@drunk-pulumi/azure 0.0.19

package/KubeX/Tools/OpenLDAP/index.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const k8s = require("@pulumi/kubernetes");
+const Random_1 = require("../../../Core/Random");
+const Namespace_1 = require("../../Core/Namespace");
+exports.default = ({ name = 'openldap', namespace = 'openldap', vaultInfo, resources, replicas = 1, ldapDomain, storageClassName, ...others }) => {
+    //Admin Pass
+    const adminLogin = (0, Random_1.randomLogin)({
+        name: `${name}-admin`,
+        vaultInfo,
+        loginPrefix: 'admin',
+        maxUserNameLength: 10,
+        passwordOptions: { length: 20, policy: false },
+    });
+    const ns = (0, Namespace_1.default)({ name: namespace, ...others });
+    //https://github.com/jp-gouin/helm-openldap/blob/master/values.yaml
+    const openLDAP = new k8s.helm.v3.Chart(name, {
+        namespace,
+        chart: 'openldap-stack-ha',
+        fetchOpts: { repo: 'https://jp-gouin.github.io/helm-openldap' },
+        values: {
+            users: '',
+            userPasswords: '',
+            global: {
+                ldapDomain,
+                adminUser: adminLogin.userName,
+                adminPassword: adminLogin.password,
+                configUserEnabled: true,
+                configUser: adminLogin.userName,
+                configPassword: adminLogin.password,
+            },
+            replicaCount: replicas,
+            replication: { enabled: false },
+            initTLSSecret: {
+                enabled: false,
+                tls_enabled: false,
+                secret: undefined,
+            },
+            phpldapadmin: {
+                enabled: true,
+                ingress: { enabled: false, ingressClassName: 'nginx' },
+            },
+            'ltb-passwd': {
+                enabled: false,
+                ingress: { enabled: false, ingressClassName: 'nginx' },
+            },
+            persistence: {
+                enabled: true,
+                storageClass: storageClassName,
+            },
+            resources,
+        },
+    }, { provider: others.provider, dependsOn: ns });
+    return openLDAP;
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvS3ViZVgvVG9vbHMvT3BlbkxEQVAvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSwwQ0FBMEM7QUFDMUMsaURBQW1EO0FBR25ELG9EQUE2QztBQVU3QyxrQkFBZSxDQUFDLEVBQ2QsSUFBSSxHQUFHLFVBQVUsRUFDakIsU0FBUyxHQUFHLFVBQVUsRUFDdEIsU0FBUyxFQUNULFNBQVMsRUFDVCxRQUFRLEdBQUcsQ0FBQyxFQUNaLFVBQVUsRUFDVixnQkFBZ0IsRUFDaEIsR0FBRyxNQUFNLEVBQ0ssRUFBRSxFQUFFO0lBQ2xCLFlBQVk7SUFDWixNQUFNLFVBQVUsR0FBRyxJQUFBLG9CQUFXLEVBQUM7UUFDN0IsSUFBSSxFQUFFLEdBQUcsSUFBSSxRQUFRO1FBQ3JCLFNBQVM7UUFDVCxXQUFXLEVBQUUsT0FBTztRQUNwQixpQkFBaUIsRUFBRSxFQUFFO1FBQ3JCLGVBQWUsRUFBRSxFQUFFLE1BQU0sRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRTtLQUMvQyxDQUFDLENBQUM7SUFFSCxNQUFNLEVBQUUsR0FBRyxJQUFBLG1CQUFTLEVBQUMsRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFLEdBQUcsTUFBTSxFQUFFLENBQUMsQ0FBQztJQUVyRCxtRUFBbUU7SUFDbkUsTUFBTSxRQUFRLEdBQUcsSUFBSSxHQUFHLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQ3BDLElBQUksRUFDSjtRQUNFLFNBQVM7UUFDVCxLQUFLLEVBQUUsbUJBQW1CO1FBQzFCLFNBQVMsRUFBRSxFQUFFLElBQUksRUFBRSwwQ0FBMEMsRUFBRTtRQUUvRCxNQUFNLEVBQUU7WUFDTixLQUFLLEVBQUUsRUFBRTtZQUNULGFBQWEsRUFBRSxFQUFFO1lBRWpCLE1BQU0sRUFBRTtnQkFDTixVQUFVO2dCQUNWLFNBQVMsRUFBRSxVQUFVLENBQUMsUUFBUTtnQkFDOUIsYUFBYSxFQUFFLFVBQVUsQ0FBQyxRQUFRO2dCQUNsQyxpQkFBaUIsRUFBRSxJQUFJO2dCQUN2QixVQUFVLEVBQUUsVUFBVSxDQUFDLFFBQVE7Z0JBQy9CLGNBQWMsRUFBRSxVQUFVLENBQUMsUUFBUTthQUNwQztZQUVELFlBQVksRUFBRSxRQUFRO1lBQ3RCLFdBQVcsRUFBRSxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUU7WUFFL0IsYUFBYSxFQUFFO2dCQUNiLE9BQU8sRUFBRSxLQUFLO2dCQUNkLFdBQVcsRUFBRSxLQUFLO2dCQUNsQixNQUFNLEVBQUUsU0FBUzthQUNsQjtZQUVELFlBQVksRUFBRTtnQkFDWixPQUFPLEVBQUUsSUFBSTtnQkFDYixPQUFPLEVBQUUsRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLGdCQUFnQixFQUFFLE9BQU8sRUFBRTthQUN2RDtZQUVELFlBQVksRUFBRTtnQkFDWixPQUFPLEVBQUUsS0FBSztnQkFDZCxPQUFPLEVBQUUsRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLGdCQUFnQixFQUFFLE9BQU8sRUFBRTthQUN2RDtZQUVELFdBQVcsRUFBRTtnQkFDWCxPQUFPLEVBQUUsSUFBSTtnQkFDYixZQUFZLEVBQUUsZ0JBQWdCO2FBQy9CO1lBQ0QsU0FBUztTQUNWO0tBQ0YsRUFDRCxFQUFFLFFBQVEsRUFBRSxNQUFNLENBQUMsUUFBUSxFQUFFLFNBQVMsRUFBRSxFQUFFLEVBQUUsQ0FDN0MsQ0FBQztJQUVGLE9BQU8sUUFBUSxDQUFDO0FBQ2xCLENBQUMsQ0FBQyJ9

package/KubeX/Tools/OutlineVpn/index.d.ts

@@ -0,0 +1,25 @@
+import { K8sArgs, K8sResourceType } from '../../types';
+import { KeyVaultInfo } from '../../../types';
+import { Input } from '@pulumi/pulumi';
+export interface OutlineProps extends K8sArgs {
+    vaultInfo?: KeyVaultInfo;
+    hostname: string;
+    apiPort?: number;
+    accessPort?: number;
+    priorityClassName?: string;
+    cert: {
+        certVaultName?: string;
+        certFolderName?: string;
+        cert?: {
+            cert: Input<string>;
+            ca?: Input<string>;
+            privateKey: Input<string>;
+        };
+    };
+    replicas?: number;
+    autoScale?: boolean;
+    resources?: K8sResourceType;
+    storageClassName: string;
+}
+declare const _default: ({ vaultInfo, hostname, apiPort, accessPort, cert, storageClassName, priorityClassName, replicas, resources, autoScale, ...others }: OutlineProps) => Promise<void>;
+export default _default;

