@backstage/plugin-kubernetes-backend 0.19.6-next.0 → 0.19.6-next.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/CHANGELOG.md +41 -0
  2. package/dist/auth/ServiceAccountStrategy.cjs.js +4 -2
  3. package/dist/auth/ServiceAccountStrategy.cjs.js.map +1 -1
  4. package/dist/index.d.ts +1 -0
  5. package/dist/package.json.cjs.js +2 -2
  6. package/dist/plugin.cjs.js +0 -1
  7. package/dist/plugin.cjs.js.map +1 -1
  8. package/dist/service/KubernetesBuilder.cjs.js +1 -1
  9. package/dist/service/KubernetesBuilder.cjs.js.map +1 -1
  10. package/dist/service/KubernetesFanOutHandler.cjs.js.map +1 -1
  11. package/dist/service/KubernetesFetcher.cjs.js +12 -10
  12. package/dist/service/KubernetesFetcher.cjs.js.map +1 -1
  13. package/dist/service/KubernetesProxy.cjs.js +4 -3
  14. package/dist/service/KubernetesProxy.cjs.js.map +1 -1
  15. package/package.json +16 -16
package/CHANGELOG.md CHANGED
@@ -1,5 +1,46 @@
1
1
  # @backstage/plugin-kubernetes-backend
2
2
 
3
+ ## 0.19.6-next.2
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies
8
+ - @backstage/integration-aws-node@0.1.16-next.0
9
+ - @backstage/config@1.3.2
10
+ - @backstage/plugin-auth-node@0.6.3-next.1
11
+ - @backstage/plugin-kubernetes-node@0.3.0-next.1
12
+ - @backstage/plugin-permission-node@0.10.0-next.1
13
+ - @backstage/backend-plugin-api@1.3.1-next.1
14
+ - @backstage/catalog-client@1.10.0-next.0
15
+ - @backstage/catalog-model@1.7.3
16
+ - @backstage/errors@1.2.7
17
+ - @backstage/types@1.2.1
18
+ - @backstage/plugin-catalog-node@1.17.0-next.1
19
+ - @backstage/plugin-kubernetes-common@0.9.5-next.0
20
+ - @backstage/plugin-permission-common@0.9.0-next.0
21
+
22
+ ## 0.19.6-next.1
23
+
24
+ ### Patch Changes
25
+
26
+ - f6f692c: Changed logging of cluster details to debug to minimise log clutter.
27
+ - 216c6b2: Updated dependency `@kubernetes/client-node` to `1.1.2`.
28
+ - 72d019d: Removed various typos
29
+ - Updated dependencies
30
+ - @backstage/plugin-kubernetes-node@0.3.0-next.1
31
+ - @backstage/plugin-catalog-node@1.17.0-next.1
32
+ - @backstage/plugin-auth-node@0.6.3-next.1
33
+ - @backstage/backend-plugin-api@1.3.1-next.1
34
+ - @backstage/plugin-permission-common@0.9.0-next.0
35
+ - @backstage/plugin-permission-node@0.10.0-next.1
36
+ - @backstage/plugin-kubernetes-common@0.9.5-next.0
37
+ - @backstage/catalog-client@1.10.0-next.0
38
+ - @backstage/catalog-model@1.7.3
39
+ - @backstage/config@1.3.2
40
+ - @backstage/errors@1.2.7
41
+ - @backstage/integration-aws-node@0.1.15
42
+ - @backstage/types@1.2.1
43
+
3
44
  ## 0.19.6-next.0
4
45
 
5
46
  ### Patch Changes
package/dist/auth/ServiceAccountStrategy.cjs.js CHANGED
@@ -1,6 +1,5 @@
1
1
  'use strict';
2
2
 
3
- var clientNode = require('@kubernetes/client-node');
4
3
  var fs = require('fs-extra');
5
4
 
6
5
  function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
@@ -8,12 +7,15 @@ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'defau
8
7
  var fs__default = /*#__PURE__*/_interopDefaultCompat(fs);
9
8
 
10
9
  class ServiceAccountStrategy {
10
+ // Only used in tests
11
+ injectedKubernetesClient;
11
12
  async getCredential(clusterDetails) {
13
+ const { KubeConfig } = this.injectedKubernetesClient ?? await import('@kubernetes/client-node');
12
14
  const token = clusterDetails.authMetadata.serviceAccountToken;
13
15
  if (token) {
14
16
  return { type: "bearer token", token };
15
17
  }
16
- const kc = new clientNode.KubeConfig();
18
+ const kc = new KubeConfig();
17
19
  kc.loadFromCluster();
18
20
  const user = kc.getCurrentUser();
19
21
  return {
package/dist/auth/ServiceAccountStrategy.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ServiceAccountStrategy.cjs.js","sources":["../../src/auth/ServiceAccountStrategy.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AuthMetadata,\n AuthenticationStrategy,\n ClusterDetails,\n KubernetesCredential,\n} from '@backstage/plugin-kubernetes-node';\nimport { KubeConfig, User } from '@kubernetes/client-node';\nimport fs from 'fs-extra';\n\n/**\n *\n * @public\n */\nexport class ServiceAccountStrategy implements AuthenticationStrategy {\n public async getCredential(\n clusterDetails: ClusterDetails,\n ): Promise<KubernetesCredential> {\n const token = clusterDetails.authMetadata.serviceAccountToken;\n if (token) {\n return { type: 'bearer token', token };\n }\n const kc = new KubeConfig();\n kc.loadFromCluster();\n // loadFromCluster is guaranteed to populate the user\n const user = kc.getCurrentUser() as User;\n\n return {\n type: 'bearer token',\n token: fs.readFileSync(user.authProvider.config.tokenFile).toString(),\n };\n }\n\n public validateCluster(): Error[] {\n return [];\n }\n\n public presentAuthMetadata(_authMetadata: AuthMetadata): AuthMetadata {\n return {};\n }\n}\n"],"names":["KubeConfig","fs"],"mappings":";;;;;;;;;AA6BO,MAAM,sBAAyD,CAAA;AAAA,EACpE,MAAa,cACX,cAC+B,EAAA;AAC/B,IAAM,MAAA,KAAA,GAAQ,eAAe,YAAa,CAAA,mBAAA;AAC1C,IAAA,IAAI,KAAO,EAAA;AACT,MAAO,OAAA,EAAE,IAAM,EAAA,cAAA,EAAgB,KAAM,EAAA;AAAA;AAEvC,IAAM,MAAA,EAAA,GAAK,IAAIA,qBAAW,EAAA;AAC1B,IAAA,EAAA,CAAG,eAAgB,EAAA;AAEnB,IAAM,MAAA,IAAA,GAAO,GAAG,cAAe,EAAA;AAE/B,IAAO,OAAA;AAAA,MACL,IAAM,EAAA,cAAA;AAAA,MACN,KAAA,EAAOC,oBAAG,YAAa,CAAA,IAAA,CAAK,aAAa,MAAO,CAAA,SAAS,EAAE,QAAS;AAAA,KACtE;AAAA;AACF,EAEO,eAA2B,GAAA;AAChC,IAAA,OAAO,EAAC;AAAA;AACV,EAEO,oBAAoB,aAA2C,EAAA;AACpE,IAAA,OAAO,EAAC;AAAA;AAEZ;;;;"}
1
+ {"version":3,"file":"ServiceAccountStrategy.cjs.js","sources":["../../src/auth/ServiceAccountStrategy.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AuthMetadata,\n AuthenticationStrategy,\n ClusterDetails,\n KubernetesCredential,\n} from '@backstage/plugin-kubernetes-node';\nimport type { User } from '@kubernetes/client-node';\nimport fs from 'fs-extra';\n\n/**\n *\n * @public\n */\nexport class ServiceAccountStrategy implements AuthenticationStrategy {\n // Only used in tests\n private injectedKubernetesClient?: typeof import('@kubernetes/client-node');\n\n public async getCredential(\n clusterDetails: ClusterDetails,\n ): Promise<KubernetesCredential> {\n const { KubeConfig } =\n this.injectedKubernetesClient ??\n (await import('@kubernetes/client-node'));\n\n const token = clusterDetails.authMetadata.serviceAccountToken;\n if (token) {\n return { type: 'bearer token', token };\n }\n const kc = new KubeConfig();\n kc.loadFromCluster();\n // loadFromCluster is guaranteed to populate the user\n const user = kc.getCurrentUser() as User;\n\n return {\n type: 'bearer token',\n token: fs.readFileSync(user.authProvider.config.tokenFile).toString(),\n };\n }\n\n public validateCluster(): Error[] {\n return [];\n }\n\n public presentAuthMetadata(_authMetadata: AuthMetadata): AuthMetadata {\n return {};\n }\n}\n"],"names":["fs"],"mappings":";;;;;;;;AA6BO,MAAM,sBAAyD,CAAA;AAAA;AAAA,EAE5D,wBAAA;AAAA,EAER,MAAa,cACX,cAC+B,EAAA;AAC/B,IAAA,MAAM,EAAE,UAAW,EAAA,GACjB,KAAK,wBACJ,IAAA,MAAM,OAAO,yBAAyB,CAAA;AAEzC,IAAM,MAAA,KAAA,GAAQ,eAAe,YAAa,CAAA,mBAAA;AAC1C,IAAA,IAAI,KAAO,EAAA;AACT,MAAO,OAAA,EAAE,IAAM,EAAA,cAAA,EAAgB,KAAM,EAAA;AAAA;AAEvC,IAAM,MAAA,EAAA,GAAK,IAAI,UAAW,EAAA;AAC1B,IAAA,EAAA,CAAG,eAAgB,EAAA;AAEnB,IAAM,MAAA,IAAA,GAAO,GAAG,cAAe,EAAA;AAE/B,IAAO,OAAA;AAAA,MACL,IAAM,EAAA,cAAA;AAAA,MACN,KAAA,EAAOA,oBAAG,YAAa,CAAA,IAAA,CAAK,aAAa,MAAO,CAAA,SAAS,EAAE,QAAS;AAAA,KACtE;AAAA;AACF,EAEO,eAA2B,GAAA;AAChC,IAAA,OAAO,EAAC;AAAA;AACV,EAEO,oBAAoB,aAA2C,EAAA;AACpE,IAAA,OAAO,EAAC;AAAA;AAEZ;;;;"}
package/dist/index.d.ts CHANGED
@@ -126,6 +126,7 @@ declare class DispatchStrategy implements AuthenticationStrategy$1 {
126
126
  * @public
127
127
  */
128
128
  declare class ServiceAccountStrategy implements AuthenticationStrategy$1 {
129
+ private injectedKubernetesClient?;
129
130
  getCredential(clusterDetails: ClusterDetails$1): Promise<KubernetesCredential$1>;
130
131
  validateCluster(): Error[];
131
132
  presentAuthMetadata(_authMetadata: AuthMetadata$1): AuthMetadata$1;
package/dist/package.json.cjs.js CHANGED
@@ -3,7 +3,7 @@
3
3
  Object.defineProperty(exports, '__esModule', { value: true });
4
4
 
5
5
  var name = "@backstage/plugin-kubernetes-backend";
6
- var version = "0.19.6-next.0";
6
+ var version = "0.19.6-next.2";
7
7
  var description = "A Backstage backend plugin that integrates towards Kubernetes";
8
8
  var backstage = {
9
9
  role: "backend-plugin",
@@ -81,7 +81,7 @@ var dependencies = {
81
81
  "@backstage/types": "workspace:^",
82
82
  "@google-cloud/container": "^5.0.0",
83
83
  "@jest-mock/express": "^2.0.1",
84
- "@kubernetes/client-node": "1.0.0-rc7",
84
+ "@kubernetes/client-node": "1.1.2",
85
85
  "@types/express": "^4.17.6",
86
86
  "@types/http-proxy-middleware": "^1.0.0",
87
87
  "@types/luxon": "^3.0.0",
package/dist/plugin.cjs.js CHANGED
@@ -7,7 +7,6 @@ require('./service/KubernetesFanOutHandler.cjs.js');
7
7
  require('@backstage/errors');
8
8
  require('@backstage/plugin-kubernetes-common');
9
9
  require('@backstage/plugin-permission-common');
10
- require('@kubernetes/client-node');
11
10
  require('http-proxy-middleware');
12
11
  require('fs-extra');
13
12
  require('@backstage/backend-common');
package/dist/plugin.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"plugin.cjs.js","sources":["../src/plugin.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n coreServices,\n createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport { catalogServiceRef } from '@backstage/plugin-catalog-node/alpha';\n\nimport { KubernetesBuilder } from './service';\n\nimport {\n type AuthenticationStrategy,\n kubernetesAuthStrategyExtensionPoint,\n type KubernetesAuthStrategyExtensionPoint,\n type KubernetesClustersSupplier,\n kubernetesClusterSupplierExtensionPoint,\n type KubernetesClusterSupplierExtensionPoint,\n type KubernetesFetcher,\n kubernetesFetcherExtensionPoint,\n type KubernetesFetcherExtensionPoint,\n type KubernetesObjectsProvider,\n kubernetesObjectsProviderExtensionPoint,\n type KubernetesObjectsProviderExtensionPoint,\n type KubernetesServiceLocator,\n kubernetesServiceLocatorExtensionPoint,\n type KubernetesServiceLocatorExtensionPoint,\n} from '@backstage/plugin-kubernetes-node';\n\nclass ObjectsProvider implements KubernetesObjectsProviderExtensionPoint {\n private objectsProvider: KubernetesObjectsProvider | undefined;\n\n getObjectsProvider() {\n return this.objectsProvider;\n }\n\n addObjectsProvider(provider: KubernetesObjectsProvider) {\n if (this.objectsProvider) {\n throw new Error(\n 'Multiple Kubernetes objects provider is not supported at this time',\n );\n }\n this.objectsProvider = provider;\n }\n}\n\nclass ClusterSuplier implements KubernetesClusterSupplierExtensionPoint {\n private clusterSupplier: KubernetesClustersSupplier | undefined;\n\n getClusterSupplier() {\n return this.clusterSupplier;\n }\n\n addClusterSupplier(clusterSupplier: KubernetesClustersSupplier) {\n if (this.clusterSupplier) {\n throw new Error(\n 'Multiple Kubernetes Cluster Suppliers is not supported at this time',\n );\n }\n this.clusterSupplier = clusterSupplier;\n }\n}\n\nclass Fetcher implements KubernetesFetcherExtensionPoint {\n private fetcher: KubernetesFetcher | undefined;\n\n getFetcher() {\n return this.fetcher;\n }\n\n addFetcher(fetcher: KubernetesFetcher) {\n if (this.fetcher) {\n throw new Error(\n 'Multiple Kubernetes Fetchers is not supported at this time',\n );\n }\n this.fetcher = fetcher;\n }\n}\n\nclass ServiceLocator implements KubernetesServiceLocatorExtensionPoint {\n private serviceLocator: KubernetesServiceLocator | undefined;\n\n getServiceLocator() {\n return this.serviceLocator;\n }\n\n addServiceLocator(serviceLocator: KubernetesServiceLocator) {\n if (this.serviceLocator) {\n throw new Error(\n 'Multiple Kubernetes Service Locators is not supported at this time',\n );\n }\n this.serviceLocator = serviceLocator;\n }\n}\n\nclass AuthStrategy implements KubernetesAuthStrategyExtensionPoint {\n private authStrategies: Array<{\n key: string;\n strategy: AuthenticationStrategy;\n }>;\n\n constructor() {\n this.authStrategies = new Array<{\n key: string;\n strategy: AuthenticationStrategy;\n }>();\n }\n\n static addAuthStrategiesFromArray(\n authStrategies: Array<{ key: string; strategy: AuthenticationStrategy }>,\n builder: KubernetesBuilder,\n ) {\n authStrategies.forEach(st => builder.addAuthStrategy(st.key, st.strategy));\n }\n\n getAuthenticationStrategies() {\n return this.authStrategies;\n }\n\n addAuthStrategy(key: string, authStrategy: AuthenticationStrategy) {\n this.authStrategies.push({ key, strategy: authStrategy });\n }\n}\n\n/**\n * This is the backend plugin that provides the Kubernetes integration.\n * @public\n */\nexport const kubernetesPlugin = createBackendPlugin({\n pluginId: 'kubernetes',\n register(env) {\n const extPointObjectsProvider = new ObjectsProvider();\n const extPointClusterSuplier = new ClusterSuplier();\n const extPointAuthStrategy = new AuthStrategy();\n const extPointFetcher = new Fetcher();\n const extPointServiceLocator = new ServiceLocator();\n\n env.registerExtensionPoint(\n kubernetesObjectsProviderExtensionPoint,\n extPointObjectsProvider,\n );\n env.registerExtensionPoint(\n kubernetesClusterSupplierExtensionPoint,\n extPointClusterSuplier,\n );\n env.registerExtensionPoint(\n kubernetesAuthStrategyExtensionPoint,\n extPointAuthStrategy,\n );\n env.registerExtensionPoint(\n kubernetesFetcherExtensionPoint,\n extPointFetcher,\n );\n env.registerExtensionPoint(\n kubernetesServiceLocatorExtensionPoint,\n extPointServiceLocator,\n );\n\n env.registerInit({\n deps: {\n http: coreServices.httpRouter,\n logger: coreServices.logger,\n config: coreServices.rootConfig,\n discovery: coreServices.discovery,\n catalogApi: catalogServiceRef,\n permissions: coreServices.permissions,\n auth: coreServices.auth,\n httpAuth: coreServices.httpAuth,\n },\n async init({\n http,\n logger,\n config,\n discovery,\n catalogApi,\n permissions,\n auth,\n httpAuth,\n }) {\n if (config.has('kubernetes')) {\n // TODO: expose all of the customization & extension points of the builder here\n const builder: KubernetesBuilder = KubernetesBuilder.createBuilder({\n logger,\n config,\n catalogApi,\n permissions,\n discovery,\n auth,\n httpAuth,\n })\n .setObjectsProvider(extPointObjectsProvider.getObjectsProvider())\n .setClusterSupplier(extPointClusterSuplier.getClusterSupplier())\n .setFetcher(extPointFetcher.getFetcher())\n .setServiceLocator(extPointServiceLocator.getServiceLocator());\n\n AuthStrategy.addAuthStrategiesFromArray(\n extPointAuthStrategy.getAuthenticationStrategies(),\n builder,\n );\n const { router } = await builder.build();\n http.use(router);\n } else {\n logger.warn(\n 'Failed to initialize kubernetes backend: valid kubernetes config is missing',\n );\n }\n },\n });\n },\n});\n"],"names":["createBackendPlugin","kubernetesObjectsProviderExtensionPoint","kubernetesClusterSupplierExtensionPoint","kubernetesAuthStrategyExtensionPoint","kubernetesFetcherExtensionPoint","kubernetesServiceLocatorExtensionPoint","coreServices","catalogServiceRef","KubernetesBuilder"],"mappings":";;;;;;;;;;;;;;;AA0CA,MAAM,eAAmE,CAAA;AAAA,EAC/D,eAAA;AAAA,EAER,kBAAqB,GAAA;AACnB,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEA,mBAAmB,QAAqC,EAAA;AACtD,IAAA,IAAI,KAAK,eAAiB,EAAA;AACxB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,eAAkB,GAAA,QAAA;AAAA;AAE3B;AAEA,MAAM,cAAkE,CAAA;AAAA,EAC9D,eAAA;AAAA,EAER,kBAAqB,GAAA;AACnB,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEA,mBAAmB,eAA6C,EAAA;AAC9D,IAAA,IAAI,KAAK,eAAiB,EAAA;AACxB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AAAA;AAE3B;AAEA,MAAM,OAAmD,CAAA;AAAA,EAC/C,OAAA;AAAA,EAER,UAAa,GAAA;AACX,IAAA,OAAO,IAAK,CAAA,OAAA;AAAA;AACd,EAEA,WAAW,OAA4B,EAAA;AACrC,IAAA,IAAI,KAAK,OAAS,EAAA;AAChB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,OAAU,GAAA,OAAA;AAAA;AAEnB;AAEA,MAAM,cAAiE,CAAA;AAAA,EAC7D,cAAA;AAAA,EAER,iBAAoB,GAAA;AAClB,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA;AACd,EAEA,kBAAkB,cAA0C,EAAA;AAC1D,IAAA,IAAI,KAAK,cAAgB,EAAA;AACvB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,cAAiB,GAAA,cAAA;AAAA;AAE1B;AAEA,MAAM,YAA6D,CAAA;AAAA,EACzD,cAAA;AAAA,EAKR,WAAc,GAAA;AACZ,IAAK,IAAA,CAAA,cAAA,GAAiB,IAAI,KAGvB,EAAA;AAAA;AACL,EAEA,OAAO,0BACL,CAAA,cAAA,EACA,OACA,EAAA;AACA,IAAe,cAAA,CAAA,OAAA,CAAQ,QAAM,OAAQ,CAAA,eAAA,CAAgB,GAAG,GAAK,EAAA,EAAA,CAAG,QAAQ,CAAC,CAAA;AAAA;AAC3E,EAEA,2BAA8B,GAAA;AAC5B,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA;AACd,EAEA,eAAA,CAAgB,KAAa,YAAsC,EAAA;AACjE,IAAA,IAAA,CAAK,eAAe,IAAK,CAAA,EAAE,GAAK,EAAA,QAAA,EAAU,cAAc,CAAA;AAAA;AAE5D;AAMO,MAAM,mBAAmBA,oCAAoB,CAAA;AAAA,EAClD,QAAU,EAAA,YAAA;AAAA,EACV,SAAS,GAAK,EAAA;AACZ,IAAM,MAAA,uBAAA,GAA0B,IAAI,eAAgB,EAAA;AACpD,IAAM,MAAA,sBAAA,GAAyB,IAAI,cAAe,EAAA;AAClD,IAAM,MAAA,oBAAA,GAAuB,IAAI,YAAa,EAAA;AAC9C,IAAM,MAAA,eAAA,GAAkB,IAAI,OAAQ,EAAA;AACpC,IAAM,MAAA,sBAAA,GAAyB,IAAI,cAAe,EAAA;AAElD,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,4DAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,4DAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,yDAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,oDAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,2DAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,GAAA,CAAI,YAAa,CAAA;AAAA,MACf,IAAM,EAAA;AAAA,QACJ,MAAMC,6BAAa,CAAA,UAAA;AAAA,QACnB,QAAQA,6BAAa,CAAA,MAAA;AAAA,QACrB,QAAQA,6BAAa,CAAA,UAAA;AAAA,QACrB,WAAWA,6BAAa,CAAA,SAAA;AAAA,QACxB,UAAY,EAAAC,uBAAA;AAAA,QACZ,aAAaD,6BAAa,CAAA,WAAA;AAAA,QAC1B,MAAMA,6BAAa,CAAA,IAAA;AAAA,QACnB,UAAUA,6BAAa,CAAA;AAAA,OACzB;AAAA,MACA,MAAM,IAAK,CAAA;AAAA,QACT,IAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,UAAA;AAAA,QACA,WAAA;AAAA,QACA,IAAA;AAAA,QACA;AAAA,OACC,EAAA;AACD,QAAI,IAAA,MAAA,CAAO,GAAI,CAAA,YAAY,CAAG,EAAA;AAE5B,UAAM,MAAA,OAAA,GAA6BE,oCAAkB,aAAc,CAAA;AAAA,YACjE,MAAA;AAAA,YACA,MAAA;AAAA,YACA,UAAA;AAAA,YACA,WAAA;AAAA,YACA,SAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD,EACE,kBAAmB,CAAA,uBAAA,CAAwB,oBAAoB,CAAA,CAC/D,mBAAmB,sBAAuB,CAAA,kBAAA,EAAoB,CAC9D,CAAA,UAAA,CAAW,gBAAgB,UAAW,EAAC,EACvC,iBAAkB,CAAA,sBAAA,CAAuB,mBAAmB,CAAA;AAE/D,UAAa,YAAA,CAAA,0BAAA;AAAA,YACX,qBAAqB,2BAA4B,EAAA;AAAA,YACjD;AAAA,WACF;AACA,UAAA,MAAM,EAAE,MAAA,EAAW,GAAA,MAAM,QAAQ,KAAM,EAAA;AACvC,UAAA,IAAA,CAAK,IAAI,MAAM,CAAA;AAAA,SACV,MAAA;AACL,UAAO,MAAA,CAAA,IAAA;AAAA,YACL;AAAA,WACF;AAAA;AACF;AACF,KACD,CAAA;AAAA;AAEL,CAAC;;;;"}
1
+ {"version":3,"file":"plugin.cjs.js","sources":["../src/plugin.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n coreServices,\n createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport { catalogServiceRef } from '@backstage/plugin-catalog-node/alpha';\n\nimport { KubernetesBuilder } from './service';\n\nimport {\n type AuthenticationStrategy,\n kubernetesAuthStrategyExtensionPoint,\n type KubernetesAuthStrategyExtensionPoint,\n type KubernetesClustersSupplier,\n kubernetesClusterSupplierExtensionPoint,\n type KubernetesClusterSupplierExtensionPoint,\n type KubernetesFetcher,\n kubernetesFetcherExtensionPoint,\n type KubernetesFetcherExtensionPoint,\n type KubernetesObjectsProvider,\n kubernetesObjectsProviderExtensionPoint,\n type KubernetesObjectsProviderExtensionPoint,\n type KubernetesServiceLocator,\n kubernetesServiceLocatorExtensionPoint,\n type KubernetesServiceLocatorExtensionPoint,\n} from '@backstage/plugin-kubernetes-node';\n\nclass ObjectsProvider implements KubernetesObjectsProviderExtensionPoint {\n private objectsProvider: KubernetesObjectsProvider | undefined;\n\n getObjectsProvider() {\n return this.objectsProvider;\n }\n\n addObjectsProvider(provider: KubernetesObjectsProvider) {\n if (this.objectsProvider) {\n throw new Error(\n 'Multiple Kubernetes objects provider is not supported at this time',\n );\n }\n this.objectsProvider = provider;\n }\n}\n\nclass ClusterSuplier implements KubernetesClusterSupplierExtensionPoint {\n private clusterSupplier: KubernetesClustersSupplier | undefined;\n\n getClusterSupplier() {\n return this.clusterSupplier;\n }\n\n addClusterSupplier(clusterSupplier: KubernetesClustersSupplier) {\n if (this.clusterSupplier) {\n throw new Error(\n 'Multiple Kubernetes Cluster Suppliers is not supported at this time',\n );\n }\n this.clusterSupplier = clusterSupplier;\n }\n}\n\nclass Fetcher implements KubernetesFetcherExtensionPoint {\n private fetcher: KubernetesFetcher | undefined;\n\n getFetcher() {\n return this.fetcher;\n }\n\n addFetcher(fetcher: KubernetesFetcher) {\n if (this.fetcher) {\n throw new Error(\n 'Multiple Kubernetes Fetchers is not supported at this time',\n );\n }\n this.fetcher = fetcher;\n }\n}\n\nclass ServiceLocator implements KubernetesServiceLocatorExtensionPoint {\n private serviceLocator: KubernetesServiceLocator | undefined;\n\n getServiceLocator() {\n return this.serviceLocator;\n }\n\n addServiceLocator(serviceLocator: KubernetesServiceLocator) {\n if (this.serviceLocator) {\n throw new Error(\n 'Multiple Kubernetes Service Locators is not supported at this time',\n );\n }\n this.serviceLocator = serviceLocator;\n }\n}\n\nclass AuthStrategy implements KubernetesAuthStrategyExtensionPoint {\n private authStrategies: Array<{\n key: string;\n strategy: AuthenticationStrategy;\n }>;\n\n constructor() {\n this.authStrategies = new Array<{\n key: string;\n strategy: AuthenticationStrategy;\n }>();\n }\n\n static addAuthStrategiesFromArray(\n authStrategies: Array<{ key: string; strategy: AuthenticationStrategy }>,\n builder: KubernetesBuilder,\n ) {\n authStrategies.forEach(st => builder.addAuthStrategy(st.key, st.strategy));\n }\n\n getAuthenticationStrategies() {\n return this.authStrategies;\n }\n\n addAuthStrategy(key: string, authStrategy: AuthenticationStrategy) {\n this.authStrategies.push({ key, strategy: authStrategy });\n }\n}\n\n/**\n * This is the backend plugin that provides the Kubernetes integration.