The following examples demonstrate the capabilities of kubectl-slice.
Tekton Pipelines is a powerful tool that's available through a Helm Chart from the cd.foundation. We can grab it from their Helm repository and render it locally, then use kubectl-slice to split it into multiple files.
We'll use the following filename template so there's one folder for each Kubernetes resource kind, so all Secrets for example are in the same folder, then we will use the resource name as defined in metadata.name. We'll also modify the name, since some of the Tekton resources have an FQDN for a name, like tekton.pipelines.dev, with the dottodash template function:
We will render the Helm Chart locally to stdout with:
helm repo add cdf https://cdfoundation.github.io/tekton-helm-chart/
helm template tekton cdf/tekton-pipelineThen we can pipe that output directly to kubectl-slice:
helm template tekton cdf/tekton-pipeline | kubectl-slice --template '{{.kind|lower}}/{{.metadata.name|dottodash}}.yaml' --output-dir .Which will render the following output:
Wrote rolebinding/tekton-pipelines-info.yaml -- 590 bytes.
Wrote service/tekton-pipelines-controller.yaml -- 1007 bytes.
Wrote podsecuritypolicy/tekton-pipelines.yaml -- 1262 bytes.
Wrote configmap/config-registry-cert.yaml -- 906 bytes.
Wrote configmap/feature-flags.yaml -- 646 bytes.
Wrote clusterrole/tekton-pipelines-controller-tenant-access.yaml -- 1035 bytes.
Wrote clusterrolebinding/tekton-pipelines-webhook-cluster-access.yaml -- 565 bytes.
Wrote role/tekton-pipelines-info.yaml -- 592 bytes.
Wrote service/tekton-pipelines-webhook.yaml -- 1182 bytes.
Wrote deployment/tekton-pipelines-webhook.yaml -- 3645 bytes.
Wrote serviceaccount/tekton-bot.yaml -- 883 bytes.
Wrote configmap/config-defaults.yaml -- 2424 bytes.
Wrote configmap/config-logging.yaml -- 1596 bytes.
Wrote customresourcedefinition/runs-tekton-dev.yaml -- 2308 bytes.
Wrote role/tekton-pipelines-leader-election.yaml -- 495 bytes.
Wrote rolebinding/tekton-pipelines-webhook.yaml -- 535 bytes.
Wrote customresourcedefinition/clustertasks-tekton-dev.yaml -- 2849 bytes.
Wrote customresourcedefinition/pipelineresources-tekton-dev.yaml -- 1874 bytes.
Wrote clusterrole/tekton-aggregate-view.yaml -- 1133 bytes.
Wrote role/tekton-pipelines-webhook.yaml -- 1152 bytes.
Wrote rolebinding/tekton-pipelines-webhook-leaderelection.yaml -- 573 bytes.
Wrote validatingwebhookconfiguration/validation-webhook-pipeline-tekton-dev.yaml -- 663 bytes.
Wrote serviceaccount/tekton-pipelines-webhook.yaml -- 317 bytes.
Wrote configmap/config-leader-election.yaml -- 985 bytes.
Wrote configmap/pipelines-info.yaml -- 1137 bytes.
Wrote clusterrolebinding/tekton-pipelines-controller-cluster-access.yaml -- 1163 bytes.
Wrote role/tekton-pipelines-controller.yaml -- 1488 bytes.
Wrote deployment/tekton-pipelines-controller.yaml -- 5203 bytes.
Wrote configmap/config-observability.yaml -- 2429 bytes.
Wrote customresourcedefinition/tasks-tekton-dev.yaml -- 2824 bytes.
Wrote mutatingwebhookconfiguration/webhook-pipeline-tekton-dev.yaml -- 628 bytes.
Wrote validatingwebhookconfiguration/config-webhook-pipeline-tekton-dev.yaml -- 742 bytes.
Wrote namespace/tekton-pipelines.yaml -- 808 bytes.
Wrote secret/webhook-certs.yaml -- 959 bytes.
Wrote customresourcedefinition/pipelineruns-tekton-dev.yaml -- 3801 bytes.
Wrote serviceaccount/tekton-pipelines-controller.yaml -- 908 bytes.
Wrote configmap/config-artifact-pvc.yaml -- 977 bytes.
Wrote customresourcedefinition/conditions-tekton-dev.yaml -- 1846 bytes.
Wrote clusterrolebinding/tekton-pipelines-controller-tenant-access.yaml -- 816 bytes.
Wrote rolebinding/tekton-pipelines-controller.yaml -- 1133 bytes.
Wrote rolebinding/tekton-pipelines-controller-leaderelection.yaml -- 585 bytes.
Wrote horizontalpodautoscaler/tekton-pipelines-webhook.yaml -- 1518 bytes.
Wrote configmap/config-artifact-bucket.yaml -- 1408 bytes.
Wrote customresourcedefinition/pipelines-tekton-dev.yaml -- 2840 bytes.
Wrote customresourcedefinition/taskruns-tekton-dev.yaml -- 3785 bytes.
Wrote clusterrole/tekton-aggregate-edit.yaml -- 1274 bytes.
Wrote clusterrole/tekton-pipelines-controller-cluster-access.yaml -- 1886 bytes.
Wrote clusterrole/tekton-pipelines-webhook-cluster-access.yaml -- 2480 bytes.
48 files generated.
We can navigate the folders:
$ tree -d
.
