@highstate/k8s 0.11.7 → 0.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/dist/{chunk-DJE2YX64.js → chunk-3CKMDTYK.js} +3 -3
  2. package/dist/{chunk-DJE2YX64.js.map → chunk-3CKMDTYK.js.map} +1 -1
  3. package/dist/{chunk-23KLAP3X.js → chunk-3ZITTM5N.js} +8 -10
  4. package/dist/chunk-3ZITTM5N.js.map +1 -0
  5. package/dist/{chunk-5CMNORLF.js → chunk-6ACIPGW4.js} +3 -3
  6. package/dist/{chunk-5CMNORLF.js.map → chunk-6ACIPGW4.js.map} +1 -1
  7. package/dist/{chunk-SY7FPT77.js → chunk-7H4L3DFC.js} +4 -4
  8. package/dist/{chunk-SY7FPT77.js.map → chunk-7H4L3DFC.js.map} +1 -1
  9. package/dist/{chunk-77AY36LR.js → chunk-C6WHUOC3.js} +4 -4
  10. package/dist/{chunk-77AY36LR.js.map → chunk-C6WHUOC3.js.map} +1 -1
  11. package/dist/{chunk-Q35R54GK.js → chunk-EACAK6W4.js} +4 -4
  12. package/dist/{chunk-Q35R54GK.js.map → chunk-EACAK6W4.js.map} +1 -1
  13. package/dist/{chunk-4NWENXPT.js → chunk-F4JMKHHE.js} +32 -21
  14. package/dist/chunk-F4JMKHHE.js.map +1 -0
  15. package/dist/{chunk-UXEHNDI7.js → chunk-MXEIFVBL.js} +8 -10
  16. package/dist/chunk-MXEIFVBL.js.map +1 -0
  17. package/dist/{chunk-UHWJ2GDK.js → chunk-SEWB4FUB.js} +4 -4
  18. package/dist/{chunk-UHWJ2GDK.js.map → chunk-SEWB4FUB.js.map} +1 -1
  19. package/dist/{chunk-LR6OTL6T.js → chunk-VJL2BFKO.js} +3 -3
  20. package/dist/{chunk-LR6OTL6T.js.map → chunk-VJL2BFKO.js.map} +1 -1
  21. package/dist/{chunk-KCPQLLNX.js → chunk-WDNOBEI6.js} +19 -17
  22. package/dist/chunk-WDNOBEI6.js.map +1 -0
  23. package/dist/deployment-NNP3UJLZ.js +8 -0
  24. package/dist/{deployment-LVMOBFVO.js.map → deployment-NNP3UJLZ.js.map} +1 -1
  25. package/dist/highstate.manifest.json +2 -2
  26. package/dist/impl/gateway-route.js +5 -5
  27. package/dist/impl/tls-certificate.js +3 -3
  28. package/dist/index.js +20 -16
  29. package/dist/index.js.map +1 -1
  30. package/dist/stateful-set-XNB255LX.js +8 -0
  31. package/dist/{stateful-set-KKQDQMES.js.map → stateful-set-XNB255LX.js.map} +1 -1
  32. package/dist/units/cert-manager/index.js +7 -7
  33. package/dist/units/dns01-issuer/index.js +1 -1
  34. package/dist/units/existing-cluster/index.js +2 -2
  35. package/dist/units/gateway-api/index.js +1 -1
  36. package/dist/units/reduced-access-cluster/index.js +8 -8
  37. package/package.json +1 -1
  38. package/src/cron-job.ts +2 -0
  39. package/src/deployment.ts +5 -7
  40. package/src/helm.ts +15 -10
  41. package/src/job.ts +2 -0
  42. package/src/stateful-set.ts +5 -7
  43. package/src/workload.ts +28 -8
  44. package/dist/chunk-23KLAP3X.js.map +0 -1
  45. package/dist/chunk-4NWENXPT.js.map +0 -1
  46. package/dist/chunk-KCPQLLNX.js.map +0 -1
  47. package/dist/chunk-UXEHNDI7.js.map +0 -1
  48. package/dist/deployment-LVMOBFVO.js +0 -8
  49. package/dist/stateful-set-KKQDQMES.js +0 -8
package/dist/{chunk-DJE2YX64.js → chunk-3CKMDTYK.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { commonExtraArgs, ScopedResource, Namespace, mapMetadata, getProvider } from './chunk-UHWJ2GDK.js';
1
+ import { commonExtraArgs, ScopedResource, Namespace, mapMetadata, getProvider } from './chunk-SEWB4FUB.js';
2
2
  import { filterEndpoints, parseL3Endpoint, l4EndpointToString } from '@highstate/common';
3
3
  import { check, getOrCreate } from '@highstate/contract';
4
4
  import { k8s } from '@highstate/library';
@@ -334,5 +334,5 @@ function l4EndpointToServicePort(endpoint) {
334
334
  }
335
335
 
336
336
  export { Service, getServiceType, isEndpointFromCluster, l4EndpointToServicePort, mapContainerPortToServicePort, mapServiceToLabelSelector };
337
- //# sourceMappingURL=chunk-DJE2YX64.js.map
338
- //# sourceMappingURL=chunk-DJE2YX64.js.map
337