\n * @public\n */\nexport const kubernetesPlugin = createBackendPlugin({\n pluginId: 'kubernetes',\n register(env) {\n const extPointObjectsProvider = new ObjectsProvider();\n const extPointClusterSuplier = new ClusterSuplier();\n const extPointAuthStrategy = new AuthStrategy();\n const extPointFetcher = new Fetcher();\n const extPointServiceLocator = new ServiceLocator();\n\n env.registerExtensionPoint(\n kubernetesObjectsProviderExtensionPoint,\n extPointObjectsProvider,\n );\n env.registerExtensionPoint(\n kubernetesClusterSupplierExtensionPoint,\n extPointClusterSuplier,\n );\n env.registerExtensionPoint(\n kubernetesAuthStrategyExtensionPoint,\n extPointAuthStrategy,\n );\n env.registerExtensionPoint(\n kubernetesFetcherExtensionPoint,\n extPointFetcher,\n );\n env.registerExtensionPoint(\n kubernetesServiceLocatorExtensionPoint,\n extPointServiceLocator,\n );\n\n env.registerInit({\n deps: {\n http: coreServices.httpRouter,\n logger: coreServices.logger,\n config: coreServices.rootConfig,\n discovery: coreServices.discovery,\n catalogApi: catalogServiceRef,\n permissions: coreServices.permissions,\n auth: coreServices.auth,\n httpAuth: coreServices.httpAuth,\n },\n async init({\n http,\n logger,\n config,\n discovery,\n catalogApi,\n permissions,\n auth,\n httpAuth,\n }) {\n if (config.has('kubernetes')) {\n // TODO: expose all of the customization & extension points of the builder here\n const builder: KubernetesBuilder = KubernetesBuilder.createBuilder({\n logger,\n config,\n catalogApi,\n permissions,\n discovery,\n auth,\n httpAuth,\n })\n .setObjectsProvider(extPointObjectsProvider.getObjectsProvider())\n .setClusterSupplier(extPointClusterSuplier.getClusterSupplier())\n .setFetcher(extPointFetcher.getFetcher())\n .setServiceLocator(extPointServiceLocator.getServiceLocator());\n\n AuthStrategy.addAuthStrategiesFromArray(\n extPointAuthStrategy.getAuthenticationStrategies(),\n builder,\n );\n const { router } = await builder.build();\n http.use(router);\n } else {\n logger.warn(\n 'Failed to initialize kubernetes backend: valid kubernetes config is missing',\n );\n }\n },\n });\n },\n});\n"],"names":["createBackendPlugin","kubernetesObjectsProviderExtensionPoint","kubernetesClusterSupplierExtensionPoint","kubernetesAuthStrategyExtensionPoint","kubernetesFetcherExtensionPoint","kubernetesServiceLocatorExtensionPoint","coreServices","catalogServiceRef","KubernetesBuilder"],"mappings":";;;;;;;;;;;;;;AA0CA,MAAM,eAAmE,CAAA;AAAA,EAC/D,eAAA;AAAA,EAER,kBAAqB,GAAA;AACnB,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEA,mBAAmB,QAAqC,EAAA;AACtD,IAAA,IAAI,KAAK,eAAiB,EAAA;AACxB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,eAAkB,GAAA,QAAA;AAAA;AAE3B;AAEA,MAAM,cAAkE,CAAA;AAAA,EAC9D,eAAA;AAAA,EAER,kBAAqB,GAAA;AACnB,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEA,mBAAmB,eAA6C,EAAA;AAC9D,IAAA,IAAI,KAAK,eAAiB,EAAA;AACxB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AAAA;AAE3B;AAEA,MAAM,OAAmD,CAAA;AAAA,EAC/C,OAAA;AAAA,EAER,UAAa,GAAA;AACX,IAAA,OAAO,IAAK,CAAA,OAAA;AAAA;AACd,EAEA,WAAW,OAA4B,EAAA;AACrC,IAAA,IAAI,KAAK,OAAS,EAAA;AAChB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,OAAU,GAAA,OAAA;AAAA;AAEnB;AAEA,MAAM,cAAiE,CAAA;AAAA,EAC7D,cAAA;AAAA,EAER,iBAAoB,GAAA;AAClB,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA;AACd,EAEA,kBAAkB,cAA0C,EAAA;AAC1D,IAAA,IAAI,KAAK,cAAgB,EAAA;AACvB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA;AAEF,IAAA,IAAA,CAAK,cAAiB,GAAA,cAAA;AAAA;AAE1B;AAEA,MAAM,YAA6D,CAAA;AAAA,EACzD,cAAA;AAAA,EAKR,WAAc,GAAA;AACZ,IAAK,IAAA,CAAA,cAAA,GAAiB,IAAI,KAGvB,EAAA;AAAA;AACL,EAEA,OAAO,0BACL,CAAA,cAAA,EACA,OACA,EAAA;AACA,IAAe,cAAA,CAAA,OAAA,CAAQ,QAAM,OAAQ,CAAA,eAAA,CAAgB,GAAG,GAAK,EAAA,EAAA,CAAG,QAAQ,CAAC,CAAA;AAAA;AAC3E,EAEA,2BAA8B,GAAA;AAC5B,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA;AACd,EAEA,eAAA,CAAgB,KAAa,YAAsC,EAAA;AACjE,IAAA,IAAA,CAAK,eAAe,IAAK,CAAA,EAAE,GAAK,EAAA,QAAA,EAAU,cAAc,CAAA;AAAA;AAE5D;AAMO,MAAM,mBAAmBA,oCAAoB,CAAA;AAAA,EAClD,QAAU,EAAA,YAAA;AAAA,EACV,SAAS,GAAK,EAAA;AACZ,IAAM,MAAA,uBAAA,GAA0B,IAAI,eAAgB,EAAA;AACpD,IAAM,MAAA,sBAAA,GAAyB,IAAI,cAAe,EAAA;AAClD,IAAM,MAAA,oBAAA,GAAuB,IAAI,YAAa,EAAA;AAC9C,IAAM,MAAA,eAAA,GAAkB,IAAI,OAAQ,EAAA;AACpC,IAAM,MAAA,sBAAA,GAAyB,IAAI,cAAe,EAAA;AAElD,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,4DAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,4DAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,yDAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,oDAAA;AAAA,MACA;AAAA,KACF;AACA,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,2DAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,GAAA,CAAI,YAAa,CAAA;AAAA,MACf,IAAM,EAAA;AAAA,QACJ,MAAMC,6BAAa,CAAA,UAAA;AAAA,QACnB,QAAQA,6BAAa,CAAA,MAAA;AAAA,QACrB,QAAQA,6BAAa,CAAA,UAAA;AAAA,QACrB,WAAWA,6BAAa,CAAA,SAAA;AAAA,QACxB,UAAY,EAAAC,uBAAA;AAAA,QACZ,aAAaD,6BAAa,CAAA,WAAA;AAAA,QAC1B,MAAMA,6BAAa,CAAA,IAAA;AAAA,QACnB,UAAUA,6BAAa,CAAA;AAAA,OACzB;AAAA,MACA,MAAM,IAAK,CAAA;AAAA,QACT,IAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,UAAA;AAAA,QACA,WAAA;AAAA,QACA,IAAA;AAAA,QACA;AAAA,OACC,EAAA;AACD,QAAI,IAAA,MAAA,CAAO,GAAI,CAAA,YAAY,CAAG,EAAA;AAE5B,UAAM,MAAA,OAAA,GAA6BE,oCAAkB,aAAc,CAAA;AAAA,YACjE,MAAA;AAAA,YACA,MAAA;AAAA,YACA,UAAA;AAAA,YACA,WAAA;AAAA,YACA,SAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD,EACE,kBAAmB,CAAA,uBAAA,CAAwB,oBAAoB,CAAA,CAC/D,mBAAmB,sBAAuB,CAAA,kBAAA,EAAoB,CAC9D,CAAA,UAAA,CAAW,gBAAgB,UAAW,EAAC,EACvC,iBAAkB,CAAA,sBAAA,CAAuB,mBAAmB,CAAA;AAE/D,UAAa,YAAA,CAAA,0BAAA;AAAA,YACX,qBAAqB,2BAA4B,EAAA;AAAA,YACjD;AAAA,WACF;AACA,UAAA,MAAM,EAAE,MAAA,EAAW,GAAA,MAAM,QAAQ,KAAM,EAAA;AACvC,UAAA,IAAA,CAAK,IAAI,MAAM,CAAA;AAAA,SACV,MAAA;AACL,UAAO,MAAA,CAAA,IAAA;AAAA,YACL;AAAA,WACF;AAAA;AACF;AACF,KACD,CAAA;AAAA;AAEL,CAAC;;;;"}
package/dist/service/KubernetesBuilder.cjs.js CHANGED
@@ -321,7 +321,7 @@ class KubernetesBuilder {
321
321
  }
322
322
  async fetchClusterDetails(clusterSupplier, options) {
323
323
  const clusterDetails = await clusterSupplier.getClusters(options);
324
- this.env.logger.info(
324
+ this.env.logger.debug(
325
325
  `action=loadClusterDetails numOfClustersLoaded=${clusterDetails.length}`
326
326
  );
327
327
  return clusterDetails;
package/dist/service/KubernetesBuilder.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"KubernetesBuilder.cjs.js","sources":["../../src/service/KubernetesBuilder.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { CatalogApi } from '@backstage/catalog-client';\nimport { Config } from '@backstage/config';\nimport {\n ANNOTATION_KUBERNETES_AUTH_PROVIDER,\n ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER,\n kubernetesClustersReadPermission,\n kubernetesPermissions,\n kubernetesResourcesReadPermission,\n} from '@backstage/plugin-kubernetes-common';\nimport { PermissionEvaluator } from '@backstage/plugin-permission-common';\nimport { createPermissionIntegrationRouter } from '@backstage/plugin-permission-node';\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Duration } from 'luxon';\n\nimport {\n AksStrategy,\n AnonymousStrategy,\n AwsIamStrategy,\n AzureIdentityStrategy,\n DispatchStrategy,\n GoogleServiceAccountStrategy,\n GoogleStrategy,\n OidcStrategy,\n ServiceAccountStrategy,\n} from '../auth';\nimport { getCombinedClusterSupplier } from '../cluster-locator';\n\nimport { createLegacyAuthAdapters } from '@backstage/backend-common';\nimport {\n AuthService,\n BackstageCredentials,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport {\n AuthenticationStrategy,\n AuthMetadata,\n CustomResource,\n KubernetesClustersSupplier,\n KubernetesFetcher,\n KubernetesObjectsProvider,\n KubernetesObjectTypes,\n KubernetesServiceLocator,\n} from '@backstage/plugin-kubernetes-node';\nimport { addResourceRoutesToRouter } from '../routes/resourcesRoutes';\nimport { CatalogRelationServiceLocator } from '../service-locator/CatalogRelationServiceLocator';\nimport { MultiTenantServiceLocator } from '../service-locator/MultiTenantServiceLocator';\nimport { SingleTenantServiceLocator } from '../service-locator/SingleTenantServiceLocator';\nimport {\n KubernetesObjectsProviderOptions,\n ObjectsByEntityRequest,\n ServiceLocatorMethod,\n} from '../types/types';\nimport {\n ALL_OBJECTS,\n DEFAULT_OBJECTS,\n KubernetesFanOutHandler,\n} from './KubernetesFanOutHandler';\nimport { KubernetesClientBasedFetcher } from './KubernetesFetcher';\nimport { KubernetesProxy } from './KubernetesProxy';\nimport { requirePermission } from '../auth/requirePermission';\n\n/**\n * @deprecated Please migrate to the new backend system as this will be removed in the future.\n * @public\n */\nexport interface KubernetesEnvironment {\n logger: LoggerService;\n config: Config;\n catalogApi: CatalogApi;\n discovery: DiscoveryService;\n permissions: PermissionEvaluator;\n auth?: AuthService;\n httpAuth?: HttpAuthService;\n}\n\n/**\n * The return type of the `KubernetesBuilder.build` method\n * @deprecated Please migrate to the new backend system as this will be removed in the future.\n * @public\n */\nexport type KubernetesBuilderReturn = Promise<{\n router: express.Router;\n clusterSupplier: KubernetesClustersSupplier;\n customResources: CustomResource[];\n fetcher: KubernetesFetcher;\n proxy: KubernetesProxy;\n objectsProvider: KubernetesObjectsProvider;\n serviceLocator: KubernetesServiceLocator;\n authStrategyMap: { [key: string]: AuthenticationStrategy };\n}>;\n\n/**\n * @deprecated Please migrate to the new backend system as this will be removed in the future.\n * @public\n * */\nexport class KubernetesBuilder {\n private clusterSupplier?: KubernetesClustersSupplier;\n private defaultClusterRefreshInterval: Duration = Duration.fromObject({\n minutes: 60,\n });\n private objectsProvider?: KubernetesObjectsProvider;\n private fetcher?: KubernetesFetcher;\n private serviceLocator?: KubernetesServiceLocator;\n private proxy?: KubernetesProxy;\n private authStrategyMap?: { [key: string]: AuthenticationStrategy };\n\n static createBuilder(env: KubernetesEnvironment) {\n return new KubernetesBuilder(env);\n }\n\n constructor(protected readonly env: KubernetesEnvironment) {}\n\n public async build(): KubernetesBuilderReturn {\n const logger = this.env.logger;\n const config = this.env.config;\n const permissions = this.env.permissions;\n\n logger.info('Initializing Kubernetes backend');\n\n if (!config.has('kubernetes')) {\n if (process.env.NODE_ENV !== 'development') {\n throw new Error('Kubernetes configuration is missing');\n }\n logger.warn(\n 'Failed to initialize kubernetes backend: kubernetes config is missing',\n );\n return {\n router: Router(),\n } as unknown as KubernetesBuilderReturn;\n }\n\n const { auth, httpAuth } = createLegacyAuthAdapters({\n auth: this.env.auth,\n httpAuth: this.env.httpAuth,\n discovery: this.env.discovery,\n });\n\n const customResources = this.buildCustomResources();\n\n const fetcher = this.getFetcher();\n\n const clusterSupplier = this.getClusterSupplier();\n\n const authStrategyMap = this.getAuthStrategyMap();\n\n const proxy = this.getProxy(\n logger,\n clusterSupplier,\n this.env.discovery,\n httpAuth,\n );\n\n const serviceLocator = this.getServiceLocator();\n\n const objectsProvider = this.getObjectsProvider({\n logger,\n fetcher,\n config,\n serviceLocator,\n customResources,\n objectTypesToFetch: this.getObjectTypesToFetch(),\n });\n\n const router = this.buildRouter(\n objectsProvider,\n clusterSupplier,\n this.env.catalogApi,\n proxy,\n permissions,\n auth,\n httpAuth,\n );\n\n return {\n clusterSupplier,\n customResources,\n fetcher,\n proxy,\n objectsProvider,\n router,\n serviceLocator,\n authStrategyMap,\n };\n }\n\n public setClusterSupplier(clusterSupplier?: KubernetesClustersSupplier) {\n this.clusterSupplier = clusterSupplier;\n return this;\n }\n\n public setDefaultClusterRefreshInterval(refreshInterval: Duration) {\n this.defaultClusterRefreshInterval = refreshInterval;\n return this;\n }\n\n public setObjectsProvider(objectsProvider?: KubernetesObjectsProvider) {\n this.objectsProvider = objectsProvider;\n return this;\n }\n\n public setFetcher(fetcher?: KubernetesFetcher) {\n this.fetcher = fetcher;\n return this;\n }\n\n public setServiceLocator(serviceLocator?: KubernetesServiceLocator) {\n this.serviceLocator = serviceLocator;\n return this;\n }\n\n public setProxy(proxy?: KubernetesProxy) {\n this.proxy = proxy;\n return this;\n }\n\n public setAuthStrategyMap(authStrategyMap: {\n [key: string]: AuthenticationStrategy;\n }) {\n this.authStrategyMap = authStrategyMap;\n }\n\n public addAuthStrategy(key: string, strategy: AuthenticationStrategy) {\n if (key.includes('-')) {\n throw new Error('Strategy name can not include dashes');\n }\n this.getAuthStrategyMap()[key] = strategy;\n return this;\n }\n\n protected buildCustomResources() {\n const customResources: CustomResource[] = (\n this.env.config.getOptionalConfigArray('kubernetes.customResources') ?? []\n ).map(\n c =>\n ({\n group: c.getString('group'),\n apiVersion: c.getString('apiVersion'),\n plural: c.getString('plural'),\n objectType: 'customresources',\n } as CustomResource),\n );\n\n this.env.logger.info(\n `action=LoadingCustomResources numOfCustomResources=${customResources.length}`,\n );\n return customResources;\n }\n\n protected buildClusterSupplier(\n refreshInterval: Duration,\n ): KubernetesClustersSupplier {\n const config = this.env.config;\n const { auth } = createLegacyAuthAdapters(this.env);\n this.clusterSupplier = getCombinedClusterSupplier(\n config,\n this.env.catalogApi,\n new DispatchStrategy({ authStrategyMap: this.getAuthStrategyMap() }),\n this.env.logger,\n refreshInterval,\n auth,\n );\n\n return this.clusterSupplier;\n }\n\n protected buildObjectsProvider(\n options: KubernetesObjectsProviderOptions,\n ): KubernetesObjectsProvider {\n const authStrategyMap = this.getAuthStrategyMap();\n this.objectsProvider = new KubernetesFanOutHandler({\n ...options,\n authStrategy: new DispatchStrategy({\n authStrategyMap,\n }),\n });\n\n return this.objectsProvider;\n }\n\n protected buildFetcher(): KubernetesFetcher {\n this.fetcher = new KubernetesClientBasedFetcher({\n logger: this.env.logger,\n });\n\n return this.fetcher;\n }\n\n protected buildServiceLocator(\n method: ServiceLocatorMethod,\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n switch (method) {\n case 'multiTenant':\n this.serviceLocator =\n this.buildMultiTenantServiceLocator(clusterSupplier);\n break;\n case 'singleTenant':\n this.serviceLocator =\n this.buildSingleTenantServiceLocator(clusterSupplier);\n break;\n case 'catalogRelation':\n this.serviceLocator =\n this.buildCatalogRelationServiceLocator(clusterSupplier);\n break;\n case 'http':\n this.serviceLocator = this.buildHttpServiceLocator(clusterSupplier);\n break;\n default:\n throw new Error(\n `Unsupported kubernetes.serviceLocatorMethod \"${method}\"`,\n );\n }\n\n return this.serviceLocator;\n }\n\n protected buildMultiTenantServiceLocator(\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n return new MultiTenantServiceLocator(clusterSupplier);\n }\n\n protected buildSingleTenantServiceLocator(\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n return new SingleTenantServiceLocator(clusterSupplier);\n }\n\n protected buildCatalogRelationServiceLocator(\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n return new CatalogRelationServiceLocator(clusterSupplier);\n }\n\n protected buildHttpServiceLocator(\n _clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n throw new Error('not implemented');\n }\n\n protected buildProxy(\n logger: LoggerService,\n clusterSupplier: KubernetesClustersSupplier,\n discovery: DiscoveryService,\n httpAuth: HttpAuthService,\n ): KubernetesProxy {\n const authStrategyMap = this.getAuthStrategyMap();\n const authStrategy = new DispatchStrategy({\n authStrategyMap,\n });\n this.proxy = new KubernetesProxy({\n logger,\n clusterSupplier,\n authStrategy,\n discovery,\n httpAuth,\n });\n return this.proxy;\n }\n\n protected buildRouter(\n objectsProvider: KubernetesObjectsProvider,\n clusterSupplier: KubernetesClustersSupplier,\n catalogApi: CatalogApi,\n proxy: KubernetesProxy,\n permissionApi: PermissionEvaluator,\n authService: AuthService,\n httpAuth: HttpAuthService,\n ): express.Router {\n const logger = this.env.logger;\n const router = Router();\n router.use('/proxy', proxy.createRequestHandler({ permissionApi }));\n router.use(express.json());\n router.use(\n createPermissionIntegrationRouter({\n permissions: kubernetesPermissions,\n }),\n );\n // @deprecated\n router.post('/services/:serviceId', async (req, res) => {\n await requirePermission(\n permissionApi,\n kubernetesResourcesReadPermission,\n httpAuth,\n req,\n );\n const serviceId = req.params.serviceId;\n const requestBody: ObjectsByEntityRequest = req.body;\n try {\n const response = await objectsProvider.getKubernetesObjectsByEntity(\n {\n entity: requestBody.entity,\n auth: requestBody.auth || {},\n },\n { credentials: await httpAuth.credentials(req) },\n );\n res.json(response);\n } catch (e) {\n logger.error(\n `action=retrieveObjectsByServiceId service=${serviceId}, error=${e}`,\n );\n res.status(500).json({ error: e.message });\n }\n });\n\n router.get('/clusters', async (req, res) => {\n await requirePermission(\n permissionApi,\n kubernetesClustersReadPermission,\n httpAuth,\n req,\n );\n const credentials = await httpAuth.credentials(req);\n const clusterDetails = await this.fetchClusterDetails(clusterSupplier, {\n credentials,\n });\n res.json({\n items: clusterDetails.map(cd => {\n const oidcTokenProvider =\n cd.authMetadata[ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER];\n const authProvider =\n cd.authMetadata[ANNOTATION_KUBERNETES_AUTH_PROVIDER];\n const strategy = this.getAuthStrategyMap()[authProvider];\n let auth: AuthMetadata = {};\n if (strategy) {\n auth = strategy.presentAuthMetadata(cd.authMetadata);\n }\n\n return {\n name: cd.name,\n title: cd.title,\n dashboardUrl: cd.dashboardUrl,\n authProvider,\n ...(oidcTokenProvider && { oidcTokenProvider }),\n ...(auth && Object.keys(auth).length !== 0 && { auth }),\n };\n }),\n });\n });\n\n addResourceRoutesToRouter(\n router,\n catalogApi,\n objectsProvider,\n authService,\n httpAuth,\n permissionApi,\n );\n\n return router;\n }\n\n protected buildAuthStrategyMap() {\n this.authStrategyMap = {\n aks: new AksStrategy(),\n aws: new AwsIamStrategy({ config: this.env.config }),\n azure: new AzureIdentityStrategy(this.env.logger),\n google: new GoogleStrategy(),\n googleServiceAccount: new GoogleServiceAccountStrategy(),\n localKubectlProxy: new AnonymousStrategy(),\n oidc: new OidcStrategy(),\n serviceAccount: new ServiceAccountStrategy(),\n };\n return this.authStrategyMap;\n }\n\n protected async fetchClusterDetails(\n clusterSupplier: KubernetesClustersSupplier,\n options: { credentials: BackstageCredentials },\n ) {\n const clusterDetails = await clusterSupplier.getClusters(options);\n\n this.env.logger.info(\n `action=loadClusterDetails numOfClustersLoaded=${clusterDetails.length}`,\n );\n\n return clusterDetails;\n }\n\n protected getServiceLocatorMethod() {\n return this.env.config.getString(\n 'kubernetes.serviceLocatorMethod.type',\n ) as ServiceLocatorMethod;\n }\n\n protected getFetcher(): KubernetesFetcher {\n return this.fetcher ?? this.buildFetcher();\n }\n\n protected getClusterSupplier() {\n return (\n this.clusterSupplier ??\n this.buildClusterSupplier(this.defaultClusterRefreshInterval)\n );\n }\n\n protected getServiceLocator(): KubernetesServiceLocator {\n return (\n this.serviceLocator ??\n this.buildServiceLocator(\n this.getServiceLocatorMethod(),\n this.getClusterSupplier(),\n )\n );\n }\n\n protected getObjectsProvider(options: KubernetesObjectsProviderOptions) {\n return this.objectsProvider ?? this.buildObjectsProvider(options);\n }\n\n protected getObjectTypesToFetch() {\n const objectTypesToFetchStrings = this.env.config.getOptionalStringArray(\n 'kubernetes.objectTypes',\n ) as KubernetesObjectTypes[];\n\n const apiVersionOverrides = this.env.config.getOptionalConfig(\n 'kubernetes.apiVersionOverrides',\n );\n\n let objectTypesToFetch;\n\n if (objectTypesToFetchStrings) {\n objectTypesToFetch = ALL_OBJECTS.filter(obj =>\n objectTypesToFetchStrings.includes(obj.objectType),\n );\n }\n\n if (apiVersionOverrides) {\n objectTypesToFetch = objectTypesToFetch ?? DEFAULT_OBJECTS;\n\n for (const obj of objectTypesToFetch) {\n if (apiVersionOverrides.has(obj.objectType)) {\n obj.apiVersion = apiVersionOverrides.getString(obj.objectType);\n }\n }\n }\n\n return objectTypesToFetch;\n }\n\n protected getProxy(\n logger: LoggerService,\n clusterSupplier: KubernetesClustersSupplier,\n discovery: DiscoveryService,\n httpAuth: HttpAuthService,\n ) {\n return (\n this.proxy ??