npm - @crossdelta/infrastructure - Versions diffs - 0.5.4 → 0.6.0 - Mend

@crossdelta/infrastructure 0.5.4 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/helpers/index.d.ts +2 -0
package/dist/helpers/stream-job.d.ts +68 -0
package/dist/helpers/stream-setup.d.ts +41 -0
package/dist/index.cjs +188 -21
package/dist/index.js +188 -21
package/package.json +2 -2

package/dist/helpers/index.d.ts CHANGED Viewed

@@ -2,4 +2,6 @@ export * from './deploy-streams';
 export * from './discover-services';
 export * from './docker-hub-image';
 export * from './otel';
+export * from './stream-job';
+export * from './stream-setup';
 export * from './streams';

package/dist/helpers/stream-job.d.ts ADDED Viewed

@@ -0,0 +1,68 @@
+/**
+ * NATS JetStream Stream Materialization via K8s Job
+ *
+ * Creates streams inside the cluster using a K8s Job with nats-box.
+ * This solves the problem that Pulumi runs outside the cluster
+ * and cannot reach cluster-internal NATS URLs.
+ *
+ * Architecture:
+ * - Pure functions (stream-setup.ts) generate shell scripts
+ * - This file creates Pulumi K8s resources (ConfigMap + Job)
+ * - nats-box image provides the `nats` CLI (no custom image needed)
+ *
+ * @module @crossdelta/infrastructure/lib/helpers/stream-job
+ */
+import type { Provider } from '@pulumi/kubernetes';
+import * as k8s from '@pulumi/kubernetes';
+import type { Output } from '@pulumi/pulumi';
+import type { StreamPolicy } from './deploy-streams';
+import { type ResolvedStream } from './stream-setup';
+export type { ResolvedStream };
+export { computeConfigHash, generateSetupScript, msToNatsDuration, resolveStreams } from './stream-setup';
+export interface MaterializeStreamsConfig {
+    /** NATS connection URL (cluster-internal) */
+    natsUrl: Output<string>;
+    /** NATS auth credentials (optional) */
+    credentials?: {
+        user?: Output<string>;
+        password?: Output<string>;
+    };
+    /** Contracts module (e.g., `import * as contracts from '@my-org/contracts'`) */
+    contracts: Record<string, unknown>;
+    /** Stream-specific policy overrides */
+    policies?: Record<string, Partial<StreamPolicy>>;
+    /** Default policy for all streams */
+    defaults?: Partial<StreamPolicy>;
+    /** nats-box image override (default: natsio/nats-box:0.14.5) */
+    image?: string;
+    /** Job TTL after completion in seconds (default: 300) */
+    ttlAfterFinished?: number;
+    /** Max retry attempts (default: 3) */
+    backoffLimit?: number;
+}
+/**
+ * Materialize NATS JetStream streams via a K8s Job.
+ *
+ * Creates a ConfigMap with a setup script and a Job that runs it
+ * inside the cluster where NATS is reachable. Uses nats-box image
+ * (no custom image build needed).
+ *
+ * Validation runs at Pulumi plan time (outside cluster).
+ * Materialization runs at deploy time (inside cluster via K8s Job).
+ *
+ * @example
+ * ```typescript
+ * import { materializeStreams } from '@crossdelta/infrastructure'
+ * import * as contracts from '@my-org/contracts'
+ * import { STREAM_POLICIES, DEFAULT_POLICY } from '@my-org/contracts'
+ *
+ * materializeStreams(provider, 'my-namespace', {
+ *   natsUrl: runtime.natsUrl,
+ *   credentials: { user: natsUser, password: natsPassword },
+ *   contracts,
+ *   policies: STREAM_POLICIES,
+ *   defaults: DEFAULT_POLICY,
+ * })
+ * ```
+ */
+export declare const materializeStreams: (provider: Provider, namespace: string, config: MaterializeStreamsConfig) => k8s.batch.v1.Job;

package/dist/helpers/stream-setup.d.ts ADDED Viewed

@@ -0,0 +1,41 @@
+/**
+ * Stream Setup Script Generator
+ *
+ * Pure functions for generating NATS JetStream setup scripts.
+ * No Pulumi or K8s dependencies — fully testable with Bun.