+ //# sourceMappingURL=chunk-3CKMDTYK.js.map
338
+ //# sourceMappingURL=chunk-3CKMDTYK.js.map
package/dist/{chunk-DJE2YX64.js.map → chunk-3CKMDTYK.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/service.ts"],"names":["args"],"mappings":";;;;;;;;;AA8CA,IAAM,mBAAmB,CAAC,GAAG,eAAA,EAAiB,MAAA,EAAQ,SAAS,UAAU,CAAA;AASlE,SAAS,qBAAA,CACd,UACA,OAAA,EACiC;AACjC,EAAA,OACE,KAAA,CAAM,GAAA,CAAI,qBAAA,EAAuB,QAAQ,CAAA,IACzC,SAAS,QAAA,CAAS,aAAa,CAAA,CAAE,SAAA,KAAc,OAAA,CAAQ,EAAA;AAE3D;AAKO,IAAe,OAAA,GAAf,MAAe,QAAA,SAAgB,cAAA,CAAe;AAAA,EACzC,WAAA,CACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,IAAA,EAEA,YACA,IAAA,EACA,SAAA,EACA,QAAA,EAKS,IAAA,EAKA,MAAA,EACT;AACA,IAAA,KAAA,CAAM,MAAM,IAAA,EAAM,IAAA,EAAM,MAAM,UAAA,EAAY,IAAA,EAAM,WAAW,QAAQ,CAAA;AAP1D,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAA8B;AAChC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,IAAA,EAAM,SAAA;AAAA,MACN,SAAA,EAAW,KAAK,OAAA,CAAQ,EAAA;AAAA,MACxB,WAAA,EAAa,KAAK,OAAA,CAAQ,IAAA;AAAA,MAC1B,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,WAAW,IAAA,CAAK;AAAA,KACjB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAmB,IAAA,EAA0C;AACvF,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACS;AACT,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,aAAa,IAAA,EAAM;AAAA,QAC5B,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACkB;AAClB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,SAAQ,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IAC7E;AAEA,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAmB,IAAA,EAA0C;AACtF,IAAA,OAAO,IAAI,YAAA,CAAa,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CAAK,IAAA,EAAc,IAAA,EAA0B,IAAA,EAA0C;AAC5F,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CAAI,IAAA,EAAc,IAAA,EAA2B,IAAA,EAA0C;AAC5F,IAAA,OAAO,IAAI,eAAA,CAAgB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC7C;AAAA,EAEA,OAAwB,YAAA,mBAAe,IAAI,GAAA,EAAqB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAahE,OAAO,GAAA,CAAI,MAAA,EAAqB,OAAA,EAAsC;AACpE,IAAA,OAAO,WAAA;AAAA,MACL,QAAA,CAAQ,YAAA;AAAA,MACR,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,QAAA,CAAQ,IAAI,IAAA,EAAM;AAAA,UACvB,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,gBAAA,CAAiB,MAAA,EAAQ,OAAO;AAAA,SACtD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CAAS,MAAA,EAA4B,OAAA,EAA+C;AAC/F,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAE7C,IAAA,OAAO,QAAA,CAAQ,GAAA,CAAI,cAAA,EAAgB,MAAA,CAAO,OAAO,CAAC,CAAA;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,gBAAgB,MAAA,EAAgE;AAC9E,IAAA,OAAO,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,MAAM,CAAA,SAAA,KAAa,eAAA,CAAgB,SAAA,EAAW,MAAM,CAAC,CAAA;AAAA,EACrF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,SAAA,GAA2C;AAC7C,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,SAAS,IAAA,CAAK,OAAA;AAAA,MACd,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,QAAQ,IAAA,CAAK;AAAA,KACd,EAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAS,QAAA,EAAU,IAAA,EAAM,MAAA,EAAO,KAAM;AAChD,MAAA,MAAM,gBAAA,GAAgD;AAAA,QACpD,aAAA,EAAe;AAAA,UACb,WAAW,OAAA,CAAQ,EAAA;AAAA,UACnB,aAAa,OAAA,CAAQ,IAAA;AAAA,UACrB,MAAM,QAAA,CAAS,IAAA;AAAA,UACf,WAAW,QAAA,CAAS,SAAA;AAAA,UACpB,UAAU,IAAA,CAAK,QAAA;AAAA,UACf,UAAA,EAAY,KAAK,KAAA,CAAM,CAAC,EAAE,UAAA,IAAc,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE;AAAA;AACxD,OACF;AAEA,MAAA,MAAM,kBAAA,GAAqB,IAAA,CAAK,UAAA,EAAY,GAAA,CAAI,CAAA,EAAA,MAAO;AAAA,QACrD,GAAG,gBAAgB,EAAE,CAAA;AAAA,QACrB,UAAA,EAAY,UAAA;AAAA,QACZ,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA;AAAA,QACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,QAC9C,QAAA,EAAU;AAAA,OACZ,CAAE,CAAA;AAEF,MAAA,IAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG;AACjC,QAAA,kBAAA,CAAmB,OAAA,CAAQ;AAAA,UACzB,IAAA,EAAM,UAAA;AAAA,UACN,UAAA,EAAY,UAAA;AAAA,UACZ,UAAU,CAAA,EAAG,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,SAAS,SAAS,CAAA,kBAAA,CAAA;AAAA,UAChD,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA;AAAA,UACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,UAC9C,QAAA,EAAU;AAAA,SACX,CAAA;AAAA,MACH;AAEA,MAAA,MAAM,oBACJ,IAAA,CAAK,IAAA,KAAS,aACV,OAAA,CAAQ,SAAA,CAAU,IAAI,CAAA,QAAA,MAAa;AAAA,QACjC,GAAI,QAAA;AAAA,QACJ,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,QAAA;AAAA,QACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,QAC9C,QAAA,EAAU;AAAA,OACZ,CAAE,IACF,EAAC;AAEP,MAAA,MAAM,qBAAA,GACJ,KAAK,IAAA,KAAS,cAAA,GACV,OAAO,YAAA,EAAc,OAAA,EAAS,IAAI,CAAA,QAAA,MAAa;AAAA,QAC7C,GAAG,eAAA,CAAgB,QAAA,CAAS,EAAA,IAAM,SAAS,QAAQ,CAAA;AAAA,QACnD,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA;AAAA,QACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,QAC9C,QAAA,EAAU;AAAA,OACZ,CAAE,IACF,EAAC;AAEP,MAAA,OAAO,QAAA;AAAA,QACL;AAAA,UACE,GAAI,sBAAsB,EAAC;AAAA,UAC3B,GAAI,yBAAyB,EAAC;AAAA,UAC9B,GAAI,qBAAqB;AAAC,SAC5B;AAAA,QACA;AAAA,OACF;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AASA,SAAS,iBAAA,CAAkB,MAAmB,OAAA,EAAsB;AAClE,EAAA,OAAO,MAAA,CAAO,IAAI,CAAA,CAAE,KAAA,CAAM,CAAAA,KAAAA,KAAQ;AAChC,IAAA,OAAO,SAAA;AAAA,MACL;AAAA,QACE,KAAA,EAAO,SAAA,CAAUA,KAAAA,CAAK,IAAA,EAAMA,MAAK,KAAK,CAAA;AAAA,QAEtC,WAAA,EAAaA,KAAAA,CAAK,QAAA,GACdA,KAAAA,CAAK,WAAA,GACHA,KAAAA,CAAK,WAAA,GACL,OAAA,CAAQ,WAAA,GACV,SAAA,CAAU,MAAA,EAAWA,KAAAA,CAAK,WAAW,CAAA;AAAA,QAEzC,IAAA,EAAM,cAAA,CAAeA,KAAAA,EAAM,OAAO;AAAA,OACpC;AAAA,MACA,IAAA,CAAKA,OAAM,gBAAgB;AAAA,KAC7B;AAAA,EACF,CAAC,CAAA;AACH;AAEA,IAAM,cAAA,GAAN,cAA6B,OAAA,CAAQ;AAAA,EACnC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAmB,IAAA,EAAiC;AAC5E,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC9D,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,OAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,iBAAA,CAAkB,IAAA,EAAM,OAAO;AAAA,SACvC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,uBAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,OAAA,CAAQ,UAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,OAAA,CAAQ,QAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAAA,EACF;AACF,CAAA;AAEA,IAAM,YAAA,GAAN,cAA2B,OAAA,CAAQ;AAAA,EACjC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAmB,IAAA,EAAiC;AAC5E,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC9D,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,YAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,iBAAA,CAAkB,IAAA,EAAM,OAAO;AAAA,SACvC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,4BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,OAAA,CAAQ,UAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,OAAA,CAAQ,QAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAAA,EACF;AACF,CAAA;AAcA,IAAM,cAAA,GAAN,cAA6B,OAAA,CAAQ;AAAA,EACnC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA0B,IAAA,EAAiC;AACnF,IAAA,KAAA;AAAA,MACE,8BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,UAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,MACrB,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,QAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE;AAAA,KACvB;AAAA,EACF;AACF,CAAA;AAcA,IAAM,eAAA,GAAN,cAA8B,OAAA,CAAQ;AAAA,EACpC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA2B,IAAA,EAAiC;AACpF,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC9D,MAAA,OAAO,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA,QACrB,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,+BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,OAAA,CAAQ,UAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,OAAA,CAAQ,QAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAAA,EACF;AACF,CAAA;AAQO,SAAS,8BACd,IAAA,EACiC;AACjC,EAAA,OAAO;AAAA,IACL,MAAM,IAAA,CAAK,IAAA;AAAA,IACX,MAAM,IAAA,CAAK,aAAA;AAAA,IACX,YAAY,IAAA,CAAK,aAAA;AAAA,IACjB,UAAU,IAAA,CAAK;AAAA,GACjB;AACF;AAQO,SAAS,0BACd,OAAA,EACmC;AACnC,EAAA,OAAO;AAAA,IACL,WAAA,EAAa,QAAQ,IAAA,CAAK;AAAA,GAC5B;AACF;AASO,SAAS,cAAA,CACd,SACA,OAAA,EACe;AACf,EAAA,IAAI,SAAS,IAAA,EAAM;AACjB,IAAA,OAAO,OAAA,CAAQ,IAAA;AAAA,EACjB;AAEA,EAAA,IAAI,CAAC,SAAS,QAAA,EAAU;AACtB,IAAA,OAAO,WAAA;AAAA,EACT;AAEA,EAAA,OAAO,OAAA,CAAQ,MAAA,EAAQ,mBAAA,KAAwB,cAAA,GAAiB,cAAA,GAAiB,UAAA;AACnF;AAQO,SAAS,wBACd,QAAA,EACiC;AACjC,EAAA,OAAO;AAAA,IACL,MAAM,QAAA,CAAS,IAAA;AAAA,IACf,QAAA,EAAU,QAAA,CAAS,QAAA,CAAS,WAAA;AAAY,GAC1C;AACF","file":"chunk-DJE2YX64.js","sourcesContent":["import { filterEndpoints, l4EndpointToString, parseL3Endpoint } from \"@highstate/common\"\nimport { check, getOrCreate } from \"@highstate/contract\"\nimport { k8s, type network } from \"@highstate/library\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n normalize,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { omit, uniqueBy } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport {\n commonExtraArgs,\n getProvider,\n mapMetadata,\n ScopedResource,\n type ScopedResourceArgs,\n} from \"./shared\"\n\nexport type ServiceArgs = ScopedResourceArgs & {\n /**\n * The port to expose the service on.\n */\n port?: Input<types.input.core.v1.ServicePort>\n\n /**\n * Whether the service should be exposed by `NodePort` or `LoadBalancer`.\n *\n * The type of the service will be determined automatically based on the cluster.\n */\n external?: Input<boolean>\n} & types.input.core.v1.ServiceSpec\n\nexport type CreateOrGetServiceArgs = ServiceArgs & {\n /**\n * The service entity to patch/retrieve.\n */\n existing: Input<k8s.Service> | undefined\n}\n\nconst serviceExtraArgs = [...commonExtraArgs, \"port\", \"ports\", \"external\"] as const\n\n/**\n * Checks if the endpoint is from the given cluster.\n *\n * @param endpoint The endpoint to check.\n * @param cluster The cluster to check against.\n * @returns True if the endpoint is from the cluster, false otherwise.\n */\nexport function isEndpointFromCluster(\n endpoint: network.L3Endpoint,\n cluster: k8s.Cluster,\n): endpoint is k8s.ServiceEndpoint {\n return (\n check(k8s.serviceEndpointSchema, endpoint) &&\n endpoint.metadata[\"k8s.service\"].clusterId === cluster.id\n )\n}\n\n/**\n * Represents a Kubernetes Service resource with endpoints and metadata.\n */\nexport abstract class Service extends ScopedResource {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n apiVersion: Output<string>,\n kind: Output<string>,\n namespace: Output<Namespace>,\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying Kubernetes service.\n */\n readonly spec: Output<types.output.core.v1.ServiceSpec>,\n\n /**\n * The status of the underlying Kubernetes service.\n */\n readonly status: Output<types.output.core.v1.ServiceStatus>,\n ) {\n super(type, name, args, opts, apiVersion, kind, namespace, metadata)\n }\n\n /**\n * The Highstate service entity.\n */\n get entity(): Output<k8s.Service> {\n return output({\n type: \"service\",\n clusterId: this.cluster.id,\n clusterName: this.cluster.name,\n metadata: this.metadata,\n endpoints: this.endpoints,\n })\n }\n\n /**\n * Creates a new service.\n */\n static create(name: string, args: ServiceArgs, opts?: ComponentResourceOptions): Service {\n return new CreatedService(name, args, opts)\n }\n\n /**\n * Creates a new service or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the service name.