\n this.buildProxy(logger, clusterSupplier, discovery, httpAuth)\n );\n }\n\n protected getAuthStrategyMap() {\n return this.authStrategyMap ?? this.buildAuthStrategyMap();\n }\n}\n"],"names":["Duration","Router","createLegacyAuthAdapters","getCombinedClusterSupplier","DispatchStrategy","KubernetesFanOutHandler","KubernetesClientBasedFetcher","MultiTenantServiceLocator","SingleTenantServiceLocator","CatalogRelationServiceLocator","KubernetesProxy","express","createPermissionIntegrationRouter","kubernetesPermissions","requirePermission","kubernetesResourcesReadPermission","kubernetesClustersReadPermission","ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER","ANNOTATION_KUBERNETES_AUTH_PROVIDER","addResourceRoutesToRouter","AksStrategy","AwsIamStrategy","AzureIdentityStrategy","GoogleStrategy","GoogleServiceAccountStrategy","AnonymousStrategy","OidcStrategy","ServiceAccountStrategy","ALL_OBJECTS","DEFAULT_OBJECTS"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiHO,MAAM,iBAAkB,CAAA;AAAA,EAe7B,YAA+B,GAA4B,EAAA;AAA5B,IAAA,IAAA,CAAA,GAAA,GAAA,GAAA;AAAA;AAA6B,EAdpD,eAAA;AAAA,EACA,6BAAA,GAA0CA,eAAS,UAAW,CAAA;AAAA,IACpE,OAAS,EAAA;AAAA,GACV,CAAA;AAAA,EACO,eAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,KAAA;AAAA,EACA,eAAA;AAAA,EAER,OAAO,cAAc,GAA4B,EAAA;AAC/C,IAAO,OAAA,IAAI,kBAAkB,GAAG,CAAA;AAAA;AAClC,EAIA,MAAa,KAAiC,GAAA;AAC5C,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAM,MAAA,WAAA,GAAc,KAAK,GAAI,CAAA,WAAA;AAE7B,IAAA,MAAA,CAAO,KAAK,iCAAiC,CAAA;AAE7C,IAAA,IAAI,CAAC,MAAA,CAAO,GAAI,CAAA,YAAY,CAAG,EAAA;AAC7B,MAAI,IAAA,OAAA,CAAQ,GAAI,CAAA,QAAA,KAAa,aAAe,EAAA;AAC1C,QAAM,MAAA,IAAI,MAAM,qCAAqC,CAAA;AAAA;AAEvD,MAAO,MAAA,CAAA,IAAA;AAAA,QACL;AAAA,OACF;AACA,MAAO,OAAA;AAAA,QACL,QAAQC,uBAAO;AAAA,OACjB;AAAA;AAGF,IAAA,MAAM,EAAE,IAAA,EAAM,QAAS,EAAA,GAAIC,sCAAyB,CAAA;AAAA,MAClD,IAAA,EAAM,KAAK,GAAI,CAAA,IAAA;AAAA,MACf,QAAA,EAAU,KAAK,GAAI,CAAA,QAAA;AAAA,MACnB,SAAA,EAAW,KAAK,GAAI,CAAA;AAAA,KACrB,CAAA;AAED,IAAM,MAAA,eAAA,GAAkB,KAAK,oBAAqB,EAAA;AAElD,IAAM,MAAA,OAAA,GAAU,KAAK,UAAW,EAAA;AAEhC,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAEhD,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAEhD,IAAA,MAAM,QAAQ,IAAK,CAAA,QAAA;AAAA,MACjB,MAAA;AAAA,MACA,eAAA;AAAA,MACA,KAAK,GAAI,CAAA,SAAA;AAAA,MACT;AAAA,KACF;AAEA,IAAM,MAAA,cAAA,GAAiB,KAAK,iBAAkB,EAAA;AAE9C,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,CAAA;AAAA,MAC9C,MAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAA;AAAA,MACA,cAAA;AAAA,MACA,eAAA;AAAA,MACA,kBAAA,EAAoB,KAAK,qBAAsB;AAAA,KAChD,CAAA;AAED,IAAA,MAAM,SAAS,IAAK,CAAA,WAAA;AAAA,MAClB,eAAA;AAAA,MACA,eAAA;AAAA,MACA,KAAK,GAAI,CAAA,UAAA;AAAA,MACT,KAAA;AAAA,MACA,WAAA;AAAA,MACA,IAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAO,OAAA;AAAA,MACL,eAAA;AAAA,MACA,eAAA;AAAA,MACA,OAAA;AAAA,MACA,KAAA;AAAA,MACA,eAAA;AAAA,MACA,MAAA;AAAA,MACA,cAAA;AAAA,MACA;AAAA,KACF;AAAA;AACF,EAEO,mBAAmB,eAA8C,EAAA;AACtE,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AACvB,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,iCAAiC,eAA2B,EAAA;AACjE,IAAA,IAAA,CAAK,6BAAgC,GAAA,eAAA;AACrC,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,mBAAmB,eAA6C,EAAA;AACrE,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AACvB,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,WAAW,OAA6B,EAAA;AAC7C,IAAA,IAAA,CAAK,OAAU,GAAA,OAAA;AACf,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,kBAAkB,cAA2C,EAAA;AAClE,IAAA,IAAA,CAAK,cAAiB,GAAA,cAAA;AACtB,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,SAAS,KAAyB,EAAA;AACvC,IAAA,IAAA,CAAK,KAAQ,GAAA,KAAA;AACb,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,mBAAmB,eAEvB,EAAA;AACD,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AAAA;AACzB,EAEO,eAAA,CAAgB,KAAa,QAAkC,EAAA;AACpE,IAAI,IAAA,GAAA,CAAI,QAAS,CAAA,GAAG,CAAG,EAAA;AACrB,MAAM,MAAA,IAAI,MAAM,sCAAsC,CAAA;AAAA;AAExD,IAAK,IAAA,CAAA,kBAAA,EAAqB,CAAA,GAAG,CAAI,GAAA,QAAA;AACjC,IAAO,OAAA,IAAA;AAAA;AACT,EAEU,oBAAuB,GAAA;AAC/B,IAAM,MAAA,eAAA,GAAA,CACJ,KAAK,GAAI,CAAA,MAAA,CAAO,uBAAuB,4BAA4B,CAAA,IAAK,EACxE,EAAA,GAAA;AAAA,MACA,CACG,CAAA,MAAA;AAAA,QACC,KAAA,EAAO,CAAE,CAAA,SAAA,CAAU,OAAO,CAAA;AAAA,QAC1B,UAAA,EAAY,CAAE,CAAA,SAAA,CAAU,YAAY,CAAA;AAAA,QACpC,MAAA,EAAQ,CAAE,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,QAC5B,UAAY,EAAA;AAAA,OACd;AAAA,KACJ;AAEA,IAAA,IAAA,CAAK,IAAI,MAAO,CAAA,IAAA;AAAA,MACd,CAAA,mDAAA,EAAsD,gBAAgB,MAAM,CAAA;AAAA,KAC9E;AACA,IAAO,OAAA,eAAA;AAAA;AACT,EAEU,qBACR,eAC4B,EAAA;AAC5B,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAA,MAAM,EAAE,IAAA,EAAS,GAAAA,sCAAA,CAAyB,KAAK,GAAG,CAAA;AAClD,IAAA,IAAA,CAAK,eAAkB,GAAAC,gCAAA;AAAA,MACrB,MAAA;AAAA,MACA,KAAK,GAAI,CAAA,UAAA;AAAA,MACT,IAAIC,iCAAiB,CAAA,EAAE,iBAAiB,IAAK,CAAA,kBAAA,IAAsB,CAAA;AAAA,MACnE,KAAK,GAAI,CAAA,MAAA;AAAA,MACT,eAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEU,qBACR,OAC2B,EAAA;AAC3B,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAChD,IAAK,IAAA,CAAA,eAAA,GAAkB,IAAIC,+CAAwB,CAAA;AAAA,MACjD,GAAG,OAAA;AAAA,MACH,YAAA,EAAc,IAAID,iCAAiB,CAAA;AAAA,QACjC;AAAA,OACD;AAAA,KACF,CAAA;AAED,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEU,YAAkC,GAAA;AAC1C,IAAK,IAAA,CAAA,OAAA,GAAU,IAAIE,8CAA6B,CAAA;AAAA,MAC9C,MAAA,EAAQ,KAAK,GAAI,CAAA;AAAA,KAClB,CAAA;AAED,IAAA,OAAO,IAAK,CAAA,OAAA;AAAA;AACd,EAEU,mBAAA,CACR,QACA,eAC0B,EAAA;AAC1B,IAAA,QAAQ,MAAQ;AAAA,MACd,KAAK,aAAA;AACH,QAAK,IAAA,CAAA,cAAA,GACH,IAAK,CAAA,8BAAA,CAA+B,eAAe,CAAA;AACrD,QAAA;AAAA,MACF,KAAK,cAAA;AACH,QAAK,IAAA,CAAA,cAAA,GACH,IAAK,CAAA,+BAAA,CAAgC,eAAe,CAAA;AACtD,QAAA;AAAA,MACF,KAAK,iBAAA;AACH,QAAK,IAAA,CAAA,cAAA,GACH,IAAK,CAAA,kCAAA,CAAmC,eAAe,CAAA;AACzD,QAAA;AAAA,MACF,KAAK,MAAA;AACH,QAAK,IAAA,CAAA,cAAA,GAAiB,IAAK,CAAA,uBAAA,CAAwB,eAAe,CAAA;AAClE,QAAA;AAAA,MACF;AACE,QAAA,MAAM,IAAI,KAAA;AAAA,UACR,gDAAgD,MAAM,CAAA,CAAA;AAAA,SACxD;AAAA;AAGJ,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA;AACd,EAEU,+BACR,eAC0B,EAAA;AAC1B,IAAO,OAAA,IAAIC,oDAA0B,eAAe,CAAA;AAAA;AACtD,EAEU,gCACR,eAC0B,EAAA;AAC1B,IAAO,OAAA,IAAIC,sDAA2B,eAAe,CAAA;AAAA;AACvD,EAEU,mCACR,eAC0B,EAAA;AAC1B,IAAO,OAAA,IAAIC,4DAA8B,eAAe,CAAA;AAAA;AAC1D,EAEU,wBACR,gBAC0B,EAAA;AAC1B,IAAM,MAAA,IAAI,MAAM,iBAAiB,CAAA;AAAA;AACnC,EAEU,UACR,CAAA,MAAA,EACA,eACA,EAAA,SAAA,EACA,QACiB,EAAA;AACjB,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAChD,IAAM,MAAA,YAAA,GAAe,IAAIL,iCAAiB,CAAA;AAAA,MACxC;AAAA,KACD,CAAA;AACD,IAAK,IAAA,CAAA,KAAA,GAAQ,IAAIM,+BAAgB,CAAA;AAAA,MAC/B,MAAA;AAAA,MACA,eAAA;AAAA,MACA,YAAA;AAAA,MACA,SAAA;AAAA,MACA;AAAA,KACD,CAAA;AACD,IAAA,OAAO,IAAK,CAAA,KAAA;AAAA;AACd,EAEU,YACR,eACA,EAAA,eAAA,EACA,YACA,KACA,EAAA,aAAA,EACA,aACA,QACgB,EAAA;AAChB,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAA,MAAM,SAAST,uBAAO,EAAA;AACtB,IAAA,MAAA,CAAO,IAAI,QAAU,EAAA,KAAA,CAAM,qBAAqB,EAAE,aAAA,EAAe,CAAC,CAAA;AAClE,IAAO,MAAA,CAAA,GAAA,CAAIU,wBAAQ,CAAA,IAAA,EAAM,CAAA;AACzB,IAAO,MAAA,CAAA,GAAA;AAAA,MACLC,sDAAkC,CAAA;AAAA,QAChC,WAAa,EAAAC;AAAA,OACd;AAAA,KACH;AAEA,IAAA,MAAA,CAAO,IAAK,CAAA,sBAAA,EAAwB,OAAO,GAAA,EAAK,GAAQ,KAAA;AACtD,MAAM,MAAAC,mCAAA;AAAA,QACJ,aAAA;AAAA,QACAC,wDAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACF;AACA,MAAM,MAAA,SAAA,GAAY,IAAI,MAAO,CAAA,SAAA;AAC7B,MAAA,MAAM,cAAsC,GAAI,CAAA,IAAA;AAChD,MAAI,IAAA;AACF,QAAM,MAAA,QAAA,GAAW,MAAM,eAAgB,CAAA,4BAAA;AAAA,UACrC;AAAA,YACE,QAAQ,WAAY,CAAA,MAAA;AAAA,YACpB,IAAA,EAAM,WAAY,CAAA,IAAA,IAAQ;AAAC,WAC7B;AAAA,UACA,EAAE,WAAa,EAAA,MAAM,QAAS,CAAA,WAAA,CAAY,GAAG,CAAE;AAAA,SACjD;AACA,QAAA,GAAA,CAAI,KAAK,QAAQ,CAAA;AAAA,eACV,CAAG,EAAA;AACV,QAAO,MAAA,CAAA,KAAA;AAAA,UACL,CAAA,0CAAA,EAA6C,SAAS,CAAA,QAAA,EAAW,CAAC,CAAA;AAAA,SACpE;AACA,QAAI,GAAA,CAAA,MAAA,CAAO,GAAG,CAAE,CAAA,IAAA,CAAK,EAAE,KAAO,EAAA,CAAA,CAAE,SAAS,CAAA;AAAA;AAC3C,KACD,CAAA;AAED,IAAA,MAAA,CAAO,GAAI,CAAA,WAAA,EAAa,OAAO,GAAA,EAAK,GAAQ,KAAA;AAC1C,MAAM,MAAAD,mCAAA;AAAA,QACJ,aAAA;AAAA,QACAE,uDAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,MAAM,WAAc,GAAA,MAAM,QAAS,CAAA,WAAA,CAAY,GAAG,CAAA;AAClD,MAAA,MAAM,cAAiB,GAAA,MAAM,IAAK,CAAA,mBAAA,CAAoB,eAAiB,EAAA;AAAA,QACrE;AAAA,OACD,CAAA;AACD,MAAA,GAAA,CAAI,IAAK,CAAA;AAAA,QACP,KAAA,EAAO,cAAe,CAAA,GAAA,CAAI,CAAM,EAAA,KAAA;AAC9B,UAAM,MAAA,iBAAA,GACJ,EAAG,CAAA,YAAA,CAAaC,gEAAyC,CAAA;AAC3D,UAAM,MAAA,YAAA,GACJ,EAAG,CAAA,YAAA,CAAaC,0DAAmC,CAAA;AACrD,UAAA,MAAM,QAAW,GAAA,IAAA,CAAK,kBAAmB,EAAA,CAAE,YAAY,CAAA;AACvD,UAAA,IAAI,OAAqB,EAAC;AAC1B,UAAA,IAAI,QAAU,EAAA;AACZ,YAAO,IAAA,GAAA,QAAA,CAAS,mBAAoB,CAAA,EAAA,CAAG,YAAY,CAAA;AAAA;AAGrD,UAAO,OAAA;AAAA,YACL,MAAM,EAAG,CAAA,IAAA;AAAA,YACT,OAAO,EAAG,CAAA,KAAA;AAAA,YACV,cAAc,EAAG,CAAA,YAAA;AAAA,YACjB,YAAA;AAAA,YACA,GAAI,iBAAqB,IAAA,EAAE,iBAAkB,EAAA;AAAA,YAC7C,GAAI,QAAQ,MAAO,CAAA,IAAA,CAAK,IAAI,CAAE,CAAA,MAAA,KAAW,CAAK,IAAA,EAAE,IAAK;AAAA,WACvD;AAAA,SACD;AAAA,OACF,CAAA;AAAA,KACF,CAAA;AAED,IAAAC,yCAAA;AAAA,MACE,MAAA;AAAA,MACA,UAAA;AAAA,MACA,eAAA;AAAA,MACA,WAAA;AAAA,MACA,QAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAO,OAAA,MAAA;AAAA;AACT,EAEU,oBAAuB,GAAA;AAC/B,IAAA,IAAA,CAAK,eAAkB,GAAA;AAAA,MACrB,GAAA,EAAK,IAAIC,uBAAY,EAAA;AAAA,MACrB,GAAA,EAAK,IAAIC,6BAAe,CAAA,EAAE,QAAQ,IAAK,CAAA,GAAA,CAAI,QAAQ,CAAA;AAAA,MACnD,KAAO,EAAA,IAAIC,2CAAsB,CAAA,IAAA,CAAK,IAAI,MAAM,CAAA;AAAA,MAChD,MAAA,EAAQ,IAAIC,6BAAe,EAAA;AAAA,MAC3B,oBAAA,EAAsB,IAAIC,yDAA6B,EAAA;AAAA,MACvD,iBAAA,EAAmB,IAAIC,mCAAkB,EAAA;AAAA,MACzC,IAAA,EAAM,IAAIC,yBAAa,EAAA;AAAA,MACvB,cAAA,EAAgB,IAAIC,6CAAuB;AAAA,KAC7C;AACA,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEA,MAAgB,mBACd,CAAA,eAAA,EACA,OACA,EAAA;AACA,IAAA,MAAM,cAAiB,GAAA,MAAM,eAAgB,CAAA,WAAA,CAAY,OAAO,CAAA;AAEhE,IAAA,IAAA,CAAK,IAAI,MAAO,CAAA,IAAA;AAAA,MACd,CAAA,8CAAA,EAAiD,eAAe,MAAM,CAAA;AAAA,KACxE;AAEA,IAAO,OAAA,cAAA;AAAA;AACT,EAEU,uBAA0B,GAAA;AAClC,IAAO,OAAA,IAAA,CAAK,IAAI,MAAO,CAAA,SAAA;AAAA,MACrB;AAAA,KACF;AAAA;AACF,EAEU,UAAgC,GAAA;AACxC,IAAO,OAAA,IAAA,CAAK,OAAW,IAAA,IAAA,CAAK,YAAa,EAAA;AAAA;AAC3C,EAEU,kBAAqB,GAAA;AAC7B,IAAA,OACE,IAAK,CAAA,eAAA,IACL,IAAK,CAAA,oBAAA,CAAqB,KAAK,6BAA6B,CAAA;AAAA;AAEhE,EAEU,iBAA8C,GAAA;AACtD,IACE,OAAA,IAAA,CAAK,kBACL,IAAK,CAAA,mBAAA;AAAA,MACH,KAAK,uBAAwB,EAAA;AAAA,MAC7B,KAAK,kBAAmB;AAAA,KAC1B;AAAA;AAEJ,EAEU,mBAAmB,OAA2C,EAAA;AACtE,IAAA,OAAO,IAAK,CAAA,eAAA,IAAmB,IAAK,CAAA,oBAAA,CAAqB,OAAO,CAAA;AAAA;AAClE,EAEU,qBAAwB,GAAA;AAChC,IAAM,MAAA,yBAAA,GAA4B,IAAK,CAAA,GAAA,CAAI,MAAO,CAAA,sBAAA;AAAA,MAChD;AAAA,KACF;AAEA,IAAM,MAAA,mBAAA,GAAsB,IAAK,CAAA,GAAA,CAAI,MAAO,CAAA,iBAAA;AAAA,MAC1C;AAAA,KACF;AAEA,IAAI,IAAA,kBAAA;AAEJ,IAAA,IAAI,yBAA2B,EAAA;AAC7B,MAAA,kBAAA,GAAqBC,mCAAY,CAAA,MAAA;AAAA,QAAO,CACtC,GAAA,KAAA,yBAAA,CAA0B,QAAS,CAAA,GAAA,CAAI,UAAU;AAAA,OACnD;AAAA;AAGF,IAAA,IAAI,mBAAqB,EAAA;AACvB,MAAA,kBAAA,GAAqB,kBAAsB,IAAAC,uCAAA;AAE3C,MAAA,KAAA,MAAW,OAAO,kBAAoB,EAAA;AACpC,QAAA,IAAI,mBAAoB,CAAA,GAAA,CAAI,GAAI,CAAA,UAAU,CAAG,EAAA;AAC3C,UAAA,GAAA,CAAI,UAAa,GAAA,mBAAA,CAAoB,SAAU,CAAA,GAAA,CAAI,UAAU,CAAA;AAAA;AAC/D;AACF;AAGF,IAAO,OAAA,kBAAA;AAAA;AACT,EAEU,QACR,CAAA,MAAA,EACA,eACA,EAAA,SAAA,EACA,QACA,EAAA;AACA,IAAA,OACE,KAAK,KACL,IAAA,IAAA,CAAK,WAAW,MAAQ,EAAA,eAAA,EAAiB,WAAW,QAAQ,CAAA;AAAA;AAEhE,EAEU,kBAAqB,GAAA;AAC7B,IAAO,OAAA,IAAA,CAAK,eAAmB,IAAA,IAAA,CAAK,oBAAqB,EAAA;AAAA;AAE7D;;;;"}
1
+ {"version":3,"file":"KubernetesBuilder.cjs.js","sources":["../../src/service/KubernetesBuilder.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { CatalogApi } from '@backstage/catalog-client';\nimport { Config } from '@backstage/config';\nimport {\n ANNOTATION_KUBERNETES_AUTH_PROVIDER,\n ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER,\n kubernetesClustersReadPermission,\n kubernetesPermissions,\n kubernetesResourcesReadPermission,\n} from '@backstage/plugin-kubernetes-common';\nimport { PermissionEvaluator } from '@backstage/plugin-permission-common';\nimport { createPermissionIntegrationRouter } from '@backstage/plugin-permission-node';\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Duration } from 'luxon';\n\nimport {\n AksStrategy,\n AnonymousStrategy,\n AwsIamStrategy,\n AzureIdentityStrategy,\n DispatchStrategy,\n GoogleServiceAccountStrategy,\n GoogleStrategy,\n OidcStrategy,\n ServiceAccountStrategy,\n} from '../auth';\nimport { getCombinedClusterSupplier } from '../cluster-locator';\n\nimport { createLegacyAuthAdapters } from '@backstage/backend-common';\nimport {\n AuthService,\n BackstageCredentials,\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n} from '@backstage/backend-plugin-api';\nimport {\n AuthenticationStrategy,\n AuthMetadata,\n CustomResource,\n KubernetesClustersSupplier,\n KubernetesFetcher,\n KubernetesObjectsProvider,\n KubernetesObjectTypes,\n KubernetesServiceLocator,\n} from '@backstage/plugin-kubernetes-node';\nimport { addResourceRoutesToRouter } from '../routes/resourcesRoutes';\nimport { CatalogRelationServiceLocator } from '../service-locator/CatalogRelationServiceLocator';\nimport { MultiTenantServiceLocator } from '../service-locator/MultiTenantServiceLocator';\nimport { SingleTenantServiceLocator } from '../service-locator/SingleTenantServiceLocator';\nimport {\n KubernetesObjectsProviderOptions,\n ObjectsByEntityRequest,\n ServiceLocatorMethod,\n} from '../types/types';\nimport {\n ALL_OBJECTS,\n DEFAULT_OBJECTS,\n KubernetesFanOutHandler,\n} from './KubernetesFanOutHandler';\nimport { KubernetesClientBasedFetcher } from './KubernetesFetcher';\nimport { KubernetesProxy } from './KubernetesProxy';\nimport { requirePermission } from '../auth/requirePermission';\n\n/**\n * @deprecated Please migrate to the new backend system as this will be removed in the future.\n * @public\n */\nexport interface KubernetesEnvironment {\n logger: LoggerService;\n config: Config;\n catalogApi: CatalogApi;\n discovery: DiscoveryService;\n permissions: PermissionEvaluator;\n auth?: AuthService;\n httpAuth?: HttpAuthService;\n}\n\n/**\n * The return type of the `KubernetesBuilder.build` method\n * @deprecated Please migrate to the new backend system as this will be removed in the future.\n * @public\n */\nexport type KubernetesBuilderReturn = Promise<{\n router: express.Router;\n clusterSupplier: KubernetesClustersSupplier;\n customResources: CustomResource[];\n fetcher: KubernetesFetcher;\n proxy: KubernetesProxy;\n objectsProvider: KubernetesObjectsProvider;\n serviceLocator: KubernetesServiceLocator;\n authStrategyMap: { [key: string]: AuthenticationStrategy };\n}>;\n\n/**\n * @deprecated Please migrate to the new backend system as this will be removed in the future.\n * @public\n * */\nexport class KubernetesBuilder {\n private clusterSupplier?: KubernetesClustersSupplier;\n private defaultClusterRefreshInterval: Duration = Duration.fromObject({\n minutes: 60,\n });\n private objectsProvider?: KubernetesObjectsProvider;\n private fetcher?: KubernetesFetcher;\n private serviceLocator?: KubernetesServiceLocator;\n private proxy?: KubernetesProxy;\n private authStrategyMap?: { [key: string]: AuthenticationStrategy };\n\n static createBuilder(env: KubernetesEnvironment) {\n return new KubernetesBuilder(env);\n }\n\n constructor(protected readonly env: KubernetesEnvironment) {}\n\n public async build(): KubernetesBuilderReturn {\n const logger = this.env.logger;\n const config = this.env.config;\n const permissions = this.env.permissions;\n\n logger.info('Initializing Kubernetes backend');\n\n if (!config.has('kubernetes')) {\n if (process.env.NODE_ENV !== 'development') {\n throw new Error('Kubernetes configuration is missing');\n }\n logger.warn(\n 'Failed to initialize kubernetes backend: kubernetes config is missing',\n );\n return {\n router: Router(),\n } as unknown as KubernetesBuilderReturn;\n }\n\n const { auth, httpAuth } = createLegacyAuthAdapters({\n auth: this.env.auth,\n httpAuth: this.env.httpAuth,\n discovery: this.env.discovery,\n });\n\n const customResources = this.buildCustomResources();\n\n const fetcher = this.getFetcher();\n\n const clusterSupplier = this.getClusterSupplier();\n\n const authStrategyMap = this.getAuthStrategyMap();\n\n const proxy = this.getProxy(\n logger,\n clusterSupplier,\n this.env.discovery,\n httpAuth,\n );\n\n const serviceLocator = this.getServiceLocator();\n\n const objectsProvider = this.getObjectsProvider({\n logger,\n fetcher,\n config,\n serviceLocator,\n customResources,\n objectTypesToFetch: this.getObjectTypesToFetch(),\n });\n\n const router = this.buildRouter(\n objectsProvider,\n clusterSupplier,\n this.env.catalogApi,\n proxy,\n permissions,\n auth,\n httpAuth,\n );\n\n return {\n clusterSupplier,\n customResources,\n fetcher,\n proxy,\n objectsProvider,\n router,\n serviceLocator,\n authStrategyMap,\n };\n }\n\n public setClusterSupplier(clusterSupplier?: KubernetesClustersSupplier) {\n this.clusterSupplier = clusterSupplier;\n return this;\n }\n\n public setDefaultClusterRefreshInterval(refreshInterval: Duration) {\n this.defaultClusterRefreshInterval = refreshInterval;\n return this;\n }\n\n public setObjectsProvider(objectsProvider?: KubernetesObjectsProvider) {\n this.objectsProvider = objectsProvider;\n return this;\n }\n\n public setFetcher(fetcher?: KubernetesFetcher) {\n this.fetcher = fetcher;\n return this;\n }\n\n public setServiceLocator(serviceLocator?: KubernetesServiceLocator) {\n this.serviceLocator = serviceLocator;\n return this;\n }\n\n public setProxy(proxy?: KubernetesProxy) {\n this.proxy = proxy;\n return this;\n }\n\n public setAuthStrategyMap(authStrategyMap: {\n [key: string]: AuthenticationStrategy;\n }) {\n this.authStrategyMap = authStrategyMap;\n }\n\n public addAuthStrategy(key: string, strategy: AuthenticationStrategy) {\n if (key.includes('-')) {\n throw new Error('Strategy name can not include dashes');\n }\n this.getAuthStrategyMap()[key] = strategy;\n return this;\n }\n\n protected buildCustomResources() {\n const customResources: CustomResource[] = (\n this.env.config.getOptionalConfigArray('kubernetes.customResources') ?? []\n ).map(\n c =>\n ({\n group: c.getString('group'),\n apiVersion: c.getString('apiVersion'),\n plural: c.getString('plural'),\n objectType: 'customresources',\n } as CustomResource),\n );\n\n this.env.logger.info(\n `action=LoadingCustomResources numOfCustomResources=${customResources.length}`,\n );\n return customResources;\n }\n\n protected buildClusterSupplier(\n refreshInterval: Duration,\n ): KubernetesClustersSupplier {\n const config = this.env.config;\n const { auth } = createLegacyAuthAdapters(this.env);\n this.clusterSupplier = getCombinedClusterSupplier(\n config,\n this.env.catalogApi,\n new DispatchStrategy({ authStrategyMap: this.getAuthStrategyMap() }),\n this.env.logger,\n refreshInterval,\n auth,\n );\n\n return this.clusterSupplier;\n }\n\n protected buildObjectsProvider(\n options: KubernetesObjectsProviderOptions,\n ): KubernetesObjectsProvider {\n const authStrategyMap = this.getAuthStrategyMap();\n this.objectsProvider = new KubernetesFanOutHandler({\n ...options,\n authStrategy: new DispatchStrategy({\n authStrategyMap,\n }),\n });\n\n return this.objectsProvider;\n }\n\n protected buildFetcher(): KubernetesFetcher {\n this.fetcher = new KubernetesClientBasedFetcher({\n logger: this.env.logger,\n });\n\n return this.fetcher;\n }\n\n protected buildServiceLocator(\n method: ServiceLocatorMethod,\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n switch (method) {\n case 'multiTenant':\n this.serviceLocator =\n this.buildMultiTenantServiceLocator(clusterSupplier);\n break;\n case 'singleTenant':\n this.serviceLocator =\n this.buildSingleTenantServiceLocator(clusterSupplier);\n break;\n case 'catalogRelation':\n this.serviceLocator =\n this.buildCatalogRelationServiceLocator(clusterSupplier);\n break;\n case 'http':\n this.serviceLocator = this.buildHttpServiceLocator(clusterSupplier);\n break;\n default:\n throw new Error(\n `Unsupported kubernetes.serviceLocatorMethod \"${method}\"`,\n );\n }\n\n return this.serviceLocator;\n }\n\n protected buildMultiTenantServiceLocator(\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n return new MultiTenantServiceLocator(clusterSupplier);\n }\n\n protected buildSingleTenantServiceLocator(\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n return new SingleTenantServiceLocator(clusterSupplier);\n }\n\n protected buildCatalogRelationServiceLocator(\n clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n return new CatalogRelationServiceLocator(clusterSupplier);\n }\n\n protected buildHttpServiceLocator(\n _clusterSupplier: KubernetesClustersSupplier,\n ): KubernetesServiceLocator {\n throw new Error('not implemented');\n }\n\n protected buildProxy(\n logger: LoggerService,\n clusterSupplier: KubernetesClustersSupplier,\n discovery: DiscoveryService,\n httpAuth: HttpAuthService,\n ): KubernetesProxy {\n const authStrategyMap = this.getAuthStrategyMap();\n const authStrategy = new DispatchStrategy({\n authStrategyMap,\n });\n this.proxy = new KubernetesProxy({\n logger,\n clusterSupplier,\n authStrategy,\n discovery,\n httpAuth,\n });\n return this.proxy;\n }\n\n protected buildRouter(\n objectsProvider: KubernetesObjectsProvider,\n clusterSupplier: KubernetesClustersSupplier,\n catalogApi: CatalogApi,\n proxy: KubernetesProxy,\n permissionApi: PermissionEvaluator,\n authService: AuthService,\n httpAuth: HttpAuthService,\n ): express.Router {\n const logger = this.env.logger;\n const router = Router();\n router.use('/proxy', proxy.createRequestHandler({ permissionApi }));\n router.use(express.json());\n router.use(\n createPermissionIntegrationRouter({\n permissions: kubernetesPermissions,\n }),\n );\n // @deprecated\n router.post('/services/:serviceId', async (req, res) => {\n await requirePermission(\n permissionApi,\n kubernetesResourcesReadPermission,\n httpAuth,\n req,\n );\n const serviceId = req.params.serviceId;\n const requestBody: ObjectsByEntityRequest = req.body;\n try {\n const response = await objectsProvider.getKubernetesObjectsByEntity(\n {\n entity: requestBody.entity,\n auth: requestBody.auth || {},\n },\n { credentials: await httpAuth.credentials(req) },\n );\n res.json(response);\n } catch (e) {\n logger.error(\n `action=retrieveObjectsByServiceId service=${serviceId}, error=${e}`,\n );\n res.status(500).json({ error: e.message });\n }\n });\n\n router.get('/clusters', async (req, res) => {\n await requirePermission(\n permissionApi,\n kubernetesClustersReadPermission,\n httpAuth,\n req,\n );\n const credentials = await httpAuth.credentials(req);\n const clusterDetails = await this.fetchClusterDetails(clusterSupplier, {\n credentials,\n });\n res.json({\n items: clusterDetails.map(cd => {\n const oidcTokenProvider =\n cd.authMetadata[ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER];\n const authProvider =\n cd.authMetadata[ANNOTATION_KUBERNETES_AUTH_PROVIDER];\n const strategy = this.getAuthStrategyMap()[authProvider];\n let auth: AuthMetadata = {};\n if (strategy) {\n auth = strategy.presentAuthMetadata(cd.authMetadata);\n }\n\n return {\n name: cd.name,\n title: cd.title,\n dashboardUrl: cd.dashboardUrl,\n authProvider,\n ...(oidcTokenProvider && { oidcTokenProvider }),\n ...(auth && Object.keys(auth).length !== 0 && { auth }),\n };\n }),\n });\n });\n\n addResourceRoutesToRouter(\n router,\n catalogApi,\n objectsProvider,\n authService,\n httpAuth,\n permissionApi,\n );\n\n return router;\n }\n\n protected buildAuthStrategyMap() {\n this.authStrategyMap = {\n aks: new AksStrategy(),\n aws: new AwsIamStrategy({ config: this.env.config }),\n azure: new AzureIdentityStrategy(this.env.logger),\n google: new GoogleStrategy(),\n googleServiceAccount: new GoogleServiceAccountStrategy(),\n localKubectlProxy: new AnonymousStrategy(),\n oidc: new OidcStrategy(),\n serviceAccount: new ServiceAccountStrategy(),\n };\n return this.authStrategyMap;\n }\n\n protected async fetchClusterDetails(\n clusterSupplier: KubernetesClustersSupplier,\n options: { credentials: BackstageCredentials },\n ) {\n const clusterDetails = await clusterSupplier.getClusters(options);\n\n this.env.logger.debug(\n `action=loadClusterDetails numOfClustersLoaded=${clusterDetails.length}`,\n );\n\n return clusterDetails;\n }\n\n protected getServiceLocatorMethod() {\n return this.env.config.getString(\n 'kubernetes.serviceLocatorMethod.type',\n ) as ServiceLocatorMethod;\n }\n\n protected getFetcher(): KubernetesFetcher {\n return this.fetcher ?? this.buildFetcher();\n }\n\n protected getClusterSupplier() {\n return (\n this.clusterSupplier ??\n this.buildClusterSupplier(this.defaultClusterRefreshInterval)\n );\n }\n\n protected getServiceLocator(): KubernetesServiceLocator {\n return (\n this.serviceLocator ??\n this.buildServiceLocator(\n this.getServiceLocatorMethod(),\n this.getClusterSupplier(),\n )\n );\n }\n\n protected getObjectsProvider(options: KubernetesObjectsProviderOptions) {\n return this.objectsProvider ?? this.buildObjectsProvider(options);\n }\n\n protected getObjectTypesToFetch() {\n const objectTypesToFetchStrings = this.env.config.getOptionalStringArray(\n 'kubernetes.objectTypes',\n ) as KubernetesObjectTypes[];\n\n const apiVersionOverrides = this.env.config.getOptionalConfig(\n 'kubernetes.apiVersionOverrides',\n );\n\n let objectTypesToFetch;\n\n if (objectTypesToFetchStrings) {\n objectTypesToFetch = ALL_OBJECTS.filter(obj =>\n objectTypesToFetchStrings.includes(obj.objectType),\n );\n }\n\n if (apiVersionOverrides) {\n objectTypesToFetch = objectTypesToFetch ?? DEFAULT_OBJECTS;\n\n for (const obj of objectTypesToFetch) {\n if (apiVersionOverrides.has(obj.objectType)) {\n obj.apiVersion = apiVersionOverrides.getString(obj.objectType);\n }\n }\n }\n\n return objectTypesToFetch;\n }\n\n protected getProxy(\n logger: LoggerService,\n clusterSupplier: KubernetesClustersSupplier,\n discovery: DiscoveryService,\n httpAuth: HttpAuthService,\n ) {\n return (\n this.proxy ??