npm - @crossdelta/infrastructure - Versions diffs - 0.6.2 → 0.6.4 - Mend

@crossdelta/infrastructure 0.6.2 → 0.6.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +59 -599
package/dist/index.cjs +23 -16
package/dist/index.js +23 -16
package/dist/runtimes/doks/probes.d.ts +32 -0
package/dist/runtimes/doks/types.d.ts +3 -1
package/package.json +2 -2

package/README.md CHANGED Viewed

@@ -3,670 +3,130 @@
 [![npm version](https://img.shields.io/npm/v/@crossdelta/infrastructure.svg)](https://www.npmjs.com/package/@crossdelta/infrastructure)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
-Infrastructure-as-Code toolkit for deploying microservices to Kubernetes with Pulumi.
-**Current Support:**
-- ✅ **DigitalOcean Kubernetes (DOKS)** - Production-ready, fully tested
-- ✅ **Local Kubernetes (k3d)** - Development environment
-**Planned Support:**
-- 🚧 **AWS EKS** - Planned (contributions welcome)
-- 🚧 **Azure AKS** - Planned (contributions welcome)
-- 🚧 **Google GKE** - Planned (contributions welcome)
-The architecture is **provider-agnostic** - runtime components (NATS, Ingress, Cert-Manager) use provider-specific implementations, but service configs remain portable.
-## Architecture Overview
-```
-                     ┌─────────────────────────────────────────┐
-                     │  DigitalOcean Kubernetes (DOKS)        │
-                     │                                         │
-     ┌───────────────┤  Runtime Components:                   │
-     │               │  • NATS + JetStream (messaging)        │
- Internet            │  • NGINX Ingress (routing)             │
-     │               │  • Cert-Manager (TLS certs)            │
-     │               └─────────────────────────────────────────┘
-     ▼                                    │
-┌──────────┐                              ▼
-│   DNS    │         ┌──────────────────────────────────────────┐
-└────┬─────┘         │  Microservices:                          │
-     │               │                                           │
-     ▼               │  ┌──────────────┐  ┌──────────────┐     │
-┌──────────┐         │  │ api-gateway  │  │   orders     │     │
-│   Load   │◄────────┼──┤   :4000      │  │   :4001      │     │
-│ Balancer │         │  └──────┬───────┘  └──────┬───────┘     │
-└──────────┘         │         │                  │             │
-                     │         ▼                  ▼             │
-                     │  ┌──────────────────────────────┐       │
-                     │  │    NATS (Event Stream)       │       │
-                     │  └──────────────────────────────┘       │
-                     │         ▲                  ▲             │
-                     │         │                  │             │
-                     │  ┌──────┴───────┐  ┌──────┴───────┐     │
-                     │  │notifications │  │  storefront  │     │
-                     │  │   :4002      │  │   :3000      │     │
-                     │  └──────────────┘  └──────────────┘     │
-                     └──────────────────────────────────────────┘
-```
-### Why Kubernetes?
-| Feature | Benefit |
-|---------|---------|
-| **Declarative** | Define desired state, K8s maintains it |
-| **Self-healing** | Auto-restart failed pods, reschedule on node failure |
-| **Scaling** | Horizontal pod autoscaling based on metrics |
-| **Rolling updates** | Zero-downtime deployments |
-| **Service discovery** | Built-in DNS for pod-to-pod communication |
-| **Persistent volumes** | StatefulSets for databases and message queues |
-## Features
-### 🚀 Core Features
-- **Provider-Agnostic** - One config for DOKS, k3d, EKS, AKS, GKE
-- **Unified Runtime API** - Single `deployRuntime()` for NATS, Ingress, Cert-Manager
-- **Service Discovery** - Auto-discover services from `infra/services/*.ts`
-- **Fluent Port Configuration** - Modern API for HTTP, gRPC, custom ports
-- **Health Checks** - Automatic HTTP health check configuration
-- **Type-Safe** - Full TypeScript support with strict typing
-### 📦 Runtime Components
-- **NATS + JetStream** - Event-driven messaging with persistence
-- **NGINX Ingress** - HTTP routing and load balancing
-- **Cert-Manager** - Automatic TLS certificates via Let's Encrypt
-- **OpenTelemetry** - Distributed tracing and metrics (via `@crossdelta/telemetry`)
-### 🔧 Developer Experience
-- **Auto-Generated Types** - Service names from directory structure
-- **Environment Generation** - `.env.local` from Pulumi secrets
-- **Image Registry Support** - GHCR, DockerHub, DOCR
-- **Health Check Integration** - Kubernetes liveness/readiness probes
+Opinionated Pulumi abstractions for deploying microservices to Kubernetes. Turns per-service config objects into Deployments, Services, Ingress, probes, and secrets.