+ *
+ * Used by:
+ * - `stream-job.ts` (K8s Job materialization)
+ * - Tests (direct import)
+ *
+ * @module @crossdelta/infrastructure/lib/helpers/stream-setup
+ */
+import type { StreamPolicy } from './deploy-streams';
+import type { StreamDefinition } from './streams';
+export interface ResolvedStream {
+    stream: string;
+    subjects: string[];
+    retention: string;
+    storage: string;
+    maxAge: string;
+    replicas: number;
+    maxMsgSize: number;
+}
+/**
+ * Convert milliseconds to NATS CLI duration format (e.g., "168h0m0s")
+ */
+export declare const msToNatsDuration: (ms: number) => string;
+/**
+ * Apply policies and produce resolved stream configs (pure)
+ */
+export declare const resolveStreams: (definitions: StreamDefinition[], policies?: Record<string, Partial<StreamPolicy>>, defaults?: Partial<StreamPolicy>) => ResolvedStream[];
+/**
+ * Generate a shell script that creates/updates NATS JetStream streams.
+ * Uses `nats` CLI from nats-box. Idempotent: creates if missing, updates if exists.
+ */
+export declare const generateSetupScript: (streams: ResolvedStream[]) => string;
+/**
+ * Compute a short hash from stream config for change detection.
+ * When config changes, the Job name changes → Pulumi recreates it.
+ */
+export declare const computeConfigHash: (streams: ResolvedStream[]) => string;

package/dist/index.cjs CHANGED Viewed

@@ -44,8 +44,11 @@ var exports_lib = {};
 __export(exports_lib, {
   validateStreamDefinitionsPure: () => validateStreamDefinitionsPure,
   validateStreamDefinitions: () => validateStreamDefinitions,
+  resolveStreams: () => resolveStreams,
   registerRuntime: () => registerRuntime,
   ports: () => ports,
+  msToNatsDuration: () => msToNatsDuration,
+  materializeStreams: () => materializeStreams,
   hasPublicPort: () => hasPublicPort,
   getStreamNames: () => getStreamNames,
   getStreamDefinition: () => getStreamDefinition,
@@ -53,6 +56,7 @@ __export(exports_lib, {
   getPublicPorts: () => getPublicPorts,
   getPrimaryPort: () => getPrimaryPort,
   getAllPorts: () => getAllPorts,
+  generateSetupScript: () => generateSetupScript,
   generateLocalSetupScript: () => generateLocalSetupScript,
   generateKubectlApplyCommand: () => generateKubectlApplyCommand,
   generateK3dDeleteCommand: () => generateK3dDeleteCommand,
@@ -81,6 +85,7 @@ __export(exports_lib, {
   createImagePullSecret: () => createImagePullSecret,
   createDOKSCluster: () => createDOKSCluster,
   convertToComposeService: () => convertToComposeService,
+  computeConfigHash: () => computeConfigHash,
   collectStreamDefinitions: () => collectStreamDefinitions,
   buildOtelEnv: () => buildOtelEnv,
   buildNatsUrl: () => buildNatsUrl,
@@ -660,20 +665,16 @@ var collectStreamDefinitions = (contractsModule) => {
 };
 var getStreamDefinition = (contractsModule, streamName) => collectStreamDefinitions(contractsModule).find((s) => s.stream === streamName);
 var getStreamNames = (contractsModule) => collectStreamDefinitions(contractsModule).map((s) => s.stream);
-var buildSubjectMap = (streams) => streams.reduce((acc, { stream, subjects }) => {
-  for (const subject of subjects) {
-    acc.set(subject, stream);
-  }
-  return acc;
-}, new Map);
 var findDuplicateSubjects = (streams) => {
-  const subjectMap = buildSubjectMap(streams);
+  const seen = new Map;
   const duplicates = new Set;
-  for (const { subjects } of streams) {
+  for (const { stream, subjects } of streams) {
     for (const subject of subjects) {
-      const existingStream = subjectMap.get(subject);
-      if (existingStream) {
+      const existingStream = seen.get(subject);
+      if (existingStream !== undefined && existingStream !== stream) {