\n this.buildProxy(logger, clusterSupplier, discovery, httpAuth)\n );\n }\n\n protected getAuthStrategyMap() {\n return this.authStrategyMap ?? this.buildAuthStrategyMap();\n }\n}\n"],"names":["Duration","Router","createLegacyAuthAdapters","getCombinedClusterSupplier","DispatchStrategy","KubernetesFanOutHandler","KubernetesClientBasedFetcher","MultiTenantServiceLocator","SingleTenantServiceLocator","CatalogRelationServiceLocator","KubernetesProxy","express","createPermissionIntegrationRouter","kubernetesPermissions","requirePermission","kubernetesResourcesReadPermission","kubernetesClustersReadPermission","ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER","ANNOTATION_KUBERNETES_AUTH_PROVIDER","addResourceRoutesToRouter","AksStrategy","AwsIamStrategy","AzureIdentityStrategy","GoogleStrategy","GoogleServiceAccountStrategy","AnonymousStrategy","OidcStrategy","ServiceAccountStrategy","ALL_OBJECTS","DEFAULT_OBJECTS"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiHO,MAAM,iBAAkB,CAAA;AAAA,EAe7B,YAA+B,GAA4B,EAAA;AAA5B,IAAA,IAAA,CAAA,GAAA,GAAA,GAAA;AAAA;AAA6B,EAdpD,eAAA;AAAA,EACA,6BAAA,GAA0CA,eAAS,UAAW,CAAA;AAAA,IACpE,OAAS,EAAA;AAAA,GACV,CAAA;AAAA,EACO,eAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,KAAA;AAAA,EACA,eAAA;AAAA,EAER,OAAO,cAAc,GAA4B,EAAA;AAC/C,IAAO,OAAA,IAAI,kBAAkB,GAAG,CAAA;AAAA;AAClC,EAIA,MAAa,KAAiC,GAAA;AAC5C,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAM,MAAA,WAAA,GAAc,KAAK,GAAI,CAAA,WAAA;AAE7B,IAAA,MAAA,CAAO,KAAK,iCAAiC,CAAA;AAE7C,IAAA,IAAI,CAAC,MAAA,CAAO,GAAI,CAAA,YAAY,CAAG,EAAA;AAC7B,MAAI,IAAA,OAAA,CAAQ,GAAI,CAAA,QAAA,KAAa,aAAe,EAAA;AAC1C,QAAM,MAAA,IAAI,MAAM,qCAAqC,CAAA;AAAA;AAEvD,MAAO,MAAA,CAAA,IAAA;AAAA,QACL;AAAA,OACF;AACA,MAAO,OAAA;AAAA,QACL,QAAQC,uBAAO;AAAA,OACjB;AAAA;AAGF,IAAA,MAAM,EAAE,IAAA,EAAM,QAAS,EAAA,GAAIC,sCAAyB,CAAA;AAAA,MAClD,IAAA,EAAM,KAAK,GAAI,CAAA,IAAA;AAAA,MACf,QAAA,EAAU,KAAK,GAAI,CAAA,QAAA;AAAA,MACnB,SAAA,EAAW,KAAK,GAAI,CAAA;AAAA,KACrB,CAAA;AAED,IAAM,MAAA,eAAA,GAAkB,KAAK,oBAAqB,EAAA;AAElD,IAAM,MAAA,OAAA,GAAU,KAAK,UAAW,EAAA;AAEhC,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAEhD,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAEhD,IAAA,MAAM,QAAQ,IAAK,CAAA,QAAA;AAAA,MACjB,MAAA;AAAA,MACA,eAAA;AAAA,MACA,KAAK,GAAI,CAAA,SAAA;AAAA,MACT;AAAA,KACF;AAEA,IAAM,MAAA,cAAA,GAAiB,KAAK,iBAAkB,EAAA;AAE9C,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,CAAA;AAAA,MAC9C,MAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAA;AAAA,MACA,cAAA;AAAA,MACA,eAAA;AAAA,MACA,kBAAA,EAAoB,KAAK,qBAAsB;AAAA,KAChD,CAAA;AAED,IAAA,MAAM,SAAS,IAAK,CAAA,WAAA;AAAA,MAClB,eAAA;AAAA,MACA,eAAA;AAAA,MACA,KAAK,GAAI,CAAA,UAAA;AAAA,MACT,KAAA;AAAA,MACA,WAAA;AAAA,MACA,IAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAO,OAAA;AAAA,MACL,eAAA;AAAA,MACA,eAAA;AAAA,MACA,OAAA;AAAA,MACA,KAAA;AAAA,MACA,eAAA;AAAA,MACA,MAAA;AAAA,MACA,cAAA;AAAA,MACA;AAAA,KACF;AAAA;AACF,EAEO,mBAAmB,eAA8C,EAAA;AACtE,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AACvB,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,iCAAiC,eAA2B,EAAA;AACjE,IAAA,IAAA,CAAK,6BAAgC,GAAA,eAAA;AACrC,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,mBAAmB,eAA6C,EAAA;AACrE,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AACvB,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,WAAW,OAA6B,EAAA;AAC7C,IAAA,IAAA,CAAK,OAAU,GAAA,OAAA;AACf,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,kBAAkB,cAA2C,EAAA;AAClE,IAAA,IAAA,CAAK,cAAiB,GAAA,cAAA;AACtB,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,SAAS,KAAyB,EAAA;AACvC,IAAA,IAAA,CAAK,KAAQ,GAAA,KAAA;AACb,IAAO,OAAA,IAAA;AAAA;AACT,EAEO,mBAAmB,eAEvB,EAAA;AACD,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AAAA;AACzB,EAEO,eAAA,CAAgB,KAAa,QAAkC,EAAA;AACpE,IAAI,IAAA,GAAA,CAAI,QAAS,CAAA,GAAG,CAAG,EAAA;AACrB,MAAM,MAAA,IAAI,MAAM,sCAAsC,CAAA;AAAA;AAExD,IAAK,IAAA,CAAA,kBAAA,EAAqB,CAAA,GAAG,CAAI,GAAA,QAAA;AACjC,IAAO,OAAA,IAAA;AAAA;AACT,EAEU,oBAAuB,GAAA;AAC/B,IAAM,MAAA,eAAA,GAAA,CACJ,KAAK,GAAI,CAAA,MAAA,CAAO,uBAAuB,4BAA4B,CAAA,IAAK,EACxE,EAAA,GAAA;AAAA,MACA,CACG,CAAA,MAAA;AAAA,QACC,KAAA,EAAO,CAAE,CAAA,SAAA,CAAU,OAAO,CAAA;AAAA,QAC1B,UAAA,EAAY,CAAE,CAAA,SAAA,CAAU,YAAY,CAAA;AAAA,QACpC,MAAA,EAAQ,CAAE,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,QAC5B,UAAY,EAAA;AAAA,OACd;AAAA,KACJ;AAEA,IAAA,IAAA,CAAK,IAAI,MAAO,CAAA,IAAA;AAAA,MACd,CAAA,mDAAA,EAAsD,gBAAgB,MAAM,CAAA;AAAA,KAC9E;AACA,IAAO,OAAA,eAAA;AAAA;AACT,EAEU,qBACR,eAC4B,EAAA;AAC5B,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAA,MAAM,EAAE,IAAA,EAAS,GAAAA,sCAAA,CAAyB,KAAK,GAAG,CAAA;AAClD,IAAA,IAAA,CAAK,eAAkB,GAAAC,gCAAA;AAAA,MACrB,MAAA;AAAA,MACA,KAAK,GAAI,CAAA,UAAA;AAAA,MACT,IAAIC,iCAAiB,CAAA,EAAE,iBAAiB,IAAK,CAAA,kBAAA,IAAsB,CAAA;AAAA,MACnE,KAAK,GAAI,CAAA,MAAA;AAAA,MACT,eAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEU,qBACR,OAC2B,EAAA;AAC3B,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAChD,IAAK,IAAA,CAAA,eAAA,GAAkB,IAAIC,+CAAwB,CAAA;AAAA,MACjD,GAAG,OAAA;AAAA,MACH,YAAA,EAAc,IAAID,iCAAiB,CAAA;AAAA,QACjC;AAAA,OACD;AAAA,KACF,CAAA;AAED,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEU,YAAkC,GAAA;AAC1C,IAAK,IAAA,CAAA,OAAA,GAAU,IAAIE,8CAA6B,CAAA;AAAA,MAC9C,MAAA,EAAQ,KAAK,GAAI,CAAA;AAAA,KAClB,CAAA;AAED,IAAA,OAAO,IAAK,CAAA,OAAA;AAAA;AACd,EAEU,mBAAA,CACR,QACA,eAC0B,EAAA;AAC1B,IAAA,QAAQ,MAAQ;AAAA,MACd,KAAK,aAAA;AACH,QAAK,IAAA,CAAA,cAAA,GACH,IAAK,CAAA,8BAAA,CAA+B,eAAe,CAAA;AACrD,QAAA;AAAA,MACF,KAAK,cAAA;AACH,QAAK,IAAA,CAAA,cAAA,GACH,IAAK,CAAA,+BAAA,CAAgC,eAAe,CAAA;AACtD,QAAA;AAAA,MACF,KAAK,iBAAA;AACH,QAAK,IAAA,CAAA,cAAA,GACH,IAAK,CAAA,kCAAA,CAAmC,eAAe,CAAA;AACzD,QAAA;AAAA,MACF,KAAK,MAAA;AACH,QAAK,IAAA,CAAA,cAAA,GAAiB,IAAK,CAAA,uBAAA,CAAwB,eAAe,CAAA;AAClE,QAAA;AAAA,MACF;AACE,QAAA,MAAM,IAAI,KAAA;AAAA,UACR,gDAAgD,MAAM,CAAA,CAAA;AAAA,SACxD;AAAA;AAGJ,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA;AACd,EAEU,+BACR,eAC0B,EAAA;AAC1B,IAAO,OAAA,IAAIC,oDAA0B,eAAe,CAAA;AAAA;AACtD,EAEU,gCACR,eAC0B,EAAA;AAC1B,IAAO,OAAA,IAAIC,sDAA2B,eAAe,CAAA;AAAA;AACvD,EAEU,mCACR,eAC0B,EAAA;AAC1B,IAAO,OAAA,IAAIC,4DAA8B,eAAe,CAAA;AAAA;AAC1D,EAEU,wBACR,gBAC0B,EAAA;AAC1B,IAAM,MAAA,IAAI,MAAM,iBAAiB,CAAA;AAAA;AACnC,EAEU,UACR,CAAA,MAAA,EACA,eACA,EAAA,SAAA,EACA,QACiB,EAAA;AACjB,IAAM,MAAA,eAAA,GAAkB,KAAK,kBAAmB,EAAA;AAChD,IAAM,MAAA,YAAA,GAAe,IAAIL,iCAAiB,CAAA;AAAA,MACxC;AAAA,KACD,CAAA;AACD,IAAK,IAAA,CAAA,KAAA,GAAQ,IAAIM,+BAAgB,CAAA;AAAA,MAC/B,MAAA;AAAA,MACA,eAAA;AAAA,MACA,YAAA;AAAA,MACA,SAAA;AAAA,MACA;AAAA,KACD,CAAA;AACD,IAAA,OAAO,IAAK,CAAA,KAAA;AAAA;AACd,EAEU,YACR,eACA,EAAA,eAAA,EACA,YACA,KACA,EAAA,aAAA,EACA,aACA,QACgB,EAAA;AAChB,IAAM,MAAA,MAAA,GAAS,KAAK,GAAI,CAAA,MAAA;AACxB,IAAA,MAAM,SAAST,uBAAO,EAAA;AACtB,IAAA,MAAA,CAAO,IAAI,QAAU,EAAA,KAAA,CAAM,qBAAqB,EAAE,aAAA,EAAe,CAAC,CAAA;AAClE,IAAO,MAAA,CAAA,GAAA,CAAIU,wBAAQ,CAAA,IAAA,EAAM,CAAA;AACzB,IAAO,MAAA,CAAA,GAAA;AAAA,MACLC,sDAAkC,CAAA;AAAA,QAChC,WAAa,EAAAC;AAAA,OACd;AAAA,KACH;AAEA,IAAA,MAAA,CAAO,IAAK,CAAA,sBAAA,EAAwB,OAAO,GAAA,EAAK,GAAQ,KAAA;AACtD,MAAM,MAAAC,mCAAA;AAAA,QACJ,aAAA;AAAA,QACAC,wDAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACF;AACA,MAAM,MAAA,SAAA,GAAY,IAAI,MAAO,CAAA,SAAA;AAC7B,MAAA,MAAM,cAAsC,GAAI,CAAA,IAAA;AAChD,MAAI,IAAA;AACF,QAAM,MAAA,QAAA,GAAW,MAAM,eAAgB,CAAA,4BAAA;AAAA,UACrC;AAAA,YACE,QAAQ,WAAY,CAAA,MAAA;AAAA,YACpB,IAAA,EAAM,WAAY,CAAA,IAAA,IAAQ;AAAC,WAC7B;AAAA,UACA,EAAE,WAAa,EAAA,MAAM,QAAS,CAAA,WAAA,CAAY,GAAG,CAAE;AAAA,SACjD;AACA,QAAA,GAAA,CAAI,KAAK,QAAQ,CAAA;AAAA,eACV,CAAG,EAAA;AACV,QAAO,MAAA,CAAA,KAAA;AAAA,UACL,CAAA,0CAAA,EAA6C,SAAS,CAAA,QAAA,EAAW,CAAC,CAAA;AAAA,SACpE;AACA,QAAI,GAAA,CAAA,MAAA,CAAO,GAAG,CAAE,CAAA,IAAA,CAAK,EAAE,KAAO,EAAA,CAAA,CAAE,SAAS,CAAA;AAAA;AAC3C,KACD,CAAA;AAED,IAAA,MAAA,CAAO,GAAI,CAAA,WAAA,EAAa,OAAO,GAAA,EAAK,GAAQ,KAAA;AAC1C,MAAM,MAAAD,mCAAA;AAAA,QACJ,aAAA;AAAA,QACAE,uDAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,MAAM,WAAc,GAAA,MAAM,QAAS,CAAA,WAAA,CAAY,GAAG,CAAA;AAClD,MAAA,MAAM,cAAiB,GAAA,MAAM,IAAK,CAAA,mBAAA,CAAoB,eAAiB,EAAA;AAAA,QACrE;AAAA,OACD,CAAA;AACD,MAAA,GAAA,CAAI,IAAK,CAAA;AAAA,QACP,KAAA,EAAO,cAAe,CAAA,GAAA,CAAI,CAAM,EAAA,KAAA;AAC9B,UAAM,MAAA,iBAAA,GACJ,EAAG,CAAA,YAAA,CAAaC,gEAAyC,CAAA;AAC3D,UAAM,MAAA,YAAA,GACJ,EAAG,CAAA,YAAA,CAAaC,0DAAmC,CAAA;AACrD,UAAA,MAAM,QAAW,GAAA,IAAA,CAAK,kBAAmB,EAAA,CAAE,YAAY,CAAA;AACvD,UAAA,IAAI,OAAqB,EAAC;AAC1B,UAAA,IAAI,QAAU,EAAA;AACZ,YAAO,IAAA,GAAA,QAAA,CAAS,mBAAoB,CAAA,EAAA,CAAG,YAAY,CAAA;AAAA;AAGrD,UAAO,OAAA;AAAA,YACL,MAAM,EAAG,CAAA,IAAA;AAAA,YACT,OAAO,EAAG,CAAA,KAAA;AAAA,YACV,cAAc,EAAG,CAAA,YAAA;AAAA,YACjB,YAAA;AAAA,YACA,GAAI,iBAAqB,IAAA,EAAE,iBAAkB,EAAA;AAAA,YAC7C,GAAI,QAAQ,MAAO,CAAA,IAAA,CAAK,IAAI,CAAE,CAAA,MAAA,KAAW,CAAK,IAAA,EAAE,IAAK;AAAA,WACvD;AAAA,SACD;AAAA,OACF,CAAA;AAAA,KACF,CAAA;AAED,IAAAC,yCAAA;AAAA,MACE,MAAA;AAAA,MACA,UAAA;AAAA,MACA,eAAA;AAAA,MACA,WAAA;AAAA,MACA,QAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAO,OAAA,MAAA;AAAA;AACT,EAEU,oBAAuB,GAAA;AAC/B,IAAA,IAAA,CAAK,eAAkB,GAAA;AAAA,MACrB,GAAA,EAAK,IAAIC,uBAAY,EAAA;AAAA,MACrB,GAAA,EAAK,IAAIC,6BAAe,CAAA,EAAE,QAAQ,IAAK,CAAA,GAAA,CAAI,QAAQ,CAAA;AAAA,MACnD,KAAO,EAAA,IAAIC,2CAAsB,CAAA,IAAA,CAAK,IAAI,MAAM,CAAA;AAAA,MAChD,MAAA,EAAQ,IAAIC,6BAAe,EAAA;AAAA,MAC3B,oBAAA,EAAsB,IAAIC,yDAA6B,EAAA;AAAA,MACvD,iBAAA,EAAmB,IAAIC,mCAAkB,EAAA;AAAA,MACzC,IAAA,EAAM,IAAIC,yBAAa,EAAA;AAAA,MACvB,cAAA,EAAgB,IAAIC,6CAAuB;AAAA,KAC7C;AACA,IAAA,OAAO,IAAK,CAAA,eAAA;AAAA;AACd,EAEA,MAAgB,mBACd,CAAA,eAAA,EACA,OACA,EAAA;AACA,IAAA,MAAM,cAAiB,GAAA,MAAM,eAAgB,CAAA,WAAA,CAAY,OAAO,CAAA;AAEhE,IAAA,IAAA,CAAK,IAAI,MAAO,CAAA,KAAA;AAAA,MACd,CAAA,8CAAA,EAAiD,eAAe,MAAM,CAAA;AAAA,KACxE;AAEA,IAAO,OAAA,cAAA;AAAA;AACT,EAEU,uBAA0B,GAAA;AAClC,IAAO,OAAA,IAAA,CAAK,IAAI,MAAO,CAAA,SAAA;AAAA,MACrB;AAAA,KACF;AAAA;AACF,EAEU,UAAgC,GAAA;AACxC,IAAO,OAAA,IAAA,CAAK,OAAW,IAAA,IAAA,CAAK,YAAa,EAAA;AAAA;AAC3C,EAEU,kBAAqB,GAAA;AAC7B,IAAA,OACE,IAAK,CAAA,eAAA,IACL,IAAK,CAAA,oBAAA,CAAqB,KAAK,6BAA6B,CAAA;AAAA;AAEhE,EAEU,iBAA8C,GAAA;AACtD,IACE,OAAA,IAAA,CAAK,kBACL,IAAK,CAAA,mBAAA;AAAA,MACH,KAAK,uBAAwB,EAAA;AAAA,MAC7B,KAAK,kBAAmB;AAAA,KAC1B;AAAA;AAEJ,EAEU,mBAAmB,OAA2C,EAAA;AACtE,IAAA,OAAO,IAAK,CAAA,eAAA,IAAmB,IAAK,CAAA,oBAAA,CAAqB,OAAO,CAAA;AAAA;AAClE,EAEU,qBAAwB,GAAA;AAChC,IAAM,MAAA,yBAAA,GAA4B,IAAK,CAAA,GAAA,CAAI,MAAO,CAAA,sBAAA;AAAA,MAChD;AAAA,KACF;AAEA,IAAM,MAAA,mBAAA,GAAsB,IAAK,CAAA,GAAA,CAAI,MAAO,CAAA,iBAAA;AAAA,MAC1C;AAAA,KACF;AAEA,IAAI,IAAA,kBAAA;AAEJ,IAAA,IAAI,yBAA2B,EAAA;AAC7B,MAAA,kBAAA,GAAqBC,mCAAY,CAAA,MAAA;AAAA,QAAO,CACtC,GAAA,KAAA,yBAAA,CAA0B,QAAS,CAAA,GAAA,CAAI,UAAU;AAAA,OACnD;AAAA;AAGF,IAAA,IAAI,mBAAqB,EAAA;AACvB,MAAA,kBAAA,GAAqB,kBAAsB,IAAAC,uCAAA;AAE3C,MAAA,KAAA,MAAW,OAAO,kBAAoB,EAAA;AACpC,QAAA,IAAI,mBAAoB,CAAA,GAAA,CAAI,GAAI,CAAA,UAAU,CAAG,EAAA;AAC3C,UAAA,GAAA,CAAI,UAAa,GAAA,mBAAA,CAAoB,SAAU,CAAA,GAAA,CAAI,UAAU,CAAA;AAAA;AAC/D;AACF;AAGF,IAAO,OAAA,kBAAA;AAAA;AACT,EAEU,QACR,CAAA,MAAA,EACA,eACA,EAAA,SAAA,EACA,QACA,EAAA;AACA,IAAA,OACE,KAAK,KACL,IAAA,IAAA,CAAK,WAAW,MAAQ,EAAA,eAAA,EAAiB,WAAW,QAAQ,CAAA;AAAA;AAEhE,EAEU,kBAAqB,GAAA;AAC7B,IAAO,OAAA,IAAA,CAAK,eAAmB,IAAA,IAAA,CAAK,oBAAqB,EAAA;AAAA;AAE7D;;;;"}
package/dist/service/KubernetesFanOutHandler.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"KubernetesFanOutHandler.cjs.js","sources":["../../src/service/KubernetesFanOutHandler.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Entity } from '@backstage/catalog-model';\nimport {\n KubernetesObjectsProviderOptions,\n ObjectsByEntityRequest,\n} from '../types/types';\nimport {\n ClientContainerStatus,\n ClientCurrentResourceUsage,\n ClientPodStatus,\n ClusterObjects,\n CustomResourceMatcher,\n FetchResponse,\n KUBERNETES_ANNOTATION,\n KUBERNETES_LABEL_SELECTOR_QUERY_ANNOTATION,\n KubernetesRequestAuth,\n ObjectsByEntityResponse,\n PodFetchResponse,\n PodStatusFetchResponse,\n} from '@backstage/plugin-kubernetes-common';\nimport {\n ContainerStatus,\n CurrentResourceUsage,\n PodStatus,\n} from '@kubernetes/client-node';\nimport {\n AuthenticationStrategy,\n ClusterDetails,\n CustomResource,\n CustomResourcesByEntity,\n FetchResponseWrapper,\n KubernetesCredential,\n KubernetesFetcher,\n KubernetesObjectsByEntity,\n KubernetesObjectsProvider,\n KubernetesServiceLocator,\n ObjectToFetch,\n} from '@backstage/plugin-kubernetes-node';\nimport {\n BackstageCredentials,\n LoggerService,\n} from '@backstage/backend-plugin-api';\n\n/**\n *\n * @public\n */\nexport const DEFAULT_OBJECTS: ObjectToFetch[] = [\n {\n group: '',\n apiVersion: 'v1',\n plural: 'pods',\n objectType: 'pods',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'services',\n objectType: 'services',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'configmaps',\n objectType: 'configmaps',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'limitranges',\n objectType: 'limitranges',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'resourcequotas',\n objectType: 'resourcequotas',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'deployments',\n objectType: 'deployments',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'replicasets',\n objectType: 'replicasets',\n },\n {\n group: 'autoscaling',\n apiVersion: 'v2',\n plural: 'horizontalpodautoscalers',\n objectType: 'horizontalpodautoscalers',\n },\n {\n group: 'batch',\n apiVersion: 'v1',\n plural: 'jobs',\n objectType: 'jobs',\n },\n {\n group: 'batch',\n apiVersion: 'v1',\n plural: 'cronjobs',\n objectType: 'cronjobs',\n },\n {\n group: 'networking.k8s.io',\n apiVersion: 'v1',\n plural: 'ingresses',\n objectType: 'ingresses',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'statefulsets',\n objectType: 'statefulsets',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'daemonsets',\n objectType: 'daemonsets',\n },\n];\n\nexport const ALL_OBJECTS: ObjectToFetch[] = [\n {\n group: '',\n apiVersion: 'v1',\n plural: 'secrets',\n objectType: 'secrets',\n },\n ...DEFAULT_OBJECTS,\n];\n\nexport interface KubernetesFanOutHandlerOptions\n extends KubernetesObjectsProviderOptions {\n authStrategy: AuthenticationStrategy;\n}\n\nexport interface KubernetesRequestBody extends ObjectsByEntityRequest {}\n\nconst isPodFetchResponse = (fr: FetchResponse): fr is PodFetchResponse =>\n fr.type === 'pods' ||\n (fr.type === 'customresources' &&\n fr.resources.length > 0 &&\n fr.resources[0].apiVersion === 'v1' &&\n fr.resources[0].kind === 'Pod');\nconst isString = (str: string | undefined): str is string => str !== undefined;\n\nconst numberOrBigIntToNumberOrString = (\n value: number | BigInt,\n): number | string => {\n return typeof value === 'bigint' ? value.toString() : (value as number);\n};\n\nconst toClientSafeResource = (\n current: CurrentResourceUsage,\n): ClientCurrentResourceUsage => {\n return {\n currentUsage: numberOrBigIntToNumberOrString(current.CurrentUsage),\n requestTotal: numberOrBigIntToNumberOrString(current.RequestTotal),\n limitTotal: numberOrBigIntToNumberOrString(current.LimitTotal),\n };\n};\n\nconst toClientSafeContainer = (\n container: ContainerStatus,\n): ClientContainerStatus => {\n return {\n container: container.Container,\n cpuUsage: toClientSafeResource(container.CPUUsage),\n memoryUsage: toClientSafeResource(container.MemoryUsage),\n };\n};\n\nconst toClientSafePodMetrics = (\n podMetrics: PodStatusFetchResponse[],\n): ClientPodStatus[] => {\n return podMetrics\n .map(r => r.resources)\n .flat()\n .map((pd: PodStatus): ClientPodStatus => {\n return {\n pod: pd.Pod,\n memory: toClientSafeResource(pd.Memory),\n cpu: toClientSafeResource(pd.CPU),\n containers: pd.Containers.map(toClientSafeContainer),\n };\n });\n};\n\ntype responseWithMetrics = [FetchResponseWrapper, PodStatusFetchResponse[]];\n\nexport class KubernetesFanOutHandler implements KubernetesObjectsProvider {\n private readonly logger: LoggerService;\n private readonly fetcher: KubernetesFetcher;\n private readonly serviceLocator: KubernetesServiceLocator;\n private readonly customResources: CustomResource[];\n private readonly objectTypesToFetch: Set<ObjectToFetch>;\n private readonly authStrategy: AuthenticationStrategy;\n\n constructor({\n logger,\n fetcher,\n serviceLocator,\n customResources,\n objectTypesToFetch = DEFAULT_OBJECTS,\n authStrategy,\n }: KubernetesFanOutHandlerOptions) {\n this.logger = logger;\n this.fetcher = fetcher;\n this.serviceLocator = serviceLocator;\n this.customResources = customResources;\n this.objectTypesToFetch = new Set(objectTypesToFetch);\n this.authStrategy = authStrategy;\n }\n\n async getCustomResourcesByEntity(\n { entity, auth, customResources }: CustomResourcesByEntity,\n options: { credentials: BackstageCredentials },\n ): Promise<ObjectsByEntityResponse> {\n // Don't fetch the default object types only the provided custom resources\n return this.fanOutRequests(\n entity,\n auth,\n { credentials: options.credentials },\n new Set<ObjectToFetch>(),\n customResources,\n );\n }\n\n async getKubernetesObjectsByEntity(\n { entity, auth }: KubernetesObjectsByEntity,\n options: { credentials: BackstageCredentials },\n ): Promise<ObjectsByEntityResponse> {\n return this.fanOutRequests(\n entity,\n auth,\n {\n credentials: options.credentials,\n },\n this.objectTypesToFetch,\n );\n }\n\n private async fanOutRequests(\n entity: Entity,\n auth: KubernetesRequestAuth,\n options: { credentials: BackstageCredentials },\n objectTypesToFetch: Set<ObjectToFetch>,\n customResources?: CustomResourceMatcher[],\n ) {\n const entityName =\n entity.metadata?.annotations?.['backstage.io/kubernetes-id'] ||\n entity.metadata?.name;\n\n const { clusters } = await this.serviceLocator.getClustersByEntity(entity, {\n objectTypesToFetch: objectTypesToFetch,\n customResources: customResources ?? [],\n credentials: options.credentials,\n });\n\n this.logger.info(\n `entity.metadata.name=${entityName} clusterDetails=[${clusters\n .map(c => c.name)\n .join(', ')}]`,\n );\n\n const labelSelector: string =\n entity.metadata?.annotations?.[\n KUBERNETES_LABEL_SELECTOR_QUERY_ANNOTATION\n ] || `${KUBERNETES_ANNOTATION}=${entityName}`;\n\n const namespace =\n entity.metadata?.annotations?.['backstage.io/kubernetes-namespace'];\n\n return Promise.all(\n clusters.map(async clusterDetails => {\n const credential = await this.authStrategy.getCredential(\n clusterDetails,\n auth,\n );\n return this.fetcher\n .fetchObjectsForService({\n serviceId: entityName,\n clusterDetails,\n credential,\n objectTypesToFetch,\n labelSelector,\n customResources: (\n customResources ||\n clusterDetails.customResources ||\n this.customResources\n ).map(c => ({\n ...c,\n objectType: 'customresources',\n })),\n namespace,\n })\n .then(result =>\n this.getMetricsForPods(\n clusterDetails,\n credential,\n labelSelector,\n result,\n ),\n )\n .catch(\n (e): Promise<responseWithMetrics> =>\n e.name === 'FetchError'\n ? Promise.resolve([\n {\n errors: [\n { errorType: 'FETCH_ERROR', message: e.message },\n ],\n responses: [],\n },\n [],\n ])\n : Promise.reject(e),\n )\n .then(r => this.toClusterObjects(clusterDetails, r));\n }),\n ).then(this.toObjectsByEntityResponse);\n }\n\n toObjectsByEntityResponse(\n clusterObjects: ClusterObjects[],\n ): ObjectsByEntityResponse {\n return {\n items: clusterObjects.filter(\n item =>\n (item.errors !== undefined && item.errors.length >= 1) ||\n (item.resources !== undefined &&\n item.resources.length >= 1 &&\n item.resources.some(fr => fr.resources?.length >= 1)),\n ),\n };\n }\n\n toClusterObjects(\n clusterDetails: ClusterDetails,\n [result, metrics]: responseWithMetrics,\n ): ClusterObjects {\n const objects: ClusterObjects = {\n cluster: {\n name: clusterDetails.name,\n ...(clusterDetails.title && { title: clusterDetails.title }),\n },\n podMetrics: toClientSafePodMetrics(metrics),\n resources: result.responses,\n errors: result.errors,\n };\n if (clusterDetails.dashboardUrl) {\n objects.cluster.dashboardUrl = clusterDetails.dashboardUrl;\n }\n if (clusterDetails.dashboardApp) {\n objects.cluster.dashboardApp = clusterDetails.dashboardApp;\n }\n if (clusterDetails.dashboardParameters) {\n objects.cluster.dashboardParameters = clusterDetails.dashboardParameters;\n }\n return objects;\n }\n\n async getMetricsForPods(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n labelSelector: string,\n result: FetchResponseWrapper,\n ): Promise<responseWithMetrics> {\n if (clusterDetails.skipMetricsLookup) {\n return [result, []];\n }\n const namespaces: Set<string> = new Set<string>(\n result.responses\n .filter(isPodFetchResponse)\n .flatMap(r => r.resources)\n .map(p => p.metadata?.namespace)\n .filter(isString),\n );\n\n if (namespaces.size === 0) {\n return [result, []];\n }\n\n const podMetrics = await this.fetcher.fetchPodMetricsByNamespaces(\n clusterDetails,\n credential,\n namespaces,\n labelSelector,\n );\n\n result.errors.push(...podMetrics.errors);\n return [result, podMetrics.responses as PodStatusFetchResponse[]];\n }\n}\n"],"names":["KUBERNETES_LABEL_SELECTOR_QUERY_ANNOTATION","KUBERNETES_ANNOTATION"],"mappings":";;;;AA8DO,MAAM,eAAmC,GAAA;AAAA,EAC9C;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,MAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,UAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,YAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,aAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,gBAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,aAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,aAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,aAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,0BAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,OAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,MAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,OAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,UAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,mBAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,WAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,cAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,YAAA;AAAA,IACR,UAAY,EAAA;AAAA;AAEhB;AAEO,MAAM,WAA+B,GAAA;AAAA,EAC1C;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,SAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA,GAAG;AACL;AASA,MAAM,kBAAA,GAAqB,CAAC,EAC1B,KAAA,EAAA,CAAG,SAAS,MACX,IAAA,EAAA,CAAG,IAAS,KAAA,iBAAA,IACX,EAAG,CAAA,SAAA,CAAU,SAAS,CACtB,IAAA,EAAA,CAAG,SAAU,CAAA,CAAC,CAAE,CAAA,UAAA,KAAe,QAC/B,EAAG,CAAA,SAAA,CAAU,CAAC,CAAA,CAAE,IAAS,KAAA,KAAA;AAC7B,MAAM,QAAA,GAAW,CAAC,GAAA,KAA2C,GAAQ,KAAA,KAAA,CAAA;AAErE,MAAM,8BAAA,GAAiC,CACrC,KACoB,KAAA;AACpB,EAAA,OAAO,OAAO,KAAA,KAAU,QAAW,GAAA,KAAA,CAAM,UAAc,GAAA,KAAA;AACzD,CAAA;AAEA,MAAM,oBAAA,GAAuB,CAC3B,OAC+B,KAAA;AAC/B,EAAO,OAAA;AAAA,IACL,YAAA,EAAc,8BAA+B,CAAA,OAAA,CAAQ,YAAY,CAAA;AAAA,IACjE,YAAA,EAAc,8BAA+B,CAAA,OAAA,CAAQ,YAAY,CAAA;AAAA,IACjE,UAAA,EAAY,8BAA+B,CAAA,OAAA,CAAQ,UAAU;AAAA,GAC/D;AACF,CAAA;AAEA,MAAM,qBAAA,GAAwB,CAC5B,SAC0B,KAAA;AAC1B,EAAO,OAAA;AAAA,IACL,WAAW,SAAU,CAAA,SAAA;AAAA,IACrB,QAAA,EAAU,oBAAqB,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,IACjD,WAAA,EAAa,oBAAqB,CAAA,SAAA,CAAU,WAAW;AAAA,GACzD;AACF,CAAA;AAEA,MAAM,sBAAA,GAAyB,CAC7B,UACsB,KAAA;AACtB,EAAO,OAAA,UAAA,CACJ,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,SAAS,EACpB,IAAK,EAAA,CACL,GAAI,CAAA,CAAC,EAAmC,KAAA;AACvC,IAAO,OAAA;AAAA,MACL,KAAK,EAAG,CAAA,GAAA;AAAA,MACR,MAAA,EAAQ,oBAAqB,CAAA,EAAA,CAAG,MAAM,CAAA;AAAA,MACtC,GAAA,EAAK,oBAAqB,CAAA,EAAA,CAAG,GAAG,CAAA;AAAA,MAChC,UAAY,EAAA,EAAA,CAAG,UAAW,CAAA,GAAA,CAAI,qBAAqB;AAAA,KACrD;AAAA,GACD,CAAA;AACL,CAAA;AAIO,MAAM,uBAA6D,CAAA;AAAA,EACvD,MAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,eAAA;AAAA,EACA,kBAAA;AAAA,EACA,YAAA;AAAA,EAEjB,WAAY,CAAA;AAAA,IACV,MAAA;AAAA,IACA,OAAA;AAAA,IACA,cAAA;AAAA,IACA,eAAA;AAAA,IACA,kBAAqB,GAAA,eAAA;AAAA,IACrB;AAAA,GACiC,EAAA;AACjC,IAAA,IAAA,CAAK,MAAS,GAAA,MAAA;AACd,IAAA,IAAA,CAAK,OAAU,GAAA,OAAA;AACf,IAAA,IAAA,CAAK,cAAiB,GAAA,cAAA;AACtB,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AACvB,IAAK,IAAA,CAAA,kBAAA,GAAqB,IAAI,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,IAAA,CAAK,YAAe,GAAA,YAAA;AAAA;AACtB,EAEA,MAAM,0BACJ,CAAA,EAAE,QAAQ,IAAM,EAAA,eAAA,IAChB,OACkC,EAAA;AAElC,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA,MACV,MAAA;AAAA,MACA,IAAA;AAAA,MACA,EAAE,WAAa,EAAA,OAAA,CAAQ,WAAY,EAAA;AAAA,0BAC/B,GAAmB,EAAA;AAAA,MACvB;AAAA,KACF;AAAA;AACF,EAEA,MAAM,4BACJ,CAAA,EAAE,MAAQ,EAAA,IAAA,IACV,OACkC,EAAA;AAClC,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA,MACV,MAAA;AAAA,MACA,IAAA;AAAA,MACA;AAAA,QACE,aAAa,OAAQ,CAAA;AAAA,OACvB;AAAA,MACA,IAAK,CAAA;AAAA,KACP;AAAA;AACF,EAEA,MAAc,cACZ,CAAA,MAAA,EACA,IACA,EAAA,OAAA,EACA,oBACA,eACA,EAAA;AACA,IAAA,MAAM,aACJ,MAAO,CAAA,QAAA,EAAU,cAAc,4BAA4B,CAAA,IAC3D,OAAO,QAAU,EAAA,IAAA;AAEnB,IAAA,MAAM,EAAE,QAAS,EAAA,GAAI,MAAM,IAAK,CAAA,cAAA,CAAe,oBAAoB,MAAQ,EAAA;AAAA,MACzE,kBAAA;AAAA,MACA,eAAA,EAAiB,mBAAmB,EAAC;AAAA,MACrC,aAAa,OAAQ,CAAA;AAAA,KACtB,CAAA;AAED,IAAA,IAAA,CAAK,MAAO,CAAA,IAAA;AAAA,MACV,CAAA,qBAAA,EAAwB,UAAU,CAAA,iBAAA,EAAoB,QACnD,CAAA,GAAA,CAAI,CAAK,CAAA,KAAA,CAAA,CAAE,IAAI,CAAA,CACf,IAAK,CAAA,IAAI,CAAC,CAAA,CAAA;AAAA,KACf;AAEA,IAAM,MAAA,aAAA,GACJ,OAAO,QAAU,EAAA,WAAA,GACfA,iEACF,CAAK,IAAA,CAAA,EAAGC,4CAAqB,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA;AAE7C,IAAA,MAAM,SACJ,GAAA,MAAA,CAAO,QAAU,EAAA,WAAA,GAAc,mCAAmC,CAAA;AAEpE,IAAA,OAAO,OAAQ,CAAA,GAAA;AAAA,MACb,QAAA,CAAS,GAAI,CAAA,OAAM,cAAkB,KAAA;AACnC,QAAM,MAAA,UAAA,GAAa,MAAM,IAAA,CAAK,YAAa,CAAA,aAAA;AAAA,UACzC,cAAA;AAAA,UACA;AAAA,SACF;AACA,QAAO,OAAA,IAAA,CAAK,QACT,sBAAuB,CAAA;AAAA,UACtB,SAAW,EAAA,UAAA;AAAA,UACX,cAAA;AAAA,UACA,UAAA;AAAA,UACA,kBAAA;AAAA,UACA,aAAA;AAAA,UACA,kBACE,eACA,IAAA,cAAA,CAAe,mBACf,IAAK,CAAA,eAAA,EACL,IAAI,CAAM,CAAA,MAAA;AAAA,YACV,GAAG,CAAA;AAAA,YACH,UAAY,EAAA;AAAA,WACZ,CAAA,CAAA;AAAA,UACF;AAAA,SACD,CACA,CAAA,IAAA;AAAA,UAAK,YACJ,IAAK,CAAA,iBAAA;AAAA,YACH,cAAA;AAAA,YACA,UAAA;AAAA,YACA,aAAA;AAAA,YACA;AAAA;AACF,SAED,CAAA,KAAA;AAAA,UACC,CAAC,CACC,KAAA,CAAA,CAAE,IAAS,KAAA,YAAA,GACP,QAAQ,OAAQ,CAAA;AAAA,YACd;AAAA,cACE,MAAQ,EAAA;AAAA,gBACN,EAAE,SAAA,EAAW,aAAe,EAAA,OAAA,EAAS,EAAE,OAAQ;AAAA,eACjD;AAAA,cACA,WAAW;AAAC,aACd;AAAA,YACA;AAAC,WACF,CAAA,GACD,OAAQ,CAAA,MAAA,CAAO,CAAC;AAAA,UAEvB,IAAK,CAAA,CAAA,CAAA,KAAK,KAAK,gBAAiB,CAAA,cAAA,EAAgB,CAAC,CAAC,CAAA;AAAA,OACtD;AAAA,KACH,CAAE,IAAK,CAAA,IAAA,CAAK,yBAAyB,CAAA;AAAA;AACvC,EAEA,0BACE,cACyB,EAAA;AACzB,IAAO,OAAA;AAAA,MACL,OAAO,cAAe,CAAA,MAAA;AAAA,QACpB,CAAA,IAAA,KACG,KAAK,MAAW,KAAA,KAAA,CAAA,IAAa,KAAK,MAAO,CAAA,MAAA,IAAU,CACnD,IAAA,IAAA,CAAK,SAAc,KAAA,KAAA,CAAA,IAClB,KAAK,SAAU,CAAA,MAAA,IAAU,KACzB,IAAK,CAAA,SAAA,CAAU,KAAK,CAAM,EAAA,KAAA,EAAA,CAAG,SAAW,EAAA,MAAA,IAAU,CAAC;AAAA;AACzD,KACF;AAAA;AACF,EAEA,gBACE,CAAA,cAAA,EACA,CAAC,MAAA,EAAQ,OAAO,CACA,EAAA;AAChB,IAAA,MAAM,OAA0B,GAAA;AAAA,MAC9B,OAAS,EAAA;AAAA,QACP,MAAM,cAAe,CAAA,IAAA;AAAA,QACrB,GAAI,cAAe,CAAA,KAAA,IAAS,EAAE,KAAA,EAAO,eAAe,KAAM;AAAA,OAC5D;AAAA,MACA,UAAA,EAAY,uBAAuB,OAAO,CAAA;AAAA,MAC1C,WAAW,MAAO,CAAA,SAAA;AAAA,MAClB,QAAQ,MAAO,CAAA;AAAA,KACjB;AACA,IAAA,IAAI,eAAe,YAAc,EAAA;AAC/B,MAAQ,OAAA,CAAA,OAAA,CAAQ,eAAe,cAAe,CAAA,YAAA;AAAA;AAEhD,IAAA,IAAI,eAAe,YAAc,EAAA;AAC/B,MAAQ,OAAA,CAAA,OAAA,CAAQ,eAAe,cAAe,CAAA,YAAA;AAAA;AAEhD,IAAA,IAAI,eAAe,mBAAqB,EAAA;AACtC,MAAQ,OAAA,CAAA,OAAA,CAAQ,sBAAsB,cAAe,CAAA,mBAAA;AAAA;AAEvD,IAAO,OAAA,OAAA;AAAA;AACT,EAEA,MAAM,iBAAA,CACJ,cACA,EAAA,UAAA,EACA,eACA,MAC8B,EAAA;AAC9B,IAAA,IAAI,eAAe,iBAAmB,EAAA;AACpC,MAAO,OAAA,CAAC,MAAQ,EAAA,EAAE,CAAA;AAAA;AAEpB,IAAA,MAAM,aAA0B,IAAI,GAAA;AAAA,MAClC,OAAO,SACJ,CAAA,MAAA,CAAO,kBAAkB,CAAA,CACzB,QAAQ,CAAK,CAAA,KAAA,CAAA,CAAE,SAAS,CAAA,CACxB,IAAI,CAAK,CAAA,KAAA,CAAA,CAAE,UAAU,SAAS,CAAA,CAC9B,OAAO,QAAQ;AAAA,KACpB;AAEA,IAAI,IAAA,UAAA,CAAW,SAAS,CAAG,EAAA;AACzB,MAAO,OAAA,CAAC,MAAQ,EAAA,EAAE,CAAA;AAAA;AAGpB,IAAM,MAAA,UAAA,GAAa,MAAM,IAAA,CAAK,OAAQ,CAAA,2BAAA;AAAA,MACpC,cAAA;AAAA,MACA,UAAA;AAAA,MACA,UAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,MAAA,CAAO,MAAO,CAAA,IAAA,CAAK,GAAG,UAAA,CAAW,MAAM,CAAA;AACvC,IAAO,OAAA,CAAC,MAAQ,EAAA,UAAA,CAAW,SAAqC,CAAA;AAAA;AAEpE;;;;;;"}
1
+ {"version":3,"file":"KubernetesFanOutHandler.cjs.js","sources":["../../src/service/KubernetesFanOutHandler.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Entity } from '@backstage/catalog-model';\nimport {\n KubernetesObjectsProviderOptions,\n ObjectsByEntityRequest,\n} from '../types/types';\nimport {\n ClientContainerStatus,\n ClientCurrentResourceUsage,\n ClientPodStatus,\n ClusterObjects,\n CustomResourceMatcher,\n FetchResponse,\n KUBERNETES_ANNOTATION,\n KUBERNETES_LABEL_SELECTOR_QUERY_ANNOTATION,\n KubernetesRequestAuth,\n ObjectsByEntityResponse,\n PodFetchResponse,\n PodStatusFetchResponse,\n} from '@backstage/plugin-kubernetes-common';\nimport type {\n ContainerStatus,\n CurrentResourceUsage,\n PodStatus,\n} from '@kubernetes/client-node';\nimport {\n AuthenticationStrategy,\n ClusterDetails,\n CustomResource,\n CustomResourcesByEntity,\n FetchResponseWrapper,\n KubernetesCredential,\n KubernetesFetcher,\n KubernetesObjectsByEntity,\n KubernetesObjectsProvider,\n KubernetesServiceLocator,\n ObjectToFetch,\n} from '@backstage/plugin-kubernetes-node';\nimport {\n BackstageCredentials,\n LoggerService,\n} from '@backstage/backend-plugin-api';\n\n/**\n *\n * @public\n */\nexport const DEFAULT_OBJECTS: ObjectToFetch[] = [\n {\n group: '',\n apiVersion: 'v1',\n plural: 'pods',\n objectType: 'pods',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'services',\n objectType: 'services',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'configmaps',\n objectType: 'configmaps',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'limitranges',\n objectType: 'limitranges',\n },\n {\n group: '',\n apiVersion: 'v1',\n plural: 'resourcequotas',\n objectType: 'resourcequotas',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'deployments',\n objectType: 'deployments',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'replicasets',\n objectType: 'replicasets',\n },\n {\n group: 'autoscaling',\n apiVersion: 'v2',\n plural: 'horizontalpodautoscalers',\n objectType: 'horizontalpodautoscalers',\n },\n {\n group: 'batch',\n apiVersion: 'v1',\n plural: 'jobs',\n objectType: 'jobs',\n },\n {\n group: 'batch',\n apiVersion: 'v1',\n plural: 'cronjobs',\n objectType: 'cronjobs',\n },\n {\n group: 'networking.k8s.io',\n apiVersion: 'v1',\n plural: 'ingresses',\n objectType: 'ingresses',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'statefulsets',\n objectType: 'statefulsets',\n },\n {\n group: 'apps',\n apiVersion: 'v1',\n plural: 'daemonsets',\n objectType: 'daemonsets',\n },\n];\n\nexport const ALL_OBJECTS: ObjectToFetch[] = [\n {\n group: '',\n apiVersion: 'v1',\n plural: 'secrets',\n objectType: 'secrets',\n },\n ...DEFAULT_OBJECTS,\n];\n\nexport interface KubernetesFanOutHandlerOptions\n extends KubernetesObjectsProviderOptions {\n authStrategy: AuthenticationStrategy;\n}\n\nexport interface KubernetesRequestBody extends ObjectsByEntityRequest {}\n\nconst isPodFetchResponse = (fr: FetchResponse): fr is PodFetchResponse =>\n fr.type === 'pods' ||\n (fr.type === 'customresources' &&\n fr.resources.length > 0 &&\n fr.resources[0].apiVersion === 'v1' &&\n fr.resources[0].kind === 'Pod');\nconst isString = (str: string | undefined): str is string => str !== undefined;\n\nconst numberOrBigIntToNumberOrString = (\n value: number | BigInt,\n): number | string => {\n return typeof value === 'bigint' ? value.toString() : (value as number);\n};\n\nconst toClientSafeResource = (\n current: CurrentResourceUsage,\n): ClientCurrentResourceUsage => {\n return {\n currentUsage: numberOrBigIntToNumberOrString(current.CurrentUsage),\n requestTotal: numberOrBigIntToNumberOrString(current.RequestTotal),\n limitTotal: numberOrBigIntToNumberOrString(current.LimitTotal),\n };\n};\n\nconst toClientSafeContainer = (\n container: ContainerStatus,\n): ClientContainerStatus => {\n return {\n container: container.Container,\n cpuUsage: toClientSafeResource(container.CPUUsage),\n memoryUsage: toClientSafeResource(container.MemoryUsage),\n };\n};\n\nconst toClientSafePodMetrics = (\n podMetrics: PodStatusFetchResponse[],\n): ClientPodStatus[] => {\n return podMetrics\n .map(r => r.resources)\n .flat()\n .map((pd: PodStatus): ClientPodStatus => {\n return {\n pod: pd.Pod,\n memory: toClientSafeResource(pd.Memory),\n cpu: toClientSafeResource(pd.CPU),\n containers: pd.Containers.map(toClientSafeContainer),\n };\n });\n};\n\ntype responseWithMetrics = [FetchResponseWrapper, PodStatusFetchResponse[]];\n\nexport class KubernetesFanOutHandler implements KubernetesObjectsProvider {\n private readonly logger: LoggerService;\n private readonly fetcher: KubernetesFetcher;\n private readonly serviceLocator: KubernetesServiceLocator;\n private readonly customResources: CustomResource[];\n private readonly objectTypesToFetch: Set<ObjectToFetch>;\n private readonly authStrategy: AuthenticationStrategy;\n\n constructor({\n logger,\n fetcher,\n serviceLocator,\n customResources,\n objectTypesToFetch = DEFAULT_OBJECTS,\n authStrategy,\n }: KubernetesFanOutHandlerOptions) {\n this.logger = logger;\n this.fetcher = fetcher;\n this.serviceLocator = serviceLocator;\n this.customResources = customResources;\n this.objectTypesToFetch = new Set(objectTypesToFetch);\n this.authStrategy = authStrategy;\n }\n\n async getCustomResourcesByEntity(\n { entity, auth, customResources }: CustomResourcesByEntity,\n options: { credentials: BackstageCredentials },\n ): Promise<ObjectsByEntityResponse> {\n // Don't fetch the default object types only the provided custom resources\n return this.fanOutRequests(\n entity,\n auth,\n { credentials: options.credentials },\n new Set<ObjectToFetch>(),\n customResources,\n );\n }\n\n async getKubernetesObjectsByEntity(\n { entity, auth }: KubernetesObjectsByEntity,\n options: { credentials: BackstageCredentials },\n ): Promise<ObjectsByEntityResponse> {\n return this.fanOutRequests(\n entity,\n auth,\n {\n credentials: options.credentials,\n },\n this.objectTypesToFetch,\n );\n }\n\n private async fanOutRequests(\n entity: Entity,\n auth: KubernetesRequestAuth,\n options: { credentials: BackstageCredentials },\n objectTypesToFetch: Set<ObjectToFetch>,\n customResources?: CustomResourceMatcher[],\n ) {\n const entityName =\n entity.metadata?.annotations?.['backstage.io/kubernetes-id'] ||\n entity.metadata?.name;\n\n const { clusters } = await this.serviceLocator.getClustersByEntity(entity, {\n objectTypesToFetch: objectTypesToFetch,\n customResources: customResources ?? [],\n credentials: options.credentials,\n });\n\n this.logger.info(\n `entity.metadata.name=${entityName} clusterDetails=[${clusters\n .map(c => c.name)\n .join(', ')}]`,\n );\n\n const labelSelector: string =\n entity.metadata?.annotations?.[\n KUBERNETES_LABEL_SELECTOR_QUERY_ANNOTATION\n ] || `${KUBERNETES_ANNOTATION}=${entityName}`;\n\n const namespace =\n entity.metadata?.annotations?.['backstage.io/kubernetes-namespace'];\n\n return Promise.all(\n clusters.map(async clusterDetails => {\n const credential = await this.authStrategy.getCredential(\n clusterDetails,\n auth,\n );\n return this.fetcher\n .fetchObjectsForService({\n serviceId: entityName,\n clusterDetails,\n credential,\n objectTypesToFetch,\n labelSelector,\n customResources: (\n customResources ||\n clusterDetails.customResources ||\n this.customResources\n ).map(c => ({\n ...c,\n objectType: 'customresources',\n })),\n namespace,\n })\n .then(result =>\n this.getMetricsForPods(\n clusterDetails,\n credential,\n labelSelector,\n result,\n ),\n )\n .catch(\n (e): Promise<responseWithMetrics> =>\n e.name === 'FetchError'\n ? Promise.resolve([\n {\n errors: [\n { errorType: 'FETCH_ERROR', message: e.message },\n ],\n responses: [],\n },\n [],\n ])\n : Promise.reject(e),\n )\n .then(r => this.toClusterObjects(clusterDetails, r));\n }),\n ).then(this.toObjectsByEntityResponse);\n }\n\n toObjectsByEntityResponse(\n clusterObjects: ClusterObjects[],\n ): ObjectsByEntityResponse {\n return {\n items: clusterObjects.filter(\n item =>\n (item.errors !== undefined && item.errors.length >= 1) ||\n (item.resources !== undefined &&\n item.resources.length >= 1 &&\n item.resources.some(fr => fr.resources?.length >= 1)),\n ),\n };\n }\n\n toClusterObjects(\n clusterDetails: ClusterDetails,\n [result, metrics]: responseWithMetrics,\n ): ClusterObjects {\n const objects: ClusterObjects = {\n cluster: {\n name: clusterDetails.name,\n ...(clusterDetails.title && { title: clusterDetails.title }),\n },\n podMetrics: toClientSafePodMetrics(metrics),\n resources: result.responses,\n errors: result.errors,\n };\n if (clusterDetails.dashboardUrl) {\n objects.cluster.dashboardUrl = clusterDetails.dashboardUrl;\n }\n if (clusterDetails.dashboardApp) {\n objects.cluster.dashboardApp = clusterDetails.dashboardApp;\n }\n if (clusterDetails.dashboardParameters) {\n objects.cluster.dashboardParameters = clusterDetails.dashboardParameters;\n }\n return objects;\n }\n\n async getMetricsForPods(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n labelSelector: string,\n result: FetchResponseWrapper,\n ): Promise<responseWithMetrics> {\n if (clusterDetails.skipMetricsLookup) {\n return [result, []];\n }\n const namespaces: Set<string> = new Set<string>(\n result.responses\n .filter(isPodFetchResponse)\n .flatMap(r => r.resources)\n .map(p => p.metadata?.namespace)\n .filter(isString),\n );\n\n if (namespaces.size === 0) {\n return [result, []];\n }\n\n const podMetrics = await this.fetcher.fetchPodMetricsByNamespaces(\n clusterDetails,\n credential,\n namespaces,\n labelSelector,\n );\n\n result.errors.push(...podMetrics.errors);\n return [result, podMetrics.responses as PodStatusFetchResponse[]];\n }\n}\n"],"names":["KUBERNETES_LABEL_SELECTOR_QUERY_ANNOTATION","KUBERNETES_ANNOTATION"],"mappings":";;;;AA8DO,MAAM,eAAmC,GAAA;AAAA,EAC9C;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,MAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,UAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,YAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,aAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,gBAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,aAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,aAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,aAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,0BAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,OAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,MAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,OAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,UAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,mBAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,WAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,cAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA;AAAA,IACE,KAAO,EAAA,MAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,YAAA;AAAA,IACR,UAAY,EAAA;AAAA;AAEhB;AAEO,MAAM,WAA+B,GAAA;AAAA,EAC1C;AAAA,IACE,KAAO,EAAA,EAAA;AAAA,IACP,UAAY,EAAA,IAAA;AAAA,IACZ,MAAQ,EAAA,SAAA;AAAA,IACR,UAAY,EAAA;AAAA,GACd;AAAA,EACA,GAAG;AACL;AASA,MAAM,kBAAA,GAAqB,CAAC,EAC1B,KAAA,EAAA,CAAG,SAAS,MACX,IAAA,EAAA,CAAG,IAAS,KAAA,iBAAA,IACX,EAAG,CAAA,SAAA,CAAU,SAAS,CACtB,IAAA,EAAA,CAAG,SAAU,CAAA,CAAC,CAAE,CAAA,UAAA,KAAe,QAC/B,EAAG,CAAA,SAAA,CAAU,CAAC,CAAA,CAAE,IAAS,KAAA,KAAA;AAC7B,MAAM,QAAA,GAAW,CAAC,GAAA,KAA2C,GAAQ,KAAA,KAAA,CAAA;AAErE,MAAM,8BAAA,GAAiC,CACrC,KACoB,KAAA;AACpB,EAAA,OAAO,OAAO,KAAA,KAAU,QAAW,GAAA,KAAA,CAAM,UAAc,GAAA,KAAA;AACzD,CAAA;AAEA,MAAM,oBAAA,GAAuB,CAC3B,OAC+B,KAAA;AAC/B,EAAO,OAAA;AAAA,IACL,YAAA,EAAc,8BAA+B,CAAA,OAAA,CAAQ,YAAY,CAAA;AAAA,IACjE,YAAA,EAAc,8BAA+B,CAAA,OAAA,CAAQ,YAAY,CAAA;AAAA,IACjE,UAAA,EAAY,8BAA+B,CAAA,OAAA,CAAQ,UAAU;AAAA,GAC/D;AACF,CAAA;AAEA,MAAM,qBAAA,GAAwB,CAC5B,SAC0B,KAAA;AAC1B,EAAO,OAAA;AAAA,IACL,WAAW,SAAU,CAAA,SAAA;AAAA,IACrB,QAAA,EAAU,oBAAqB,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,IACjD,WAAA,EAAa,oBAAqB,CAAA,SAAA,CAAU,WAAW;AAAA,GACzD;AACF,CAAA;AAEA,MAAM,sBAAA,GAAyB,CAC7B,UACsB,KAAA;AACtB,EAAO,OAAA,UAAA,CACJ,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,SAAS,EACpB,IAAK,EAAA,CACL,GAAI,CAAA,CAAC,EAAmC,KAAA;AACvC,IAAO,OAAA;AAAA,MACL,KAAK,EAAG,CAAA,GAAA;AAAA,MACR,MAAA,EAAQ,oBAAqB,CAAA,EAAA,CAAG,MAAM,CAAA;AAAA,MACtC,GAAA,EAAK,oBAAqB,CAAA,EAAA,CAAG,GAAG,CAAA;AAAA,MAChC,UAAY,EAAA,EAAA,CAAG,UAAW,CAAA,GAAA,CAAI,qBAAqB;AAAA,KACrD;AAAA,GACD,CAAA;AACL,CAAA;AAIO,MAAM,uBAA6D,CAAA;AAAA,EACvD,MAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,eAAA;AAAA,EACA,kBAAA;AAAA,EACA,YAAA;AAAA,EAEjB,WAAY,CAAA;AAAA,IACV,MAAA;AAAA,IACA,OAAA;AAAA,IACA,cAAA;AAAA,IACA,eAAA;AAAA,IACA,kBAAqB,GAAA,eAAA;AAAA,IACrB;AAAA,GACiC,EAAA;AACjC,IAAA,IAAA,CAAK,MAAS,GAAA,MAAA;AACd,IAAA,IAAA,CAAK,OAAU,GAAA,OAAA;AACf,IAAA,IAAA,CAAK,cAAiB,GAAA,cAAA;AACtB,IAAA,IAAA,CAAK,eAAkB,GAAA,eAAA;AACvB,IAAK,IAAA,CAAA,kBAAA,GAAqB,IAAI,GAAA,CAAI,kBAAkB,CAAA;AACpD,IAAA,IAAA,CAAK,YAAe,GAAA,YAAA;AAAA;AACtB,EAEA,MAAM,0BACJ,CAAA,EAAE,QAAQ,IAAM,EAAA,eAAA,IAChB,OACkC,EAAA;AAElC,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA,MACV,MAAA;AAAA,MACA,IAAA;AAAA,MACA,EAAE,WAAa,EAAA,OAAA,CAAQ,WAAY,EAAA;AAAA,0BAC/B,GAAmB,EAAA;AAAA,MACvB;AAAA,KACF;AAAA;AACF,EAEA,MAAM,4BACJ,CAAA,EAAE,MAAQ,EAAA,IAAA,IACV,OACkC,EAAA;AAClC,IAAA,OAAO,IAAK,CAAA,cAAA;AAAA,MACV,MAAA;AAAA,MACA,IAAA;AAAA,MACA;AAAA,QACE,aAAa,OAAQ,CAAA;AAAA,OACvB;AAAA,MACA,IAAK,CAAA;AAAA,KACP;AAAA;AACF,EAEA,MAAc,cACZ,CAAA,MAAA,EACA,IACA,EAAA,OAAA,EACA,oBACA,eACA,EAAA;AACA,IAAA,MAAM,aACJ,MAAO,CAAA,QAAA,EAAU,cAAc,4BAA4B,CAAA,IAC3D,OAAO,QAAU,EAAA,IAAA;AAEnB,IAAA,MAAM,EAAE,QAAS,EAAA,GAAI,MAAM,IAAK,CAAA,cAAA,CAAe,oBAAoB,MAAQ,EAAA;AAAA,MACzE,kBAAA;AAAA,MACA,eAAA,EAAiB,mBAAmB,EAAC;AAAA,MACrC,aAAa,OAAQ,CAAA;AAAA,KACtB,CAAA;AAED,IAAA,IAAA,CAAK,MAAO,CAAA,IAAA;AAAA,MACV,CAAA,qBAAA,EAAwB,UAAU,CAAA,iBAAA,EAAoB,QACnD,CAAA,GAAA,CAAI,CAAK,CAAA,KAAA,CAAA,CAAE,IAAI,CAAA,CACf,IAAK,CAAA,IAAI,CAAC,CAAA,CAAA;AAAA,KACf;AAEA,IAAM,MAAA,aAAA,GACJ,OAAO,QAAU,EAAA,WAAA,GACfA,iEACF,CAAK,IAAA,CAAA,EAAGC,4CAAqB,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA;AAE7C,IAAA,MAAM,SACJ,GAAA,MAAA,CAAO,QAAU,EAAA,WAAA,GAAc,mCAAmC,CAAA;AAEpE,IAAA,OAAO,OAAQ,CAAA,GAAA;AAAA,MACb,QAAA,CAAS,GAAI,CAAA,OAAM,cAAkB,KAAA;AACnC,QAAM,MAAA,UAAA,GAAa,MAAM,IAAA,CAAK,YAAa,CAAA,aAAA;AAAA,UACzC,cAAA;AAAA,UACA;AAAA,SACF;AACA,QAAO,OAAA,IAAA,CAAK,QACT,sBAAuB,CAAA;AAAA,UACtB,SAAW,EAAA,UAAA;AAAA,UACX,cAAA;AAAA,UACA,UAAA;AAAA,UACA,kBAAA;AAAA,UACA,aAAA;AAAA,UACA,kBACE,eACA,IAAA,cAAA,CAAe,mBACf,IAAK,CAAA,eAAA,EACL,IAAI,CAAM,CAAA,MAAA;AAAA,YACV,GAAG,CAAA;AAAA,YACH,UAAY,EAAA;AAAA,WACZ,CAAA,CAAA;AAAA,UACF;AAAA,SACD,CACA,CAAA,IAAA;AAAA,UAAK,YACJ,IAAK,CAAA,iBAAA;AAAA,YACH,cAAA;AAAA,YACA,UAAA;AAAA,YACA,aAAA;AAAA,YACA;AAAA;AACF,SAED,CAAA,KAAA;AAAA,UACC,CAAC,CACC,KAAA,CAAA,CAAE,IAAS,KAAA,YAAA,GACP,QAAQ,OAAQ,CAAA;AAAA,YACd;AAAA,cACE,MAAQ,EAAA;AAAA,gBACN,EAAE,SAAA,EAAW,aAAe,EAAA,OAAA,EAAS,EAAE,OAAQ;AAAA,eACjD;AAAA,cACA,WAAW;AAAC,aACd;AAAA,YACA;AAAC,WACF,CAAA,GACD,OAAQ,CAAA,MAAA,CAAO,CAAC;AAAA,UAEvB,IAAK,CAAA,CAAA,CAAA,KAAK,KAAK,gBAAiB,CAAA,cAAA,EAAgB,CAAC,CAAC,CAAA;AAAA,OACtD;AAAA,KACH,CAAE,IAAK,CAAA,IAAA,CAAK,yBAAyB,CAAA;AAAA;AACvC,EAEA,0BACE,cACyB,EAAA;AACzB,IAAO,OAAA;AAAA,MACL,OAAO,cAAe,CAAA,MAAA;AAAA,QACpB,CAAA,IAAA,KACG,KAAK,MAAW,KAAA,KAAA,CAAA,IAAa,KAAK,MAAO,CAAA,MAAA,IAAU,CACnD,IAAA,IAAA,CAAK,SAAc,KAAA,KAAA,CAAA,IAClB,KAAK,SAAU,CAAA,MAAA,IAAU,KACzB,IAAK,CAAA,SAAA,CAAU,KAAK,CAAM,EAAA,KAAA,EAAA,CAAG,SAAW,EAAA,MAAA,IAAU,CAAC;AAAA;AACzD,KACF;AAAA;AACF,EAEA,gBACE,CAAA,cAAA,EACA,CAAC,MAAA,EAAQ,OAAO,CACA,EAAA;AAChB,IAAA,MAAM,OAA0B,GAAA;AAAA,MAC9B,OAAS,EAAA;AAAA,QACP,MAAM,cAAe,CAAA,IAAA;AAAA,QACrB,GAAI,cAAe,CAAA,KAAA,IAAS,EAAE,KAAA,EAAO,eAAe,KAAM;AAAA,OAC5D;AAAA,MACA,UAAA,EAAY,uBAAuB,OAAO,CAAA;AAAA,MAC1C,WAAW,MAAO,CAAA,SAAA;AAAA,MAClB,QAAQ,MAAO,CAAA;AAAA,KACjB;AACA,IAAA,IAAI,eAAe,YAAc,EAAA;AAC/B,MAAQ,OAAA,CAAA,OAAA,CAAQ,eAAe,cAAe,CAAA,YAAA;AAAA;AAEhD,IAAA,IAAI,eAAe,YAAc,EAAA;AAC/B,MAAQ,OAAA,CAAA,OAAA,CAAQ,eAAe,cAAe,CAAA,YAAA;AAAA;AAEhD,IAAA,IAAI,eAAe,mBAAqB,EAAA;AACtC,MAAQ,OAAA,CAAA,OAAA,CAAQ,sBAAsB,cAAe,CAAA,mBAAA;AAAA;AAEvD,IAAO,OAAA,OAAA;AAAA;AACT,EAEA,MAAM,iBAAA,CACJ,cACA,EAAA,UAAA,EACA,eACA,MAC8B,EAAA;AAC9B,IAAA,IAAI,eAAe,iBAAmB,EAAA;AACpC,MAAO,OAAA,CAAC,MAAQ,EAAA,EAAE,CAAA;AAAA;AAEpB,IAAA,MAAM,aAA0B,IAAI,GAAA;AAAA,MAClC,OAAO,SACJ,CAAA,MAAA,CAAO,kBAAkB,CAAA,CACzB,QAAQ,CAAK,CAAA,KAAA,CAAA,CAAE,SAAS,CAAA,CACxB,IAAI,CAAK,CAAA,KAAA,CAAA,CAAE,UAAU,SAAS,CAAA,CAC9B,OAAO,QAAQ;AAAA,KACpB;AAEA,IAAI,IAAA,UAAA,CAAW,SAAS,CAAG,EAAA;AACzB,MAAO,OAAA,CAAC,MAAQ,EAAA,EAAE,CAAA;AAAA;AAGpB,IAAM,MAAA,UAAA,GAAa,MAAM,IAAA,CAAK,OAAQ,CAAA,2BAAA;AAAA,MACpC,cAAA;AAAA,MACA,UAAA;AAAA,MACA,UAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,MAAA,CAAO,MAAO,CAAA,IAAA,CAAK,GAAG,UAAA,CAAW,MAAM,CAAA;AACvC,IAAO,OAAA,CAAC,MAAQ,EAAA,UAAA,CAAW,SAAqC,CAAA;AAAA;AAEpE;;;;;;"}
package/dist/service/KubernetesFetcher.cjs.js CHANGED
@@ -1,6 +1,5 @@
1
1
  'use strict';
2
2
 
3
- var clientNode = require('@kubernetes/client-node');
4
3
  var lodash = require('lodash');
5
4
  var pluginKubernetesCommon = require('@backstage/plugin-kubernetes-common');
6
5
  var fetch = require('node-fetch');
@@ -85,7 +84,8 @@ class KubernetesClientBasedFetcher {
85
84
  );
86
85
  return Promise.all(fetchResults).then(fetchResultsToResponseWrapper);
87
86
  }
88
- fetchPodMetricsByNamespaces(clusterDetails, credential, namespaces, labelSelector) {
87
+ async fetchPodMetricsByNamespaces(clusterDetails, credential, namespaces, labelSelector) {
88
+ const { topPods } = await import('@kubernetes/client-node');
89
89
  const fetchResults = Array.from(namespaces).map(async (ns) => {
90
90
  const [podMetrics, podList] = await Promise.all([
91
91
  this.fetchResource(
@@ -108,7 +108,7 @@ class KubernetesClientBasedFetcher {
108
108
  )
109
109
  ]);
110
110
  if (podMetrics.ok && podList.ok) {
111
- return clientNode.topPods(
111
+ return topPods(
112
112
  {
113
113
  listPodForAllNamespaces: () => podList.json()
114
114
  },
@@ -139,7 +139,7 @@ class KubernetesClientBasedFetcher {
139
139
  resourcePath
140
140
  };
141
141
  }
142
- fetchResource(clusterDetails, credential, group, apiVersion, plural, namespace, labelSelector) {
142
+ async fetchResource(clusterDetails, credential, group, apiVersion, plural, namespace, labelSelector) {
143
143
  const encode = (s) => encodeURIComponent(s);
144
144
  let resourcePath = group ? `/apis/${encode(group)}/${encode(apiVersion)}` : `/api/${encode(apiVersion)}`;
145
145
  if (namespace) {
@@ -150,9 +150,9 @@ class KubernetesClientBasedFetcher {
150
150
  let requestInit;
151
151
  const authProvider = clusterDetails.authMetadata[pluginKubernetesCommon.ANNOTATION_KUBERNETES_AUTH_PROVIDER];
152
152
  if (this.isServiceAccountAuthentication(authProvider, clusterDetails)) {