 ## Installation
 ```bash
-npm install @crossdelta/infrastructure
+npm install @crossdelta/infrastructure @pulumi/pulumi @pulumi/kubernetes
 ```
-### Peer Dependencies
+## Usage
-This package requires Pulumi packages as peer dependencies. Install them based on your target cloud provider:
-```bash
-# Required - Pulumi core and Kubernetes
-npm install @pulumi/pulumi @pulumi/kubernetes
-# Optional - DigitalOcean provider (for DOKS)
-npm install @pulumi/digitalocean
-```
-| Package | Required | Description |
-|---------|----------|-------------|
-| `@pulumi/pulumi` | ✅ Yes | Pulumi core SDK |
-| `@pulumi/kubernetes` | ✅ Yes | Kubernetes resources |
-| `@pulumi/digitalocean` | Optional | DigitalOcean provider (DOKS, VPC, etc.) |
-## Quick Start
-### 1. Create service configs
+### Service config
 ```typescript
-// infra/services/orders.ts
 import { ports, type K8sServiceConfig } from '@crossdelta/infrastructure'
 const config: K8sServiceConfig = {
-  name: 'orders',
-  ports: ports().http(4001).build(),
+  name: 'my-service',
+  ports: ports().http(4000).public().build(),
   replicas: 1,
-  healthCheck: { httpPath: '/health' },
+  healthCheck: {
+    httpPath: '/health',
+    readinessPath: '/health/ready',
+  },
+  ingress: { path: '/api', host: 'example.com' },
+  env: { DATABASE_URL: dbUrl },
+  secrets: { API_KEY: apiKey },
   resources: {
     requests: { cpu: '50m', memory: '64Mi' },
-    limits: { cpu: '150m', memory: '128Mi' },
-  },
-}
-export default config
-```
-```typescript
-// infra/services/api-gateway.ts - Public service with ingress
-import { ports, type K8sServiceConfig } from '@crossdelta/infrastructure'
-const config: K8sServiceConfig = {
-  name: 'api-gateway',
-  ports: ports().http(4000).public().build(),
-  ingress: {
-    path: '/api',
-    host: 'api.example.com',
+    limits: { cpu: '200m', memory: '256Mi' },
   },
-  replicas: 2,
-  healthCheck: { httpPath: '/health' },
 }
 export default config
 ```
-### 2. Create your Pulumi infrastructure
+### Deploy services
 ```typescript
-// infra/index.ts
-import {
-  createDOKSCluster,
-  createNamespace,
-  createVPC,
-  deployK8sServices,
-  deployRuntime,
-  discoverServiceConfigs,
-} from '@crossdelta/infrastructure'
+import { deployK8sServices, discoverServiceConfigs } from '@crossdelta/infrastructure'
-const region = 'fra1'
-const namespace = 'my-platform'
+const serviceConfigs = discoverServiceConfigs('services')
-// 1. Create VPC for private networking
-const vpc = createVPC({
-  name: `${namespace}-vpc`,
-  region,
-  description: 'VPC for platform internal communication',
+deployK8sServices({
+  provider,
+  namespace,
+  serviceConfigs,
+  env: { NATS_URL: natsUrl },
 })
+```
-// 2. Create Kubernetes cluster
-const { cluster, provider, kubeconfig } = createDOKSCluster({
-  name: `${namespace}-cluster`,
-  region,
-  vpcUuid: vpc.id,
-  nodePool: {
-    name: 'default',
-    size: 's-2vcpu-4gb',
-    nodeCount: 2,
-  },
-})
+### Deploy runtime components
-// 3. Create namespace
-createNamespace(provider, namespace)
+```typescript
+import { deployRuntime } from '@crossdelta/infrastructure'
-// 4. Deploy runtime components (NATS, Ingress, Cert-Manager)
 const runtime = deployRuntime(provider, namespace, {
-  nats: {
-    enabled: true,
-    config: {
-      replicas: 1,
-      jetstream: {
-        enabled: true,
-        storageSize: '1Gi',
-      },
-    },
-  },
-  ingress: {
-    enabled: true,
-    config: { replicas: 1 },
-  },
-  certManager: {
-    enabled: true,
-    config: { email: 'admin@example.com' },
-  },
+  nats: { enabled: true, config: { replicas: 1, jetstream: { enabled: true } } },
+  ingress: { enabled: true },
+  certManager: { enabled: true, config: { email: 'ops@example.com' } },
 })
-// 5. Auto-discover and deploy services
-const serviceConfigs = discoverServiceConfigs('services')
-const deployedServices = deployK8sServices({