package/KubeX/Tools/OutlineVpn/index.js

@@ -0,0 +1,256 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const Namespace_1 = require("../../Core/Namespace");
+const CertImports_1 = require("../../CertImports");
+const kubernetes = require("@pulumi/kubernetes");
+const Storage_1 = require("../../Storage");
+const Random_1 = require("../../../Core/Random");
+const KsCertSecret_1 = require("../../Core/KsCertSecret");
+const PodAutoscaler_1 = require("../../Deployment/PodAutoscaler");
+exports.default = async ({ vaultInfo, hostname, apiPort = 65123, accessPort = 45123, cert, storageClassName, priorityClassName = 'system-cluster-critical', replicas = 1, resources = {
+    requests: { memory: '100Mi', cpu: '0.5' },
+    limits: { memory: '600Mi', cpu: '1' },
+}, autoScale, ...others }) => {
+    const name = 'outline-vpn';
+    const namespace = 'outline-system';
+    const image = 'quay.io/outline/shadowbox:stable';
+    const id = (0, Random_1.randomUuId)(name).result;
+    const ns = (0, Namespace_1.default)({ name: namespace, ...others });
+    const defaultProps = {
+        namespace,
+        dependsOn: ns,
+        provider: others.provider,
+    };
+    //Cert
+    if (cert.cert) {
+        (0, KsCertSecret_1.default)({
+            name: `tls-${name}-imported`,
+            certInfo: cert.cert,
+            ...defaultProps,
+        });
+    }
+    else if (cert.certVaultName && vaultInfo) {
+        await (0, CertImports_1.certImportFromVault)({
+            certNames: [cert.certVaultName],
+            vaultInfo,
+            ...defaultProps,
+        });
+    }
+    else if (cert.certFolderName) {
+        (0, CertImports_1.certImportFromFolder)({
+            certName: name,
+            certFolder: cert.certFolderName,
+            namespaces: [namespace],
+            ...defaultProps,
+        });
+    }
+    //Config Map
+    // const configMap = new kx.ConfigMap(
+    //   name,
+    //   {
+    //     metadata: { namespace },
+    //     data: { 'config.yml': '' },
+    //   },
+    //   others
+    // );
+    //Storage
+    const persisVolume = (0, Storage_1.createPVCForStorageClass)({
+        name,
+        storageClassName,
+        ...defaultProps,
+    });
+    const serverConfig = {
+        rollouts: [{ id: 'single-port', enabled: true }],
+        portForNewAccessKeys: accessPort,
+        hostname,
+    };
+    //Deployment
+    const outlineDeployment = new kubernetes.apps.v1.Deployment(name, {
+        metadata: {
+            name,
+            namespace,
+            annotations: {
+                'pulumi.com/skipAwait': 'true',
+                'pulumi.com/patchForce': 'true',
+            },
+        },
+        spec: {
+            replicas,
+            selector: {
+                matchLabels: {
+                    name,
+                    app: name,
+                },
+            },
+            template: {
+                metadata: {
+                    labels: {
+                        name,
+                        app: name,
+                    },
+                },
+                spec: {
+                    priorityClassName,
+                    containers: [
+                        {
+                            name,
+                            image,
+                            //`echo '{"rollouts":[{"id":"single-port","enabled":true}],"portForNewAccessKeys":${accessPort}}' > /root/shadowbox/persisted-state/shadowbox_server_config.json; cat /opt/outline/shadowbox_config.json > /root/shadowbox/persisted-state/shadowbox_config.json; [ ! -f /root/shadowbox/persisted-state/outline-ss-server/config.yml ] && cat /opt/outline/outline-ss-server/config.yml > /root/shadowbox/persisted-state/outline-ss-server/config.yml; sleep 10; ln -sf /opt/outline/shadowbox_config.json /root/shadowbox/persisted-state/shadowbox_config.json; ln -sf /opt/outline/outline-ss-server/config.yml /root/shadowbox/persisted-state/outline-ss-server/config.yml; var='kill -SIGHUP $(pgrep -f outline-ss-server)'; echo "*/15 * * * * $var" > mycron; crontab mycron; rm mycron;`,
+                            lifecycle: {
+                                postStart: {
+                                    exec: {
+                                        command: [
+                                            '/bin/sh',
+                                            '-c',
+                                            `echo '${JSON.stringify(serverConfig)}' > /root/shadowbox/persisted-state/shadowbox_server_config.json;`,
+                                        ],
+                                    },
+                                },
+                            },
+                            ports: [
+                                { containerPort: accessPort },
+                                { containerPort: apiPort },
+                            ],
+                            env: [
+                                {
+                                    name: 'SB_API_PORT',
+                                    value: apiPort.toString(),
+                                },
+                                {
+                                    name: 'SB_API_PREFIX',
+                                    value: id,
+                                },
+                                {
+                                    name: 'SB_CERTIFICATE_FILE',
+                                    value: '/tmp/shadowbox-selfsigned-dev.crt',
+                                },
+                                {
+                                    name: 'SB_PRIVATE_KEY_FILE',
+                                    value: '/tmp/shadowbox-selfsigned-dev.key',
+                                },
+                            ],
+                            volumeMounts: [
+                                {
+                                    name: 'server-config-volume',
+                                    mountPath: '/cache',
+                                },
+                                {
+                                    name: 'shadowbox-config',
+                                    mountPath: '/opt/outline',
+                                },
+                                {
+                                    name: 'shadowbox-config',
+                                    mountPath: '/root/shadowbox',
+                                },
+                                {
+                                    name: 'tls',
+                                    mountPath: '/tmp/shadowbox-selfsigned-dev.crt',
+                                    subPath: 'shadowbox-selfsigned-dev.crt',
+                                    readOnly: true,
+                                },
+                                {
+                                    name: 'tls',
+                                    mountPath: '/tmp/shadowbox-selfsigned-dev.key',
+                                    subPath: 'shadowbox-selfsigned-dev.key',
+                                    readOnly: true,
+                                },
+                            ],
+                            resources,
+                        },
+                    ],
+                    volumes: [
+                        {
+                            name: 'server-config-volume',
+                            emptyDir: {},
+                        },
+                        {
+                            name: 'shadowbox-config',
+                            persistentVolumeClaim: {
+                                claimName: persisVolume.metadata.name,
+                            },
+                        },
+                        // {
+                        //   name: 'config',
+                        //   configMap: { name: configMap.metadata.name },
+                        // },
+                        {
+                            name: 'tls',
+                            secret: {
+                                secretName: `tls-${name}-imported`,
+                                items: [
+                                    {
+                                        key: 'tls.crt',
+                                        path: 'shadowbox-selfsigned-dev.crt',
+                                    },
+                                    {
+                                        key: 'tls.key',