\n * @param args The arguments to create or patch the service with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetServiceArgs,\n opts?: ComponentResourceOptions,\n ): Service {\n if (args.existing) {\n return new ServicePatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedService(name, args, opts)\n }\n\n /**\n * Creates a new service or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the service name. Will not be used when existing service is retrieved.\n * @param args The arguments to create or get the service with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetServiceArgs,\n opts?: ComponentResourceOptions,\n ): Promise<Service> {\n if (args.existing) {\n return await Service.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedService(name, args, opts)\n }\n\n /**\n * Patches an existing service.\n *\n * Will throw an error if the service does not exist.\n *\n * @param name The name of the resource. May not be the same as the service name.\n * @param args The arguments to patch the service with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: ServiceArgs, opts?: ComponentResourceOptions): Service {\n return new ServicePatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes service.\n */\n static wrap(name: string, args: WrappedServiceArgs, opts?: ComponentResourceOptions): Service {\n return new WrappedService(name, args, opts)\n }\n\n /**\n * Gets an existing service.\n *\n * Will throw an error if the service does not exist.\n */\n static get(name: string, args: ExternalServiceArgs, opts?: ComponentResourceOptions): Service {\n return new ExternalService(name, args, opts)\n }\n\n private static readonly serviceCache = new Map<string, Service>()\n\n /**\n * Gets an existing service for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the service for.\n * @param cluster The cluster where the service is located.\n */\n static for(entity: k8s.Service, cluster: Input<k8s.Cluster>): Service {\n return getOrCreate(\n Service.serviceCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return Service.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResourceAsync(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing service for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the service for.\n * @param cluster The cluster where the service is located.\n */\n static async forAsync(entity: Input<k8s.Service>, cluster: Input<k8s.Cluster>): Promise<Service> {\n const resolvedEntity = await toPromise(entity)\n\n return Service.for(resolvedEntity, output(cluster))\n }\n\n /**\n * Returns the endpoints of the service applying the given filter.\n *\n * If no filter is specified, the default behavior of `filterEndpoints` is used.\n *\n * @param filter If specified, the endpoints are filtered based on the given filter.\n * @returns The endpoints of the service.\n */\n filterEndpoints(filter?: network.EndpointFilter): Output<k8s.ServiceEndpoint[]> {\n return output(this.endpoints).apply(endpoints => filterEndpoints(endpoints, filter))\n }\n\n /**\n * Returns the endpoints of the service including both internal and external endpoints.\n */\n get endpoints(): Output<k8s.ServiceEndpoint[]> {\n return output({\n cluster: this.cluster,\n metadata: this.metadata,\n spec: this.spec,\n status: this.status,\n }).apply(({ cluster, metadata, spec, status }) => {\n const endpointMetadata: k8s.EndpointServiceMetadata = {\n \"k8s.service\": {\n clusterId: cluster.id,\n clusterName: cluster.name,\n name: metadata.name,\n namespace: metadata.namespace,\n selector: spec.selector,\n targetPort: spec.ports[0].targetPort ?? spec.ports[0].port,\n },\n }\n\n const clusterIpEndpoints = spec.clusterIPs?.map(ip => ({\n ...parseL3Endpoint(ip),\n visibility: \"internal\" as network.EndpointVisibility,\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n\n if (clusterIpEndpoints.length > 0) {\n clusterIpEndpoints.unshift({\n type: \"hostname\",\n visibility: \"internal\",\n hostname: `${metadata.name}.