In Rancher it all clusters and projects have a section of members.

This section allows to manage users and groups and their role binding.

In a standard rancher setup there are three predefined role bindings:

• project-owner
• project-member
• read-only

You can manage more specific rights by using a custom setting of rights.

Currently, you can only use a flat format for defining keys in the values.yaml, it would be nice to use the hierachical features of yaml to reduce the key names.
Current values.yaml:

apiserver_healthcheck_enabled: false
apiserver_service_type: "ClusterIP"
apiserver_storage_etcd_persistence_enabled: true
apiserver_verbosity: 2

hierachical:

apiserver:
  healthcheck:
    enabled: false
  service:
    type: "ClusterIP"
  storage:
    etcd:
      persistence:
        enabled: true
  verbosity: 2

in the project.yaml the values should be referenced with the dot notation along the hierarchy path:

answers:
      apiserver.healthcheck.enabled: "{{ .apiserver.healthcheck.enabled}}"

Is your feature request related to a problem? Please describe.

It is sometimes hard to know the exact names of resources.
In general you always can use the UI but if you are working with cattlectl you might not want to change the window just to look up the correct cluster-name in the UI.

Describe the solution you'd like

Add a command get and sub-commands for all resources.
Print a table of all matching resources with resource specific informations.

Have a parameter --name to print the names of all matching resources.

Add bash-completion logic for any --cluster-name or --project-name parameters using get commands

Do you need a cluster wide api key or is it ok to use one created only for a single scope ?
If not limited to a scope it works, but if i limit to a single cluster it get this error.

To Reproduce
❯ cattlectl version
v1.3.0
❯ Rancher Version
2.3.5

ERRO[0000] Failed to create management client            error="Bad response statusCode [401]. Status [401 Unauthorized]. Body: [message=clusterID does not match] from [https://rancher.domain.de/v3]" rancher.url="https://rancher.domain.de"
FATA[0000] Failed to create management client, Bad response statusCode [401]. Status [401 Unauthorized]. Body: [message=clusterID does not match] from [https://rancher.domain.de/v3]  cluster-name=zentrale-dev project-name=System resouce-type=app

my two configs are identical except for the api token

---
rancher:
  url: https://rancher.domain.de
  access_key: token-cn5b4
  secret_key: verysecretkey1
  cluster_id: c-g7hnt
  cluster_name: zentrale-dev
---
rancher:
  url: https://rancher.domain.de
  access_key: token-gtbn6
  secret_key: verysecretkey2
  cluster_id: c-g7hnt
  cluster_name: zentrale-dev

Is your feature request related to a problem? Please describe.

The current data model has some early starter inconsistencies.

Describe the solution you'd like

This should be cleaned up before the initial release

Describe alternatives you've considered

Additional context

• See also #10
• Remove PersistentVolumeGroups from StorageClass

Not much to say here, if istio is enabled it would be good to be able to enable sidecar injection for a namespace.

Is your feature request related to a problem? Please describe.
For cattlectl, we want to use the until function of sprig to iterate over a range of number of replicas https://github.com/Masterminds/sprig/blob/master/docs/integer_slice.md

Describe the solution you'd like
To resolve this issue, we should enable sprig go template functions support in cattlectl in general

Is your feature request related to a problem? Please describe.

• Sometimes you have deployment specific answers in your app which you do not want to set on each cattlectl run.

Describe the solution you'd like

• Having a config flag to enable the merge of existing app answers and the current answers to set.
• The default behavior should stay as no-merge

In order to prevent super long includes in the project.yaml like

includes:
  - file: includes/services/mongodb.yaml
  - file: includes/services/postgresql.yaml
  - file: includes/services/backend.yaml
  - file: includes/services/frontend.yaml
  - file: includes/services/mysql.yaml
  - file: includes/services/proxy.yaml
  - file: includes/services/tools.yaml

it would be nice to have something like

includes:
  - files:  includes/services/*

or

 includes:
   - folder: includes/services/

where in both cases, all underlying files would be included into the project.yaml

Hello

I like the idea of cattlectl very much.
I was follow the example on this post: https://medium.com/bitgrip/boosting-up-your-rancher-and-build-infrastructure-as-code-with-cattlectl-66ef7ea920eb

Rancher: v2.2.2

Result:
root@server-01:~# cattlectl apply
ERRO[0000] Failed to create management client error="Get https://192.168.178.101/v3: x509: certificate signed by unknown authority" rancher.url="https://192.168.178.101"
FATA[0000] Error creating rancher client error="Failed to create management client, Get https://192.168.178.101/v3: x509: certificate signed by unknown authority"

I am not sure for the reason of this ERROR but I don't have a trusted certificate for my local Rancher Server with the local IP: 192.168.178.101

Comes this ERROR from the self signed ssl certificate?
If yes how I can use cattlectl in this case?