153
- [url, requestInit] = this.fetchArgsInCluster(credential);
153
+ [url, requestInit] = await this.fetchArgsInCluster(credential);
154
154
  } else if (!this.isCredentialMissing(authProvider, credential)) {
155
- [url, requestInit] = this.fetchArgs(clusterDetails, credential);
155
+ [url, requestInit] = await this.fetchArgs(clusterDetails, credential);
156
156
  } else {
157
157
  return Promise.reject(
158
158
  new Error(
@@ -176,7 +176,8 @@ class KubernetesClientBasedFetcher {
176
176
  isCredentialMissing(authProvider, credential) {
177
177
  return authProvider !== "localKubectlProxy" && credential.type === "anonymous";
178
178
  }
179
- fetchArgs(clusterDetails, credential) {
179
+ async fetchArgs(clusterDetails, credential) {
180
+ const { bufferFromFileOrString } = await import('@kubernetes/client-node');
180
181
  const requestInit = {
181
182
  method: "GET",
182
183
  headers: {
@@ -190,7 +191,7 @@ class KubernetesClientBasedFetcher {
190
191
  const url = new URL(clusterDetails.url);
191
192
  if (url.protocol === "https:") {
192
193
  requestInit.agent = new https__namespace.Agent({
193
- ca: clientNode.bufferFromFileOrString(
194
+ ca: bufferFromFileOrString(
194
195
  clusterDetails.caFile,
195
196
  clusterDetails.caData
196
197
  ) ?? void 0,
@@ -203,7 +204,8 @@ class KubernetesClientBasedFetcher {
203
204
  }
204
205
  return [url, requestInit];
205
206
  }
206
- fetchArgsInCluster(credential) {
207
+ async fetchArgsInCluster(credential) {
208
+ const { KubeConfig } = await import('@kubernetes/client-node');
207
209
  const requestInit = {
208
210
  method: "GET",
209
211
  headers: {
@@ -214,7 +216,7 @@ class KubernetesClientBasedFetcher {
214
216
  }
215
217
  }
216
218
  };
217
- const kc = new clientNode.KubeConfig();
219
+ const kc = new KubeConfig();
218
220
  kc.loadFromCluster();
219
221
  const cluster = kc.getCurrentCluster();
220
222
  const url = new URL(cluster.server);
package/dist/service/KubernetesFetcher.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"KubernetesFetcher.cjs.js","sources":["../../src/service/KubernetesFetcher.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n bufferFromFileOrString,\n Cluster,\n CoreV1Api,\n KubeConfig,\n Metrics,\n topPods,\n} from '@kubernetes/client-node';\nimport lodash, { Dictionary } from 'lodash';\nimport {\n FetchResponseWrapper,\n KubernetesFetcher,\n ObjectFetchParams,\n} from '../types/types';\nimport {\n ANNOTATION_KUBERNETES_AUTH_PROVIDER,\n SERVICEACCOUNT_CA_PATH,\n FetchResponse,\n KubernetesErrorTypes,\n KubernetesFetchError,\n PodStatusFetchResponse,\n} from '@backstage/plugin-kubernetes-common';\nimport fetch, { RequestInit, Response } from 'node-fetch';\nimport * as https from 'https';\nimport fs from 'fs-extra';\nimport { JsonObject } from '@backstage/types';\nimport {\n ClusterDetails,\n KubernetesCredential,\n} from '@backstage/plugin-kubernetes-node';\nimport { LoggerService } from '@backstage/backend-plugin-api';\n\nexport interface KubernetesClientBasedFetcherOptions {\n logger: LoggerService;\n}\n\ntype FetchResult = FetchResponse | KubernetesFetchError;\n\nconst isError = (fr: FetchResult): fr is KubernetesFetchError =>\n fr.hasOwnProperty('errorType');\n\nfunction fetchResultsToResponseWrapper(\n results: FetchResult[],\n): FetchResponseWrapper {\n const groupBy: Dictionary<FetchResult[]> = lodash.groupBy(results, value => {\n return isError(value) ? 'errors' : 'responses';\n });\n\n return {\n errors: groupBy.errors ?? [],\n responses: groupBy.responses ?? [],\n } as FetchResponseWrapper; // TODO would be nice to get rid of this 'as'\n}\n\nconst statusCodeToErrorType = (statusCode: number): KubernetesErrorTypes => {\n switch (statusCode) {\n case 400:\n return 'BAD_REQUEST';\n case 401:\n return 'UNAUTHORIZED_ERROR';\n case 404:\n return 'NOT_FOUND';\n case 500:\n return 'SYSTEM_ERROR';\n default:\n return 'UNKNOWN_ERROR';\n }\n};\n\nexport class KubernetesClientBasedFetcher implements KubernetesFetcher {\n private readonly logger: LoggerService;\n\n constructor({ logger }: KubernetesClientBasedFetcherOptions) {\n this.logger = logger;\n }\n\n fetchObjectsForService(\n params: ObjectFetchParams,\n ): Promise<FetchResponseWrapper> {\n const fetchResults = Array.from(params.objectTypesToFetch)\n .concat(params.customResources)\n .map(({ objectType, group, apiVersion, plural }) =>\n this.fetchResource(\n params.clusterDetails,\n params.credential,\n group,\n apiVersion,\n plural,\n params.namespace,\n params.labelSelector,\n ).then(\n (r: Response): Promise<FetchResult> =>\n r.ok\n ? r.json().then(\n ({ kind, items }): FetchResponse => ({\n type: objectType,\n resources:\n objectType === 'customresources'\n ? items.map((item: JsonObject) => ({\n ...item,\n kind: kind.replace(/(List)$/, ''),\n }))\n : items,\n }),\n )\n : this.handleUnsuccessfulResponse(params.clusterDetails.name, r),\n ),\n );\n\n return Promise.all(fetchResults).then(fetchResultsToResponseWrapper);\n }\n\n fetchPodMetricsByNamespaces(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n namespaces: Set<string>,\n labelSelector?: string,\n ): Promise<FetchResponseWrapper> {\n const fetchResults = Array.from(namespaces).map(async ns => {\n const [podMetrics, podList] = await Promise.all([\n this.fetchResource(\n clusterDetails,\n credential,\n 'metrics.k8s.io',\n 'v1beta1',\n 'pods',\n ns,\n labelSelector,\n ),\n this.fetchResource(\n clusterDetails,\n credential,\n '',\n 'v1',\n 'pods',\n ns,\n labelSelector,\n ),\n ]);\n if (podMetrics.ok && podList.ok) {\n return topPods(\n {\n listPodForAllNamespaces: () => podList.json(),\n } as unknown as CoreV1Api,\n {\n getPodMetrics: () => podMetrics.json(),\n } as unknown as Metrics,\n ).then(\n (resources): PodStatusFetchResponse => ({\n type: 'podstatus',\n resources,\n }),\n );\n } else if (podMetrics.ok) {\n return this.handleUnsuccessfulResponse(clusterDetails.name, podList);\n }\n return this.handleUnsuccessfulResponse(clusterDetails.name, podMetrics);\n });\n\n return Promise.all(fetchResults).then(fetchResultsToResponseWrapper);\n }\n\n private async handleUnsuccessfulResponse(\n clusterName: string,\n res: Response,\n ): Promise<KubernetesFetchError> {\n const resourcePath = new URL(res.url).pathname;\n this.logger.warn(\n `Received ${\n res.status\n } status when fetching \"${resourcePath}\" from cluster \"${clusterName}\"; body=[${await res.text()}]`,\n );\n return {\n errorType: statusCodeToErrorType(res.status),\n statusCode: res.status,\n resourcePath,\n };\n }\n\n private fetchResource(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n group: string,\n apiVersion: string,\n plural: string,\n namespace?: string,\n labelSelector?: string,\n ): Promise<Response> {\n const encode = (s: string) => encodeURIComponent(s);\n let resourcePath = group\n ? `/apis/${encode(group)}/${encode(apiVersion)}`\n : `/api/${encode(apiVersion)}`;\n if (namespace) {\n resourcePath += `/namespaces/${encode(namespace)}`;\n }\n resourcePath += `/${encode(plural)}`;\n\n let url: URL;\n let requestInit: RequestInit;\n const authProvider =\n clusterDetails.authMetadata[ANNOTATION_KUBERNETES_AUTH_PROVIDER];\n\n if (this.isServiceAccountAuthentication(authProvider, clusterDetails)) {\n [url, requestInit] = this.fetchArgsInCluster(credential);\n } else if (!this.isCredentialMissing(authProvider, credential)) {\n [url, requestInit] = this.fetchArgs(clusterDetails, credential);\n } else {\n return Promise.reject(\n new Error(\n `no bearer token or client cert for cluster '${clusterDetails.name}' and not running in Kubernetes`,\n ),\n );\n }\n\n if (url.pathname === '/') {\n url.pathname = resourcePath;\n } else {\n url.pathname += resourcePath;\n }\n\n if (labelSelector) {\n url.search = `labelSelector=${encode(labelSelector)}`;\n }\n\n return fetch(url, requestInit);\n }\n\n private isServiceAccountAuthentication(\n authProvider: string,\n clusterDetails: ClusterDetails,\n ) {\n return (\n authProvider === 'serviceAccount' &&\n !clusterDetails.authMetadata.serviceAccountToken &&\n fs.pathExistsSync(SERVICEACCOUNT_CA_PATH)\n );\n }\n\n private isCredentialMissing(\n authProvider: string,\n credential: KubernetesCredential,\n ) {\n return (\n authProvider !== 'localKubectlProxy' && credential.type === 'anonymous'\n );\n }\n\n private fetchArgs(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n ): [URL, RequestInit] {\n const requestInit: RequestInit = {\n method: 'GET',\n headers: {\n Accept: 'application/json',\n 'Content-Type': 'application/json',\n ...(credential.type === 'bearer token' && {\n Authorization: `Bearer ${credential.token}`,\n }),\n },\n };\n\n const url: URL = new URL(clusterDetails.url);\n if (url.protocol === 'https:') {\n requestInit.agent = new https.Agent({\n ca:\n bufferFromFileOrString(\n clusterDetails.caFile,\n clusterDetails.caData,\n ) ?? undefined,\n rejectUnauthorized: !clusterDetails.skipTLSVerify,\n ...(credential.type === 'x509 client certificate' && {\n cert: credential.cert,\n key: credential.key,\n }),\n });\n }\n return [url, requestInit];\n }\n private fetchArgsInCluster(\n credential: KubernetesCredential,\n ): [URL, RequestInit] {\n const requestInit: RequestInit = {\n method: 'GET',\n headers: {\n Accept: 'application/json',\n 'Content-Type': 'application/json',\n ...(credential.type === 'bearer token' && {\n Authorization: `Bearer ${credential.token}`,\n }),\n },\n };\n\n const kc = new KubeConfig();\n kc.loadFromCluster();\n // loadFromCluster is guaranteed to populate the cluster/user/context\n const cluster = kc.getCurrentCluster() as Cluster;\n\n const url = new URL(cluster.server);\n if (url.protocol === 'https:') {\n requestInit.agent = new https.Agent({\n ca: fs.readFileSync(cluster.caFile as string),\n });\n }\n return [url, requestInit];\n }\n}\n"],"names":["lodash","topPods","ANNOTATION_KUBERNETES_AUTH_PROVIDER","fetch","fs","SERVICEACCOUNT_CA_PATH","https","bufferFromFileOrString","KubeConfig"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDA,MAAM,OAAU,GAAA,CAAC,EACf,KAAA,EAAA,CAAG,eAAe,WAAW,CAAA;AAE/B,SAAS,8BACP,OACsB,EAAA;AACtB,EAAA,MAAM,OAAqC,GAAAA,uBAAA,CAAO,OAAQ,CAAA,OAAA,EAAS,CAAS,KAAA,KAAA;AAC1E,IAAO,OAAA,OAAA,CAAQ,KAAK,CAAA,GAAI,QAAW,GAAA,WAAA;AAAA,GACpC,CAAA;AAED,EAAO,OAAA;AAAA,IACL,MAAA,EAAQ,OAAQ,CAAA,MAAA,IAAU,EAAC;AAAA,IAC3B,SAAA,EAAW,OAAQ,CAAA,SAAA,IAAa;AAAC,GACnC;AACF;AAEA,MAAM,qBAAA,GAAwB,CAAC,UAA6C,KAAA;AAC1E,EAAA,QAAQ,UAAY;AAAA,IAClB,KAAK,GAAA;AACH,MAAO,OAAA,aAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAO,OAAA,oBAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAO,OAAA,WAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAO,OAAA,cAAA;AAAA,IACT;AACE,MAAO,OAAA,eAAA;AAAA;AAEb,CAAA;AAEO,MAAM,4BAA0D,CAAA;AAAA,EACpD,MAAA;AAAA,EAEjB,WAAA,CAAY,EAAE,MAAA,EAA+C,EAAA;AAC3D,IAAA,IAAA,CAAK,MAAS,GAAA,MAAA;AAAA;AAChB,EAEA,uBACE,MAC+B,EAAA;AAC/B,IAAM,MAAA,YAAA,GAAe,MAAM,IAAK,CAAA,MAAA,CAAO,kBAAkB,CACtD,CAAA,MAAA,CAAO,MAAO,CAAA,eAAe,CAC7B,CAAA,GAAA;AAAA,MAAI,CAAC,EAAE,UAAA,EAAY,OAAO,UAAY,EAAA,MAAA,OACrC,IAAK,CAAA,aAAA;AAAA,QACH,MAAO,CAAA,cAAA;AAAA,QACP,MAAO,CAAA,UAAA;AAAA,QACP,KAAA;AAAA,QACA,UAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAO,CAAA,SAAA;AAAA,QACP,MAAO,CAAA;AAAA,OACP,CAAA,IAAA;AAAA,QACA,CAAC,CACC,KAAA,CAAA,CAAE,EACE,GAAA,CAAA,CAAE,MAAO,CAAA,IAAA;AAAA,UACP,CAAC,EAAE,IAAM,EAAA,KAAA,EAA4B,MAAA;AAAA,YACnC,IAAM,EAAA,UAAA;AAAA,YACN,WACE,UAAe,KAAA,iBAAA,GACX,KAAM,CAAA,GAAA,CAAI,CAAC,IAAsB,MAAA;AAAA,cAC/B,GAAG,IAAA;AAAA,cACH,IAAM,EAAA,IAAA,CAAK,OAAQ,CAAA,SAAA,EAAW,EAAE;AAAA,cAChC,CACF,GAAA;AAAA,WACR;AAAA,YAEF,IAAK,CAAA,0BAAA,CAA2B,MAAO,CAAA,cAAA,CAAe,MAAM,CAAC;AAAA;AACrE,KACF;AAEF,IAAA,OAAO,OAAQ,CAAA,GAAA,CAAI,YAAY,CAAA,CAAE,KAAK,6BAA6B,CAAA;AAAA;AACrE,EAEA,2BACE,CAAA,cAAA,EACA,UACA,EAAA,UAAA,EACA,aAC+B,EAAA;AAC/B,IAAA,MAAM,eAAe,KAAM,CAAA,IAAA,CAAK,UAAU,CAAE,CAAA,GAAA,CAAI,OAAM,EAAM,KAAA;AAC1D,MAAA,MAAM,CAAC,UAAY,EAAA,OAAO,CAAI,GAAA,MAAM,QAAQ,GAAI,CAAA;AAAA,QAC9C,IAAK,CAAA,aAAA;AAAA,UACH,cAAA;AAAA,UACA,UAAA;AAAA,UACA,gBAAA;AAAA,UACA,SAAA;AAAA,UACA,MAAA;AAAA,UACA,EAAA;AAAA,UACA;AAAA,SACF;AAAA,QACA,IAAK,CAAA,aAAA;AAAA,UACH,cAAA;AAAA,UACA,UAAA;AAAA,UACA,EAAA;AAAA,UACA,IAAA;AAAA,UACA,MAAA;AAAA,UACA,EAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AACD,MAAI,IAAA,UAAA,CAAW,EAAM,IAAA,OAAA,CAAQ,EAAI,EAAA;AAC/B,QAAO,OAAAC,kBAAA;AAAA,UACL;AAAA,YACE,uBAAA,EAAyB,MAAM,OAAA,CAAQ,IAAK;AAAA,WAC9C;AAAA,UACA;AAAA,YACE,aAAA,EAAe,MAAM,UAAA,CAAW,IAAK;AAAA;AACvC,SACA,CAAA,IAAA;AAAA,UACA,CAAC,SAAuC,MAAA;AAAA,YACtC,IAAM,EAAA,WAAA;AAAA,YACN;AAAA,WACF;AAAA,SACF;AAAA,OACF,MAAA,IAAW,WAAW,EAAI,EAAA;AACxB,QAAA,OAAO,IAAK,CAAA,0BAAA,CAA2B,cAAe,CAAA,IAAA,EAAM,OAAO,CAAA;AAAA;AAErE,MAAA,OAAO,IAAK,CAAA,0BAAA,CAA2B,cAAe,CAAA,IAAA,EAAM,UAAU,CAAA;AAAA,KACvE,CAAA;AAED,IAAA,OAAO,OAAQ,CAAA,GAAA,CAAI,YAAY,CAAA,CAAE,KAAK,6BAA6B,CAAA;AAAA;AACrE,EAEA,MAAc,0BACZ,CAAA,WAAA,EACA,GAC+B,EAAA;AAC/B,IAAA,MAAM,YAAe,GAAA,IAAI,GAAI,CAAA,GAAA,CAAI,GAAG,CAAE,CAAA,QAAA;AACtC,IAAA,IAAA,CAAK,MAAO,CAAA,IAAA;AAAA,MACV,CAAA,SAAA,EACE,GAAI,CAAA,MACN,CAA0B,uBAAA,EAAA,YAAY,CAAmB,gBAAA,EAAA,WAAW,CAAY,SAAA,EAAA,MAAM,GAAI,CAAA,IAAA,EAAM,CAAA,CAAA;AAAA,KAClG;AACA,IAAO,OAAA;AAAA,MACL,SAAA,EAAW,qBAAsB,CAAA,GAAA,CAAI,MAAM,CAAA;AAAA,MAC3C,YAAY,GAAI,CAAA,MAAA;AAAA,MAChB;AAAA,KACF;AAAA;AACF,EAEQ,cACN,cACA,EAAA,UAAA,EACA,OACA,UACA,EAAA,MAAA,EACA,WACA,aACmB,EAAA;AACnB,IAAA,MAAM,MAAS,GAAA,CAAC,CAAc,KAAA,kBAAA,CAAmB,CAAC,CAAA;AAClD,IAAA,IAAI,YAAe,GAAA,KAAA,GACf,CAAS,MAAA,EAAA,MAAA,CAAO,KAAK,CAAC,CAAA,CAAA,EAAI,MAAO,CAAA,UAAU,CAAC,CAAA,CAAA,GAC5C,CAAQ,KAAA,EAAA,MAAA,CAAO,UAAU,CAAC,CAAA,CAAA;AAC9B,IAAA,IAAI,SAAW,EAAA;AACb,MAAgB,YAAA,IAAA,CAAA,YAAA,EAAe,MAAO,CAAA,SAAS,CAAC,CAAA,CAAA;AAAA;AAElD,IAAgB,YAAA,IAAA,CAAA,CAAA,EAAI,MAAO,CAAA,MAAM,CAAC,CAAA,CAAA;AAElC,IAAI,IAAA,GAAA;AACJ,IAAI,IAAA,WAAA;AACJ,IAAM,MAAA,YAAA,GACJ,cAAe,CAAA,YAAA,CAAaC,0DAAmC,CAAA;AAEjE,IAAA,IAAI,IAAK,CAAA,8BAAA,CAA+B,YAAc,EAAA,cAAc,CAAG,EAAA;AACrE,MAAA,CAAC,GAAK,EAAA,WAAW,CAAI,GAAA,IAAA,CAAK,mBAAmB,UAAU,CAAA;AAAA,eAC9C,CAAC,IAAA,CAAK,mBAAoB,CAAA,YAAA,EAAc,UAAU,CAAG,EAAA;AAC9D,MAAA,CAAC,KAAK,WAAW,CAAA,GAAI,IAAK,CAAA,SAAA,CAAU,gBAAgB,UAAU,CAAA;AAAA,KACzD,MAAA;AACL,MAAA,OAAO,OAAQ,CAAA,MAAA;AAAA,QACb,IAAI,KAAA;AAAA,UACF,CAAA,4CAAA,EAA+C,eAAe,IAAI,CAAA,+BAAA;AAAA;AACpE,OACF;AAAA;AAGF,IAAI,IAAA,GAAA,CAAI,aAAa,GAAK,EAAA;AACxB,MAAA,GAAA,CAAI,QAAW,GAAA,YAAA;AAAA,KACV,MAAA;AACL,MAAA,GAAA,CAAI,QAAY,IAAA,YAAA;AAAA;AAGlB,IAAA,IAAI,aAAe,EAAA;AACjB,MAAA,GAAA,CAAI,MAAS,GAAA,CAAA,cAAA,EAAiB,MAAO,CAAA,aAAa,CAAC,CAAA,CAAA;AAAA;AAGrD,IAAO,OAAAC,sBAAA,CAAM,KAAK,WAAW,CAAA;AAAA;AAC/B,EAEQ,8BAAA,CACN,cACA,cACA,EAAA;AACA,IACE,OAAA,YAAA,KAAiB,oBACjB,CAAC,cAAA,CAAe,aAAa,mBAC7B,IAAAC,mBAAA,CAAG,eAAeC,6CAAsB,CAAA;AAAA;AAE5C,EAEQ,mBAAA,CACN,cACA,UACA,EAAA;AACA,IACE,OAAA,YAAA,KAAiB,mBAAuB,IAAA,UAAA,CAAW,IAAS,KAAA,WAAA;AAAA;AAEhE,EAEQ,SAAA,CACN,gBACA,UACoB,EAAA;AACpB,IAAA,MAAM,WAA2B,GAAA;AAAA,MAC/B,MAAQ,EAAA,KAAA;AAAA,MACR,OAAS,EAAA;AAAA,QACP,MAAQ,EAAA,kBAAA;AAAA,QACR,cAAgB,EAAA,kBAAA;AAAA,QAChB,GAAI,UAAW,CAAA,IAAA,KAAS,cAAkB,IAAA;AAAA,UACxC,aAAA,EAAe,CAAU,OAAA,EAAA,UAAA,CAAW,KAAK,CAAA;AAAA;AAC3C;AACF,KACF;AAEA,IAAA,MAAM,GAAW,GAAA,IAAI,GAAI,CAAA,cAAA,CAAe,GAAG,CAAA;AAC3C,IAAI,IAAA,GAAA,CAAI,aAAa,QAAU,EAAA;AAC7B,MAAY,WAAA,CAAA,KAAA,GAAQ,IAAIC,gBAAA,CAAM,KAAM,CAAA;AAAA,QAClC,EACE,EAAAC,iCAAA;AAAA,UACE,cAAe,CAAA,MAAA;AAAA,UACf,cAAe,CAAA;AAAA,SACZ,IAAA,KAAA,CAAA;AAAA,QACP,kBAAA,EAAoB,CAAC,cAAe,CAAA,aAAA;AAAA,QACpC,GAAI,UAAW,CAAA,IAAA,KAAS,yBAA6B,IAAA;AAAA,UACnD,MAAM,UAAW,CAAA,IAAA;AAAA,UACjB,KAAK,UAAW,CAAA;AAAA;AAClB,OACD,CAAA;AAAA;AAEH,IAAO,OAAA,CAAC,KAAK,WAAW,CAAA;AAAA;AAC1B,EACQ,mBACN,UACoB,EAAA;AACpB,IAAA,MAAM,WAA2B,GAAA;AAAA,MAC/B,MAAQ,EAAA,KAAA;AAAA,MACR,OAAS,EAAA;AAAA,QACP,MAAQ,EAAA,kBAAA;AAAA,QACR,cAAgB,EAAA,kBAAA;AAAA,QAChB,GAAI,UAAW,CAAA,IAAA,KAAS,cAAkB,IAAA;AAAA,UACxC,aAAA,EAAe,CAAU,OAAA,EAAA,UAAA,CAAW,KAAK,CAAA;AAAA;AAC3C;AACF,KACF;AAEA,IAAM,MAAA,EAAA,GAAK,IAAIC,qBAAW,EAAA;AAC1B,IAAA,EAAA,CAAG,eAAgB,EAAA;AAEnB,IAAM,MAAA,OAAA,GAAU,GAAG,iBAAkB,EAAA;AAErC,IAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,OAAA,CAAQ,MAAM,CAAA;AAClC,IAAI,IAAA,GAAA,CAAI,aAAa,QAAU,EAAA;AAC7B,MAAY,WAAA,CAAA,KAAA,GAAQ,IAAIF,gBAAA,CAAM,KAAM,CAAA;AAAA,QAClC,EAAI,EAAAF,mBAAA,CAAG,YAAa,CAAA,OAAA,CAAQ,MAAgB;AAAA,OAC7C,CAAA;AAAA;AAEH,IAAO,OAAA,CAAC,KAAK,WAAW,CAAA;AAAA;AAE5B;;;;"}
1
+ {"version":3,"file":"KubernetesFetcher.cjs.js","sources":["../../src/service/KubernetesFetcher.ts"],"sourcesContent":["/*\n * Copyright 2020 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport type { Cluster, CoreV1Api, Metrics } from '@kubernetes/client-node';\nimport lodash, { Dictionary } from 'lodash';\nimport {\n FetchResponseWrapper,\n KubernetesFetcher,\n ObjectFetchParams,\n} from '../types/types';\nimport {\n ANNOTATION_KUBERNETES_AUTH_PROVIDER,\n SERVICEACCOUNT_CA_PATH,\n FetchResponse,\n KubernetesErrorTypes,\n KubernetesFetchError,\n PodStatusFetchResponse,\n} from '@backstage/plugin-kubernetes-common';\nimport fetch, { RequestInit, Response } from 'node-fetch';\nimport * as https from 'https';\nimport fs from 'fs-extra';\nimport { JsonObject } from '@backstage/types';\nimport {\n ClusterDetails,\n KubernetesCredential,\n} from '@backstage/plugin-kubernetes-node';\nimport { LoggerService } from '@backstage/backend-plugin-api';\n\nexport interface KubernetesClientBasedFetcherOptions {\n logger: LoggerService;\n}\n\ntype FetchResult = FetchResponse | KubernetesFetchError;\n\nconst isError = (fr: FetchResult): fr is KubernetesFetchError =>\n fr.hasOwnProperty('errorType');\n\nfunction fetchResultsToResponseWrapper(\n results: FetchResult[],\n): FetchResponseWrapper {\n const groupBy: Dictionary<FetchResult[]> = lodash.groupBy(results, value => {\n return isError(value) ? 'errors' : 'responses';\n });\n\n return {\n errors: groupBy.errors ?? [],\n responses: groupBy.responses ?? [],\n } as FetchResponseWrapper; // TODO would be nice to get rid of this 'as'\n}\n\nconst statusCodeToErrorType = (statusCode: number): KubernetesErrorTypes => {\n switch (statusCode) {\n case 400:\n return 'BAD_REQUEST';\n case 401:\n return 'UNAUTHORIZED_ERROR';\n case 404:\n return 'NOT_FOUND';\n case 500:\n return 'SYSTEM_ERROR';\n default:\n return 'UNKNOWN_ERROR';\n }\n};\n\nexport class KubernetesClientBasedFetcher implements KubernetesFetcher {\n private readonly logger: LoggerService;\n\n constructor({ logger }: KubernetesClientBasedFetcherOptions) {\n this.logger = logger;\n }\n\n fetchObjectsForService(\n params: ObjectFetchParams,\n ): Promise<FetchResponseWrapper> {\n const fetchResults = Array.from(params.objectTypesToFetch)\n .concat(params.customResources)\n .map(({ objectType, group, apiVersion, plural }) =>\n this.fetchResource(\n params.clusterDetails,\n params.credential,\n group,\n apiVersion,\n plural,\n params.namespace,\n params.labelSelector,\n ).then(\n (r: Response): Promise<FetchResult> =>\n r.ok\n ? r.json().then(\n ({ kind, items }): FetchResponse => ({\n type: objectType,\n resources:\n objectType === 'customresources'\n ? items.map((item: JsonObject) => ({\n ...item,\n kind: kind.replace(/(List)$/, ''),\n }))\n : items,\n }),\n )\n : this.handleUnsuccessfulResponse(params.clusterDetails.name, r),\n ),\n );\n\n return Promise.all(fetchResults).then(fetchResultsToResponseWrapper);\n }\n\n async fetchPodMetricsByNamespaces(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n namespaces: Set<string>,\n labelSelector?: string,\n ): Promise<FetchResponseWrapper> {\n const { topPods } = await import('@kubernetes/client-node');\n\n const fetchResults = Array.from(namespaces).map(async ns => {\n const [podMetrics, podList] = await Promise.all([\n this.fetchResource(\n clusterDetails,\n credential,\n 'metrics.k8s.io',\n 'v1beta1',\n 'pods',\n ns,\n labelSelector,\n ),\n this.fetchResource(\n clusterDetails,\n credential,\n '',\n 'v1',\n 'pods',\n ns,\n labelSelector,\n ),\n ]);\n if (podMetrics.ok && podList.ok) {\n return topPods(\n {\n listPodForAllNamespaces: () => podList.json(),\n } as unknown as CoreV1Api,\n {\n getPodMetrics: () => podMetrics.json(),\n } as unknown as Metrics,\n ).then(\n (resources): PodStatusFetchResponse => ({\n type: 'podstatus',\n resources,\n }),\n );\n } else if (podMetrics.ok) {\n return this.handleUnsuccessfulResponse(clusterDetails.name, podList);\n }\n return this.handleUnsuccessfulResponse(clusterDetails.name, podMetrics);\n });\n\n return Promise.all(fetchResults).then(fetchResultsToResponseWrapper);\n }\n\n private async handleUnsuccessfulResponse(\n clusterName: string,\n res: Response,\n ): Promise<KubernetesFetchError> {\n const resourcePath = new URL(res.url).pathname;\n this.logger.warn(\n `Received ${\n res.status\n } status when fetching \"${resourcePath}\" from cluster \"${clusterName}\"; body=[${await res.text()}]`,\n );\n return {\n errorType: statusCodeToErrorType(res.status),\n statusCode: res.status,\n resourcePath,\n };\n }\n\n private async fetchResource(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n group: string,\n apiVersion: string,\n plural: string,\n namespace?: string,\n labelSelector?: string,\n ): Promise<Response> {\n const encode = (s: string) => encodeURIComponent(s);\n let resourcePath = group\n ? `/apis/${encode(group)}/${encode(apiVersion)}`\n : `/api/${encode(apiVersion)}`;\n if (namespace) {\n resourcePath += `/namespaces/${encode(namespace)}`;\n }\n resourcePath += `/${encode(plural)}`;\n\n let url: URL;\n let requestInit: RequestInit;\n const authProvider =\n clusterDetails.authMetadata[ANNOTATION_KUBERNETES_AUTH_PROVIDER];\n\n if (this.isServiceAccountAuthentication(authProvider, clusterDetails)) {\n [url, requestInit] = await this.fetchArgsInCluster(credential);\n } else if (!this.isCredentialMissing(authProvider, credential)) {\n [url, requestInit] = await this.fetchArgs(clusterDetails, credential);\n } else {\n return Promise.reject(\n new Error(\n `no bearer token or client cert for cluster '${clusterDetails.name}' and not running in Kubernetes`,\n ),\n );\n }\n\n if (url.pathname === '/') {\n url.pathname = resourcePath;\n } else {\n url.pathname += resourcePath;\n }\n\n if (labelSelector) {\n url.search = `labelSelector=${encode(labelSelector)}`;\n }\n\n return fetch(url, requestInit);\n }\n\n private isServiceAccountAuthentication(\n authProvider: string,\n clusterDetails: ClusterDetails,\n ) {\n return (\n authProvider === 'serviceAccount' &&\n !clusterDetails.authMetadata.serviceAccountToken &&\n fs.pathExistsSync(SERVICEACCOUNT_CA_PATH)\n );\n }\n\n private isCredentialMissing(\n authProvider: string,\n credential: KubernetesCredential,\n ) {\n return (\n authProvider !== 'localKubectlProxy' && credential.type === 'anonymous'\n );\n }\n\n private async fetchArgs(\n clusterDetails: ClusterDetails,\n credential: KubernetesCredential,\n ): Promise<[URL, fetch.RequestInit]> {\n const { bufferFromFileOrString } = await import('@kubernetes/client-node');\n\n const requestInit: RequestInit = {\n method: 'GET',\n headers: {\n Accept: 'application/json',\n 'Content-Type': 'application/json',\n ...