-  provider,
-  namespace,
-  serviceConfigs,
-  env: {
-    NATS_URL: runtime.natsUrl,
-  },
-})
-// Export outputs
-export const clusterEndpoint = cluster.endpoint
-export const clusterKubeconfig = kubeconfig
-export const natsInternalUrl = runtime.natsUrl
-export const loadBalancerIP = runtime.loadBalancerIp
 ```
-## K8sServiceConfig API
-The `K8sServiceConfig` type is the central configuration for Kubernetes services:
+## K8sServiceConfig
 ```typescript
 interface K8sServiceConfig {
-  /** Service name (used for deployment, service, ingress names) */
   name: string
-  /** Port configuration (use fluent ports() builder) */
   ports: PortConfig
-  /** Number of pod replicas (default: 1) */
   replicas?: number
-  /** Resource requests and limits */
   resources?: {
     requests?: { cpu: string; memory: string }
     limits?: { cpu: string; memory: string }
   }
-  /** Health check configuration */
   healthCheck?: {
-    httpPath: string           // HTTP endpoint (e.g., '/health')
-    initialDelaySeconds?: number // Wait before first check (default: 10)
-    periodSeconds?: number      // Check interval (default: 10)
+    httpPath: string
+    readinessPath?: string       // Falls back to httpPath
+    initialDelaySeconds?: number // Default: 10
+    periodSeconds?: number       // Default: 10
+    failureThreshold?: number    // Default: 3
   }
-  /** Ingress configuration for public services */
   ingress?: {
-    path: string    // URL path (e.g., '/api')
-    host?: string   // Domain (e.g., 'api.example.com')
+    path: string
+    host?: string
   }
-  /** Environment variables */
   env?: Record<string, pulumi.Input<string>>
-  /** Kubernetes secrets */
   secrets?: Record<string, pulumi.Input<string>>
-  /** Custom image (defaults to GHCR with auto-generated tag) */
   image?: string
-  /** Skip deployment */
   skip?: boolean
 }
 ```
-### Fluent Ports API
-Build port configurations with a fluent, chainable API:
+## Fluent Ports API
 ```typescript
 import { ports } from '@crossdelta/infrastructure'
-// Simple HTTP service
-ports().http(4000).build()
-// Public HTTP service (exposed via ingress)
-ports().http(4000).public().build()
-// gRPC service
-ports().grpc(50051).build()
-// Multiple ports
-ports()
-  .http(4000)              // Primary port
-  .addHttp(8080, 'metrics').public()  // Additional public port
-  .add(9090, 'admin')      // Additional internal port
-  .build()
-// Custom protocol
-ports()
-  .primary(4222, 'client')
-  .protocol('TCP')
-  .add(8222, 'monitoring')
-  .build()
-```
-**Port Builder Methods:**
-- `.http(port)` - HTTP primary port
-- `.https(port)` - HTTPS primary port
-- `.grpc(port)` - gRPC primary port
-- `.primary(port, name?)` - Custom primary port
-- `.add(port, name?, protocol?)` - Add additional port
-- `.addHttp(port, name?)` - Add HTTP additional port
-- `.addGrpc(port, name?)` - Add gRPC additional port
-- `.public()` - Mark last port as public (exposed via ingress)
-- `.protocol(type)` - Set protocol for last port
-- `.build()` - Build final config
-## Service Configuration Examples
-### Public HTTP Service with Ingress
-```typescript
-import { ports, type K8sServiceConfig } from '@crossdelta/infrastructure'
-const config: K8sServiceConfig = {
-  name: 'api-gateway',
-  ports: ports().http(4000).public().build(),
-  replicas: 2,
-  healthCheck: { httpPath: '/health' },
-  ingress: {
-    path: '/api',
-    host: 'api.example.com',
-  },
-  resources: {
-    requests: { cpu: '100m', memory: '128Mi' },
-    limits: { cpu: '500m', memory: '512Mi' },
-  },
-}
-export default config
-```
-### Internal Service (Event Consumer)
-```typescript
-import { ports, type K8sServiceConfig } from '@crossdelta/infrastructure'
-const config: K8sServiceConfig = {
-  name: 'notifications',
-  ports: ports().http(4002).build(),
-  replicas: 1,
-  healthCheck: { httpPath: '/health' },
