME | MESSAGE |\n+-------------------------------------+--------------------------+----------------+-------------------------+----------------------------+\n| default/sveltos-management-workload | apps/v1, Kind=Deployment | kube-system | calico-kube-controllers | All replicas 1 are healthy |\n| | | kube-system | coredns | All replicas 2 are healthy |\n| | | projectsveltos | sveltos-agent-manager | All replicas 1 are healthy |\n| gke/production | apps/v1, Kind=Deployment | kube-system | calico-kube-controllers | All replicas 1 are healthy |\n| | | kube-system | coredns | All replicas 2 are healthy |\n| | | projectsveltos | sveltos-agent-manager | All replicas 1 are healthy |\n+-------------------------------------+--------------------------+----------------+-------------------------+----------------------------+\n```\n\n## Display usage\n\n**show usage** displays following information:\n1. which CAPI clusters are currently a match for a ClusterProfile\n2. for ConfigMap/Secret referenced by at least by ClusterProfile, in which CAPI clusters their content is currently deployed.\n\nSuch information is useful to see what CAPI clusters would be affected by a change before making such a change.\n\n```\n./bin/sveltosctl show usage\n----------------+--------------------+----------------------------+-------------------------------------+\n| RESOURCE KIND | RESOURCE NAMESPACE | RESOURCE NAME | CLUSTERS |\n+----------------+--------------------+----------------------------+-------------------------------------+\n| ClusterProfile | | mgianluc | default/sveltos-management-workload |\n| ConfigMap | default | kyverno-disallow-gateway-2 | default/sveltos-management-workload |\n+----------------+--------------------+----------------------------+-------------------------------------+\n```\n\n## Multi-tenancy: display admin permissions\n\n**show admin-rbac** can be used to display permissions granted to tenant admins in each managed clusters.\nIf we have two clusters, a ClusterAPI powered one and a SveltosCluster, both matching label selector\n```env=internal``` and we post [RoleRequests](https://raw.githubusercontent.com/projectsveltos/access-manager/main/examples/shared_access.yaml), we get:\n\n```\n./bin/sveltosctl show admin-rbac\n+---------------------------------------------+-------+----------------+------------+-----------+----------------+-------+\n| CLUSTER | ADMIN | NAMESPACE | API GROUPS | RESOURCES | RESOURCE NAMES | VERBS |\n+---------------------------------------------+-------+----------------+------------+-----------+----------------+-------+\n| Cluster:default/sveltos-management-workload | eng | build | * | * | * | * |\n| Cluster:default/sveltos-management-workload | eng | ci-cd | * | * | * | * |\n| Cluster:default/sveltos-management-workload | hr | human-resource | * | * | * | * |\n| SveltosCluster:gke/prod-cluster | eng | build | * | * | * | * |\n| SveltosCluster:gke/prod-cluster | eng | ci-cd | * | * | * | * |\n| SveltosCluster:gke/prod-cluster | hr | human-resource | * | * | * | * |\n+---------------------------------------------+-------+----------------+------------+-----------+----------------+-------+\n```\n\n## Log severity settings\n**log-level** used to display and change log severity in Sveltos PODs without restarting them.\n\nFollowing for instance change log severity for the Classifier POD to debug\n\n```\n./bin/sveltosctl log-level set --component=Classifier --debug\n```\n\nShow can be used to display current log severity settings\n\n```\n./bin/sveltosctl log-level show\n+------------+---------------+\n| COMPONENT | VERBOSITY |\n+------------+---------------+\n| Classifier | LogLevelDebug |\n```\n\n## Display outcome of ClusterProfile in DryRun mode\n\nSee [video](https://youtu.be/gfWN_QJAL6k).\nA ClusterProfile can be set in DryRun mode. While in DryRun mode, nothing gets deployed/withdrawn to/from matching CAPI clusters. A report is instead generated listing what would happen if ClusterProfile sync mode would be changed from DryRun to Continuous.\n\nHere is an example of outcome\n\n```\n./bin/sveltosctl show dryrun\n+-------------------------------------+--------------------------+-----------+----------------+-----------+--------------------------------+------------------+\n| CLUSTER | RESOURCE TYPE | NAMESPACE | NAME | ACTION | MESSAGE | CLUSTER PROFILE |\n+-------------------------------------+--------------------------+-----------+----------------+-----------+--------------------------------+------------------+\n| default/sveltos-management-workload | helm release | kyverno | kyverno-latest | Install | | dryrun |\n| default/sveltos-management-workload | helm release | nginx | nginx-latest | Install | | dryrun |\n| default/sveltos-management-workload | :Pod | default | nginx | No Action | Object already deployed. | dryrun |\n| | | | | | And policy referenced by | |\n| | | | | | ClusterProfile has not changed | |\n| | | | | | since last deployment. | |\n| default/sveltos-management-workload | kyverno.io:ClusterPolicy | | no-gateway | Create | | dryrun |\n+-------------------------------------+--------------------------+-----------+----------------+-----------+--------------------------------+------------------+\n```\n\n\n**show dryrun** command has some argurments which allow filtering by:\n1. clusters' namespace\n2. clusters' name\n3. ClusterProfile\n\n```\n./bin/sveltosctl show dryrun --help\nUsage:\n sveltosctl show dryrun [options] [--namespace=\u003cname\u003e] [--cluster=\u003cname\u003e] [--profile=\u003cname\u003e] [--verbose]\n\n --namespace=\u003cname\u003e Show which Kubernetes addons would change in clusters in this namespace. If not specified all namespaces are considered.\n --cluster=\u003cname\u003e Show which Kubernetes addons would change in cluster with name. If not specified all cluster names are considered.\n --profile=\u003cname\u003e Show which Kubernetes addons would change because of this clusterprofile/profile. If not specified all clusterprofiles/profiles are considered.\n```\n\n## Admin RBACs\n\n**sveltosctl show admin-rbac** can be used to display admin's RBACs per cluster:\n\n```\n./bin/sveltosctl show admin-rbac\n+---------------------------------------------+-------------+-----------+------------+-----------+----------------+----------------+\n| CLUSTER | ADMIN | NAMESPACE | API GROUPS | RESOURCES | RESOURCE NAMES | VERBS |\n+---------------------------------------------+-------------+-----------+------------+-----------+----------------+----------------+\n| Cluster:default/sveltos-management-workload | eng/devops | default | | pods | pods | get,watch,list |\n+---------------------------------------------+-------------+-----------+------------+-----------+----------------+----------------+\n```\n\n## Contributing\n\n❤️ Your contributions are always welcome! If you want to contribute, have questions, noticed any bug or want to get the latest project news, you can connect with us in the following ways:\n\n1. Open a bug/feature enhancement on github [![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/projectsveltos/addon-controller/issues)\n2. Chat with us on the Slack in the #projectsveltos channel [![Slack](https://img.shields.io/badge/join%20slack-%23projectsveltos-brighteen)](https://join.slack.com/t/projectsveltos/shared_invite/zt-1hraownbr-W8NTs6LTimxLPB8Erj8Q6Q)\n3. [Contact Us](mailto:support@projectsveltos.io)\n\n## License\n\nCopyright 2022.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprojectsveltos%2Fsveltosctl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprojectsveltos%2Fsveltosctl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprojectsveltos%2Fsveltosctl/lists"}