+                                        path: 'shadowbox-selfsigned-dev.key',
+                                    },
+                                ],
+                            },
+                        },
+                    ],
+                },
+            },
+        },
+    }, {
+        dependsOn: [ns, persisVolume],
+        provider: others.provider,
+    });
+    if (autoScale) {
+        (0, PodAutoscaler_1.default)({
+            name,
+            deployment: outlineDeployment,
+            minReplicas: replicas ?? 1,
+            maxReplicas: 3,
+            ...others,
+        });
+    }
+    //Services
+    new kubernetes.core.v1.Service(name, {
+        metadata: {
+            name,
+            namespace,
+            labels: {
+                app: name,
+            },
+        },
+        spec: {
+            //type: "LoadBalancer",
+            ports: [
+                {
+                    name: 'apiport-tcp',
+                    port: apiPort,
+                    targetPort: apiPort,
+                    protocol: 'TCP',
+                },
+                {
+                    name: 'apiport-udp',
+                    port: apiPort,
+                    targetPort: apiPort,
+                    protocol: 'UDP',
+                },
+                {
+                    name: 'accessport-tcp',
+                    port: accessPort,
+                    targetPort: accessPort,
+                    protocol: 'TCP',
+                },
+                {
+                    name: 'accessport-udp',
+                    port: accessPort,
+                    targetPort: accessPort,
+                    protocol: 'UDP',
+                },
+            ],
+            selector: {
+                app: name,
+            },
+        },
+    }, {
+        dependsOn: outlineDeployment,
+        provider: others.provider,
+        deleteBeforeReplace: true,
+    });
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvS3ViZVgvVG9vbHMvT3V0bGluZVZwbi9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUNBLG9EQUE2QztBQUU3QyxtREFBOEU7QUFDOUUsaURBQWlEO0FBQ2pELDJDQUF5RDtBQUN6RCxpREFBa0Q7QUFFbEQsMERBQW1EO0FBQ25ELGtFQUEwRDtBQTBCMUQsa0JBQWUsS0FBSyxFQUFFLEVBQ3BCLFNBQVMsRUFDVCxRQUFRLEVBQ1IsT0FBTyxHQUFHLEtBQUssRUFDZixVQUFVLEdBQUcsS0FBSyxFQUNsQixJQUFJLEVBQ0osZ0JBQWdCLEVBQ2hCLGlCQUFpQixHQUFHLHlCQUF5QixFQUM3QyxRQUFRLEdBQUcsQ0FBQyxFQUNaLFNBQVMsR0FBRztJQUNWLFFBQVEsRUFBRSxFQUFFLE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLEtBQUssRUFBRTtJQUN6QyxNQUFNLEVBQUUsRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUU7Q0FDdEMsRUFDRCxTQUFTLEVBQ1QsR0FBRyxNQUFNLEVBQ0ksRUFBRSxFQUFFO0lBQ2pCLE1BQU0sSUFBSSxHQUFHLGFBQWEsQ0FBQztJQUMzQixNQUFNLFNBQVMsR0FBRyxnQkFBZ0IsQ0FBQztJQUNuQyxNQUFNLEtBQUssR0FBRyxrQ0FBa0MsQ0FBQztJQUVqRCxNQUFNLEVBQUUsR0FBRyxJQUFBLG1CQUFVLEVBQUMsSUFBSSxDQUFDLENBQUMsTUFBTSxDQUFDO0lBQ25DLE1BQU0sRUFBRSxHQUFHLElBQUEsbUJBQVMsRUFBQyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsR0FBRyxNQUFNLEVBQUUsQ0FBQyxDQUFDO0lBRXJELE1BQU0sWUFBWSxHQUFHO1FBQ25CLFNBQVM7UUFDVCxTQUFTLEVBQUUsRUFBRTtRQUNiLFFBQVEsRUFBRSxNQUFNLENBQUMsUUFBUTtLQUMxQixDQUFDO0lBRUYsTUFBTTtJQUNOLElBQUksSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQ2QsSUFBQSxzQkFBWSxFQUFDO1lBQ1gsSUFBSSxFQUFFLE9BQU8sSUFBSSxXQUFXO1lBQzVCLFFBQVEsRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNuQixHQUFHLFlBQVk7U0FDaEIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztTQUFNLElBQUksSUFBSSxDQUFDLGFBQWEsSUFBSSxTQUFTLEVBQUUsQ0FBQztRQUMzQyxNQUFNLElBQUEsaUNBQW1CLEVBQUM7WUFDeEIsU0FBUyxFQUFFLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQztZQUMvQixTQUFTO1lBQ1QsR0FBRyxZQUFZO1NBQ2hCLENBQUMsQ0FBQztJQUNMLENBQUM7U0FBTSxJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztRQUMvQixJQUFBLGtDQUFvQixFQUFDO1lBQ25CLFFBQVEsRUFBRSxJQUFJO1lBQ2QsVUFBVSxFQUFFLElBQUksQ0FBQyxjQUFjO1lBQy9CLFVBQVUsRUFBRSxDQUFDLFNBQVMsQ0FBQztZQUN2QixHQUFHLFlBQVk7U0FDaEIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELFlBQVk7SUFDWixzQ0FBc0M7SUFDdEMsVUFBVTtJQUNWLE1BQU07SUFDTiwrQkFBK0I7SUFDL0Isa0NBQWtDO0lBQ2xDLE9BQU87SUFDUCxXQUFXO0lBQ1gsS0FBSztJQUVMLFNBQVM7SUFDVCxNQUFNLFlBQVksR0FBRyxJQUFBLGtDQUF3QixFQUFDO1FBQzVDLElBQUk7UUFDSixnQkFBZ0I7UUFDaEIsR0FBRyxZQUFZO0tBQ2hCLENBQUMsQ0FBQztJQUVILE1BQU0sWUFBWSxHQUFHO1FBQ25CLFFBQVEsRUFBRSxDQUFDLEVBQUUsRUFBRSxFQUFFLGFBQWEsRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLENBQUM7UUFDaEQsb0JBQW9CLEVBQUUsVUFBVTtRQUNoQyxRQUFRO0tBQ1QsQ0FBQztJQUVGLFlBQVk7SUFDWixNQUFNLGlCQUFpQixHQUFHLElBQUksVUFBVSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUN6RCxJQUFJLEVBQ0o7UUFDRSxRQUFRLEVBQUU7WUFDUixJQUFJO1lBQ0osU0FBUztZQUNULFdBQVcsRUFBRTtnQkFDWCxzQkFBc0IsRUFBRSxNQUFNO2dCQUM5Qix1QkFBdUIsRUFBRSxNQUFNO2FBQ2hDO1NBQ0Y7UUFDRCxJQUFJLEVBQUU7WUFDSixRQUFRO1lBQ1IsUUFBUSxFQUFFO2dCQUNSLFdBQVcsRUFBRTtvQkFDWCxJQUFJO29CQUNKLEdBQUcsRUFBRSxJQUFJO2lCQUNWO2FBQ0Y7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsUUFBUSxFQUFFO29CQUNSLE1BQU0sRUFBRTt3QkFDTixJQUFJO3dCQUNKLEdBQUcsRUFBRSxJQUFJO3FCQUNWO2lCQUNGO2dCQUNELElBQUksRUFBRTtvQkFDSixpQkFBaUI7b0JBQ2pCLFVBQVUsRUFBRTt3QkFDVjs0QkFDRSxJQUFJOzRCQUNKLEtBQUs7NEJBQ0wsb3dCQUFvd0I7NEJBQ3B3QixTQUFTLEVBQUU7Z0NBQ1QsU0FBUyxFQUFFO29DQUNULElBQUksRUFBRTt3Q0FDSixPQUFPLEVBQUU7NENBQ1AsU0FBUzs0Q0FDVCxJQUFJOzRDQUNKLFNBQVMsSUFBSSxDQUFDLFNBQVMsQ0FDckIsWUFBWSxDQUNiLG1FQUFtRTt5Q0FDckU7cUNBQ0Y7aUNBQ0Y7NkJBQ0Y7NEJBQ0QsS0FBSyxFQUFFO2dDQUNMLEVBQUUsYUFBYSxFQUFFLFVBQVUsRUFBRTtnQ0FDN0IsRUFBRSxhQUFhLEVBQUUsT0FBTyxFQUFFOzZCQUMzQjs0QkFDRCxHQUFHLEVBQUU7Z0NBQ0g7b0NBQ0UsSUFBSSxFQUFFLGFBQWE7b0NBQ25CLEtBQUssRUFBRSxPQUFPLENBQUMsUUFBUSxFQUFFO2lDQUMxQjtnQ0FDRDtvQ0FDRSxJQUFJLEVBQUUsZUFBZTtvQ0FDckIsS0FBSyxFQUFFLEVBQUU7aUNBQ1Y7Z0NBQ0Q7b0NBQ0UsSUFBSSxFQUFFLHFCQUFxQjtvQ0FDM0IsS0FBSyxFQUFFLG1DQUFtQztpQ0FDM0M7Z0NBQ0Q7b0NBQ0UsSUFBSSxFQUFFLHFCQUFxQjtvQ0FDM0IsS0FBSyxFQUFFLG1DQUFtQztpQ0FDM0M7NkJBQ0Y7NEJBQ0QsWUFBWSxFQUFFO2dDQUNaO29DQUNFLElBQUksRUFBRSxzQkFBc0I7b0NBQzVCLFNBQVMsRUFBRSxRQUFRO2lDQUNwQjtnQ0FDRDtvQ0FDRSxJQUFJLEVBQUUsa0JBQWtCO29DQUN4QixTQUFTLEVBQUUsY0FBYztpQ0FDMUI7Z0NBQ0Q7b0NBQ0UsSUFBSSxFQUFFLGtCQUFrQjtvQ0FDeEIsU0FBUyxFQUFFLGlCQUFpQjtpQ0FDN0I7Z0NBQ0Q7b0NBQ0UsSUFBSSxFQUFFLEtBQUs7b0NBQ1gsU0FBUyxFQUFFLG1DQUFtQztvQ0FDOUMsT0FBTyxFQUFFLDhCQUE4QjtvQ0FDdkMsUUFBUSxFQUFFLElBQUk7aUNBQ2Y7Z0NBQ0Q7b0NBQ0UsSUFBSSxFQUFFLEtBQUs7b0NBQ1gsU0FBUyxFQUFFLG1DQUFtQztvQ0FDOUMsT0FBTyxFQUFFLDhCQUE4QjtvQ0FDdkMsUUFBUSxFQUFFLElBQUk7aUNBQ2Y7NkJBQ0Y7NEJBRUQsU0FBUzt5QkFDVjtxQkFDRjtvQkFDRCxPQUFPLEVBQUU7d0JBQ1A7NEJBQ0UsSUFBSSxFQUFFLHNCQUFzQjs0QkFDNUIsUUFBUSxFQUFFLEVBQUU7eUJBQ2I7d0JBQ0Q7NEJBQ0UsSUFBSSxFQUFFLGtCQUFrQjs0QkFDeEIscUJBQXFCLEVBQUU7Z0NBQ3JCLFNBQVMsRUFBRSxZQUFZLENBQUMsUUFBUSxDQUFDLElBQUk7NkJBQ3RDO3lCQUNGO3dCQUNELElBQUk7d0JBQ0osb0JBQW9CO3dCQUNwQixrREFBa0Q7d0JBQ2xELEtBQUs7d0JBQ0w7NEJBQ0UsSUFBSSxFQUFFLEtBQUs7NEJBQ1gsTUFBTSxFQUFFO2dDQUNOLFVBQVUsRUFBRSxPQUFPLElBQUksV0FBVztnQ0FDbEMsS0FBSyxFQUFFO29DQUNMO3dDQUNFLEdBQUcsRUFBRSxTQUFTO3dDQUNkLElBQUksRUFBRSw4QkFBOEI7cUNBQ3JDO29DQUNEO3dDQUNFLEdBQUcsRUFBRSxTQUFTO3dDQUNkLElBQUksRUFBRSw4QkFBOEI7cUNBQ3JDO2lDQUNGOzZCQUNGO3lCQUNGO3FCQUNGO2lCQUNGO2FBQ0Y7U0FDRjtLQUNGLEVBQ0Q7UUFDRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLEVBQUUsWUFBWSxDQUFDO1FBQzdCLFFBQVEsRUFBRSxNQUFNLENBQUMsUUFBUTtLQUMxQixDQUNGLENBQUM7SUFFRixJQUFJLFNBQVMsRUFBRSxDQUFDO1FBQ2QsSUFBQSx1QkFBWSxFQUFDO1lBQ1gsSUFBSTtZQUNKLFVBQVUsRUFBRSxpQkFBaUI7WUFDN0IsV0FBVyxFQUFFLFFBQVEsSUFBSSxDQUFDO1lBQzFCLFdBQVcsRUFBRSxDQUFDO1lBQ2QsR0FBRyxNQUFNO1NBQ1YsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELFVBQVU7SUFDVixJQUFJLFVBQVUsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLE9BQU8sQ0FDNUIsSUFBSSxFQUNKO1FBQ0UsUUFBUSxFQUFFO1lBQ1IsSUFBSTtZQUNKLFNBQVM7WUFFVCxNQUFNLEVBQUU7Z0JBQ04sR0FBRyxFQUFFLElBQUk7YUFDVjtTQUNGO1FBQ0QsSUFBSSxFQUFFO1lBQ0osdUJBQXVCO1lBQ3ZCLEtBQUssRUFBRTtnQkFDTDtvQkFDRSxJQUFJLEVBQUUsYUFBYTtvQkFDbkIsSUFBSSxFQUFFLE9BQU87b0JBQ2IsVUFBVSxFQUFFLE9BQU87b0JBQ25CLFFBQVEsRUFBRSxLQUFLO2lCQUNoQjtnQkFDRDtvQkFDRSxJQUFJLEVBQUUsYUFBYTtvQkFDbkIsSUFBSSxFQUFFLE9BQU87b0JBQ2IsVUFBVSxFQUFFLE9BQU87b0JBQ25CLFFBQVEsRUFBRSxLQUFLO2lCQUNoQjtnQkFDRDtvQkFDRSxJQUFJLEVBQUUsZ0JBQWdCO29CQUN0QixJQUFJLEVBQUUsVUFBVTtvQkFDaEIsVUFBVSxFQUFFLFVBQVU7b0JBQ3RCLFFBQVEsRUFBRSxLQUFLO2lCQUNoQjtnQkFDRDtvQkFDRSxJQUFJLEVBQUUsZ0JBQWdCO29CQUN0QixJQUFJLEVBQUUsVUFBVTtvQkFDaEIsVUFBVSxFQUFFLFVBQVU7b0JBQ3RCLFFBQVEsRUFBRSxLQUFLO2lCQUNoQjthQUNGO1lBQ0QsUUFBUSxFQUFFO2dCQUNSLEdBQUcsRUFBRSxJQUFJO2FBQ1Y7U0FDRjtLQUNGLEVBQ0Q7UUFDRSxTQUFTLEVBQUUsaUJBQWlCO1FBQzVCLFFBQVEsRUFBRSxNQUFNLENBQUMsUUFBUTtRQUN6QixtQkFBbUIsRUFBRSxJQUFJO0tBQzFCLENBQ0YsQ0FBQztBQUNKLENBQUMsQ0FBQyJ9