         duplicates.add(subject);
+      } else {
+        seen.set(subject, stream);
       }
     }
   }
@@ -937,9 +938,175 @@ var buildOtelEnv = (serviceName, config) => {
   }
   return env;
 };
+// lib/helpers/stream-job.ts
+var k8s4 = __toESM(require("@pulumi/kubernetes"));
+// lib/helpers/stream-setup.ts
+var DEFAULT_POLICY = {
+  maxAge: 7 * 24 * 60 * 60 * 1000,
+  storage: "file",
+  replicas: 1,
+  maxMsgSize: 1024 * 1024
+};
+var msToNatsDuration = (ms) => {
+  const totalSeconds = Math.floor(ms / 1000);
+  const hours = Math.floor(totalSeconds / 3600);
+  const minutes = Math.floor(totalSeconds % 3600 / 60);
+  const seconds = totalSeconds % 60;
+  return `${hours}h${minutes}m${seconds}s`;
+};
+var resolveStreams = (definitions, policies = {}, defaults = DEFAULT_POLICY) => definitions.map(({ stream, subjects }) => {
+  const merged = { ...DEFAULT_POLICY, ...defaults, ...policies[stream] };
+  return {
+    stream,
+    subjects,
+    retention: "limits",
+    storage: merged.storage ?? "file",
+    maxAge: msToNatsDuration(merged.maxAge ?? 7 * 24 * 60 * 60 * 1000),
+    replicas: merged.replicas ?? 1,
+    maxMsgSize: merged.maxMsgSize ?? 1024 * 1024
+  };
+});
+var generateSetupScript = (streams) => {
+  const streamCommands = streams.map((s) => {
+    const subjects = s.subjects.join(",");
+    const args = [
+      `--retention ${s.retention}`,
+      `--storage ${s.storage}`,
+      `--max-age ${s.maxAge}`,
+      `--replicas ${s.replicas}`,
+      `--max-msg-size ${s.maxMsgSize}`
+    ].join(" ");
+    return [
+      `echo "Processing stream: ${s.stream} (${subjects})"`,
+      `if nats $NATS_OPTS stream info "${s.stream}" > /dev/null 2>&1; then`,
+      `  echo "  Updating existing stream..."`,
+      `  nats $NATS_OPTS stream edit "${s.stream}" --subjects "${subjects}" ${args} --force`,
+      `else`,
+      `  echo "  Creating new stream..."`,
+      `  nats $NATS_OPTS stream add "${s.stream}" --subjects "${subjects}" ${args} --defaults`,
+      `fi`,
+      `echo "  ✅ ${s.stream} ready"`,
+      ``
+    ].join(`
+`);
+  });
+  return [
+    `#!/bin/sh`,
+    `set -e`,
+    ``,
+    `NATS_OPTS="--server $NATS_URL"`,
+    `if [ -n "$NATS_USER" ] && [ -n "$NATS_PASSWORD" ]; then`,
+    `  NATS_OPTS="$NATS_OPTS --user $NATS_USER --password $NATS_PASSWORD"`,
+    `fi`,
+    ``,
+    `echo "\uD83D\uDE80 Materializing ${streams.length} stream(s)..."`,
+    `echo ""`,
+    ``,
+    ...streamCommands,
+    `echo ""`,
+    `echo "✅ All streams materialized successfully"`
+  ].join(`
+`);
+};
+var computeConfigHash = (streams) => {
+  const data = JSON.stringify(streams);
+  let hash = 0;
+  for (let i = 0;i < data.length; i++) {
+    const char = data.charCodeAt(i);
+    hash = (hash << 5) - hash + char | 0;
+  }
+  return Math.abs(hash).toString(36).slice(0, 8);
+};
+// lib/helpers/stream-job.ts
+var DEFAULT_POLICY2 = {
+  maxAge: 7 * 24 * 60 * 60 * 1000,
+  storage: "file",
+  replicas: 1,
+  maxMsgSize: 1024 * 1024
+};
+var NATS_BOX_IMAGE = "natsio/nats-box:0.14.5";
+var materializeStreams = (provider, namespace, config) => {
+  const {
+    contracts,
+    policies = {},
+    defaults = DEFAULT_POLICY2,
+    image = NATS_BOX_IMAGE,
+    ttlAfterFinished = 300,
+    backoffLimit = 3
+  } = config;
+  validateStreamDefinitions(contracts);
+  const definitions = collectStreamDefinitions(contracts);
+  const resolved = resolveStreams(definitions, policies, defaults);
+  const script = generateSetupScript(resolved);
+  const configHash = computeConfigHash(resolved);
+  console.log(`\uD83D\uDCCB Collecting stream definitions from contracts...`);