(credential.type === 'bearer token' && {\n Authorization: `Bearer ${credential.token}`,\n }),\n },\n };\n\n const url: URL = new URL(clusterDetails.url);\n if (url.protocol === 'https:') {\n requestInit.agent = new https.Agent({\n ca:\n bufferFromFileOrString(\n clusterDetails.caFile,\n clusterDetails.caData,\n ) ?? undefined,\n rejectUnauthorized: !clusterDetails.skipTLSVerify,\n ...(credential.type === 'x509 client certificate' && {\n cert: credential.cert,\n key: credential.key,\n }),\n });\n }\n return [url, requestInit];\n }\n\n private async fetchArgsInCluster(\n credential: KubernetesCredential,\n ): Promise<[URL, fetch.RequestInit]> {\n const { KubeConfig } = await import('@kubernetes/client-node');\n\n const requestInit: RequestInit = {\n method: 'GET',\n headers: {\n Accept: 'application/json',\n 'Content-Type': 'application/json',\n ...(credential.type === 'bearer token' && {\n Authorization: `Bearer ${credential.token}`,\n }),\n },\n };\n\n const kc = new KubeConfig();\n kc.loadFromCluster();\n // loadFromCluster is guaranteed to populate the cluster/user/context\n const cluster = kc.getCurrentCluster() as Cluster;\n\n const url = new URL(cluster.server);\n if (url.protocol === 'https:') {\n requestInit.agent = new https.Agent({\n ca: fs.readFileSync(cluster.caFile as string),\n });\n }\n return [url, requestInit];\n }\n}\n"],"names":["lodash","ANNOTATION_KUBERNETES_AUTH_PROVIDER","fetch","fs","SERVICEACCOUNT_CA_PATH","https"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CA,MAAM,OAAU,GAAA,CAAC,EACf,KAAA,EAAA,CAAG,eAAe,WAAW,CAAA;AAE/B,SAAS,8BACP,OACsB,EAAA;AACtB,EAAA,MAAM,OAAqC,GAAAA,uBAAA,CAAO,OAAQ,CAAA,OAAA,EAAS,CAAS,KAAA,KAAA;AAC1E,IAAO,OAAA,OAAA,CAAQ,KAAK,CAAA,GAAI,QAAW,GAAA,WAAA;AAAA,GACpC,CAAA;AAED,EAAO,OAAA;AAAA,IACL,MAAA,EAAQ,OAAQ,CAAA,MAAA,IAAU,EAAC;AAAA,IAC3B,SAAA,EAAW,OAAQ,CAAA,SAAA,IAAa;AAAC,GACnC;AACF;AAEA,MAAM,qBAAA,GAAwB,CAAC,UAA6C,KAAA;AAC1E,EAAA,QAAQ,UAAY;AAAA,IAClB,KAAK,GAAA;AACH,MAAO,OAAA,aAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAO,OAAA,oBAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAO,OAAA,WAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAO,OAAA,cAAA;AAAA,IACT;AACE,MAAO,OAAA,eAAA;AAAA;AAEb,CAAA;AAEO,MAAM,4BAA0D,CAAA;AAAA,EACpD,MAAA;AAAA,EAEjB,WAAA,CAAY,EAAE,MAAA,EAA+C,EAAA;AAC3D,IAAA,IAAA,CAAK,MAAS,GAAA,MAAA;AAAA;AAChB,EAEA,uBACE,MAC+B,EAAA;AAC/B,IAAM,MAAA,YAAA,GAAe,MAAM,IAAK,CAAA,MAAA,CAAO,kBAAkB,CACtD,CAAA,MAAA,CAAO,MAAO,CAAA,eAAe,CAC7B,CAAA,GAAA;AAAA,MAAI,CAAC,EAAE,UAAA,EAAY,OAAO,UAAY,EAAA,MAAA,OACrC,IAAK,CAAA,aAAA;AAAA,QACH,MAAO,CAAA,cAAA;AAAA,QACP,MAAO,CAAA,UAAA;AAAA,QACP,KAAA;AAAA,QACA,UAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAO,CAAA,SAAA;AAAA,QACP,MAAO,CAAA;AAAA,OACP,CAAA,IAAA;AAAA,QACA,CAAC,CACC,KAAA,CAAA,CAAE,EACE,GAAA,CAAA,CAAE,MAAO,CAAA,IAAA;AAAA,UACP,CAAC,EAAE,IAAM,EAAA,KAAA,EAA4B,MAAA;AAAA,YACnC,IAAM,EAAA,UAAA;AAAA,YACN,WACE,UAAe,KAAA,iBAAA,GACX,KAAM,CAAA,GAAA,CAAI,CAAC,IAAsB,MAAA;AAAA,cAC/B,GAAG,IAAA;AAAA,cACH,IAAM,EAAA,IAAA,CAAK,OAAQ,CAAA,SAAA,EAAW,EAAE;AAAA,cAChC,CACF,GAAA;AAAA,WACR;AAAA,YAEF,IAAK,CAAA,0BAAA,CAA2B,MAAO,CAAA,cAAA,CAAe,MAAM,CAAC;AAAA;AACrE,KACF;AAEF,IAAA,OAAO,OAAQ,CAAA,GAAA,CAAI,YAAY,CAAA,CAAE,KAAK,6BAA6B,CAAA;AAAA;AACrE,EAEA,MAAM,2BAAA,CACJ,cACA,EAAA,UAAA,EACA,YACA,aAC+B,EAAA;AAC/B,IAAA,MAAM,EAAE,OAAA,EAAY,GAAA,MAAM,OAAO,yBAAyB,CAAA;AAE1D,IAAA,MAAM,eAAe,KAAM,CAAA,IAAA,CAAK,UAAU,CAAE,CAAA,GAAA,CAAI,OAAM,EAAM,KAAA;AAC1D,MAAA,MAAM,CAAC,UAAY,EAAA,OAAO,CAAI,GAAA,MAAM,QAAQ,GAAI,CAAA;AAAA,QAC9C,IAAK,CAAA,aAAA;AAAA,UACH,cAAA;AAAA,UACA,UAAA;AAAA,UACA,gBAAA;AAAA,UACA,SAAA;AAAA,UACA,MAAA;AAAA,UACA,EAAA;AAAA,UACA;AAAA,SACF;AAAA,QACA,IAAK,CAAA,aAAA;AAAA,UACH,cAAA;AAAA,UACA,UAAA;AAAA,UACA,EAAA;AAAA,UACA,IAAA;AAAA,UACA,MAAA;AAAA,UACA,EAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AACD,MAAI,IAAA,UAAA,CAAW,EAAM,IAAA,OAAA,CAAQ,EAAI,EAAA;AAC/B,QAAO,OAAA,OAAA;AAAA,UACL;AAAA,YACE,uBAAA,EAAyB,MAAM,OAAA,CAAQ,IAAK;AAAA,WAC9C;AAAA,UACA;AAAA,YACE,aAAA,EAAe,MAAM,UAAA,CAAW,IAAK;AAAA;AACvC,SACA,CAAA,IAAA;AAAA,UACA,CAAC,SAAuC,MAAA;AAAA,YACtC,IAAM,EAAA,WAAA;AAAA,YACN;AAAA,WACF;AAAA,SACF;AAAA,OACF,MAAA,IAAW,WAAW,EAAI,EAAA;AACxB,QAAA,OAAO,IAAK,CAAA,0BAAA,CAA2B,cAAe,CAAA,IAAA,EAAM,OAAO,CAAA;AAAA;AAErE,MAAA,OAAO,IAAK,CAAA,0BAAA,CAA2B,cAAe,CAAA,IAAA,EAAM,UAAU,CAAA;AAAA,KACvE,CAAA;AAED,IAAA,OAAO,OAAQ,CAAA,GAAA,CAAI,YAAY,CAAA,CAAE,KAAK,6BAA6B,CAAA;AAAA;AACrE,EAEA,MAAc,0BACZ,CAAA,WAAA,EACA,GAC+B,EAAA;AAC/B,IAAA,MAAM,YAAe,GAAA,IAAI,GAAI,CAAA,GAAA,CAAI,GAAG,CAAE,CAAA,QAAA;AACtC,IAAA,IAAA,CAAK,MAAO,CAAA,IAAA;AAAA,MACV,CAAA,SAAA,EACE,GAAI,CAAA,MACN,CAA0B,uBAAA,EAAA,YAAY,CAAmB,gBAAA,EAAA,WAAW,CAAY,SAAA,EAAA,MAAM,GAAI,CAAA,IAAA,EAAM,CAAA,CAAA;AAAA,KAClG;AACA,IAAO,OAAA;AAAA,MACL,SAAA,EAAW,qBAAsB,CAAA,GAAA,CAAI,MAAM,CAAA;AAAA,MAC3C,YAAY,GAAI,CAAA,MAAA;AAAA,MAChB;AAAA,KACF;AAAA;AACF,EAEA,MAAc,cACZ,cACA,EAAA,UAAA,EACA,OACA,UACA,EAAA,MAAA,EACA,WACA,aACmB,EAAA;AACnB,IAAA,MAAM,MAAS,GAAA,CAAC,CAAc,KAAA,kBAAA,CAAmB,CAAC,CAAA;AAClD,IAAA,IAAI,YAAe,GAAA,KAAA,GACf,CAAS,MAAA,EAAA,MAAA,CAAO,KAAK,CAAC,CAAA,CAAA,EAAI,MAAO,CAAA,UAAU,CAAC,CAAA,CAAA,GAC5C,CAAQ,KAAA,EAAA,MAAA,CAAO,UAAU,CAAC,CAAA,CAAA;AAC9B,IAAA,IAAI,SAAW,EAAA;AACb,MAAgB,YAAA,IAAA,CAAA,YAAA,EAAe,MAAO,CAAA,SAAS,CAAC,CAAA,CAAA;AAAA;AAElD,IAAgB,YAAA,IAAA,CAAA,CAAA,EAAI,MAAO,CAAA,MAAM,CAAC,CAAA,CAAA;AAElC,IAAI,IAAA,GAAA;AACJ,IAAI,IAAA,WAAA;AACJ,IAAM,MAAA,YAAA,GACJ,cAAe,CAAA,YAAA,CAAaC,0DAAmC,CAAA;AAEjE,IAAA,IAAI,IAAK,CAAA,8BAAA,CAA+B,YAAc,EAAA,cAAc,CAAG,EAAA;AACrE,MAAA,CAAC,KAAK,WAAW,CAAA,GAAI,MAAM,IAAA,CAAK,mBAAmB,UAAU,CAAA;AAAA,eACpD,CAAC,IAAA,CAAK,mBAAoB,CAAA,YAAA,EAAc,UAAU,CAAG,EAAA;AAC9D,MAAA,CAAC,KAAK,WAAW,CAAA,GAAI,MAAM,IAAK,CAAA,SAAA,CAAU,gBAAgB,UAAU,CAAA;AAAA,KAC/D,MAAA;AACL,MAAA,OAAO,OAAQ,CAAA,MAAA;AAAA,QACb,IAAI,KAAA;AAAA,UACF,CAAA,4CAAA,EAA+C,eAAe,IAAI,CAAA,+BAAA;AAAA;AACpE,OACF;AAAA;AAGF,IAAI,IAAA,GAAA,CAAI,aAAa,GAAK,EAAA;AACxB,MAAA,GAAA,CAAI,QAAW,GAAA,YAAA;AAAA,KACV,MAAA;AACL,MAAA,GAAA,CAAI,QAAY,IAAA,YAAA;AAAA;AAGlB,IAAA,IAAI,aAAe,EAAA;AACjB,MAAA,GAAA,CAAI,MAAS,GAAA,CAAA,cAAA,EAAiB,MAAO,CAAA,aAAa,CAAC,CAAA,CAAA;AAAA;AAGrD,IAAO,OAAAC,sBAAA,CAAM,KAAK,WAAW,CAAA;AAAA;AAC/B,EAEQ,8BAAA,CACN,cACA,cACA,EAAA;AACA,IACE,OAAA,YAAA,KAAiB,oBACjB,CAAC,cAAA,CAAe,aAAa,mBAC7B,IAAAC,mBAAA,CAAG,eAAeC,6CAAsB,CAAA;AAAA;AAE5C,EAEQ,mBAAA,CACN,cACA,UACA,EAAA;AACA,IACE,OAAA,YAAA,KAAiB,mBAAuB,IAAA,UAAA,CAAW,IAAS,KAAA,WAAA;AAAA;AAEhE,EAEA,MAAc,SACZ,CAAA,cAAA,EACA,UACmC,EAAA;AACnC,IAAA,MAAM,EAAE,sBAAA,EAA2B,GAAA,MAAM,OAAO,yBAAyB,CAAA;AAEzE,IAAA,MAAM,WAA2B,GAAA;AAAA,MAC/B,MAAQ,EAAA,KAAA;AAAA,MACR,OAAS,EAAA;AAAA,QACP,MAAQ,EAAA,kBAAA;AAAA,QACR,cAAgB,EAAA,kBAAA;AAAA,QAChB,GAAI,UAAW,CAAA,IAAA,KAAS,cAAkB,IAAA;AAAA,UACxC,aAAA,EAAe,CAAU,OAAA,EAAA,UAAA,CAAW,KAAK,CAAA;AAAA;AAC3C;AACF,KACF;AAEA,IAAA,MAAM,GAAW,GAAA,IAAI,GAAI,CAAA,cAAA,CAAe,GAAG,CAAA;AAC3C,IAAI,IAAA,GAAA,CAAI,aAAa,QAAU,EAAA;AAC7B,MAAY,WAAA,CAAA,KAAA,GAAQ,IAAIC,gBAAA,CAAM,KAAM,CAAA;AAAA,QAClC,EACE,EAAA,sBAAA;AAAA,UACE,cAAe,CAAA,MAAA;AAAA,UACf,cAAe,CAAA;AAAA,SACZ,IAAA,KAAA,CAAA;AAAA,QACP,kBAAA,EAAoB,CAAC,cAAe,CAAA,aAAA;AAAA,QACpC,GAAI,UAAW,CAAA,IAAA,KAAS,yBAA6B,IAAA;AAAA,UACnD,MAAM,UAAW,CAAA,IAAA;AAAA,UACjB,KAAK,UAAW,CAAA;AAAA;AAClB,OACD,CAAA;AAAA;AAEH,IAAO,OAAA,CAAC,KAAK,WAAW,CAAA;AAAA;AAC1B,EAEA,MAAc,mBACZ,UACmC,EAAA;AACnC,IAAA,MAAM,EAAE,UAAA,EAAe,GAAA,MAAM,OAAO,yBAAyB,CAAA;AAE7D,IAAA,MAAM,WAA2B,GAAA;AAAA,MAC/B,MAAQ,EAAA,KAAA;AAAA,MACR,OAAS,EAAA;AAAA,QACP,MAAQ,EAAA,kBAAA;AAAA,QACR,cAAgB,EAAA,kBAAA;AAAA,QAChB,GAAI,UAAW,CAAA,IAAA,KAAS,cAAkB,IAAA;AAAA,UACxC,aAAA,EAAe,CAAU,OAAA,EAAA,UAAA,CAAW,KAAK,CAAA;AAAA;AAC3C;AACF,KACF;AAEA,IAAM,MAAA,EAAA,GAAK,IAAI,UAAW,EAAA;AAC1B,IAAA,EAAA,CAAG,eAAgB,EAAA;AAEnB,IAAM,MAAA,OAAA,GAAU,GAAG,iBAAkB,EAAA;AAErC,IAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,OAAA,CAAQ,MAAM,CAAA;AAClC,IAAI,IAAA,GAAA,CAAI,aAAa,QAAU,EAAA;AAC7B,MAAY,WAAA,CAAA,KAAA,GAAQ,IAAIA,gBAAA,CAAM,KAAM,CAAA;AAAA,QAClC,EAAI,EAAAF,mBAAA,CAAG,YAAa,CAAA,OAAA,CAAQ,MAAgB;AAAA,OAC7C,CAAA;AAAA;AAEH,IAAO,OAAA,CAAC,KAAK,WAAW,CAAA;AAAA;AAE5B;;;;"}
package/dist/service/KubernetesProxy.cjs.js CHANGED
@@ -3,7 +3,6 @@
3
3
  var errors = require('@backstage/errors');
4
4
  var pluginKubernetesCommon = require('@backstage/plugin-kubernetes-common');
5
5
  var pluginPermissionCommon = require('@backstage/plugin-permission-common');
6
- var clientNode = require('@kubernetes/client-node');
7
6
  var httpProxyMiddleware = require('http-proxy-middleware');
8
7
  var fs = require('fs-extra');
9
8
  var backendCommon = require('@backstage/backend-common');
@@ -77,11 +76,12 @@ class KubernetesProxy {
77
76
  router: async (req) => {
78
77
  const cluster = await this.getClusterForRequest(req);
79
78
  const url = new URL(cluster.url);
79
+ const { bufferFromFileOrString } = await import('@kubernetes/client-node');
80
80
  const target = {
81
81
  protocol: url.protocol,
82
82
  host: url.hostname,
83
83
  port: url.port,
84
- ca: clientNode.bufferFromFileOrString(
84
+ ca: bufferFromFileOrString(
85
85
  cluster.caFile,
86
86
  cluster.caData
87
87
  )?.toString()
@@ -126,6 +126,7 @@ class KubernetesProxy {
126
126
  return middleware;
127
127
  }
128
128
  async getClusterForRequest(req) {
129
+ const { KubeConfig } = await import('@kubernetes/client-node');
129
130
  const clusterName = req.headers[HEADER_KUBERNETES_CLUSTER.toLowerCase()];
130
131
  const clusters = await this.clusterSupplier.getClusters({
131
132
  credentials: await this.httpAuth.credentials(req)
@@ -145,7 +146,7 @@ class KubernetesProxy {
145
146
  }
146
147
  const authProvider = cluster.authMetadata[pluginKubernetesCommon.ANNOTATION_KUBERNETES_AUTH_PROVIDER];
147
148
  if (authProvider === "serviceAccount" && fs__default.default.pathExistsSync(pluginKubernetesCommon.SERVICEACCOUNT_CA_PATH) && !cluster.authMetadata.serviceAccountToken) {
148
- const kc = new clientNode.KubeConfig();
149
+ const kc = new KubeConfig();
149
150
  kc.loadFromCluster();
150
151
  const clusterFromKubeConfig = kc.getCurrentCluster();
151
152
  const url = new URL(clusterFromKubeConfig.server);
package/dist/service/KubernetesProxy.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"KubernetesProxy.cjs.js","sources":["../../src/service/KubernetesProxy.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n ErrorResponseBody,\n ForwardedError,\n NotAllowedError,\n NotFoundError,\n serializeError,\n} from '@backstage/errors';\nimport {\n ANNOTATION_KUBERNETES_AUTH_PROVIDER,\n SERVICEACCOUNT_CA_PATH,\n kubernetesProxyPermission,\n KubernetesRequestAuth,\n} from '@backstage/plugin-kubernetes-common';\nimport { AuthorizeResult } from '@backstage/plugin-permission-common';\nimport {\n bufferFromFileOrString,\n Cluster,\n KubeConfig,\n} from '@kubernetes/client-node';\nimport { createProxyMiddleware, RequestHandler } from 'http-proxy-middleware';\nimport fs from 'fs-extra';\n\nimport { AuthenticationStrategy } from '../auth';\nimport { ClusterDetails, KubernetesClustersSupplier } from '../types/types';\n\nimport type { Request } from 'express';\nimport { IncomingHttpHeaders } from 'http';\nimport {\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n PermissionsService,\n} from '@backstage/backend-plugin-api';\nimport {\n createLegacyAuthAdapters,\n loggerToWinstonLogger,\n} from '@backstage/backend-common';\n\nexport const APPLICATION_JSON: string = 'application/json';\n\n/**\n * The header that is used to specify the cluster name.\n *\n * @public\n */\nexport const HEADER_KUBERNETES_CLUSTER: string = 'Backstage-Kubernetes-Cluster';\n\n/**\n * The header that is used to specify the Authentication Authorities token.\n * e.x if using the google auth provider as your authentication authority then this field would be the google provided bearer token.\n * @public\n */\nexport const HEADER_KUBERNETES_AUTH: string =\n 'Backstage-Kubernetes-Authorization';\n\n/**\n * The options object expected to be passed as a parameter to KubernetesProxy.createRequestHandler().\n *\n * @public\n */\nexport type KubernetesProxyCreateRequestHandlerOptions = {\n permissionApi: PermissionsService;\n};\n\n/**\n * Options accepted as a parameter by the KubernetesProxy\n *\n * @public\n */\nexport type KubernetesProxyOptions = {\n logger: LoggerService;\n clusterSupplier: KubernetesClustersSupplier;\n authStrategy: AuthenticationStrategy;\n discovery: DiscoveryService;\n httpAuth?: HttpAuthService;\n};\n\n/**\n * A proxy that routes requests to the Kubernetes API.\n *\n * @public\n */\nexport class KubernetesProxy {\n private readonly middlewareForClusterName = new Map<string, RequestHandler>();\n private readonly logger: LoggerService;\n private readonly clusterSupplier: KubernetesClustersSupplier;\n private readonly authStrategy: AuthenticationStrategy;\n private readonly httpAuth: HttpAuthService;\n\n constructor(options: KubernetesProxyOptions) {\n this.logger = options.logger;\n this.clusterSupplier = options.clusterSupplier;\n this.authStrategy = options.authStrategy;\n\n const legacy = createLegacyAuthAdapters({\n discovery: options.discovery,\n httpAuth: options.httpAuth,\n });\n\n this.httpAuth = legacy.httpAuth;\n }\n\n public createRequestHandler(\n options: KubernetesProxyCreateRequestHandlerOptions,\n ): RequestHandler {\n const { permissionApi } = options;\n return async (req, res, next) => {\n const authorizeResponse = await permissionApi.authorize(\n [{ permission: kubernetesProxyPermission }],\n {\n credentials: await this.httpAuth.credentials(req),\n },\n );\n const auth = authorizeResponse[0];\n\n if (auth.result === AuthorizeResult.DENY) {\n res.status(403).json({ error: new NotAllowedError('Unauthorized') });\n return;\n }\n\n const middleware = await this.getMiddleware(req);\n\n // If req is an upgrade handshake, use middleware upgrade instead of http request handler https://github.com/chimurai/http-proxy-middleware#external-websocket-upgrade\n if (\n req.header('connection')?.toLowerCase() === 'upgrade' &&\n req.header('upgrade')?.toLowerCase() === 'websocket'\n ) {\n // Missing the `head`, since it's optional we pass undefined to avoid type issues\n middleware.upgrade!(req, req.socket, undefined);\n } else {\n middleware(req, res, next);\n }\n };\n }\n\n // We create one middleware per remote cluster and hold on to them, because\n // the secure property isn't possible to decide on a per-request basis with a\n // single middleware instance - and we don't expect it to change over time.\n private async getMiddleware(originalReq: Request): Promise<RequestHandler> {\n const originalCluster = await this.getClusterForRequest(originalReq);\n let middleware = this.middlewareForClusterName.get(originalCluster.name);\n if (!middleware) {\n const logger = this.logger.child({ cluster: originalCluster.name });\n middleware = createProxyMiddleware({\n // TODO: Add 'log' to LoggerService\n logProvider: () => loggerToWinstonLogger(logger),\n ws: true,\n secure: !originalCluster.skipTLSVerify,\n changeOrigin: true,\n pathRewrite: async (path, req) => {\n // Re-evaluate the cluster on each request, in case it has changed\n const cluster = await this.getClusterForRequest(req);\n const url = new URL(cluster.url);\n return path.replace(\n new RegExp(`^${originalReq.baseUrl}`),\n url.pathname || '',\n );\n },\n router: async req => {\n // Re-evaluate the cluster on each request, in case it has changed\n const cluster = await this.getClusterForRequest(req);\n const url = new URL(cluster.url);\n\n const target: any = {\n protocol: url.protocol,\n host: url.hostname,\n port: url.port,\n ca: bufferFromFileOrString(\n cluster.caFile,\n cluster.caData,\n )?.toString(),\n };\n\n const authHeader =\n req.headers[HEADER_KUBERNETES_AUTH.toLocaleLowerCase('en-US')];\n if (typeof authHeader === 'string') {\n req.headers.authorization = authHeader;\n } else {\n // Map Backstage-Kubernetes-Authorization-X-X headers to a KubernetesRequestAuth object\n const authObj = KubernetesProxy.authHeadersToKubernetesRequestAuth(\n req.headers,\n );\n\n const credential = await this.getClusterForRequest(req).then(cd => {\n return this.authStrategy.getCredential(cd, authObj);\n });\n\n if (credential.type === 'bearer token') {\n req.headers.authorization = `Bearer ${credential.token}`;\n } else if (credential.type === 'x509 client certificate') {\n target.key = credential.key;\n target.cert = credential.cert;\n }\n }\n\n return target;\n },\n onError: (error, req, res) => {\n const wrappedError = new ForwardedError(\n `Cluster '${originalCluster.name}' request error`,\n error,\n );\n\n logger.error('Kubernetes proxy error', wrappedError);\n\n const body: ErrorResponseBody = {\n error: serializeError(wrappedError, {\n includeStack: process.env.NODE_ENV === 'development',\n }),\n request: { method: req.method, url: req.originalUrl },\n response: { statusCode: 500 },\n };\n res.status(500).json(body);\n },\n });\n this.middlewareForClusterName.set(originalCluster.name, middleware);\n }\n return middleware;\n }\n\n private async getClusterForRequest(req: Request): Promise<ClusterDetails> {\n const clusterName = req.headers[HEADER_KUBERNETES_CLUSTER.toLowerCase()];\n const clusters = await this.clusterSupplier.getClusters({\n credentials: await this.httpAuth.credentials(req),\n });\n\n if (!clusters || clusters.length <= 0) {\n throw new NotFoundError(`No Clusters configured`);\n }\n\n const hasClusterNameHeader =\n typeof clusterName === 'string' && clusterName.length > 0;\n\n let cluster: ClusterDetails | undefined;\n\n if (hasClusterNameHeader) {\n cluster = clusters.find(c => c.name === clusterName);\n } else if (clusters.length === 1) {\n cluster = clusters.at(0);\n }\n\n if (!cluster) {\n throw new NotFoundError(`Cluster '${clusterName}' not found`);\n }\n\n const authProvider =\n cluster.authMetadata[ANNOTATION_KUBERNETES_AUTH_PROVIDER];\n\n if (\n authProvider === 'serviceAccount' &&\n fs.pathExistsSync(SERVICEACCOUNT_CA_PATH) &&\n !cluster.authMetadata.serviceAccountToken\n ) {\n const kc = new KubeConfig();\n kc.loadFromCluster();\n const clusterFromKubeConfig = kc.getCurrentCluster() as Cluster;\n\n const url = new URL(clusterFromKubeConfig.server);\n cluster.url = clusterFromKubeConfig.server;\n if (url.protocol === 'https:') {\n cluster.caFile = clusterFromKubeConfig.caFile;\n }\n }\n\n return cluster;\n }\n\n private static authHeadersToKubernetesRequestAuth(\n originalHeaders: IncomingHttpHeaders,\n ): KubernetesRequestAuth {\n return Object.keys(originalHeaders)\n .filter(header => header.startsWith('backstage-kubernetes-authorization'))\n .map(header =>\n KubernetesProxy.headerToDictionary(header, originalHeaders),\n )\n .filter(headerAsDic => Object.keys(headerAsDic).length !== 0)\n .reduce(KubernetesProxy.combineHeaders, {});\n }\n\n private static headerToDictionary(\n header: string,\n originalHeaders: IncomingHttpHeaders,\n ): KubernetesRequestAuth {\n const obj: KubernetesRequestAuth = {};\n const headerSplitted = header.split('-');\n if (headerSplitted.length >= 4) {\n const framework = headerSplitted[3].toLowerCase();\n if (headerSplitted.length >= 5) {\n const provider = headerSplitted.slice(4).join('-').toLowerCase();\n obj[framework] = { [provider]: originalHeaders[header] };\n } else {\n obj[framework] = originalHeaders[header];\n }\n }\n return obj;\n }\n\n private static combineHeaders(\n authObj: any,\n header: any,\n ): KubernetesRequestAuth {\n const framework = Object.keys(header)[0];\n\n if (authObj[framework]) {\n authObj[framework] = {\n ...authObj[framework],\n ...header[framework],\n };\n } else {\n authObj[framework] = header[framework];\n }\n\n return authObj;\n }\n}\n"],"names":["createLegacyAuthAdapters","kubernetesProxyPermission","AuthorizeResult","NotAllowedError","createProxyMiddleware","loggerToWinstonLogger","bufferFromFileOrString","ForwardedError","serializeError","NotFoundError","ANNOTATION_KUBERNETES_AUTH_PROVIDER","fs","SERVICEACCOUNT_CA_PATH","KubeConfig"],"mappings":";;;;;;;;;;;;;;AA4DO,MAAM,yBAAoC,GAAA;AAO1C,MAAM,sBACX,GAAA;AA6BK,MAAM,eAAgB,CAAA;AAAA,EACV,wBAAA,uBAA+B,GAA4B,EAAA;AAAA,EAC3D,MAAA;AAAA,EACA,eAAA;AAAA,EACA,YAAA;AAAA,EACA,QAAA;AAAA,EAEjB,YAAY,OAAiC,EAAA;AAC3C,IAAA,IAAA,CAAK,SAAS,OAAQ,CAAA,MAAA;AACtB,IAAA,IAAA,CAAK,kBAAkB,OAAQ,CAAA,eAAA;AAC/B,IAAA,IAAA,CAAK,eAAe,OAAQ,CAAA,YAAA;AAE5B,IAAA,MAAM,SAASA,sCAAyB,CAAA;AAAA,MACtC,WAAW,OAAQ,CAAA,SAAA;AAAA,MACnB,UAAU,OAAQ,CAAA;AAAA,KACnB,CAAA;AAED,IAAA,IAAA,CAAK,WAAW,MAAO,CAAA,QAAA;AAAA;AACzB,EAEO,qBACL,OACgB,EAAA;AAChB,IAAM,MAAA,EAAE,eAAkB,GAAA,OAAA;AAC1B,IAAO,OAAA,OAAO,GAAK,EAAA,GAAA,EAAK,IAAS,KAAA;AAC/B,MAAM,MAAA,iBAAA,GAAoB,MAAM,aAAc,CAAA,SAAA;AAAA,QAC5C,CAAC,EAAE,UAAY,EAAAC,gDAAA,EAA2B,CAAA;AAAA,QAC1C;AAAA,UACE,WAAa,EAAA,MAAM,IAAK,CAAA,QAAA,CAAS,YAAY,GAAG;AAAA;AAClD,OACF;AACA,MAAM,MAAA,IAAA,GAAO,kBAAkB,CAAC,CAAA;AAEhC,MAAI,IAAA,IAAA,CAAK,MAAW,KAAAC,sCAAA,CAAgB,IAAM,EAAA;AACxC,QAAI,GAAA,CAAA,MAAA,CAAO,GAAG,CAAA,CAAE,IAAK,CAAA,EAAE,OAAO,IAAIC,sBAAA,CAAgB,cAAc,CAAA,EAAG,CAAA;AACnE,QAAA;AAAA;AAGF,MAAA,MAAM,UAAa,GAAA,MAAM,IAAK,CAAA,aAAA,CAAc,GAAG,CAAA;AAG/C,MAAA,IACE,GAAI,CAAA,MAAA,CAAO,YAAY,CAAA,EAAG,WAAY,EAAA,KAAM,SAC5C,IAAA,GAAA,CAAI,MAAO,CAAA,SAAS,CAAG,EAAA,WAAA,OAAkB,WACzC,EAAA;AAEA,QAAA,UAAA,CAAW,OAAS,CAAA,GAAA,EAAK,GAAI,CAAA,MAAA,EAAQ,KAAS,CAAA,CAAA;AAAA,OACzC,MAAA;AACL,QAAW,UAAA,CAAA,GAAA,EAAK,KAAK,IAAI,CAAA;AAAA;AAC3B,KACF;AAAA;AACF;AAAA;AAAA;AAAA,EAKA,MAAc,cAAc,WAA+C,EAAA;AACzE,IAAA,MAAM,eAAkB,GAAA,MAAM,IAAK,CAAA,oBAAA,CAAqB,WAAW,CAAA;AACnE,IAAA,IAAI,UAAa,GAAA,IAAA,CAAK,wBAAyB,CAAA,GAAA,CAAI,gBAAgB,IAAI,CAAA;AACvE,IAAA,IAAI,CAAC,UAAY,EAAA;AACf,MAAM,MAAA,MAAA,GAAS,KAAK,MAAO,CAAA,KAAA,CAAM,EAAE,OAAS,EAAA,eAAA,CAAgB,MAAM,CAAA;AAClE,MAAA,UAAA,GAAaC,yCAAsB,CAAA;AAAA;AAAA,QAEjC,WAAA,EAAa,MAAMC,mCAAA,CAAsB,MAAM,CAAA;AAAA,QAC/C,EAAI,EAAA,IAAA;AAAA,QACJ,MAAA,EAAQ,CAAC,eAAgB,CAAA,aAAA;AAAA,QACzB,YAAc,EAAA,IAAA;AAAA,QACd,WAAA,EAAa,OAAO,IAAA,EAAM,GAAQ,KAAA;AAEhC,UAAA,MAAM,OAAU,GAAA,MAAM,IAAK,CAAA,oBAAA,CAAqB,GAAG,CAAA;AACnD,UAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,OAAA,CAAQ,GAAG,CAAA;AAC/B,UAAA,OAAO,IAAK,CAAA,OAAA;AAAA,YACV,IAAI,MAAA,CAAO,CAAI,CAAA,EAAA,WAAA,CAAY,OAAO,CAAE,CAAA,CAAA;AAAA,YACpC,IAAI,QAAY,IAAA;AAAA,WAClB;AAAA,SACF;AAAA,QACA,MAAA,EAAQ,OAAM,GAAO,KAAA;AAEnB,UAAA,MAAM,OAAU,GAAA,MAAM,IAAK,CAAA,oBAAA,CAAqB,GAAG,CAAA;AACnD,UAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,OAAA,CAAQ,GAAG,CAAA;AAE/B,UAAA,MAAM,MAAc,GAAA;AAAA,YAClB,UAAU,GAAI,CAAA,QAAA;AAAA,YACd,MAAM,GAAI,CAAA,QAAA;AAAA,YACV,MAAM,GAAI,CAAA,IAAA;AAAA,YACV,EAAI,EAAAC,iCAAA;AAAA,cACF,OAAQ,CAAA,MAAA;AAAA,cACR,OAAQ,CAAA;AAAA,eACP,QAAS;AAAA,WACd;AAEA,UAAA,MAAM,aACJ,GAAI,CAAA,OAAA,CAAQ,sBAAuB,CAAA,iBAAA,CAAkB,OAAO,CAAC,CAAA;AAC/D,UAAI,IAAA,OAAO,eAAe,QAAU,EAAA;AAClC,YAAA,GAAA,CAAI,QAAQ,aAAgB,GAAA,UAAA;AAAA,WACvB,MAAA;AAEL,YAAA,MAAM,UAAU,eAAgB,CAAA,kCAAA;AAAA,cAC9B,GAAI,CAAA;AAAA,aACN;AAEA,YAAA,MAAM,aAAa,MAAM,IAAA,CAAK,qBAAqB,GAAG,CAAA,CAAE,KAAK,CAAM,EAAA,KAAA;AACjE,cAAA,OAAO,IAAK,CAAA,YAAA,CAAa,aAAc,CAAA,EAAA,EAAI,OAAO,CAAA;AAAA,aACnD,CAAA;AAED,YAAI,IAAA,UAAA,CAAW,SAAS,cAAgB,EAAA;AACtC,cAAA,GAAA,CAAI,OAAQ,CAAA,aAAA,GAAgB,CAAU,OAAA,EAAA,UAAA,CAAW,KAAK,CAAA,CAAA;AAAA,aACxD,MAAA,IAAW,UAAW,CAAA,IAAA,KAAS,yBAA2B,EAAA;AACxD,cAAA,MAAA,CAAO,MAAM,UAAW,CAAA,GAAA;AACxB,cAAA,MAAA,CAAO,OAAO,UAAW,CAAA,IAAA;AAAA;AAC3B;AAGF,UAAO,OAAA,MAAA;AAAA,SACT;AAAA,QACA,OAAS,EAAA,CAAC,KAAO,EAAA,GAAA,EAAK,GAAQ,KAAA;AAC5B,UAAA,MAAM,eAAe,IAAIC,qBAAA;AAAA,YACvB,CAAA,SAAA,EAAY,gBAAgB,IAAI,CAAA,eAAA,CAAA;AAAA,YAChC;AAAA,WACF;AAEA,UAAO,MAAA,CAAA,KAAA,CAAM,0BAA0B,YAAY,CAAA;AAEnD,UAAA,MAAM,IAA0B,GAAA;AAAA,YAC9B,KAAA,EAAOC,sBAAe,YAAc,EAAA;AAAA,cAClC,YAAA,EAAc,OAAQ,CAAA,GAAA,CAAI,QAAa,KAAA;AAAA,aACxC,CAAA;AAAA,YACD,SAAS,EAAE,MAAA,EAAQ,IAAI,MAAQ,EAAA,GAAA,EAAK,IAAI,WAAY,EAAA;AAAA,YACpD,QAAA,EAAU,EAAE,UAAA,EAAY,GAAI;AAAA,WAC9B;AACA,UAAA,GAAA,CAAI,MAAO,CAAA,GAAG,CAAE,CAAA,IAAA,CAAK,IAAI,CAAA;AAAA;AAC3B,OACD,CAAA;AACD,MAAA,IAAA,CAAK,wBAAyB,CAAA,GAAA,CAAI,eAAgB,CAAA,IAAA,EAAM,UAAU,CAAA;AAAA;AAEpE,IAAO,OAAA,UAAA;AAAA;AACT,EAEA,MAAc,qBAAqB,GAAuC,EAAA;AACxE,IAAA,MAAM,WAAc,GAAA,GAAA,CAAI,OAAQ,CAAA,yBAAA,CAA0B,aAAa,CAAA;AACvE,IAAA,MAAM,QAAW,GAAA,MAAM,IAAK,CAAA,eAAA,CAAgB,WAAY,CAAA;AAAA,MACtD,WAAa,EAAA,MAAM,IAAK,CAAA,QAAA,CAAS,YAAY,GAAG;AAAA,KACjD,CAAA;AAED,IAAA,IAAI,CAAC,QAAA,IAAY,QAAS,CAAA,MAAA,IAAU,CAAG,EAAA;AACrC,MAAM,MAAA,IAAIC,qBAAc,CAAwB,sBAAA,CAAA,CAAA;AAAA;AAGlD,IAAA,MAAM,oBACJ,GAAA,OAAO,WAAgB,KAAA,QAAA,IAAY,YAAY,MAAS,GAAA,CAAA;AAE1D,IAAI,IAAA,OAAA;AAEJ,IAAA,IAAI,oBAAsB,EAAA;AACxB,MAAA,OAAA,GAAU,QAAS,CAAA,IAAA,CAAK,CAAK,CAAA,KAAA,CAAA,CAAE,SAAS,WAAW,CAAA;AAAA,KACrD,MAAA,IAAW,QAAS,CAAA,MAAA,KAAW,CAAG,EAAA;AAChC,MAAU,OAAA,GAAA,QAAA,CAAS,GAAG,CAAC,CAAA;AAAA;AAGzB,IAAA,IAAI,CAAC,OAAS,EAAA;AACZ,MAAA,MAAM,IAAIA,oBAAA,CAAc,CAAY,SAAA,EAAA,WAAW,CAAa,WAAA,CAAA,CAAA;AAAA;AAG9D,IAAM,MAAA,YAAA,GACJ,OAAQ,CAAA,YAAA,CAAaC,0DAAmC,CAAA;AAE1D,IACE,IAAA,YAAA,KAAiB,oBACjBC,mBAAG,CAAA,cAAA,CAAeC,6CAAsB,CACxC,IAAA,CAAC,OAAQ,CAAA,YAAA,CAAa,mBACtB,EAAA;AACA,MAAM,MAAA,EAAA,GAAK,IAAIC,qBAAW,EAAA;AAC1B,MAAA,EAAA,CAAG,eAAgB,EAAA;AACnB,MAAM,MAAA,qBAAA,GAAwB,GAAG,iBAAkB,EAAA;AAEnD,MAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,qBAAA,CAAsB,MAAM,CAAA;AAChD,MAAA,OAAA,CAAQ,MAAM,qBAAsB,CAAA,MAAA;AACpC,MAAI,IAAA,GAAA,CAAI,aAAa,QAAU,EAAA;AAC7B,QAAA,OAAA,CAAQ,SAAS,qBAAsB,CAAA,MAAA;AAAA;AACzC;AAGF,IAAO,OAAA,OAAA;AAAA;AACT,EAEA,OAAe,mCACb,eACuB,EAAA;AACvB,IAAO,OAAA,MAAA,CAAO,IAAK,CAAA,eAAe,CAC/B,CAAA,MAAA,CAAO,YAAU,MAAO,CAAA,UAAA,CAAW,oCAAoC,CAAC,CACxE,CAAA,GAAA;AAAA,MAAI,CACH,MAAA,KAAA,eAAA,CAAgB,kBAAmB,CAAA,MAAA,EAAQ,eAAe;AAAA,KAE3D,CAAA,MAAA,CAAO,CAAe,WAAA,KAAA,MAAA,CAAO,KAAK,WAAW,CAAA,CAAE,MAAW,KAAA,CAAC,CAC3D,CAAA,MAAA,CAAO,eAAgB,CAAA,cAAA,EAAgB,EAAE,CAAA;AAAA;AAC9C,EAEA,OAAe,kBACb,CAAA,MAAA,EACA,eACuB,EAAA;AACvB,IAAA,MAAM,MAA6B,EAAC;AACpC,IAAM,MAAA,cAAA,GAAiB,MAAO,CAAA,KAAA,CAAM,GAAG,CAAA;AACvC,IAAI,IAAA,cAAA,CAAe,UAAU,CAAG,EAAA;AAC9B,MAAA,MAAM,SAAY,GAAA,cAAA,CAAe,CAAC,CAAA,CAAE,WAAY,EAAA;AAChD,MAAI,IAAA,cAAA,CAAe,UAAU,CAAG,EAAA;AAC9B,QAAM,MAAA,QAAA,GAAW,eAAe,KAAM,CAAA,CAAC,EAAE,IAAK,CAAA,GAAG,EAAE,WAAY,EAAA;AAC/D,QAAI,GAAA,CAAA,SAAS,IAAI,EAAE,CAAC,QAAQ,GAAG,eAAA,CAAgB,MAAM,CAAE,EAAA;AAAA,OAClD,MAAA;AACL,QAAI,GAAA,CAAA,SAAS,CAAI,GAAA,eAAA,CAAgB,MAAM,CAAA;AAAA;AACzC;AAEF,IAAO,OAAA,GAAA;AAAA;AACT,EAEA,OAAe,cACb,CAAA,OAAA,EACA,MACuB,EAAA;AACvB,IAAA,MAAM,SAAY,GAAA,MAAA,CAAO,IAAK,CAAA,MAAM,EAAE,CAAC,CAAA;AAEvC,IAAI,IAAA,OAAA,CAAQ,SAAS,CAAG,EAAA;AACtB,MAAA,OAAA,CAAQ,SAAS,CAAI,GAAA;AAAA,QACnB,GAAG,QAAQ,SAAS,CAAA;AAAA,QACpB,GAAG,OAAO,SAAS;AAAA,OACrB;AAAA,KACK,MAAA;AACL,MAAQ,OAAA,CAAA,SAAS,CAAI,GAAA,MAAA,CAAO,SAAS,CAAA;AAAA;AAGvC,IAAO,OAAA,OAAA;AAAA;AAEX;;;;;;"}
1
+ {"version":3,"file":"KubernetesProxy.cjs.js","sources":["../../src/service/KubernetesProxy.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n ErrorResponseBody,\n ForwardedError,\n NotAllowedError,\n NotFoundError,\n serializeError,\n} from '@backstage/errors';\nimport {\n ANNOTATION_KUBERNETES_AUTH_PROVIDER,\n SERVICEACCOUNT_CA_PATH,\n kubernetesProxyPermission,\n KubernetesRequestAuth,\n} from '@backstage/plugin-kubernetes-common';\nimport { AuthorizeResult } from '@backstage/plugin-permission-common';\nimport type { Cluster } from '@kubernetes/client-node';\nimport { createProxyMiddleware, RequestHandler } from 'http-proxy-middleware';\nimport fs from 'fs-extra';\n\nimport { AuthenticationStrategy } from '../auth';\nimport { ClusterDetails, KubernetesClustersSupplier } from '../types/types';\n\nimport type { Request } from 'express';\nimport { IncomingHttpHeaders } from 'http';\nimport {\n DiscoveryService,\n HttpAuthService,\n LoggerService,\n PermissionsService,\n} from '@backstage/backend-plugin-api';\nimport {\n createLegacyAuthAdapters,\n loggerToWinstonLogger,\n} from '@backstage/backend-common';\n\nexport const APPLICATION_JSON: string = 'application/json';\n\n/**\n * The header that is used to specify the cluster name.\n *\n * @public\n */\nexport const HEADER_KUBERNETES_CLUSTER: string = 'Backstage-Kubernetes-Cluster';\n\n/**\n * The header that is used to specify the Authentication Authorities token.\n * e.x if using the google auth provider as your authentication authority then this field would be the google provided bearer token.\n * @public\n */\nexport const HEADER_KUBERNETES_AUTH: string =\n 'Backstage-Kubernetes-Authorization';\n\n/**\n * The options object expected to be passed as a parameter to KubernetesProxy.createRequestHandler().\n *\n * @public\n */\nexport type KubernetesProxyCreateRequestHandlerOptions = {\n permissionApi: PermissionsService;\n};\n\n/**\n * Options accepted as a parameter by the KubernetesProxy\n *\n * @public\n */\nexport type KubernetesProxyOptions = {\n logger: LoggerService;\n clusterSupplier: KubernetesClustersSupplier;\n authStrategy: AuthenticationStrategy;\n discovery: DiscoveryService;\n httpAuth?: HttpAuthService;\n};\n\n/**\n * A proxy that routes requests to the Kubernetes API.\n *\n * @public\n */\nexport class KubernetesProxy {\n private readonly middlewareForClusterName = new Map<string, RequestHandler>();\n private readonly logger: LoggerService;\n private readonly clusterSupplier: KubernetesClustersSupplier;\n private readonly authStrategy: AuthenticationStrategy;\n private readonly httpAuth: HttpAuthService;\n\n constructor(options: KubernetesProxyOptions) {\n this.logger = options.logger;\n this.clusterSupplier = options.clusterSupplier;\n this.authStrategy = options.authStrategy;\n\n const legacy = createLegacyAuthAdapters({\n discovery: options.discovery,\n httpAuth: options.httpAuth,\n });\n\n this.httpAuth = legacy.httpAuth;\n }\n\n public createRequestHandler(\n options: KubernetesProxyCreateRequestHandlerOptions,\n ): RequestHandler {\n const { permissionApi } = options;\n return async (req, res, next) => {\n const authorizeResponse = await permissionApi.authorize(\n [{ permission: kubernetesProxyPermission }],\n {\n credentials: await this.httpAuth.credentials(req),\n },\n );\n const auth = authorizeResponse[0];\n\n if (auth.result === AuthorizeResult.DENY) {\n res.status(403).json({ error: new NotAllowedError('Unauthorized') });\n return;\n }\n\n const middleware = await this.getMiddleware(req);\n\n // If req is an upgrade handshake, use middleware upgrade instead of http request handler https://github.com/chimurai/http-proxy-middleware#external-websocket-upgrade\n if (\n req.header('connection')?.toLowerCase() === 'upgrade' &&\n req.header('upgrade')?.toLowerCase() === 'websocket'\n ) {\n // Missing the `head`, since it's optional we pass undefined to avoid type issues\n middleware.upgrade!(req, req.socket, undefined);\n } else {\n middleware(req, res, next);\n }\n };\n }\n\n // We create one middleware per remote cluster and hold on to them, because\n // the secure property isn't possible to decide on a per-request basis with a\n // single middleware instance - and we don't expect it to change over time.\n private async getMiddleware(originalReq: Request): Promise<RequestHandler> {\n const originalCluster = await this.getClusterForRequest(originalReq);\n let middleware = this.middlewareForClusterName.get(originalCluster.name);\n if (!middleware) {\n const logger = this.logger.child({ cluster: originalCluster.name });\n middleware = createProxyMiddleware({\n // TODO: Add 'log' to LoggerService\n logProvider: () => loggerToWinstonLogger(logger),\n ws: true,\n secure: !originalCluster.skipTLSVerify,\n changeOrigin: true,\n pathRewrite: async (path, req) => {\n // Re-evaluate the cluster on each request, in case it has changed\n const cluster = await this.getClusterForRequest(req);\n const url = new URL(cluster.url);\n return path.replace(\n new RegExp(`^${originalReq.baseUrl}`),\n url.pathname || '',\n );\n },\n router: async req => {\n // Re-evaluate the cluster on each request, in case it has changed\n const cluster = await this.getClusterForRequest(req);\n const url = new URL(cluster.url);\n\n const { bufferFromFileOrString } = await import(\n '@kubernetes/client-node'\n );\n\n const target: any = {\n protocol: url.protocol,\n host: url.hostname,\n port: url.port,\n ca: bufferFromFileOrString(\n cluster.caFile,\n cluster.caData,\n )?.toString(),\n };\n\n const authHeader =\n req.headers[HEADER_KUBERNETES_AUTH.toLocaleLowerCase('en-US')];\n if (typeof authHeader === 'string') {\n req.headers.authorization = authHeader;\n } else {\n // Map Backstage-Kubernetes-Authorization-X-X headers to a KubernetesRequestAuth object\n const authObj = KubernetesProxy.authHeadersToKubernetesRequestAuth(\n req.headers,\n );\n\n const credential = await this.getClusterForRequest(req).then(cd => {\n return this.authStrategy.getCredential(cd, authObj);\n });\n\n if (credential.type === 'bearer token') {\n req.headers.authorization = `Bearer ${credential.token}`;\n } else if (credential.type === 'x509 client certificate') {\n target.key = credential.key;\n target.cert = credential.cert;\n }\n }\n\n return target;\n },\n onError: (error, req, res) => {\n const wrappedError = new ForwardedError(\n `Cluster '${originalCluster.name}' request error`,\n error,\n );\n\n logger.error('Kubernetes proxy error', wrappedError);\n\n const body: ErrorResponseBody = {\n error: serializeError(wrappedError, {\n includeStack: process.env.NODE_ENV === 'development',\n }),\n request: { method: req.method, url: req.originalUrl },\n response: { statusCode: 500 },\n };\n res.status(500).json(body);\n },\n });\n this.middlewareForClusterName.set(originalCluster.name, middleware);\n }\n return middleware;\n }\n\n private async getClusterForRequest(req: Request): Promise<ClusterDetails> {\n const { KubeConfig } = await import('@kubernetes/client-node');\n\n const clusterName = req.headers[HEADER_KUBERNETES_CLUSTER.toLowerCase()];\n const clusters = await this.clusterSupplier.getClusters({\n credentials: await this.httpAuth.credentials(req),\n });\n\n if (!clusters || clusters.length <= 0) {\n throw new NotFoundError(`No Clusters configured`);\n }\n\n const hasClusterNameHeader =\n typeof clusterName === 'string' && clusterName.length > 0;\n\n let cluster: ClusterDetails | undefined;\n\n if (hasClusterNameHeader) {\n cluster = clusters.find(c => c.name === clusterName);\n } else if (clusters.length === 1) {\n cluster = clusters.at(0);\n }\n\n if (!cluster) {\n throw new NotFoundError(`Cluster '${clusterName}' not found`);\n }\n\n const authProvider =\n cluster.authMetadata[ANNOTATION_KUBERNETES_AUTH_PROVIDER];\n\n if (\n authProvider === 'serviceAccount' &&\n fs.pathExistsSync(SERVICEACCOUNT_CA_PATH) &&\n !cluster.authMetadata.serviceAccountToken\n ) {\n const kc = new KubeConfig();\n kc.loadFromCluster();\n const clusterFromKubeConfig = kc.getCurrentCluster() as Cluster;\n\n const url = new URL(clusterFromKubeConfig.server);\n cluster.url = clusterFromKubeConfig.server;\n if (url.protocol === 'https:') {\n cluster.caFile = clusterFromKubeConfig.caFile;\n }\n }\n\n return cluster;\n }\n\n private static authHeadersToKubernetesRequestAuth(\n originalHeaders: IncomingHttpHeaders,\n ): KubernetesRequestAuth {\n return Object.keys(originalHeaders)\n .filter(header => header.startsWith('backstage-kubernetes-authorization'))\n .map(header =>\n KubernetesProxy.headerToDictionary(header, originalHeaders),\n )\n .filter(headerAsDic => Object.keys(headerAsDic).length !== 0)\n .reduce(KubernetesProxy.combineHeaders, {});\n }\n\n private static headerToDictionary(\n header: string,\n originalHeaders: IncomingHttpHeaders,\n ): KubernetesRequestAuth {\n const obj: KubernetesRequestAuth = {};\n const headerSplitted = header.split('-');\n if (headerSplitted.length >= 4) {\n const framework = headerSplitted[3].toLowerCase();\n if (headerSplitted.length >= 5) {\n const provider = headerSplitted.slice(4).join('-').toLowerCase();\n obj[framework] = { [provider]: originalHeaders[header] };\n } else {\n obj[framework] = originalHeaders[header];\n }\n }\n return obj;\n }\n\n private static combineHeaders(\n authObj: any,\n header: any,\n ): KubernetesRequestAuth {\n const framework = Object.keys(header)[0];\n\n if (authObj[framework]) {\n authObj[framework] = {\n ...authObj[framework],\n ...header[framework],\n };\n } else {\n authObj[framework] = header[framework];\n }\n\n return authObj;\n }\n}\n"],"names":["createLegacyAuthAdapters","kubernetesProxyPermission","AuthorizeResult","NotAllowedError","createProxyMiddleware","loggerToWinstonLogger","ForwardedError","serializeError","NotFoundError","ANNOTATION_KUBERNETES_AUTH_PROVIDER","fs","SERVICEACCOUNT_CA_PATH"],"mappings":";;;;;;;;;;;;;AAwDO,MAAM,yBAAoC,GAAA;AAO1C,MAAM,sBACX,GAAA;AA6BK,MAAM,eAAgB,CAAA;AAAA,EACV,wBAAA,uBAA+B,GAA4B,EAAA;AAAA,EAC3D,MAAA;AAAA,EACA,eAAA;AAAA,EACA,YAAA;AAAA,EACA,QAAA;AAAA,EAEjB,YAAY,OAAiC,EAAA;AAC3C,IAAA,IAAA,CAAK,SAAS,OAAQ,CAAA,MAAA;AACtB,IAAA,IAAA,CAAK,kBAAkB,OAAQ,CAAA,eAAA;AAC/B,IAAA,IAAA,CAAK,eAAe,OAAQ,CAAA,YAAA;AAE5B,IAAA,MAAM,SAASA,sCAAyB,CAAA;AAAA,MACtC,WAAW,OAAQ,CAAA,SAAA;AAAA,MACnB,UAAU,OAAQ,CAAA;AAAA,KACnB,CAAA;AAED,IAAA,IAAA,CAAK,WAAW,MAAO,CAAA,QAAA;AAAA;AACzB,EAEO,qBACL,OACgB,EAAA;AAChB,IAAM,MAAA,EAAE,eAAkB,GAAA,OAAA;AAC1B,IAAO,OAAA,OAAO,GAAK,EAAA,GAAA,EAAK,IAAS,KAAA;AAC/B,MAAM,MAAA,iBAAA,GAAoB,MAAM,aAAc,CAAA,SAAA;AAAA,QAC5C,CAAC,EAAE,UAAY,EAAAC,gDAAA,EAA2B,CAAA;AAAA,QAC1C;AAAA,UACE,WAAa,EAAA,MAAM,IAAK,CAAA,QAAA,CAAS,YAAY,GAAG;AAAA;AAClD,OACF;AACA,MAAM,MAAA,IAAA,GAAO,kBAAkB,CAAC,CAAA;AAEhC,MAAI,IAAA,IAAA,CAAK,MAAW,KAAAC,sCAAA,CAAgB,IAAM,EAAA;AACxC,QAAI,GAAA,CAAA,MAAA,CAAO,GAAG,CAAA,CAAE,IAAK,CAAA,EAAE,OAAO,IAAIC,sBAAA,CAAgB,cAAc,CAAA,EAAG,CAAA;AACnE,QAAA;AAAA;AAGF,MAAA,MAAM,UAAa,GAAA,MAAM,IAAK,CAAA,aAAA,CAAc,GAAG,CAAA;AAG/C,MAAA,IACE,GAAI,CAAA,MAAA,CAAO,YAAY,CAAA,EAAG,WAAY,EAAA,KAAM,SAC5C,IAAA,GAAA,CAAI,MAAO,CAAA,SAAS,CAAG,EAAA,WAAA,OAAkB,WACzC,EAAA;AAEA,QAAA,UAAA,CAAW,OAAS,CAAA,GAAA,EAAK,GAAI,CAAA,MAAA,EAAQ,KAAS,CAAA,CAAA;AAAA,OACzC,MAAA;AACL,QAAW,UAAA,CAAA,GAAA,EAAK,KAAK,IAAI,CAAA;AAAA;AAC3B,KACF;AAAA;AACF;AAAA;AAAA;AAAA,EAKA,MAAc,cAAc,WAA+C,EAAA;AACzE,IAAA,MAAM,eAAkB,GAAA,MAAM,IAAK,CAAA,oBAAA,CAAqB,WAAW,CAAA;AACnE,IAAA,IAAI,UAAa,GAAA,IAAA,CAAK,wBAAyB,CAAA,GAAA,CAAI,gBAAgB,IAAI,CAAA;AACvE,IAAA,IAAI,CAAC,UAAY,EAAA;AACf,MAAM,MAAA,MAAA,GAAS,KAAK,MAAO,CAAA,KAAA,CAAM,EAAE,OAAS,EAAA,eAAA,CAAgB,MAAM,CAAA;AAClE,MAAA,UAAA,GAAaC,yCAAsB,CAAA;AAAA;AAAA,QAEjC,WAAA,EAAa,MAAMC,mCAAA,CAAsB,MAAM,CAAA;AAAA,QAC/C,EAAI,EAAA,IAAA;AAAA,QACJ,MAAA,EAAQ,CAAC,eAAgB,CAAA,aAAA;AAAA,QACzB,YAAc,EAAA,IAAA;AAAA,QACd,WAAA,EAAa,OAAO,IAAA,EAAM,GAAQ,KAAA;AAEhC,UAAA,MAAM,OAAU,GAAA,MAAM,IAAK,CAAA,oBAAA,CAAqB,GAAG,CAAA;AACnD,UAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,OAAA,CAAQ,GAAG,CAAA;AAC/B,UAAA,OAAO,IAAK,CAAA,OAAA;AAAA,YACV,IAAI,MAAA,CAAO,CAAI,CAAA,EAAA,WAAA,CAAY,OAAO,CAAE,CAAA,CAAA;AAAA,YACpC,IAAI,QAAY,IAAA;AAAA,WAClB;AAAA,SACF;AAAA,QACA,MAAA,EAAQ,OAAM,GAAO,KAAA;AAEnB,UAAA,MAAM,OAAU,GAAA,MAAM,IAAK,CAAA,oBAAA,CAAqB,GAAG,CAAA;AACnD,UAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,OAAA,CAAQ,GAAG,CAAA;AAE/B,UAAA,MAAM,EAAE,sBAAA,EAA2B,GAAA,MAAM,OACvC,yBACF,CAAA;AAEA,UAAA,MAAM,MAAc,GAAA;AAAA,YAClB,UAAU,GAAI,CAAA,QAAA;AAAA,YACd,MAAM,GAAI,CAAA,QAAA;AAAA,YACV,MAAM,GAAI,CAAA,IAAA;AAAA,YACV,EAAI,EAAA,sBAAA;AAAA,cACF,OAAQ,CAAA,MAAA;AAAA,cACR,OAAQ,CAAA;AAAA,eACP,QAAS;AAAA,WACd;AAEA,UAAA,MAAM,aACJ,GAAI,CAAA,OAAA,CAAQ,sBAAuB,CAAA,iBAAA,CAAkB,OAAO,CAAC,CAAA;AAC/D,UAAI,IAAA,OAAO,eAAe,QAAU,EAAA;AAClC,YAAA,GAAA,CAAI,QAAQ,aAAgB,GAAA,UAAA;AAAA,WACvB,MAAA;AAEL,YAAA,MAAM,UAAU,eAAgB,CAAA,kCAAA;AAAA,cAC9B,GAAI,CAAA;AAAA,aACN;AAEA,YAAA,MAAM,aAAa,MAAM,IAAA,CAAK,qBAAqB,GAAG,CAAA,CAAE,KAAK,CAAM,EAAA,KAAA;AACjE,cAAA,OAAO,IAAK,CAAA,YAAA,CAAa,aAAc,CAAA,EAAA,EAAI,OAAO,CAAA;AAAA,aACnD,CAAA;AAED,YAAI,IAAA,UAAA,CAAW,SAAS,cAAgB,EAAA;AACtC,cAAA,GAAA,CAAI,OAAQ,CAAA,aAAA,GAAgB,CAAU,OAAA,EAAA,UAAA,CAAW,KAAK,CAAA,CAAA;AAAA,aACxD,MAAA,IAAW,UAAW,CAAA,IAAA,KAAS,yBAA2B,EAAA;AACxD,cAAA,MAAA,CAAO,MAAM,UAAW,CAAA,GAAA;AACxB,cAAA,MAAA,CAAO,OAAO,UAAW,CAAA,IAAA;AAAA;AAC3B;AAGF,UAAO,OAAA,MAAA;AAAA,SACT;AAAA,QACA,OAAS,EAAA,CAAC,KAAO,EAAA,GAAA,EAAK,GAAQ,KAAA;AAC5B,UAAA,MAAM,eAAe,IAAIC,qBAAA;AAAA,YACvB,CAAA,SAAA,EAAY,gBAAgB,IAAI,CAAA,eAAA,CAAA;AAAA,YAChC;AAAA,WACF;AAEA,UAAO,MAAA,CAAA,KAAA,CAAM,0BAA0B,YAAY,CAAA;AAEnD,UAAA,MAAM,IAA0B,GAAA;AAAA,YAC9B,KAAA,EAAOC,sBAAe,YAAc,EAAA;AAAA,cAClC,YAAA,EAAc,OAAQ,CAAA,GAAA,CAAI,QAAa,KAAA;AAAA,aACxC,CAAA;AAAA,YACD,SAAS,EAAE,MAAA,EAAQ,IAAI,MAAQ,EAAA,GAAA,EAAK,IAAI,WAAY,EAAA;AAAA,YACpD,QAAA,EAAU,EAAE,UAAA,EAAY,GAAI;AAAA,WAC9B;AACA,UAAA,GAAA,CAAI,MAAO,CAAA,GAAG,CAAE,CAAA,IAAA,CAAK,IAAI,CAAA;AAAA;AAC3B,OACD,CAAA;AACD,MAAA,IAAA,CAAK,wBAAyB,CAAA,GAAA,CAAI,eAAgB,CAAA,IAAA,EAAM,UAAU,CAAA;AAAA;AAEpE,IAAO,OAAA,UAAA;AAAA;AACT,EAEA,MAAc,qBAAqB,GAAuC,EAAA;AACxE,IAAA,MAAM,EAAE,UAAA,EAAe,GAAA,MAAM,OAAO,yBAAyB,CAAA;AAE7D,IAAA,MAAM,WAAc,GAAA,GAAA,CAAI,OAAQ,CAAA,yBAAA,CAA0B,aAAa,CAAA;AACvE,IAAA,MAAM,QAAW,GAAA,MAAM,IAAK,CAAA,eAAA,CAAgB,WAAY,CAAA;AAAA,MACtD,WAAa,EAAA,MAAM,IAAK,CAAA,QAAA,CAAS,YAAY,GAAG;AAAA,KACjD,CAAA;AAED,IAAA,IAAI,CAAC,QAAA,IAAY,QAAS,CAAA,MAAA,IAAU,CAAG,EAAA;AACrC,MAAM,MAAA,IAAIC,qBAAc,CAAwB,sBAAA,CAAA,CAAA;AAAA;AAGlD,IAAA,MAAM,oBACJ,GAAA,OAAO,WAAgB,KAAA,QAAA,IAAY,YAAY,MAAS,GAAA,CAAA;AAE1D,IAAI,IAAA,OAAA;AAEJ,IAAA,IAAI,oBAAsB,EAAA;AACxB,MAAA,OAAA,GAAU,QAAS,CAAA,IAAA,CAAK,CAAK,CAAA,KAAA,CAAA,CAAE,SAAS,WAAW,CAAA;AAAA,KACrD,MAAA,IAAW,QAAS,CAAA,MAAA,KAAW,CAAG,EAAA;AAChC,MAAU,OAAA,GAAA,QAAA,CAAS,GAAG,CAAC,CAAA;AAAA;AAGzB,IAAA,IAAI,CAAC,OAAS,EAAA;AACZ,MAAA,MAAM,IAAIA,oBAAA,CAAc,CAAY,SAAA,EAAA,WAAW,CAAa,WAAA,CAAA,CAAA;AAAA;AAG9D,IAAM,MAAA,YAAA,GACJ,OAAQ,CAAA,YAAA,CAAaC,0DAAmC,CAAA;AAE1D,IACE,IAAA,YAAA,KAAiB,oBACjBC,mBAAG,CAAA,cAAA,CAAeC,6CAAsB,CACxC,IAAA,CAAC,OAAQ,CAAA,YAAA,CAAa,mBACtB,EAAA;AACA,MAAM,MAAA,EAAA,GAAK,IAAI,UAAW,EAAA;AAC1B,MAAA,EAAA,CAAG,eAAgB,EAAA;AACnB,MAAM,MAAA,qBAAA,GAAwB,GAAG,iBAAkB,EAAA;AAEnD,MAAA,MAAM,GAAM,GAAA,IAAI,GAAI,CAAA,qBAAA,CAAsB,MAAM,CAAA;AAChD,MAAA,OAAA,CAAQ,MAAM,qBAAsB,CAAA,MAAA;AACpC,MAAI,IAAA,GAAA,CAAI,aAAa,QAAU,EAAA;AAC7B,QAAA,OAAA,CAAQ,SAAS,qBAAsB,CAAA,MAAA;AAAA;AACzC;AAGF,IAAO,OAAA,OAAA;AAAA;AACT,EAEA,OAAe,mCACb,eACuB,EAAA;AACvB,IAAO,OAAA,MAAA,CAAO,IAAK,CAAA,eAAe,CAC/B,CAAA,MAAA,CAAO,YAAU,MAAO,CAAA,UAAA,CAAW,oCAAoC,CAAC,CACxE,CAAA,GAAA;AAAA,MAAI,CACH,MAAA,KAAA,eAAA,CAAgB,kBAAmB,CAAA,MAAA,EAAQ,eAAe;AAAA,KAE3D,CAAA,MAAA,CAAO,CAAe,WAAA,KAAA,MAAA,CAAO,KAAK,WAAW,CAAA,CAAE,MAAW,KAAA,CAAC,CAC3D,CAAA,MAAA,CAAO,eAAgB,CAAA,cAAA,EAAgB,EAAE,CAAA;AAAA;AAC9C,EAEA,OAAe,kBACb,CAAA,MAAA,EACA,eACuB,EAAA;AACvB,IAAA,MAAM,MAA6B,EAAC;AACpC,IAAM,MAAA,cAAA,GAAiB,MAAO,CAAA,KAAA,CAAM,GAAG,CAAA;AACvC,IAAI,IAAA,cAAA,CAAe,UAAU,CAAG,EAAA;AAC9B,MAAA,MAAM,SAAY,GAAA,cAAA,CAAe,CAAC,CAAA,CAAE,WAAY,EAAA;AAChD,MAAI,IAAA,cAAA,CAAe,UAAU,CAAG,EAAA;AAC9B,QAAM,MAAA,QAAA,GAAW,eAAe,KAAM,CAAA,CAAC,EAAE,IAAK,CAAA,GAAG,EAAE,WAAY,EAAA;AAC/D,QAAI,GAAA,CAAA,SAAS,IAAI,EAAE,CAAC,QAAQ,GAAG,eAAA,CAAgB,MAAM,CAAE,EAAA;AAAA,OAClD,MAAA;AACL,QAAI,GAAA,CAAA,SAAS,CAAI,GAAA,eAAA,CAAgB,MAAM,CAAA;AAAA;AACzC;AAEF,IAAO,OAAA,GAAA;AAAA;AACT,EAEA,OAAe,cACb,CAAA,OAAA,EACA,MACuB,EAAA;AACvB,IAAA,MAAM,SAAY,GAAA,MAAA,CAAO,IAAK,CAAA,MAAM,EAAE,CAAC,CAAA;AAEvC,IAAI,IAAA,OAAA,CAAQ,SAAS,CAAG,EAAA;AACtB,MAAA,OAAA,CAAQ,SAAS,CAAI,GAAA;AAAA,QACnB,GAAG,QAAQ,SAAS,CAAA;AAAA,QACpB,GAAG,OAAO,SAAS;AAAA,OACrB;AAAA,KACK,MAAA;AACL,MAAQ,OAAA,CAAA,SAAS,CAAI,GAAA,MAAA,CAAO,SAAS,CAAA;AAAA;AAGvC,IAAO,OAAA,OAAA;AAAA;AAEX;;;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@backstage/plugin-kubernetes-backend",
3
- "version": "0.19.6-next.0",
3
+ "version": "0.19.6-next.2",
4
4
  "description": "A Backstage backend plugin that integrates towards Kubernetes",
5
5
  "backstage": {
6
6
  "role": "backend-plugin",
@@ -77,22 +77,22 @@
77
77
  "@aws-sdk/signature-v4": "^3.347.0",
78
78
  "@azure/identity": "^4.0.0",
79
79
  "@backstage/backend-common": "^0.25.0",
80
- "@backstage/backend-plugin-api": "1.3.1-next.0",
80
+ "@backstage/backend-plugin-api": "1.3.1-next.1",
81
81
  "@backstage/catalog-client": "1.10.0-next.0",
82
82
  "@backstage/catalog-model": "1.7.3",
83
83
  "@backstage/config": "1.3.2",
84
84
  "@backstage/errors": "1.2.7",
85
- "@backstage/integration-aws-node": "0.1.15",
86
- "@backstage/plugin-auth-node": "0.6.3-next.0",
87
- "@backstage/plugin-catalog-node": "1.17.0-next.0",
88
- "@backstage/plugin-kubernetes-common": "0.9.4",
89
- "@backstage/plugin-kubernetes-node": "0.2.6-next.0",
90
- "@backstage/plugin-permission-common": "0.8.4",
91
- "@backstage/plugin-permission-node": "0.9.2-next.0",
85
+ "@backstage/integration-aws-node": "0.1.16-next.0",
86
+ "@backstage/plugin-auth-node": "0.6.3-next.1",
87
+ "@backstage/plugin-catalog-node": "1.17.0-next.1",
88
+ "@backstage/plugin-kubernetes-common": "0.9.5-next.0",
89
+ "@backstage/plugin-kubernetes-node": "0.3.0-next.1",
90
+ "@backstage/plugin-permission-common": "0.9.0-next.0",
91
+ "@backstage/plugin-permission-node": "0.10.0-next.1",
92
92
  "@backstage/types": "1.2.1",
93
93
  "@google-cloud/container": "^5.0.0",
94
94
  "@jest-mock/express": "^2.0.1",
95
- "@kubernetes/client-node": "1.0.0-rc7",
95
+ "@kubernetes/client-node": "1.1.2",
96
96
  "@types/express": "^4.17.6",
97
97
  "@types/http-proxy-middleware": "^1.0.0",
98
98
  "@types/luxon": "^3.0.0",
@@ -112,12 +112,12 @@
112
112
  "yn": "^4.0.0"
113
113
  },
114
114
  "devDependencies": {
115
- "@backstage/backend-app-api": "1.2.3-next.0",
116
- "@backstage/backend-defaults": "0.9.1-next.0",
117
- "@backstage/backend-test-utils": "1.5.0-next.0",
118
- "@backstage/cli": "0.32.1-next.0",
119
- "@backstage/plugin-permission-backend": "0.7.0-next.0",
120
- "@backstage/plugin-permission-backend-module-allow-all-policy": "0.2.8-next.0",
115
+ "@backstage/backend-app-api": "1.2.3-next.1",
116
+ "@backstage/backend-defaults": "0.10.0-next.2",
117
+ "@backstage/backend-test-utils": "1.5.0-next.2",
118
+ "@backstage/cli": "0.32.1-next.2",
119
+ "@backstage/plugin-permission-backend": "0.7.0-next.1",
120
+ "@backstage/plugin-permission-backend-module-allow-all-policy": "0.2.8-next.1",
121
121
  "@types/aws4": "^1.5.1",
122
122
  "msw": "^1.0.0",
123
123
  "supertest": "^7.0.0",