-  resources: {
-    requests: { cpu: '50m', memory: '64Mi' },
-    limits: { cpu: '150m', memory: '128Mi' },
-  },
-}
-export default config
-```
-### Service with Multiple Ports
-```typescript
-import { ports, type K8sServiceConfig } from '@crossdelta/infrastructure'
-const config: K8sServiceConfig = {
-  name: 'api-gateway',
-  ports: ports()
-    .http(4000)                      // Primary HTTP port
-    .addHttp(8080, 'metrics').public()  // Metrics endpoint (public)
-    .add(9090, 'admin')              // Admin endpoint (internal)
-    .build(),
-  replicas: 2,
-  healthCheck: { httpPath: '/health' },
-}
-export default config
-```
-### gRPC Service
-```typescript
-import { ports, type K8sServiceConfig } from '@crossdelta/infrastructure'
-const config: K8sServiceConfig = {
-  name: 'grpc-service',
-  ports: ports().grpc(50051).build(),
-  replicas: 2,
-  healthCheck: {
-    httpPath: '/grpc.health.v1.Health/Check',
-    initialDelaySeconds: 15,
-  },
-}
-export default config
-```
-## deployRuntime() - Unified Runtime Components
-Deploy all runtime components (NATS, Ingress, Cert-Manager) with a single function:
-```typescript
-import { deployRuntime } from '@crossdelta/infrastructure'
-const runtime = deployRuntime(provider, namespace, {
-  // NATS with JetStream for event-driven messaging
-  nats: {
-    enabled: true,
-    config: {
-      replicas: 1,
-      jetstream: {
-        enabled: true,
-        storageSize: '1Gi',
-        storageClass: 'do-block-storage',
-      },
-      resources: {
-        requests: { cpu: '25m', memory: '64Mi' },
-        limits: { cpu: '100m', memory: '192Mi' },
-      },
-    },
-  },
-  // NGINX Ingress Controller for HTTP routing
-  ingress: {
-    enabled: true,
-    config: {
-      replicas: 1,
-      resources: {
-        requests: { cpu: '50m', memory: '64Mi' },
-        limits: { cpu: '100m', memory: '128Mi' },
-      },
-    },
-  },
-  // Cert-Manager for automatic TLS certificates
-  certManager: {
-    enabled: true,
-    config: {
-      email: 'admin@example.com',
-      staging: false,  // Use Let's Encrypt production
-      resources: {
-        requests: { cpu: '10m', memory: '32Mi' },
-        limits: { cpu: '100m', memory: '128Mi' },
-      },
-    },
-  },
-})
-// Use runtime outputs
-console.log('NATS URL:', runtime.natsUrl)
-console.log('LoadBalancer IP:', runtime.loadBalancerIp)
-console.log('Cert-Manager Ready:', runtime.certManagerReady)
+ports().http(4000).build()                          // Simple HTTP
+ports().http(4000).public().build()                 // Public (ingress)
+ports().grpc(50051).build()                         // gRPC
+ports().http(4000).addHttp(8080, 'metrics').build() // Multiple ports
 ```
-**Returns:**
-```typescript
-interface RuntimeDeploymentResult {
-  natsUrl?: pulumi.Output<string>        // NATS connection URL
-  loadBalancerIp?: pulumi.Output<string> // Ingress LoadBalancer IP
-  certManagerReady?: boolean              // Cert-Manager installed
-}
-```
-## Environment Generation
-Generate `.env.local` for local development from Pulumi config:
-```bash
-# In your workspace root
-bun dev  # Automatically generates .env.local before starting services
-```
-**Generated `.env.local`:**
-```bash
-# Auto-generated from Pulumi config (DO NOT EDIT)
-ORDERS_PORT=4001
-NOTIFICATIONS_PORT=4002
-API_GATEWAY_PORT=4000
-STOREFRONT_PORT=3000
-NATS_URL=nats://localhost:4222
-DATABASE_URL=postgresql://localhost:5432/mydb
-API_KEY=your-secret-key
-```
-**Generated `infra/env.ts`:**
-```typescript
-// Auto-generated type-safe service names
-export type ServiceName = 'orders' | 'notifications' | 'api-gateway' | 'storefront'
-export function getServicePort(name: ServiceName, fallback?: number): number {
-  const port = process.env[`${name.toUpperCase().replace(/-/g, '_')}_PORT`]
-  return port ? Number.parseInt(port, 10) : (fallback ?? 8080)