Thanks in advance

Describe the bug
apply workload is failing with ERRO[0000] Invalid descriptor

To Reproduce

• cattlectl version from cattlectl version: v1.1.0
• Rancher Version: Any

effected Workloads

• CronJob
• Job
• Deployment
• Daemonset
• Statefulset

Expected behavior
Correct kind field is accepted for workload

Additional context

Currently, there is no possibility to create a kubernetes job as workload in the project and we have to use kubectl to apply kubernetes jobs on a kubernetes cluster.

As a solution, we want to define kubernetes jobs and apply them via cattlectl to rancher.

Is your feature request related to a problem? Please describe.

Rancher supports either the answers field or the valuesYaml field for apps. The valuesYamlfield allows a structured object describing the settings of the app.

cattlectl dose only support answers which is painful in complex configuration scenarios.

Describe the solution you'd like

• Add a field valuesYaml to the App struct and throw an error if valuesYaml and answers is present in one object

Is your feature request related to a problem? Please describe.
If you have multiple environments to deploy to you might end up with multiple values files only differ in one or two keys.

Describe the solution you'd like
Would be nice to use --values flag multiple times to merge the keys from multiple files.

A solution could use the flag order as precedence.

Describe alternatives you've considered

--

Additional context

--

Is your feature request related to a problem? Please describe.

Using multiple custom catalogs used by different clusters/projects we need to configure the catalogs related to its expected visibility.
Configuring this manually is boring task better done by a machine.

Describe the solution you'd like

Create new Descriptors without altering the top level target

• Rancher
• Cluster

Create new managed Collection catalogs in the descriptors:

• Rancher
• Cluster
• Project

Describe the bug
I tried the given example with my rancher cluster and it doesn't work. The API version is not correct. I don't know how to find out what the correct version is.

To Reproduce

• cattlectl version: v2.0.0
• Rancher Version: v2.4.5
• I use cattlectl as commandline tool
• Debug log output from cattlectl <command> -v1.

  DEBU[0000] values dose not exists                        values-file=/home/xengi/phpipam_test/values.yaml
  FATA[0000] Unsupported api version v3                    apply_file=project.yaml
  

• The simplest example project descriptor and scripts needed to
  reproduce the bug.

  ---
  api_version: v1.0
  kind: Project
  metadata:
    name: phpipam
  namespaces:
    - name: phpipam
  

Expected behavior
I would think that this yaml would create a project called phpipam and a namespace called phpipam.

Additional context
I already tried v3 as the api_version because this is what I see in some requests to rancher but that gave the same output.

Is your feature request related to a problem? Please describe.
It would be nice to have command line completion.

Describe the solution you'd like
Use the autogenerated completion from the used CLI framework

Describe alternatives you've considered

--

Additional context

--

The data model of project resources has a array field named docker_credential this should be pluralized to make it more intuitive.

This should be fixed before the initial release to avoid the need of a early descriptor version change.

Is your feature request related to a problem? Please describe.
If you want to use a file as source for the descriptor template it would be useful to enable templates based on the same context as the descriptor is for the read file.

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Currently it is a bit complicated to create an yaml array from the values.yaml for that, HELM has a function called toYaml

It would be nice, to have this function in cattlectl, too like the usage:
{{ toYaml .args | indent 6 -}}
where args is an yaml array:

args:
  - "arg1"
  - "arg2"
  - "arg3"

using this method should result to:

- "arg1"
- "arg2"
- "arg3"

Is your feature request related to a problem? Please describe.

To delete resources it is needed to use the UI or kubectl at the moment.

Describe the solution you'd like

Enable it using cattlectl

Dockerhub is reusing the readme.md from the root of this repository but dose not have the related documents and images. This causes broken images and links on the dockerhub repository page.

To improve this all images have to be removed from the readme.md and all links have to be absolute.

The new structure should have the sections:

Abstract

Installation ( binary )

Usage on the command line

Usage with the docker image

Development

Current behaviour

If there is the content of a project resource as config maps of secrets is changed it has no result if the resource already exists in the project.

Wanted behaviour

If a resource in the project descriptor is changed the corresponding resource in the project is updated.