${metadata.namespace}.svc.cluster.local`,\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n })\n }\n\n const nodePortEndpoints =\n spec.type === \"NodePort\"\n ? cluster.endpoints.map(endpoint => ({\n ...(endpoint as network.L3Endpoint),\n port: spec.ports[0].nodePort,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n : []\n\n const loadBalancerEndpoints =\n spec.type === \"LoadBalancer\"\n ? status.loadBalancer?.ingress?.map(endpoint => ({\n ...parseL3Endpoint(endpoint.ip ?? endpoint.hostname),\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n : []\n\n return uniqueBy(\n [\n ...(clusterIpEndpoints ?? []),\n ...(loadBalancerEndpoints ?? []),\n ...(nodePortEndpoints ?? []),\n ],\n l4EndpointToString,\n )\n })\n }\n}\n\n/**\n * Creates the service spec configuration based on arguments and cluster settings.\n *\n * @param args The service arguments containing port and external configuration.\n * @param cluster The cluster where the service will be created.\n * @returns The service spec configuration.\n */\nfunction createServiceSpec(args: ServiceArgs, cluster: k8s.Cluster) {\n return output(args).apply(args => {\n return deepmerge(\n {\n ports: normalize(args.port, args.ports),\n\n externalIPs: args.external\n ? args.externalIPs\n ? args.externalIPs\n : cluster.externalIps\n : normalize(undefined, args.externalIPs),\n\n type: getServiceType(args, cluster),\n },\n omit(args, serviceExtraArgs),\n )\n })\n}\n\nclass CreatedService extends Service {\n constructor(name: string, args: ServiceArgs, opts?: ComponentResourceOptions) {\n const service = output(args.namespace).cluster.apply(cluster => {\n return new core.v1.Service(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: createServiceSpec(args, cluster),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:Service\",\n name,\n args,\n opts,\n\n service.apiVersion,\n service.kind,\n output(args.namespace),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\nclass ServicePatch extends Service {\n constructor(name: string, args: ServiceArgs, opts?: ComponentResourceOptions) {\n const service = output(args.namespace).cluster.apply(cluster => {\n return new core.v1.ServicePatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: createServiceSpec(args, cluster),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ServicePatch\",\n name,\n args,\n opts,\n\n service.apiVersion,\n service.kind,\n output(args.namespace),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\nexport type WrappedServiceArgs = {\n /**\n * The underlying Kubernetes service to wrap.\n */\n service: Input<core.v1.Service>\n\n /**\n * The namespace where the service is located.\n */\n namespace: Input<Namespace>\n}\n\nclass WrappedService extends Service {\n constructor(name: string, args: WrappedServiceArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedService\",\n name,\n args,\n opts,\n\n output(args.service).apiVersion,\n output(args.service).kind,\n output(args.namespace),\n output(args.service).metadata,\n output(args.service).spec,\n output(args.service).status,\n )\n }\n}\n\nexport type ExternalServiceArgs = {\n /**\n * The name of the service to get.\n */\n name: Input<string>\n\n /**\n * The namespace of the service to get.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalService extends Service {\n constructor(name: string, args: ExternalServiceArgs, opts?: ComponentResourceOptions) {\n const service = output(args.namespace).cluster.apply(cluster => {\n return core.v1.Service.