-}
-```
+| Method | Description |
+|--------|-------------|
+| `.http(port)` | HTTP primary port |
+| `.grpc(port)` | gRPC primary port |
+| `.primary(port, name?)` | Custom primary port |
+| `.add(port, name?, protocol?)` | Additional port |
+| `.addHttp(port, name?)` | Additional HTTP port |
+| `.addGrpc(port, name?)` | Additional gRPC port |
+| `.public()` | Expose via ingress |
+| `.protocol(type)` | Set protocol (TCP, UDP, SCTP) |
+| `.build()` | Build config |
 ## API Reference
-### Core Functions
 | Function | Description |
 |----------|-------------|
-| `deployRuntime(provider, namespace, config)` | Deploy runtime components (NATS, Ingress, Cert-Manager) |
-| `discoverServiceConfigs(dir, options?)` | Auto-discover K8s service configs from directory |
-| `deployK8sServices(options)` | Deploy services to Kubernetes cluster |
-| `createDOKSCluster(config)` | Create DigitalOcean Kubernetes cluster |
-| `createVPC(config)` | Create VPC for private networking |
-| `createNamespace(provider, name, labels?)` | Create Kubernetes namespace |
-| `createImagePullSecret(provider, namespace, name, config)` | Create secret for private registries |
-### Port Configuration
-| Function | Description |
-|----------|-------------|
-| `ports()` | Start fluent port builder |
-| `.http(port)` | Set HTTP primary port |
-| `.https(port)` | Set HTTPS primary port |
-| `.grpc(port)` | Set gRPC primary port |
-| `.primary(port, name?)` | Set custom primary port |
-| `.add(port, name?, protocol?)` | Add additional port |
-| `.addHttp(port, name?)` | Add HTTP additional port |
-| `.addGrpc(port, name?)` | Add gRPC additional port |
-| `.public()` | Mark last port as public (ingress) |
-| `.protocol(type)` | Set protocol ('TCP', 'UDP', 'SCTP') |
-| `.build()` | Build final port configuration |
-### Service Discovery Options
-```typescript
-discoverServiceConfigs('services', {
-  filter?: RegExp | string,          // Filter by service name pattern
-  include?: string[],                // Whitelist specific services
-  exclude?: string[],                // Blacklist specific services
-  tags?: string[],                   // Filter by tags
-  env?: Record<string, string>,      // Inject env vars
-  validate?: boolean,                // Validate configs (default: true)
-  sort?: boolean,                    // Sort by name (default: true)
-})
-```
-### Kubernetes Deployment Options
-```typescript
-deployK8sServices({
-  provider: k8s.Provider,            // Kubernetes provider
-  namespace: string,                 // Target namespace
-  serviceConfigs: K8sServiceConfig[], // Service configurations
-  env?: Record<string, pulumi.Input<string>>, // Global env vars
-  secrets?: Record<string, pulumi.Input<string>>, // Global secrets
-  imagePullSecrets?: string[],       // Image pull secret names
-  registry?: string,                 // Override registry URL
-})
-```
-Returns a Map:
-```typescript
-Map<string, {
-  deployment: k8s.apps.v1.Deployment,  // Kubernetes Deployment
-  service: k8s.core.v1.Service,         // Kubernetes Service
-  ingress?: k8s.networking.v1.Ingress,  // Ingress (if public)
-  internalUrl: pulumi.Output<string>,   // Internal service URL
-}>
-```
-### Environment Helpers (`@crossdelta/infrastructure/env`)
-```typescript
-import { getServicePort } from '@crossdelta/infrastructure/env'
-// Read SERVICE_NAME_PORT from environment
-const port = getServicePort('orders', 4001)  // Fallback to 4001
-```
-## Cost Estimation (DOKS)
-### Basic Setup
-- **DOKS Cluster**: $12/month (control plane)
-- **Worker Nodes**: 2× s-2vcpu-4gb = $36/month
-- **Load Balancer**: $12/month (managed by DOKS)
-- **Block Storage**: 10GB for NATS JetStream = $1/month
-- **Total**: ~$61/month
-### Production Setup
-- **DOKS Cluster**: $12/month
-- **Worker Nodes**: 3× s-2vcpu-4gb = $54/month (HA)
-- **Load Balancer**: $12/month