+  console.log(`✅ Found ${definitions.length} stream(s):`);
+  for (const { stream, subjects } of definitions) {
+    console.log(`   - ${stream}: ${subjects.join(", ")}`);
+  }
+  const configMap = new k8s4.core.v1.ConfigMap("stream-setup-config", {
+    metadata: {
+      name: `stream-setup-${configHash}`,
+      namespace,
+      labels: { app: "stream-setup", "config-hash": configHash }
+    },
+    data: {
+      "setup.sh": script,
+      "streams.json": JSON.stringify(resolved, null, 2)
+    }
+  }, { provider });
+  const envVars = [{ name: "NATS_URL", value: config.natsUrl }];
+  if (config.credentials?.user) {
+    envVars.push({ name: "NATS_USER", value: config.credentials.user });
+  }
+  if (config.credentials?.password) {
+    envVars.push({ name: "NATS_PASSWORD", value: config.credentials.password });
+  }
+  const job = new k8s4.batch.v1.Job("stream-setup", {
+    metadata: {
+      name: `stream-setup-${configHash}`,
+      namespace,
+      labels: { app: "stream-setup", "config-hash": configHash }
+    },
+    spec: {
+      backoffLimit,
+      ttlSecondsAfterFinished: ttlAfterFinished,
+      template: {
+        metadata: {
+          labels: { app: "stream-setup" }
+        },
+        spec: {
+          restartPolicy: "Never",
+          containers: [
+            {
+              name: "stream-setup",
+              image,
+              command: ["sh", "/config/setup.sh"],
+              env: envVars,
+              volumeMounts: [{ name: "config", mountPath: "/config", readOnly: true }]
+            }
+          ],
+          volumes: [
+            {
+              name: "config",
+              configMap: { name: configMap.metadata.name }
+            }
+          ]
+        }
+      }
+    }
+  }, {
+    provider,
+    dependsOn: [configMap],
+    deleteBeforeReplace: true
+  });
+  return job;
+};
 // lib/runtimes/doks/cluster.ts
 var digitalocean = __toESM(require("@pulumi/digitalocean"));
-var k8s4 = __toESM(require("@pulumi/kubernetes"));
+var k8s5 = __toESM(require("@pulumi/kubernetes"));
 var pulumi4 = __toESM(require("@pulumi/pulumi"));
 function createDOKSCluster(config) {
   const stack = pulumi4.getStack();
@@ -974,7 +1141,7 @@ function createDOKSCluster(config) {
     }
     return firstConfig.rawConfig;
   });
-  const provider = new k8s4.Provider(`${config.name}-k8s-provider`, {
+  const provider = new k8s5.Provider(`${config.name}-k8s-provider`, {
     kubeconfig
   });
   return {
@@ -985,7 +1152,7 @@ function createDOKSCluster(config) {
   };
 }
 function createK8sProviderFromKubeconfig(name, kubeconfig) {
-  return new k8s4.Provider(name, { kubeconfig });
+  return new k8s5.Provider(name, { kubeconfig });
 }
 // lib/runtimes/doks/vpc.ts
 var digitalocean2 = __toESM(require("@pulumi/digitalocean"));
@@ -1001,7 +1168,7 @@ function createVPC(config) {
   });
 }
 // lib/runtimes/doks/workloads.ts
-var k8s5 = __toESM(require("@pulumi/kubernetes"));
+var k8s6 = __toESM(require("@pulumi/kubernetes"));
 var pulumi6 = __toESM(require("@pulumi/pulumi"));
 var normalizeK8sConfig = (config) => {
   if (config.ports) {
@@ -1051,7 +1218,7 @@ var createImagePullSecret = (provider, namespace, name, config) => {
       }
     });
   });
-  return new k8s5.core.v1.Secret(name, {
+  return new k8s6.core.v1.Secret(name, {
     metadata: {
       name,
       namespace,
@@ -1081,7 +1248,7 @@ var buildEnvVars = (config) => {
   })) : [];
   return [portEnv, ...plainEnvVars, ...secretEnvVars];
 };
-var createServiceSecret = (provider, namespace, config, labels) => !config.secrets || Object.keys(config.secrets).length === 0 ? undefined : new k8s5.core.v1.Secret(`${config.name}-secret`, {