On each commit to the cattlectl repository I want to have CI job running all tests

Describe the bug
I'm just trying to use the example dummy project and values.yaml, and I've setup my ~/.cattlectl.yaml correctly using my access/secret tokens.

To Reproduce

• cattlectl version v1.1.1
• Rancher Version 2.2.2
• Using cattlectl CLI linux binary
• Debug log output

https://gist.github.com/jhoffmann/159e47cd87b3a637f7bd0b473ab0b142

Includes obfuscated output and cattlectl.yaml.

Additional context
I'm not sure if this is because we have the Okta plugin enabled on our rancher instance, however the fact that the Rancher CLI is able to connect and perform operations seems odd.

I tried writing my yaml files like i am used to in kubernetes and ran into this small problem.

This type of config should work...

---
api_version: v1.0
kind: Project
metadata:
  name: neo-test
namespaces:
  - name: neo-test
---
api_version: v1.0
kind: Project
metadata:
  name: eec-test
namespaces:
  - name: eec-test

I saw your include config, but i think it does not fit a list of maybe unrelated projects as there is no hierarchy in rancher projects.
And it seems its not possible to create an empty parent project.yaml that only includes multiple files/directories.

Describe the bug
I wanted to overwrite the containers entrypoint inside a cattlectl descriptor for kind "job".
Overwriting the entrypoint was not possible, after some investigation of cattlectl source, the entrypoint field is missing in the cattlectl model

Expected behavior
Possibility to overwrite a containers entrypoint.

For a bunch of projects organized in directories allow something like
cattlectl apply -f dirname or maybe shell globbing cat **/project.yaml | cattlectl show -f -
or allow specifying multiple files like this
cattlectl apply -f dir1/project.yaml -f dir2/project.yaml

Background:
In our CI/CD pipeline i never know how many directories/files with project definitions will be created , so i have to either apply the whole directory or use wildcards/globbing

Is your feature request related to a problem? Please describe.
Starting with Rancher version 2.2.X there is support for cluster and project level catalogs.
Cattlectl dose not support this types of catalogs yet.

Describe the solution you'd like
Add a optional field in the App object of the DSL to select the catalog type.

Describe alternatives you've considered

Additional context

externalID schema:
project-catalog: catalog://?catalog=projectID/catalog-name&type=projectCatalog&template=chart-name&version=chart-version
cluster-catalog: catalog://?catalog=clusterID/catalog-name&type=clusterCatalog&template=chart-name&version=chart-version
global-catalog: catalog://?catalog=catalog-name&template=chart-name&version=chart-version

AS a feature, I want to include a job during a deployment including multiple projects / jobs

Example:
`---
api_version: v1.0
kind: Project
metadata:
name: {{ .project_name }}
includes:
- file: project.yaml
- file: job.yaml
namespaces:

• name: {{ .project_name }}`

where project.yaml is of kind "Project" and job.yaml is of kind "Job". Currently when doing this, you'll get an error

currently, I can't use upper case characters in keys in the values.yaml When trying to use them, I'm getting the error that it can't find the referenced property in the project.yaml
Example:
Values.yaml:
apiserver_healthCheck_enabled: false

project.yaml app part:

  - name: service-catalog
    catalog: service-catalog
    chart: catalog
    version: 0.1.39
    namespace: kube-system
    answers:
      apiserver.healthcheck.enabled: "{{ .apiserver_healthCheck_enabled}}"

>_ cattlectl apply -v1
2019/01/31 14:18:07 template: project:48:41: executing "project" at <.apiserver_healthChe...>: map has no entry for key "apiserver_healthCheck_enabled"

it would be nice to use camel case writing instead using for example "_" as seperation

TL;DR

Add support to reuse descriptors by including them into other descriptors.

UseCase

We do have scenarios there we to deploy the same application stack on different rancher managed clusters.
Depending on the abilities of the cluster we have to handle stuff as persistent volumes and storage classes very different. But the set of applications is at the same time very similar.
Currently we have the choice of duplicating the full descriptor or implementing some template logic for the different clusters. Both not very maintainable.

Solution Proposal

• Have includes declared in the metadata section of the descriptor.
• Have the resulting descriptor object constructed from all includes and the including descriptor
  • The later the include the higher the precedence for duplicate names.
  • The including descriptor has the highest precedence.
• Create a error response on a detected include cycle.

api_version: v1.0
kind: Project
metadata:
  name: sample-project
  includes:
    - relative-include.yaml
    - /tmp/ablsolute-include.yaml

Describe_ the bug
This is most probably a copy & paste oversight from the list TYPE command.

To Reproduce

• cattlectl delete --help