-- **Block Storage**: 50GB = $5/month
-- **Total**: ~$83/month
-### Scaling Considerations
-| Workload | Node Size | Monthly Cost |
-|----------|-----------|--------------|
-| Development | 1× s-2vcpu-4gb | $12 + $18 = $30/mo |
-| Staging | 2× s-2vcpu-4gb | $12 + $36 = $48/mo |
-| Production | 3× s-4vcpu-8gb | $12 + $144 = $156/mo |
-| High Traffic | 5× s-4vcpu-8gb | $12 + $240 = $252/mo |
-**Benefits of Kubernetes:**
-- **Auto-scaling**: HPA automatically adjusts pod count
-- **Self-healing**: Failed pods restart automatically
-- **Rolling updates**: Zero-downtime deployments
-- **Resource efficiency**: Better node utilization vs. dedicated VMs
-## Adding New Providers
-The library is designed to be **provider-agnostic**. To add support for a new cloud provider (AWS EKS, Azure AKS, GKE):
-### 1. Implement Provider-Specific Runtime Components
-Create a new directory under `lib/runtimes/`:
-```
-lib/runtimes/
-├── doks/          # DigitalOcean Kubernetes (reference implementation)
-│   ├── nats.ts
-│   ├── ingress.ts
-│   └── cert-manager.ts
-└── eks/           # Your new provider
-    ├── nats.ts
-    ├── ingress.ts
-    └── cert-manager.ts
-```
-### 2. Follow the Interface Pattern
-Each component should export a deployment function:
-```typescript
-// lib/runtimes/eks/nats.ts
-export function deployNats(
-  provider: k8s.Provider,
-  namespace: string,
-  config: NatsConfig
-): NatsDeploymentResult {
-  // Provider-specific NATS deployment
-  // Use Helm, manifests, or provider-specific resources
-  return {
-    release,
-    internalUrl: `nats://nats.${namespace}.svc.cluster.local:4222`,
-    serviceDns: `nats.${namespace}.svc.cluster.local`,
-  }
-}
-```
-### 3. Update deployRuntime()
-Add your provider to `lib/core/runtime.ts`:
-```typescript
-// Deploy NATS if enabled
-if (config.nats?.enabled) {
-  if (providerName === 'doks') {
-    const nats = deployNats(provider, namespace, config.nats.config || {})
-    result.natsUrl = pulumi.output(nats.internalUrl)
-  } else if (providerName === 'eks') {
-    const { deployNats } = require('../runtimes/eks/nats')
-    const nats = deployNats(provider, namespace, config.nats.config || {})
-    result.natsUrl = pulumi.output(nats.internalUrl)
-  }
-}
-```
-### 4. Service Configs Remain Portable
-Service configurations (`K8sServiceConfig`) work across all providers without changes. Only runtime components need provider-specific implementations.
+| `deployRuntime(provider, ns, config)` | Deploy runtime components |
+| `discoverServiceConfigs(dir, opts?)` | Auto-discover service configs from filesystem |
+| `deployK8sServices(opts)` | Deploy services to cluster |
+| `createNamespace(provider, name)` | Create k8s namespace |
+| `createImagePullSecret(...)` | Create registry pull secret |
+| `ports()` | Fluent port builder |
 ## License

package/dist/index.cjs CHANGED Viewed

@@ -1177,6 +1177,26 @@ function createVPC(config) {
 // lib/runtimes/doks/workloads.ts
 var k8s6 = __toESM(require("@pulumi/kubernetes"));
 var pulumi6 = __toESM(require("@pulumi/pulumi"));
+// lib/runtimes/doks/probes.ts
+var buildProbe = (path, port, config) => path ? { ...config, httpGet: { path, port } } : { ...config, tcpSocket: { port } };
+var buildHealthProbes = (healthCheck, primaryPort, defaults) => {
+  const probeConfig = {
+    initialDelaySeconds: healthCheck.initialDelaySeconds ?? defaults.initialDelaySeconds,
+    periodSeconds: healthCheck.periodSeconds ?? defaults.periodSeconds,
+    failureThreshold: healthCheck.failureThreshold ?? defaults.failureThreshold,
+    successThreshold: healthCheck.successThreshold ?? defaults.successThreshold,
+    timeoutSeconds: healthCheck.timeoutSeconds ?? defaults.timeoutSeconds
+  };
+  const port = healthCheck.port ?? primaryPort;
+  const readinessPath = healthCheck.readinessPath ?? healthCheck.httpPath;
+  return {
+    livenessProbe: buildProbe(healthCheck.httpPath, port, probeConfig),