package/KubeX/Tools/SqlPad.d.ts

@@ -0,0 +1,29 @@
+import * as k8s from '@pulumi/kubernetes';
+import { Input } from '@pulumi/pulumi';
+import { KeyVaultInfo } from '../../types';
+import { DefaultKsAppArgs } from '../types';
+export interface SqlPadProps extends Omit<DefaultKsAppArgs, 'name'> {
+    namespace: Input<string>;
+    useVirtualHost?: boolean;
+    provider: k8s.Provider;
+    /**The database configuration follow this instruction: https://getsqlpad.com/en/connections/ */
+    databases?: {
+        [key: string]: Input<string>;
+    };
+    auth: {
+        azureAd?: {
+            allowedDomain?: string;
+            vaultInfo: KeyVaultInfo;
+        };
+        admin?: {
+            email: Input<string>;
+        };
+    };
+    vaultInfo?: KeyVaultInfo;
+}
+declare const _default: ({ namespace, ingress, useVirtualHost, databases, auth, vaultInfo, ...others }: SqlPadProps) => Promise<{
+    deployment: import("../kx").Deployment | undefined;
+    service: import("../kx").Service | undefined;
+    jobs: (import("@pulumi/kubernetes/batch/v1/cronJob").CronJob | import("../kx").Job)[] | undefined;
+}>;
+export default _default;