+var createServiceSecret = (provider, namespace, config, labels) => !config.secrets || Object.keys(config.secrets).length === 0 ? undefined : new k8s6.core.v1.Secret(`${config.name}-secret`, {
   metadata: {
     name: `${config.name}-secret`,
     namespace,
@@ -1094,7 +1261,7 @@ var createServiceVolumes = (provider, namespace, config, labels) => {
   if (!config.volumes) {
     return { pvcs: [], volumeMounts: [], volumes: [] };
   }
-  const pvcs = config.volumes.map((vol) => new k8s5.core.v1.PersistentVolumeClaim(`${config.name}-${vol.name}`, {
+  const pvcs = config.volumes.map((vol) => new k8s6.core.v1.PersistentVolumeClaim(`${config.name}-${vol.name}`, {
     metadata: {
       name: `${config.name}-${vol.name}`,
       namespace,
@@ -1210,7 +1377,7 @@ var createServiceIngress = (provider, namespace, config, labels, service) => {
   const allHosts = [...primaryHosts, ...additionalHosts];
   const ingressRules = allHosts.length > 0 ? allHosts.map(createRule) : [createRule()];
   const tlsSecretName = config.ingress.tls?.secretName ?? `${config.name}-tls`;
-  return new k8s5.networking.v1.Ingress(`${config.name}-ingress`, {
+  return new k8s6.networking.v1.Ingress(`${config.name}-ingress`, {
     metadata: {
       name: config.name,
       namespace,
@@ -1240,7 +1407,7 @@ var deployK8sService = (provider, namespace, config) => {
   const { livenessProbe, readinessProbe } = buildHealthProbes(normalizedConfig);
   const containerPorts = buildContainerPorts(normalizedConfig);
   const servicePorts = buildServicePorts(normalizedConfig);
-  const deployment = new k8s5.apps.v1.Deployment(`${normalizedConfig.name}-deployment`, {
+  const deployment = new k8s6.apps.v1.Deployment(`${normalizedConfig.name}-deployment`, {
     metadata: {
       name: normalizedConfig.name,
       namespace,
@@ -1281,7 +1448,7 @@ var deployK8sService = (provider, namespace, config) => {
       }
     }
   }, { provider, dependsOn: pvcs.length > 0 ? pvcs : undefined });
-  const service = new k8s5.core.v1.Service(`${normalizedConfig.name}-service`, {
+  const service = new k8s6.core.v1.Service(`${normalizedConfig.name}-service`, {
     metadata: {
       name: normalizedConfig.name,
       namespace,
@@ -1314,7 +1481,7 @@ var deployK8sServices = (provider, namespace, configs, options) => configs.filte
   results.set(config.name, deployK8sService(provider, namespace, configWithSecret));
   return results;
 }, new Map);
-var createNamespace = (provider, name, labels) => new k8s5.core.v1.Namespace(name, {
+var createNamespace = (provider, name, labels) => new k8s6.core.v1.Namespace(name, {
   metadata: {
     name,
     labels: {

package/dist/index.js CHANGED Viewed

@@ -571,20 +571,16 @@ var collectStreamDefinitions = (contractsModule) => {
 };
 var getStreamDefinition = (contractsModule, streamName) => collectStreamDefinitions(contractsModule).find((s) => s.stream === streamName);
 var getStreamNames = (contractsModule) => collectStreamDefinitions(contractsModule).map((s) => s.stream);
-var buildSubjectMap = (streams) => streams.reduce((acc, { stream, subjects }) => {
-  for (const subject of subjects) {
-    acc.set(subject, stream);
-  }
-  return acc;
-}, new Map);
 var findDuplicateSubjects = (streams) => {
-  const subjectMap = buildSubjectMap(streams);
+  const seen = new Map;
   const duplicates = new Set;
-  for (const { subjects } of streams) {
+  for (const { stream, subjects } of streams) {
     for (const subject of subjects) {
-      const existingStream = subjectMap.get(subject);
-      if (existingStream) {
+      const existingStream = seen.get(subject);
+      if (existingStream !== undefined && existingStream !== stream) {