+    readinessProbe: buildProbe(readinessPath, port, probeConfig)
+  };
+};
+// lib/runtimes/doks/workloads.ts
 var normalizeK8sConfig = (config) => {
   if (config.ports) {
     return config;
@@ -1295,24 +1315,11 @@ var createServiceVolumes = (provider, namespace, config, labels) => {
   }));
   return { pvcs, volumeMounts, volumes };
 };
-var buildHealthProbes = (config) => {
+var buildHealthProbes2 = (config) => {
   if (!config.healthCheck) {
     return {};
   }
-  const { healthCheck } = config;
-  const probeConfig = {
-    initialDelaySeconds: healthCheck.initialDelaySeconds ?? DEFAULTS.healthCheck.initialDelaySeconds,
-    periodSeconds: healthCheck.periodSeconds ?? DEFAULTS.healthCheck.periodSeconds,
-    failureThreshold: healthCheck.failureThreshold ?? DEFAULTS.healthCheck.failureThreshold,
-    successThreshold: healthCheck.successThreshold ?? DEFAULTS.healthCheck.successThreshold,
-    timeoutSeconds: healthCheck.timeoutSeconds ?? DEFAULTS.healthCheck.timeoutSeconds
-  };
-  const port = healthCheck.port ?? config.ports.primary.port;
-  const probe = healthCheck.httpPath ? { httpGet: { path: healthCheck.httpPath, port } } : { tcpSocket: { port } };
-  return {
-    livenessProbe: { ...probeConfig, ...probe },
-    readinessProbe: { ...probeConfig, ...probe }
-  };
+  return buildHealthProbes(config.healthCheck, config.ports.primary.port, DEFAULTS.healthCheck);
 };
 var buildContainerPorts = (config) => {
   const normalizeProtocol = (protocol) => protocol === "HTTP" || protocol === "HTTPS" || protocol === "GRPC" ? "TCP" : protocol ?? "TCP";
@@ -1411,7 +1418,7 @@ var deployK8sService = (provider, namespace, config) => {
   const secret = createServiceSecret(provider, namespace, normalizedConfig, labels);
   const envVars = buildEnvVars(normalizedConfig);
   const { pvcs, volumeMounts, volumes } = createServiceVolumes(provider, namespace, normalizedConfig, labels);
-  const { livenessProbe, readinessProbe } = buildHealthProbes(normalizedConfig);
+  const { livenessProbe, readinessProbe } = buildHealthProbes2(normalizedConfig);
   const containerPorts = buildContainerPorts(normalizedConfig);
   const servicePorts = buildServicePorts(normalizedConfig);
   const deployment = new k8s6.apps.v1.Deployment(`${normalizedConfig.name}-deployment`, {

package/dist/index.js CHANGED Viewed

@@ -1083,6 +1083,26 @@ function createVPC(config) {
 // lib/runtimes/doks/workloads.ts
 import * as k8s6 from "@pulumi/kubernetes";
 import * as pulumi6 from "@pulumi/pulumi";
+// lib/runtimes/doks/probes.ts
+var buildProbe = (path, port, config) => path ? { ...config, httpGet: { path, port } } : { ...config, tcpSocket: { port } };
+var buildHealthProbes = (healthCheck, primaryPort, defaults) => {
+  const probeConfig = {
+    initialDelaySeconds: healthCheck.initialDelaySeconds ?? defaults.initialDelaySeconds,
+    periodSeconds: healthCheck.periodSeconds ?? defaults.periodSeconds,
+    failureThreshold: healthCheck.failureThreshold ?? defaults.failureThreshold,
+    successThreshold: healthCheck.successThreshold ?? defaults.successThreshold,
+    timeoutSeconds: healthCheck.timeoutSeconds ?? defaults.timeoutSeconds
+  };
+  const port = healthCheck.port ?? primaryPort;
+  const readinessPath = healthCheck.readinessPath ?? healthCheck.httpPath;
+  return {
+    livenessProbe: buildProbe(healthCheck.httpPath, port, probeConfig),
+    readinessProbe: buildProbe(readinessPath, port, probeConfig)
+  };
+};
+// lib/runtimes/doks/workloads.ts
 var normalizeK8sConfig = (config) => {
   if (config.ports) {
     return config;
@@ -1201,24 +1221,11 @@ var createServiceVolumes = (provider, namespace, config, labels) => {
   }));
   return { pvcs, volumeMounts, volumes };
 };
-var buildHealthProbes = (config) => {
+var buildHealthProbes2 = (config) => {
   if (!config.healthCheck) {
     return {};
   }