package/KubeX/Tools/SqlPad.js

@@ -0,0 +1,133 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const Storage_1 = require("../Storage");
+const Deployment_1 = require("../Deployment");
+const Role_1 = require("../../AzAd/Role");
+const Identity_1 = require("../../AzAd/Identity");
+const pulumi_1 = require("@pulumi/pulumi");
+const AzureEnv_1 = require("../../Common/AzureEnv");
+const GraphDefinition_1 = require("../../AzAd/GraphDefinition");
+const Random_1 = require("../../Core/Random");
+const createIdentity = async ({ callbackUrl, name, vaultInfo, }) => {
+    await (0, Role_1.default)({
+        env: AzureEnv_1.currentEnv,
+        appName: name,
+        roleName: 'Admin',
+    });
+    //Create Azure AD Identity for Authentication
+    return (0, Identity_1.default)({
+        name,
+        appRoleAssignmentRequired: true,
+        appRoles: [
+            {
+                id: 'c8d15513-8409-4275-86d0-7f6cb8c54997',
+                allowedMemberTypes: ['User'],
+                description: 'Sql Pad Admin Role',
+                displayName: 'Sql Pad Admin Role',
+                enabled: true,
+                value: 'admin',
+            },
+            {
+                id: '64318876-2259-4e26-8f94-59be1e5232bf',
+                allowedMemberTypes: ['User'],
+                description: 'Sql Pad User Role',
+                displayName: 'Sql Pad User Role',
+                enabled: true,
+                value: 'editor',
+            },
+        ],
+        requiredResourceAccesses: [
+            (0, GraphDefinition_1.getGraphPermissions)({ name: 'User.Read', type: 'Scope' }),
+        ],
+        createClientSecret: true,
+        createPrincipal: true,
+        replyUrls: [callbackUrl],
+        vaultInfo,
+    });
+};
+exports.default = async ({ namespace, ingress, useVirtualHost, databases, auth, vaultInfo, ...others }) => {
+    const name = 'sql-pad';
+    const hostName = ingress?.hostNames ? ingress.hostNames[0] : '';
+    const port = 3000;
+    const image = 'sqlpad/sqlpad:latest';
+    const callbackUrl = `https://${hostName}/auth/oidc/callback`.toLowerCase();
+    const adIdentity = auth?.azureAd
+        ? await createIdentity({
+            name,
+            callbackUrl,
+            vaultInfo: auth.azureAd.vaultInfo,
+        })
+        : undefined;
+    const volume = {
+        name: 'sqlpad',
+        //secretName: 'azure-storage',
+        mountPath: '/var/lib/sqlpad',
+    };
+    (0, Storage_1.createPVCForStorageClass)({
+        name: volume.name,
+        namespace,
+        ...others,
+    });
+    const secrets = {
+        SQLPAD_PASSPHRASE: (0, Random_1.randomPassword)({ name, policy: false, vaultInfo })
+            .result,
+        //localhost used in dev
+        //SQLPAD_BASE_URL: '/',
+        PUBLIC_URL: hostName,
+        SQLPAD_DB_PATH: `/var/lib/sqlpad/sqlDb`,
+        // Enable/disable automigration on SQLPad process start. Disable by setting to `false`
+        SQLPAD_DB_AUTOMIGRATE: 'true',
+        SQLPAD_APP_LOG_LEVEL: 'warn',
+        SQLPAD_WEB_LOG_LEVEL: 'error',
+    };
+    // ======== Authentication =========================
+    if (auth.azureAd) {
+        //Disable UserName and Password login
+        secrets['SQLPAD_USERPASS_AUTH_DISABLED'] = 'true';
+        secrets['SQLPAD_OIDC_LINK_HTML'] = 'Sign in with Azure AD';
+        secrets['SQLPAD_OIDC_CLIENT_ID'] = adIdentity?.clientId ?? '';
+        secrets['SQLPAD_OIDC_CLIENT_SECRET'] = secrets['SQLPAD_OIDC_CLIENT_ID'] =
+            adIdentity?.clientId ?? '';
+        secrets['SQLPAD_OIDC_ISSUER'] = (0, pulumi_1.interpolate) `https://login.microsoftonline.com/${AzureEnv_1.tenantId}/v2.0`;
+        secrets['SQLPAD_OIDC_AUTHORIZATION_URL'] = (0, pulumi_1.interpolate) `https://login.microsoftonline.com/${AzureEnv_1.tenantId}/oauth2/v2.0/authorize`;
+        secrets['SQLPAD_OIDC_TOKEN_URL'] = (0, pulumi_1.interpolate) `https://login.microsoftonline.com/${AzureEnv_1.tenantId}/oauth2/v2.0/token`;
+        secrets['SQLPAD_OIDC_USER_INFO_URL'] = (0, pulumi_1.interpolate) `https://graph.microsoft.com/oidc/userinfo`;
+        secrets['SQLPAD_OIDC_SCOPE'] = 'openid profile email';
+        secrets['SQLPAD_ALLOWED_DOMAINS'] = auth.azureAd?.allowedDomain ?? '';
+    }
+    else {
+        secrets['SQLPAD_ADMIN'] = auth.admin?.email ?? '';
+        secrets['SQLPAD_ADMIN_PASSWORD'] = (0, Random_1.randomPassword)({
+            name: `${name}-admin`,
+            policy: false,
+            vaultInfo,
+        }).result;
+    }
+    // ======== Db Connection Strings =========================
+    if (databases) {
+        Object.keys(databases).map((k) => {
+            secrets[`SQLPAD_CONNECTIONS__${k}__name`] = databases[k];
+        });
+    }
+    return (0, Deployment_1.default)({
+        name,
+        namespace,
+        secrets,
+        podConfig: {
+            ports: { http: port },
+            image,
+            //securityContext: defaultSecurityContext,
+            //podSecurityContext: defaultPodSecurityContext,
+            volumes: [volume],
+        },
+        deploymentConfig: { replicas: 1, useVirtualHost },
+        ingressConfig: ingress