         duplicates.add(subject);
+      } else {
+        seen.set(subject, stream);
       }
     }
   }
@@ -848,9 +844,175 @@ var buildOtelEnv = (serviceName, config) => {
   }
   return env;
 };
+// lib/helpers/stream-job.ts
+import * as k8s4 from "@pulumi/kubernetes";
+// lib/helpers/stream-setup.ts
+var DEFAULT_POLICY = {
+  maxAge: 7 * 24 * 60 * 60 * 1000,
+  storage: "file",
+  replicas: 1,
+  maxMsgSize: 1024 * 1024
+};
+var msToNatsDuration = (ms) => {
+  const totalSeconds = Math.floor(ms / 1000);
+  const hours = Math.floor(totalSeconds / 3600);
+  const minutes = Math.floor(totalSeconds % 3600 / 60);
+  const seconds = totalSeconds % 60;
+  return `${hours}h${minutes}m${seconds}s`;
+};
+var resolveStreams = (definitions, policies = {}, defaults = DEFAULT_POLICY) => definitions.map(({ stream, subjects }) => {
+  const merged = { ...DEFAULT_POLICY, ...defaults, ...policies[stream] };
+  return {
+    stream,
+    subjects,
+    retention: "limits",
+    storage: merged.storage ?? "file",
+    maxAge: msToNatsDuration(merged.maxAge ?? 7 * 24 * 60 * 60 * 1000),
+    replicas: merged.replicas ?? 1,
+    maxMsgSize: merged.maxMsgSize ?? 1024 * 1024
+  };
+});
+var generateSetupScript = (streams) => {
+  const streamCommands = streams.map((s) => {
+    const subjects = s.subjects.join(",");
+    const args = [
+      `--retention ${s.retention}`,
+      `--storage ${s.storage}`,
+      `--max-age ${s.maxAge}`,
+      `--replicas ${s.replicas}`,
+      `--max-msg-size ${s.maxMsgSize}`
+    ].join(" ");
+    return [
+      `echo "Processing stream: ${s.stream} (${subjects})"`,
+      `if nats $NATS_OPTS stream info "${s.stream}" > /dev/null 2>&1; then`,
+      `  echo "  Updating existing stream..."`,
+      `  nats $NATS_OPTS stream edit "${s.stream}" --subjects "${subjects}" ${args} --force`,
+      `else`,
+      `  echo "  Creating new stream..."`,
+      `  nats $NATS_OPTS stream add "${s.stream}" --subjects "${subjects}" ${args} --defaults`,
+      `fi`,
+      `echo "  ✅ ${s.stream} ready"`,
+      ``
+    ].join(`
+`);
+  });
+  return [
+    `#!/bin/sh`,
+    `set -e`,
+    ``,
+    `NATS_OPTS="--server $NATS_URL"`,
+    `if [ -n "$NATS_USER" ] && [ -n "$NATS_PASSWORD" ]; then`,
+    `  NATS_OPTS="$NATS_OPTS --user $NATS_USER --password $NATS_PASSWORD"`,
+    `fi`,
+    ``,
+    `echo "\uD83D\uDE80 Materializing ${streams.length} stream(s)..."`,
+    `echo ""`,
+    ``,
+    ...streamCommands,
+    `echo ""`,
+    `echo "✅ All streams materialized successfully"`
+  ].join(`
+`);
+};
+var computeConfigHash = (streams) => {
+  const data = JSON.stringify(streams);
+  let hash = 0;
+  for (let i = 0;i < data.length; i++) {
+    const char = data.charCodeAt(i);
+    hash = (hash << 5) - hash + char | 0;
+  }
+  return Math.abs(hash).toString(36).slice(0, 8);
+};
+// lib/helpers/stream-job.ts
+var DEFAULT_POLICY2 = {
+  maxAge: 7 * 24 * 60 * 60 * 1000,
+  storage: "file",
+  replicas: 1,
+  maxMsgSize: 1024 * 1024
+};
+var NATS_BOX_IMAGE = "natsio/nats-box:0.14.5";
+var materializeStreams = (provider, namespace, config) => {
+  const {
+    contracts,
+    policies = {},
+    defaults = DEFAULT_POLICY2,
+    image = NATS_BOX_IMAGE,
+    ttlAfterFinished = 300,
+    backoffLimit = 3
+  } = config;
+  validateStreamDefinitions(contracts);
+  const definitions = collectStreamDefinitions(contracts);
+  const resolved = resolveStreams(definitions, policies, defaults);
+  const script = generateSetupScript(resolved);
+  const configHash = computeConfigHash(resolved);
+  console.log(`\uD83D\uDCCB Collecting stream definitions from contracts...`);
+  console.log(`✅ Found ${definitions.length} stream(s):`);