-  const { healthCheck } = config;
-  const probeConfig = {
-    initialDelaySeconds: healthCheck.initialDelaySeconds ?? DEFAULTS.healthCheck.initialDelaySeconds,
-    periodSeconds: healthCheck.periodSeconds ?? DEFAULTS.healthCheck.periodSeconds,
-    failureThreshold: healthCheck.failureThreshold ?? DEFAULTS.healthCheck.failureThreshold,
-    successThreshold: healthCheck.successThreshold ?? DEFAULTS.healthCheck.successThreshold,
-    timeoutSeconds: healthCheck.timeoutSeconds ?? DEFAULTS.healthCheck.timeoutSeconds
-  };
-  const port = healthCheck.port ?? config.ports.primary.port;
-  const probe = healthCheck.httpPath ? { httpGet: { path: healthCheck.httpPath, port } } : { tcpSocket: { port } };
-  return {
-    livenessProbe: { ...probeConfig, ...probe },
-    readinessProbe: { ...probeConfig, ...probe }
-  };
+  return buildHealthProbes(config.healthCheck, config.ports.primary.port, DEFAULTS.healthCheck);
 };
 var buildContainerPorts = (config) => {
   const normalizeProtocol = (protocol) => protocol === "HTTP" || protocol === "HTTPS" || protocol === "GRPC" ? "TCP" : protocol ?? "TCP";
@@ -1317,7 +1324,7 @@ var deployK8sService = (provider, namespace, config) => {
   const secret = createServiceSecret(provider, namespace, normalizedConfig, labels);
   const envVars = buildEnvVars(normalizedConfig);
   const { pvcs, volumeMounts, volumes } = createServiceVolumes(provider, namespace, normalizedConfig, labels);
-  const { livenessProbe, readinessProbe } = buildHealthProbes(normalizedConfig);
+  const { livenessProbe, readinessProbe } = buildHealthProbes2(normalizedConfig);
   const containerPorts = buildContainerPorts(normalizedConfig);
   const servicePorts = buildServicePorts(normalizedConfig);
   const deployment = new k8s6.apps.v1.Deployment(`${normalizedConfig.name}-deployment`, {

package/dist/runtimes/doks/probes.d.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import type { K8sHealthCheck } from './types';
+export interface ProbeHttp {
+    httpGet: {
+        path: string;
+        port: number;
+    };
+}
+export interface ProbeTcp {
+    tcpSocket: {
+        port: number;
+    };
+}
+export interface ProbeConfig {
+    initialDelaySeconds: number;
+    periodSeconds: number;
+    failureThreshold: number;
+    successThreshold: number;
+    timeoutSeconds: number;
+}
+export type Probe = ProbeConfig & (ProbeHttp | ProbeTcp);
+export interface HealthProbes {
+    livenessProbe?: Probe;
+    readinessProbe?: Probe;
+}
+/**
+ * Builds liveness and readiness probes from a service health check config.
+ *
+ * - `httpPath` → liveness probe
+ * - `readinessPath` → readiness probe (falls back to `httpPath` when omitted)
+ * - Neither → tcpSocket probe on the primary port
+ */
+export declare const buildHealthProbes: (healthCheck: K8sHealthCheck, primaryPort: number, defaults: ProbeConfig) => HealthProbes;

package/dist/runtimes/doks/types.d.ts CHANGED Viewed

@@ -96,8 +96,10 @@ export interface K8sResourceConfig {
  * Health check configuration for Kubernetes probes.
  */
 export interface K8sHealthCheck {
-    /** HTTP path for health check (e.g., '/health') */
+    /** HTTP path for liveness probe (e.g., '/health') */
     httpPath?: string;
+    /** HTTP path for readiness probe — if omitted, falls back to httpPath (e.g., '/health/ready') */
+    readinessPath?: string;
     /** Port for health check (defaults to containerPort) */
     port?: number;
     /** Initial delay before starting probes in seconds (default: 10) */

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@crossdelta/infrastructure",
-  "version": "0.6.2",
+  "version": "0.6.4",
   "type": "module",
   "license": "MIT",
   "publishConfig": {
@@ -35,7 +35,7 @@
     }
   },
   "dependencies": {
-    "@crossdelta/cloudevents": "0.6.4"
+    "@crossdelta/cloudevents": "0.6.7"
   },
   "peerDependencies": {
     "@pulumi/digitalocean": "^4.0.0",