+            ? {
+                ...ingress,
+                hostNames: [hostName],
+            }
+            : undefined,
+        ...others,
+    });
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU3FsUGFkLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL0t1YmVYL1Rvb2xzL1NxbFBhZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUNBLHdDQUFzRDtBQUN0RCw4Q0FBdUM7QUFDdkMsMENBQTBDO0FBQzFDLGtEQUFrRDtBQUNsRCwyQ0FBOEQ7QUFDOUQsb0RBQTZEO0FBQzdELGdFQUFpRTtBQUVqRSw4Q0FBbUQ7QUFVbkQsTUFBTSxjQUFjLEdBQUcsS0FBSyxFQUFFLEVBQzVCLFdBQVcsRUFDWCxJQUFJLEVBQ0osU0FBUyxHQUNLLEVBQUUsRUFBRTtJQUNsQixNQUFNLElBQUEsY0FBVyxFQUFDO1FBQ2hCLEdBQUcsRUFBRSxxQkFBVTtRQUNmLE9BQU8sRUFBRSxJQUFJO1FBQ2IsUUFBUSxFQUFFLE9BQU87S0FDbEIsQ0FBQyxDQUFDO0lBRUgsNkNBQTZDO0lBQzdDLE9BQU8sSUFBQSxrQkFBZSxFQUFDO1FBQ3JCLElBQUk7UUFFSix5QkFBeUIsRUFBRSxJQUFJO1FBQy9CLFFBQVEsRUFBRTtZQUNSO2dCQUNFLEVBQUUsRUFBRSxzQ0FBc0M7Z0JBQzFDLGtCQUFrQixFQUFFLENBQUMsTUFBTSxDQUFDO2dCQUM1QixXQUFXLEVBQUUsb0JBQW9CO2dCQUNqQyxXQUFXLEVBQUUsb0JBQW9CO2dCQUNqQyxPQUFPLEVBQUUsSUFBSTtnQkFDYixLQUFLLEVBQUUsT0FBTzthQUNmO1lBQ0Q7Z0JBQ0UsRUFBRSxFQUFFLHNDQUFzQztnQkFDMUMsa0JBQWtCLEVBQUUsQ0FBQyxNQUFNLENBQUM7Z0JBQzVCLFdBQVcsRUFBRSxtQkFBbUI7Z0JBQ2hDLFdBQVcsRUFBRSxtQkFBbUI7Z0JBQ2hDLE9BQU8sRUFBRSxJQUFJO2dCQUNiLEtBQUssRUFBRSxRQUFRO2FBQ2hCO1NBQ0Y7UUFFRCx3QkFBd0IsRUFBRTtZQUN4QixJQUFBLHFDQUFtQixFQUFDLEVBQUUsSUFBSSxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLENBQUM7U0FDMUQ7UUFFRCxrQkFBa0IsRUFBRSxJQUFJO1FBQ3hCLGVBQWUsRUFBRSxJQUFJO1FBRXJCLFNBQVMsRUFBRSxDQUFDLFdBQVcsQ0FBQztRQUN4QixTQUFTO0tBQ1YsQ0FBQyxDQUFDO0FBQ0wsQ0FBQyxDQUFDO0FBZ0JGLGtCQUFlLEtBQUssRUFBRSxFQUNwQixTQUFTLEVBQ1QsT0FBTyxFQUNQLGNBQWMsRUFDZCxTQUFTLEVBQ1QsSUFBSSxFQUNKLFNBQVMsRUFDVCxHQUFHLE1BQU0sRUFDRyxFQUFFLEVBQUU7SUFDaEIsTUFBTSxJQUFJLEdBQUcsU0FBUyxDQUFDO0lBQ3ZCLE1BQU0sUUFBUSxHQUFHLE9BQU8sRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztJQUNoRSxNQUFNLElBQUksR0FBRyxJQUFJLENBQUM7SUFDbEIsTUFBTSxLQUFLLEdBQUcsc0JBQXNCLENBQUM7SUFDckMsTUFBTSxXQUFXLEdBQUcsV0FBVyxRQUFRLHFCQUFxQixDQUFDLFdBQVcsRUFBRSxDQUFDO0lBRTNFLE1BQU0sVUFBVSxHQUFHLElBQUksRUFBRSxPQUFPO1FBQzlCLENBQUMsQ0FBQyxNQUFNLGNBQWMsQ0FBQztZQUNuQixJQUFJO1lBQ0osV0FBVztZQUNYLFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVM7U0FDbEMsQ0FBQztRQUNKLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFFZCxNQUFNLE1BQU0sR0FBRztRQUNiLElBQUksRUFBRSxRQUFRO1FBQ2QsOEJBQThCO1FBQzlCLFNBQVMsRUFBRSxpQkFBaUI7S0FDN0IsQ0FBQztJQUVGLElBQUEsa0NBQXdCLEVBQUM7UUFDdkIsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJO1FBQ2pCLFNBQVM7UUFDVCxHQUFHLE1BQU07S0FDVixDQUFDLENBQUM7SUFFSCxNQUFNLE9BQU8sR0FBa0M7UUFDN0MsaUJBQWlCLEVBQUUsSUFBQSx1QkFBYyxFQUFDLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxLQUFLLEVBQUUsU0FBUyxFQUFFLENBQUM7YUFDbEUsTUFBTTtRQUVULHVCQUF1QjtRQUN2Qix1QkFBdUI7UUFDdkIsVUFBVSxFQUFFLFFBQVE7UUFFcEIsY0FBYyxFQUFFLHVCQUF1QjtRQUV2QyxzRkFBc0Y7UUFDdEYscUJBQXFCLEVBQUUsTUFBTTtRQUU3QixvQkFBb0IsRUFBRSxNQUFNO1FBQzVCLG9CQUFvQixFQUFFLE9BQU87S0FDOUIsQ0FBQztJQUVGLG9EQUFvRDtJQUNwRCxJQUFJLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUNqQixxQ0FBcUM7UUFDckMsT0FBTyxDQUFDLCtCQUErQixDQUFDLEdBQUcsTUFBTSxDQUFDO1FBQ2xELE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQyxHQUFHLHVCQUF1QixDQUFDO1FBQzNELE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQyxHQUFHLFVBQVUsRUFBRSxRQUFRLElBQUksRUFBRSxDQUFDO1FBQzlELE9BQU8sQ0FBQywyQkFBMkIsQ0FBQyxHQUFHLE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQztZQUNyRSxVQUFVLEVBQUUsUUFBUSxJQUFJLEVBQUUsQ0FBQztRQUU3QixPQUFPLENBQ0wsb0JBQW9CLENBQ3JCLEdBQUcsSUFBQSxvQkFBVyxFQUFBLHFDQUFxQyxtQkFBUSxPQUFPLENBQUM7UUFDcEUsT0FBTyxDQUNMLCtCQUErQixDQUNoQyxHQUFHLElBQUEsb0JBQVcsRUFBQSxxQ0FBcUMsbUJBQVEsd0JBQXdCLENBQUM7UUFDckYsT0FBTyxDQUNMLHVCQUF1QixDQUN4QixHQUFHLElBQUEsb0JBQVcsRUFBQSxxQ0FBcUMsbUJBQVEsb0JBQW9CLENBQUM7UUFDakYsT0FBTyxDQUNMLDJCQUEyQixDQUM1QixHQUFHLElBQUEsb0JBQVcsRUFBQSwyQ0FBMkMsQ0FBQztRQUUzRCxPQUFPLENBQUMsbUJBQW1CLENBQUMsR0FBRyxzQkFBc0IsQ0FBQztRQUN0RCxPQUFPLENBQUMsd0JBQXdCLENBQUMsR0FBRyxJQUFJLENBQUMsT0FBTyxFQUFFLGFBQWEsSUFBSSxFQUFFLENBQUM7SUFDeEUsQ0FBQztTQUFNLENBQUM7UUFDTixPQUFPLENBQUMsY0FBYyxDQUFDLEdBQUcsSUFBSSxDQUFDLEtBQUssRUFBRSxLQUFLLElBQUksRUFBRSxDQUFDO1FBQ2xELE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQyxHQUFHLElBQUEsdUJBQWMsRUFBQztZQUNoRCxJQUFJLEVBQUUsR0FBRyxJQUFJLFFBQVE7WUFDckIsTUFBTSxFQUFFLEtBQUs7WUFDYixTQUFTO1NBQ1YsQ0FBQyxDQUFDLE1BQU0sQ0FBQztJQUNaLENBQUM7SUFFRCwyREFBMkQ7SUFDM0QsSUFBSSxTQUFTLEVBQUUsQ0FBQztRQUNkLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7WUFDL0IsT0FBTyxDQUFDLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxHQUFHLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUMzRCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxPQUFPLElBQUEsb0JBQVUsRUFBQztRQUNoQixJQUFJO1FBQ0osU0FBUztRQUNULE9BQU87UUFFUCxTQUFTLEVBQUU7WUFDVCxLQUFLLEVBQUUsRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFO1lBQ3JCLEtBQUs7WUFDTCwwQ0FBMEM7WUFDMUMsZ0RBQWdEO1lBQ2hELE9BQU8sRUFBRSxDQUFDLE1BQU0sQ0FBQztTQUNsQjtRQUNELGdCQUFnQixFQUFFLEVBQUUsUUFBUSxFQUFFLENBQUMsRUFBRSxjQUFjLEVBQUU7UUFFakQsYUFBYSxFQUFFLE9BQU87WUFDcEIsQ0FBQyxDQUFDO2dCQUNFLEdBQUcsT0FBTztnQkFDVixTQUFTLEVBQUUsQ0FBQyxRQUFRLENBQUM7YUFDdEI7WUFDSCxDQUFDLENBQUMsU0FBUztRQUNiLEdBQUcsTUFBTTtLQUNWLENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQyJ9