+  for (const { stream, subjects } of definitions) {
+    console.log(`   - ${stream}: ${subjects.join(", ")}`);
+  }
+  const configMap = new k8s4.core.v1.ConfigMap("stream-setup-config", {
+    metadata: {
+      name: `stream-setup-${configHash}`,
+      namespace,
+      labels: { app: "stream-setup", "config-hash": configHash }
+    },
+    data: {
+      "setup.sh": script,
+      "streams.json": JSON.stringify(resolved, null, 2)
+    }
+  }, { provider });
+  const envVars = [{ name: "NATS_URL", value: config.natsUrl }];
+  if (config.credentials?.user) {
+    envVars.push({ name: "NATS_USER", value: config.credentials.user });
+  }
+  if (config.credentials?.password) {
+    envVars.push({ name: "NATS_PASSWORD", value: config.credentials.password });
+  }
+  const job = new k8s4.batch.v1.Job("stream-setup", {
+    metadata: {
+      name: `stream-setup-${configHash}`,
+      namespace,
+      labels: { app: "stream-setup", "config-hash": configHash }
+    },
+    spec: {
+      backoffLimit,
+      ttlSecondsAfterFinished: ttlAfterFinished,
+      template: {
+        metadata: {
+          labels: { app: "stream-setup" }
+        },
+        spec: {
+          restartPolicy: "Never",
+          containers: [
+            {
+              name: "stream-setup",
+              image,
+              command: ["sh", "/config/setup.sh"],
+              env: envVars,
+              volumeMounts: [{ name: "config", mountPath: "/config", readOnly: true }]
+            }
+          ],
+          volumes: [
+            {
+              name: "config",
+              configMap: { name: configMap.metadata.name }
+            }
+          ]
+        }
+      }
+    }
+  }, {
+    provider,
+    dependsOn: [configMap],
+    deleteBeforeReplace: true
+  });
+  return job;
+};
 // lib/runtimes/doks/cluster.ts
 import * as digitalocean from "@pulumi/digitalocean";
-import * as k8s4 from "@pulumi/kubernetes";
+import * as k8s5 from "@pulumi/kubernetes";
 import * as pulumi4 from "@pulumi/pulumi";
 function createDOKSCluster(config) {
   const stack = pulumi4.getStack();
@@ -885,7 +1047,7 @@ function createDOKSCluster(config) {
     }
     return firstConfig.rawConfig;
   });
-  const provider = new k8s4.Provider(`${config.name}-k8s-provider`, {
+  const provider = new k8s5.Provider(`${config.name}-k8s-provider`, {
     kubeconfig
   });
   return {
@@ -896,7 +1058,7 @@ function createDOKSCluster(config) {
   };
 }
 function createK8sProviderFromKubeconfig(name, kubeconfig) {
-  return new k8s4.Provider(name, { kubeconfig });
+  return new k8s5.Provider(name, { kubeconfig });
 }
 // lib/runtimes/doks/vpc.ts
 import * as digitalocean2 from "@pulumi/digitalocean";
@@ -912,7 +1074,7 @@ function createVPC(config) {
   });
 }
 // lib/runtimes/doks/workloads.ts
-import * as k8s5 from "@pulumi/kubernetes";
+import * as k8s6 from "@pulumi/kubernetes";
 import * as pulumi6 from "@pulumi/pulumi";
 var normalizeK8sConfig = (config) => {
   if (config.ports) {
@@ -962,7 +1124,7 @@ var createImagePullSecret = (provider, namespace, name, config) => {
       }
     });
   });
-  return new k8s5.core.v1.Secret(name, {
+  return new k8s6.core.v1.Secret(name, {
     metadata: {
       name,
       namespace,
@@ -992,7 +1154,7 @@ var buildEnvVars = (config) => {
   })) : [];
   return [portEnv, ...plainEnvVars, ...secretEnvVars];
 };
-var createServiceSecret = (provider, namespace, config, labels) => !config.secrets || Object.keys(config.secrets).length === 0 ? undefined : new k8s5.core.v1.Secret(`${config.name}-secret`, {