├── clusterrole
├── clusterrolebinding
├── configmap
├── customresourcedefinition
├── deployment
├── horizontalpodautoscaler
├── mutatingwebhookconfiguration
├── namespace
├── podsecuritypolicy
├── role
├── rolebinding
├── secret
├── service
├── serviceaccount
└── validatingwebhookconfiguration
15 directoriesAnd poking into a single directory, for example, configmap:
$ tree configmap
configmap
├── config-artifact-bucket.yaml
├── config-artifact-pvc.yaml
├── config-defaults.yaml
├── config-leader-election.yaml
├── config-logging.yaml
├── config-observability.yaml
├── config-registry-cert.yaml
├── feature-flags.yaml
└── pipelines-info.yaml
0 directories, 9 filesImagine you have a folder with several YAML files. Each file may contain one to many Kubernetes resources. You want to find all resources of a given kind, for example, all Secret resources.
As an example, let's clone the ArgoCD repository, which has a nifty manifests/ folder. Say we want to find all the secrets-type files from the base folder in manifests/base/, looking at all the YAML files in that folder, we have:
$ find ./manifests/base -type f -name "*.yaml"
./manifests/base/application-controller-roles/argocd-application-controller-role.yaml
./manifests/base/application-controller-roles/kustomization.yaml
./manifests/base/application-controller-roles/argocd-application-controller-rolebinding.yaml
./manifests/base/application-controller-roles/argocd-application-controller-sa.yaml
./manifests/base/application-controller/kustomization.yaml
./manifests/base/application-controller/argocd-application-controller-statefulset.yaml
./manifests/base/application-controller/argocd-metrics.yaml
./manifests/base/application-controller/argocd-application-controller-network-policy.yaml
./manifests/base/application-controller-deployment/argocd-application-controller-deployment.yaml
./manifests/base/application-controller-deployment/argocd-application-controller-service.yaml
./manifests/base/application-controller-deployment/kustomization.yaml
./manifests/base/application-controller-deployment/argocd-application-controller-statefulset.yaml
./manifests/base/config/argocd-cm.yaml
./manifests/base/config/kustomization.yaml
./manifests/base/config/argocd-cmd-params-cm.yaml
./manifests/base/config/argocd-gpg-keys-cm.yaml
./manifests/base/config/argocd-tls-certs-cm.yaml
./manifests/base/config/argocd-ssh-known-hosts-cm.yaml
./manifests/base/config/argocd-rbac-cm.yaml
./manifests/base/config/argocd-secret.yaml
./manifests/base/redis/argocd-redis-service.yaml
./manifests/base/redis/kustomization.yaml
./manifests/base/redis/argocd-redis-role.yaml
./manifests/base/redis/argocd-redis-deployment.yaml
./manifests/base/redis/argocd-redis-rolebinding.yaml
./manifests/base/redis/argocd-redis-sa.yaml
./manifests/base/redis/argocd-redis-network-policy.yaml
./manifests/base/notification/argocd-notifications-controller-network-policy.yaml
./manifests/base/notification/kustomization.yaml
./manifests/base/notification/argocd-notifications-controller-rolebinding.yaml
./manifests/base/notification/argocd-notifications-controller-sa.yaml
./manifests/base/notification/argocd-notifications-controller-metrics-service.yaml
./manifests/base/notification/argocd-notifications-cm.yaml
./manifests/base/notification/argocd-notifications-controller-deployment.yaml
./manifests/base/notification/argocd-notifications-secret.yaml
./manifests/base/notification/argocd-notifications-controller-role.yaml
./manifests/base/repo-server/argocd-repo-server-network-policy.yaml
./manifests/base/repo-server/argocd-repo-server-service.yaml
./manifests/base/repo-server/argocd-repo-server-deployment.yaml
./manifests/base/repo-server/kustomization.yaml
./manifests/base/repo-server/argocd-repo-server-sa.yaml
./manifests/base/kustomization.yaml
./manifests/base/server/argocd-server-rolebinding.yaml
./manifests/base/server/kustomization.yaml
./manifests/base/server/argocd-server-network-policy.yaml
./manifests/base/server/argocd-server-role.yaml
./manifests/base/server/argocd-server-deployment.yaml
./manifests/base/server/argocd-server-metrics.yaml
./manifests/base/server/argocd-server-sa.yaml
./manifests/base/server/argocd-server-service.yaml
./manifests/base/dex/argocd-dex-server-rolebinding.yaml
./manifests/base/dex/argocd-dex-server-service.yaml
./manifests/base/dex/kustomization.yaml
./manifests/base/dex/argocd-dex-server-network-policy.yaml
./manifests/base/dex/argocd-dex-server-sa.yaml
./manifests/base/dex/argocd-dex-server-deployment.yaml
./manifests/base/dex/argocd-dex-server-role.yaml
./manifests/base/applicationset-controller/argocd-applicationset-controller-role.yaml
./manifests/base/applicationset-controller/argocd-applicationset-controller-rolebinding.yaml
./manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml
./manifests/base/applicationset-controller/kustomization.yaml
./manifests/base/applicationset-controller/argocd-applicationset-controller-service.yaml
./manifests/base/applicationset-controller/argocd-applicationset-controller-network-policy.yaml
./manifests/base/applicationset-controller/argocd-applicationset-controller-sa.yamlIt would be time-consuming to try to process them manually.
Let's ask kubectl-slice to get us only the Secrets. Since there are some kustomize files in there, we'll exclude those, which fit the criteria for --skip-non-k8s since they don't have a metadata.name field. Let's print those to stdout as well:
$ kubectl-slice -d ./manifests/base --recurse --include-kind Secret --skip-non-k8s --stdout
# File: secret-argocd-secret.yaml (162 bytes)
apiVersion: v1
kind: Secret
metadata:
name: argocd-secret
labels:
app.kubernetes.io/name: argocd-secret
app.kubernetes.io/part-of: argocd
type: Opaque
---
# File: secret-argocd-notifications-secret.yaml (252 bytes)
apiVersion: v1
kind: Secret
metadata:
labels:
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/part-of: argocd
name: argocd-notifications-secret
type: Opaque
2 files parsed to stdout.