package/KubeX/Tools/ToolPod.d.ts

@@ -0,0 +1,10 @@
+import * as k8s from '@pulumi/kubernetes';
+import { Input, Resource } from '@pulumi/pulumi';
+export interface ToolPodProps {
+    namespace: Input<string>;
+    provider: k8s.Provider;
+    useVirtualHost?: boolean;
+    dependsOn?: Input<Input<Resource>[]> | Input<Resource>;
+}
+declare const _default: ({ namespace, useVirtualHost, ...others }: ToolPodProps) => void;
+export default _default;

package/KubeX/Tools/ToolPod.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const k8s = require("@pulumi/kubernetes");
+const SecurityRules_1 = require("../Core/SecurityRules");
+const Deployment_1 = require("../Deployment");
+exports.default = ({ namespace, useVirtualHost, ...others }) => {
+    const name = 'tool-pod';
+    const image = 'baoduy2412/toolbox:latest'; // 'aguasjmsft/toolpod';
+    new k8s.apps.v1.Deployment(name, {
+        metadata: {
+            name,
+            namespace,
+            annotations: { 'pulumi.com/skipAwait': 'true' },
+        },
+        spec: {
+            selector: { matchLabels: { app: name } },
+            template: {
+                metadata: { labels: { app: name } },
+                spec: {
+                    securityContext: SecurityRules_1.defaultSecurityContext,
+                    automountServiceAccountToken: false,
+                    containers: [
+                        {
+                            name,
+                            image,
+                            securityContext: SecurityRules_1.defaultPodSecurityContext,
+                        },
+                    ],
+                    nodeSelector: useVirtualHost
+                        ? Deployment_1.virtualHostConfig.nodeSelector
+                        : undefined,
+                    tolerations: useVirtualHost
+                        ? Deployment_1.virtualHostConfig.tolerations
+                        : undefined,
+                },
+            },
+        },
+    }, others);
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVG9vbFBvZC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9LdWJlWC9Ub29scy9Ub29sUG9kLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsMENBQTBDO0FBRTFDLHlEQUcrQjtBQUMvQiw4Q0FBa0Q7QUFRbEQsa0JBQWUsQ0FBQyxFQUFFLFNBQVMsRUFBRSxjQUFjLEVBQUUsR0FBRyxNQUFNLEVBQWdCLEVBQUUsRUFBRTtJQUN4RSxNQUFNLElBQUksR0FBRyxVQUFVLENBQUM7SUFDeEIsTUFBTSxLQUFLLEdBQUcsMkJBQTJCLENBQUMsQ0FBQyx3QkFBd0I7SUFFbkUsSUFBSSxHQUFHLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQ3hCLElBQUksRUFDSjtRQUNFLFFBQVEsRUFBRTtZQUNSLElBQUk7WUFDSixTQUFTO1lBQ1QsV0FBVyxFQUFFLEVBQUUsc0JBQXNCLEVBQUUsTUFBTSxFQUFFO1NBQ2hEO1FBQ0QsSUFBSSxFQUFFO1lBQ0osUUFBUSxFQUFFLEVBQUUsV0FBVyxFQUFFLEVBQUUsR0FBRyxFQUFFLElBQUksRUFBRSxFQUFFO1lBQ3hDLFFBQVEsRUFBRTtnQkFDUixRQUFRLEVBQUUsRUFBRSxNQUFNLEVBQUUsRUFBRSxHQUFHLEVBQUUsSUFBSSxFQUFFLEVBQUU7Z0JBQ25DLElBQUksRUFBRTtvQkFDSixlQUFlLEVBQUUsc0NBQXNCO29CQUN2Qyw0QkFBNEIsRUFBRSxLQUFLO29CQUNuQyxVQUFVLEVBQUU7d0JBQ1Y7NEJBQ0UsSUFBSTs0QkFDSixLQUFLOzRCQUNMLGVBQWUsRUFBRSx5Q0FBeUI7eUJBQzNDO3FCQUNGO29CQUVELFlBQVksRUFBRSxjQUFjO3dCQUMxQixDQUFDLENBQUMsOEJBQWlCLENBQUMsWUFBWTt3QkFDaEMsQ0FBQyxDQUFDLFNBQVM7b0JBQ2IsV0FBVyxFQUFFLGNBQWM7d0JBQ3pCLENBQUMsQ0FBQyw4QkFBaUIsQ0FBQyxXQUFXO3dCQUMvQixDQUFDLENBQUMsU0FBUztpQkFDZDthQUNGO1NBQ0Y7S0FDRixFQUNELE1BQU0sQ0FDUCxDQUFDO0FBQ0osQ0FBQyxDQUFDIn0=