+var createServiceSecret = (provider, namespace, config, labels) => !config.secrets || Object.keys(config.secrets).length === 0 ? undefined : new k8s6.core.v1.Secret(`${config.name}-secret`, {
   metadata: {
     name: `${config.name}-secret`,
     namespace,
@@ -1005,7 +1167,7 @@ var createServiceVolumes = (provider, namespace, config, labels) => {
   if (!config.volumes) {
     return { pvcs: [], volumeMounts: [], volumes: [] };
   }
-  const pvcs = config.volumes.map((vol) => new k8s5.core.v1.PersistentVolumeClaim(`${config.name}-${vol.name}`, {
+  const pvcs = config.volumes.map((vol) => new k8s6.core.v1.PersistentVolumeClaim(`${config.name}-${vol.name}`, {
     metadata: {
       name: `${config.name}-${vol.name}`,
       namespace,
@@ -1121,7 +1283,7 @@ var createServiceIngress = (provider, namespace, config, labels, service) => {
   const allHosts = [...primaryHosts, ...additionalHosts];
   const ingressRules = allHosts.length > 0 ? allHosts.map(createRule) : [createRule()];
   const tlsSecretName = config.ingress.tls?.secretName ?? `${config.name}-tls`;
-  return new k8s5.networking.v1.Ingress(`${config.name}-ingress`, {
+  return new k8s6.networking.v1.Ingress(`${config.name}-ingress`, {
     metadata: {
       name: config.name,
       namespace,
@@ -1151,7 +1313,7 @@ var deployK8sService = (provider, namespace, config) => {
   const { livenessProbe, readinessProbe } = buildHealthProbes(normalizedConfig);
   const containerPorts = buildContainerPorts(normalizedConfig);
   const servicePorts = buildServicePorts(normalizedConfig);
-  const deployment = new k8s5.apps.v1.Deployment(`${normalizedConfig.name}-deployment`, {
+  const deployment = new k8s6.apps.v1.Deployment(`${normalizedConfig.name}-deployment`, {
     metadata: {
       name: normalizedConfig.name,
       namespace,
@@ -1192,7 +1354,7 @@ var deployK8sService = (provider, namespace, config) => {
       }
     }
   }, { provider, dependsOn: pvcs.length > 0 ? pvcs : undefined });
-  const service = new k8s5.core.v1.Service(`${normalizedConfig.name}-service`, {
+  const service = new k8s6.core.v1.Service(`${normalizedConfig.name}-service`, {
     metadata: {
       name: normalizedConfig.name,
       namespace,
@@ -1225,7 +1387,7 @@ var deployK8sServices = (provider, namespace, configs, options) => configs.filte
   results.set(config.name, deployK8sService(provider, namespace, configWithSecret));
   return results;
 }, new Map);
-var createNamespace = (provider, name, labels) => new k8s5.core.v1.Namespace(name, {
+var createNamespace = (provider, name, labels) => new k8s6.core.v1.Namespace(name, {
   metadata: {
     name,
     labels: {
@@ -1599,8 +1761,11 @@ var generateLocalSetupScript = (services, options = {}) => {
 export {
   validateStreamDefinitionsPure,
   validateStreamDefinitions,
+  resolveStreams,
   registerRuntime,
   ports,
+  msToNatsDuration,
+  materializeStreams,
   hasPublicPort,
   getStreamNames,
   getStreamDefinition,
@@ -1608,6 +1773,7 @@ export {
   getPublicPorts,
   getPrimaryPort,
   getAllPorts,
+  generateSetupScript,
   generateLocalSetupScript,
   generateKubectlApplyCommand,
   generateK3dDeleteCommand,
@@ -1636,6 +1802,7 @@ export {
   createImagePullSecret,
   createDOKSCluster,
   convertToComposeService,
+  computeConfigHash,
   collectStreamDefinitions,
   buildOtelEnv,
   buildNatsUrl,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@crossdelta/infrastructure",
-  "version": "0.5.4",
+  "version": "0.6.0",
   "type": "module",
   "license": "MIT",
   "publishConfig": {
@@ -35,7 +35,7 @@
     }
   },
   "dependencies": {
-    "@crossdelta/cloudevents": "0.6.3"
+    "@crossdelta/cloudevents": "0.6.4"
   },
   "peerDependencies": {
     "@pulumi/digitalocean": "^4.0.0",