mammadctl is a small CLI for Kubernetes helpers and Sotoon API access management.
- Go
1.26.0or newer, as defined ingo.mod - Access to a Kubernetes cluster for Kubernetes-related commands
- Sotoon API credentials for Sotoon-related commands
git clone <repository-url>
cd mammadctl
go build -o mammadctl .You can then run it from the project directory:
./mammadctl --helpFrom the project directory:
go install .Make sure your Go binary directory is in your PATH. It is usually one of these:
export PATH="$PATH:$(go env GOPATH)/bin"After that, run:
mammadctl --helpExport this before using any mammadctl sotoon ... command:
export BEPA_TOKEN="<your-bepa-token>"Export these before using mammadctl sotoon access s3 ...:
export S3_ACCESS_KEY="<your-s3-access-key>"
export S3_SECRET_KEY="<your-s3-secret-key>"Kubernetes commands use KUBECONFIG if it is set. Otherwise, they use ~/.kube/config.
export KUBECONFIG="/path/to/kubeconfig"Commands that use Kubernetes config:
mammadctl decode secretmammadctl convert
mammadctl
├── decode
│ └── secret
├── convert
└── sotoon
├── user
│ ├── list
│ └── access
│ ├── cdn
│ ├── k8s
│ └── s3
└── access
├── cdn
├── k8s
└── s3
Finds a Kubernetes secret and writes it to ./secret.yaml with decoded values in stringData mode.
It's useful when you want to edit a secret or sealedSecret.
mammadctl decode secret -n <namespace> <secret-name>Options:
-n, --namespace: Kubernetes namespace. Default:default
Example:
mammadctl decode secret -n production app-secretOutput file:
./secret.yaml
Reads a Kubernetes Service from the current cluster and writes a melange-compatible(Bazaar operator for mirroring services between clusters) formated Service manifest to <namespace>-<service-name>.yaml.
mammadctl convert -n <namespace> -c <cluster> <service-name>Options:
-n, --namespace: Kubernetes namespace. Default:default-c, --cluster: Cluster name to put in the generated annotations. Default:default
Example:
mammadctl convert -n production -c thr1 my-serviceOutput file:
./redis-vitrin.yaml
Parent command for Sotoon API utilities.
Global Sotoon options:
--url: Sotoon API base URL. Default:https://api.sotoon.ir--workspace-id: Sotoon workspace ID. Default:fee4bbf5-342d-4243-b4aa-f0bee508c39a
All Sotoon commands require:
export BEPA_TOKEN="<your-bepa-token>"Example with custom workspace:
mammadctl sotoon --workspace-id <workspace-id> user listLists Sotoon users and service-users with their UUIDs, emails and names.
It's useful for getting the UUID of a user to use in other commands.
mammadctl sotoon user listExample:
mammadctl sotoon user list | grep mohammad.jamshidiAdds cdn-editor and dns-viewer roles to the specified user for a domain.
mammadctl sotoon access cdn <user-uuid> <domain>Example:
mammadctl sotoon access cdn c83786b6-dc5e-495f-89f7-04be64374cb9 example.comAdds namespaced Kubernetes access to the specified Sotoon user.
Supported datacenters:
nedaafra
mammadctl sotoon access k8s <user-uuid> <datacenter> <namespace>Example:
mammadctl sotoon access k8s c83786b6-dc5e-495f-89f7-04be64374cb9 neda defaultAdds full access to an S3 bucket for the specified user.
mammadctl sotoon access s3 <user-uuid> <datacenter> <bucket-name>Supported datacenters:
nedaafra
Required environment variables:
export S3_ACCESS_KEY="<your-s3-access-key>"
export S3_SECRET_KEY="<your-s3-secret-key>"Options:
--neda-s3-url: Neda S3 base URL. Default:s3.thr1.sotoon.ir--afra-s3-url: Afra S3 base URL. Default:s3.thr2.sotoon.ir
Example:
mammadctl sotoon access s3 c83786b6-dc5e-495f-89f7-04be64374cb9 neda my-bucket