feat: unCtl v1.1.0 pack (#75)

* feat: new version of unctl

* fix: values section

* chore: created schema for token

packs/unctl-1.1.0/README.md

@@ -0,0 +1,51 @@
+# unCtl
+
+The **unCtl** kubernetes operator to run various checks on the cluster's resources. It is based on [unCtl cli tool](https://docs.unskript.com/unctl) and provides API and web interface wrapper for you reports.
+
+
+## Prerequisites
+
+1. Kubernetes cluster version 1.19 or higher with `linux/amd64` architecture.
+
+2. Support of `LoadBalancer` service type in your cluster. This service type is typically available natively in cloud environments. However, in on-premises and edge computing environments, additional steps may be required to support it. If `LoadBalancer` support is not available, set `service.loadbalancer` to `false` in your values file and consider alternative methods to expose the web interface.
+
+
+## Parameters
+
+To deploy the unctl operator, you need to set, at minimum, the following parameters in the pack's YAML.
+
+| Name | Description | Type | Default Value | Required |
+| --- | --- | --- | --- | --- |
+| `frontend.enabled` | Defines whether it should create web interface container. | Boolean  | true | Yes |
+| `schedule` | Schedule to scan cluster resources. Default is 12 AM every day. | String  | 0 0 * * * | Yes |
+| `namespaces` | List of namespaces to conduct checks on. | Array  | [] | Yes |
+| `service.enabled` | Defines whether it should create service. | Boolean  | true | Yes |
+| `service.loadbalancer` | Defines whether it service should be a `LoadBalancer` type. | Boolean  | true | Yes |
+| `service.port` | Port exposed by service. | Integer  | 8000 | Yes |
+
+
+Look at the [values file](./values.yaml) for more information.
+
+## Usage
+
+- **Which checks were carried out**
+
+    In current version all checks are performed. Look at [K8S unctl checks](https://docs.unskript.com/unctl/overview/health-checks/kubernetes) for individual checks information.
+
+- **When the checks are being executed**
+
+    Once operator installed in your cluster it will automatically initiate checks execution.
+    Additionaly based on `schedule` value it will run checks on regular basis.
+
+- **How to view report**
+
+    Open `unctl` service in the Pallete or find exposed address in your `LoadBalancer` service. 
+
+    You can view last available report.
+
+
+## References
+
+- [unCtl Documentation](https://docs.unskript.com/unctl)
+- [Public unCtl Health Checks github](https://github.com/unctl-sh/unctl)
+- [Official website](https://unskript.com/)

packs/unctl-1.1.0/charts/unctl/Chart.yaml

@@ -0,0 +1,15 @@
+apiVersion: v2
+appVersion: 1.1.0
+description: unCtl creates k8s resources report
+home: https://unskript.com
+icon: https://storage.googleapis.com/unskript-website/assets/favicon.png
+keywords:
+- kubernetes
+- unctl
+maintainers:
+- email: authors@unsript.com
+  name: UnSkript authors
+name: unctl
+sources:
+- https://github.com/unctl-sh/unctl
+version: 1.1.0

packs/unctl-1.1.0/charts/unctl/templates/NOTES.txt

@@ -0,0 +1,4 @@
+To verify that unctl has started, run:
+
+  kubectl --namespace={{ .Release.Namespace }} get pods -l "app={{ template "unctl.name" . }},release={{ .Release.Name }}"
+

packs/unctl-1.1.0/charts/unctl/templates/_helpers.tpl

@@ -0,0 +1,41 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "unctl.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+*/}}
+{{- define "unctl.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "unctl.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "unctl.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "unctl.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}

packs/unctl-1.1.0/charts/unctl/templates/ai.secret.yaml

@@ -0,0 +1,9 @@
+{{- if and (.Values.ai) (.Values.ai.token) -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "unctl.fullname" . }}-ai-secret
+type: Opaque
+data:
+  token: {{ .Values.ai.token | b64enc | quote }}
+{{- end -}}

packs/unctl-1.1.0/charts/unctl/templates/clusterrole.yaml

@@ -0,0 +1,108 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app: {{ template "unctl.name" . }}
+    chart: {{ template "unctl.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "unctl.fullname" . }}
+rules:
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - ''
+    resources:
+      - pods
+      - pods/log
+      - pods/metrics
+      - namespaces
+      - services
+      - serviceaccounts
+      - deployments
+      - replicationcontrollers
+      - replicasets
+      - daemonsets
+      - persistentvolumes
+      - configmaps
+      - endpoints
+      - events
+      - nodes
+      - persistentvolumeclaims
+      - secrets
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - apps
+    resources:
+      - daemonsets
+      - deployments
+      - deployments/scale
+      - replicasets
+      - replicasets/scale
+      - statefulsets
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - extensions
+    resources:
+      - daemonsets
+      - deployments
+      - deployments/scale
+      - replicasets
+      - replicasets/scale
+      - replicationcontrollers/scale
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - extensions
+      - networking.k8s.io
+    resources:
+      - ingresses
+      - networkpolicies
+      - ingressclasses
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - batch
+    resources:
+      - cronjobs
+      - jobs
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - autoscaling
+    resources:
+      - horizontalpodautoscalers
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - storage.k8s.io
+    resources:
+      - storageclasses
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - rbac.authorization.k8s.io
+    resources:
+      - clusterroles
+      - clusterrolebindings
+      - roles
+      - rolebindings
+  - verbs:
+      - list
+      - get
+    apiGroups:
+      - metrics.k8s.io
+    resources:
+      - pods
+{{- end -}}

packs/unctl-1.1.0/charts/unctl/templates/clusterrolebinding.yaml

@@ -0,0 +1,19 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app: {{ template "unctl.name" . }}
+    chart: {{ template "unctl.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "unctl.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "unctl.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "unctl.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end -}}

packs/unctl-1.1.0/charts/unctl/templates/cronjob.yaml

@@ -0,0 +1,26 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  labels:
+    app: {{ template "unctl.name" . }}
+    chart: {{ template "unctl.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "unctl.fullname" . }}-cronjob
+spec:
+  schedule: "{{ .Values.schedule }}"
+  startingDeadlineSeconds: 300
+  successfulJobsHistoryLimit: 1
+  failedJobsHistoryLimit: 1 
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+          - name: api-caller
+            image: curlimages/curl:latest
+            command: ["/bin/sh", "-c"]
+            args: 
+              - >
+                curl -X POST "http://{{ template "unctl.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.port }}/api/v1/executions" -H 'accept: application/json' -H 'Content-Type: application/json' -d '{}'
+          restartPolicy: OnFailure