package/KubeX/Tools/UptimeKuma.d.ts

@@ -0,0 +1,6 @@
+import { DefaultKsAppArgs } from '../types';
+export interface UptimeKumaProps extends DefaultKsAppArgs {
+    storageClassName?: string;
+}
+declare const _default: ({ namespace, ingress, storageClassName, ...others }: UptimeKumaProps) => void;
+export default _default;

package/KubeX/Tools/UptimeKuma.js

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const Deployment_1 = require("../Deployment");
+const Storage_1 = require("../Storage");
+exports.default = ({ namespace, ingress, storageClassName, ...others }) => {
+    const name = 'uptime-kuma';
+    const image = 'louislam/uptime-kuma:latest';
+    const port = 3001;
+    const persisVolume = (0, Storage_1.createPVCForStorageClass)({
+        name,
+        namespace,
+        storageClassName,
+        ...others,
+    });
+    (0, Deployment_1.default)({
+        name,
+        namespace,
+        podConfig: {
+            image,
+            ports: { http: port },
+            resources: { requests: { memory: '1Mi', cpu: '1m' } },
+            volumes: [
+                {
+                    name: 'data',
+                    mountPath: '/app/data',
+                    subPath: 'data',
+                    persistentVolumeClaim: persisVolume.metadata.name,
+                    readOnly: false,
+                },
+            ],
+            //securityContext: { runAsUser: 1001, runAsGroup: 1001 },
+        },
+        deploymentConfig: { replicas: 1 },
+        ingressConfig: ingress,
+        ...others,
+    });
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVXB0aW1lS3VtYS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9LdWJlWC9Ub29scy9VcHRpbWVLdW1hLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsOENBQXVDO0FBRXZDLHdDQUFzRDtBQU10RCxrQkFBZSxDQUFDLEVBQ2QsU0FBUyxFQUNULE9BQU8sRUFDUCxnQkFBZ0IsRUFDaEIsR0FBRyxNQUFNLEVBQ08sRUFBRSxFQUFFO0lBQ3BCLE1BQU0sSUFBSSxHQUFHLGFBQWEsQ0FBQztJQUMzQixNQUFNLEtBQUssR0FBRyw2QkFBNkIsQ0FBQztJQUM1QyxNQUFNLElBQUksR0FBRyxJQUFJLENBQUM7SUFFbEIsTUFBTSxZQUFZLEdBQUcsSUFBQSxrQ0FBd0IsRUFBQztRQUM1QyxJQUFJO1FBQ0osU0FBUztRQUNULGdCQUFnQjtRQUNoQixHQUFHLE1BQU07S0FDVixDQUFDLENBQUM7SUFFSCxJQUFBLG9CQUFVLEVBQUM7UUFDVCxJQUFJO1FBQ0osU0FBUztRQUVULFNBQVMsRUFBRTtZQUNULEtBQUs7WUFDTCxLQUFLLEVBQUUsRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFO1lBQ3JCLFNBQVMsRUFBRSxFQUFFLFFBQVEsRUFBRSxFQUFFLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxFQUFFLElBQUksRUFBRSxFQUFFO1lBQ3JELE9BQU8sRUFBRTtnQkFDUDtvQkFDRSxJQUFJLEVBQUUsTUFBTTtvQkFDWixTQUFTLEVBQUUsV0FBVztvQkFDdEIsT0FBTyxFQUFFLE1BQU07b0JBQ2YscUJBQXFCLEVBQUUsWUFBWSxDQUFDLFFBQVEsQ0FBQyxJQUFJO29CQUNqRCxRQUFRLEVBQUUsS0FBSztpQkFDaEI7YUFDRjtZQUNELHlEQUF5RDtTQUMxRDtRQUNELGdCQUFnQixFQUFFLEVBQUUsUUFBUSxFQUFFLENBQUMsRUFBRTtRQUNqQyxhQUFhLEVBQUUsT0FBTztRQUV0QixHQUFHLE1BQU07S0FDVixDQUFDLENBQUM7QUFDTCxDQUFDLENBQUMifQ==

package/KubeX/Tools/index.d.ts

@@ -0,0 +1,27 @@
+import * as k8s from '@pulumi/kubernetes';
+import { Input, Resource } from '@pulumi/pulumi';
+import { ToolPodProps } from './ToolPod';
+import { SqlPadProps } from './SqlPad';
+import { OutlineProps } from './OutlineVpn';
+import { NoIpProps } from './NoIp';
+import { AppHealthMonitorProps } from './AppHealthzMonitor';
+import { UptimeKumaProps } from './UptimeKuma';
+import { OpenLDAPProps } from './OpenLDAP';
+import { DefaultKsAppArgs } from '../types';
+interface Props {
+    namespace: Input<string>;
+    provider: k8s.Provider;
+    helloWorld?: Omit<DefaultKsAppArgs, 'namespace' | 'provider' | 'dependsOn'>;
+    echo?: Omit<DefaultKsAppArgs, 'namespace' | 'provider' | 'dependsOn'>;
+    noIp?: Omit<NoIpProps, 'namespace' | 'provider' | 'dependsOn'>;
+    sqlPad?: Omit<SqlPadProps, 'namespace' | 'provider' | 'dependsOn'>;
+    toolPod?: Omit<ToolPodProps, 'namespace' | 'provider' | 'dependsOn'>;
+    outlineVpn?: Omit<OutlineProps, 'provider' | 'dependsOn'>;
+    openLdap?: Omit<OpenLDAPProps, 'provider' | 'dependsOn'>;
+    appHealthMonitor?: Omit<AppHealthMonitorProps, 'namespace' | 'provider' | 'dependsOn'>;
+    uptimeKuma?: Omit<UptimeKumaProps, 'namespace' | 'provider' | 'dependsOn'>;
+    enableKubeCleanup?: boolean;
+    dependsOn?: Input<Input<Resource>[]> | Input<Resource>;
+}
+declare const _default: ({ helloWorld, echo, enableKubeCleanup, toolPod, noIp, sqlPad, outlineVpn, openLdap, appHealthMonitor, uptimeKuma, namespace, ...others }: Props) => Promise<void>;
+export default _default;