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalService\",\n name,\n args,\n opts,\n\n service.apiVersion,\n service.kind,\n output(args.namespace),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\n/**\n * Maps a container port to a service port.\n *\n * @param port The container port to map.\n * @returns The corresponding service port configuration.\n */\nexport function mapContainerPortToServicePort(\n port: types.input.core.v1.ContainerPort,\n): types.input.core.v1.ServicePort {\n return {\n name: port.name,\n port: port.containerPort,\n targetPort: port.containerPort,\n protocol: port.protocol,\n }\n}\n\n/**\n * Maps a service to a label selector.\n *\n * @param service The service to extract the label selector from.\n * @returns The label selector based on the service's selector.\n */\nexport function mapServiceToLabelSelector(\n service: core.v1.Service,\n): types.input.meta.v1.LabelSelector {\n return {\n matchLabels: service.spec.selector,\n }\n}\n\n/**\n * Determines the appropriate service type based on the service arguments and cluster configuration.\n *\n * @param service The service configuration containing type and external properties.\n * @param cluster The cluster where the service will be created.\n * @returns The service type to use.\n */\nexport function getServiceType(\n service: Pick<ServiceArgs, \"type\" | \"external\"> | undefined,\n cluster: k8s.Cluster,\n): Input<string> {\n if (service?.type) {\n return service.type\n }\n\n if (!service?.external) {\n return \"ClusterIP\"\n }\n\n return cluster.quirks?.externalServiceType === \"LoadBalancer\" ? \"LoadBalancer\" : \"NodePort\"\n}\n\n/**\n * Converts a network L4 endpoint to a Kubernetes service port.\n *\n * @param endpoint The L4 endpoint to convert.\n * @returns The corresponding Kubernetes service port configuration.\n */\nexport function l4EndpointToServicePort(\n endpoint: network.L4Endpoint,\n): types.input.core.v1.ServicePort {\n return {\n port: endpoint.port,\n protocol: endpoint.protocol.toUpperCase(),\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/service.ts"],"names":["args"],"mappings":";;;;;;;;;AA8CA,IAAM,mBAAmB,CAAC,GAAG,eAAA,EAAiB,MAAA,EAAQ,SAAS,UAAU,CAAA;AASlE,SAAS,qBAAA,CACd,UACA,OAAA,EACiC;AACjC,EAAA,OACE,KAAA,CAAM,GAAA,CAAI,qBAAA,EAAuB,QAAQ,CAAA,IACzC,SAAS,QAAA,CAAS,aAAa,CAAA,CAAE,SAAA,KAAc,OAAA,CAAQ,EAAA;AAE3D;AAKO,IAAe,OAAA,GAAf,MAAe,QAAA,SAAgB,cAAA,CAAe;AAAA,EACzC,WAAA,CACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,IAAA,EAEA,YACA,IAAA,EACA,SAAA,EACA,QAAA,EAKS,IAAA,EAKA,MAAA,EACT;AACA,IAAA,KAAA,CAAM,MAAM,IAAA,EAAM,IAAA,EAAM,MAAM,UAAA,EAAY,IAAA,EAAM,WAAW,QAAQ,CAAA;AAP1D,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAA8B;AAChC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,IAAA,EAAM,SAAA;AAAA,MACN,SAAA,EAAW,KAAK,OAAA,CAAQ,EAAA;AAAA,MACxB,WAAA,EAAa,KAAK,OAAA,CAAQ,IAAA;AAAA,MAC1B,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,WAAW,IAAA,CAAK;AAAA,KACjB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAmB,IAAA,EAA0C;AACvF,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACS;AACT,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,aAAa,IAAA,EAAM;AAAA,QAC5B,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACkB;AAClB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,SAAQ,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IAC7E;AAEA,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAmB,IAAA,EAA0C;AACtF,IAAA,OAAO,IAAI,YAAA,CAAa,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CAAK,IAAA,EAAc,IAAA,EAA0B,IAAA,EAA0C;AAC5F,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CAAI,IAAA,EAAc,IAAA,EAA2B,IAAA,EAA0C;AAC5F,IAAA,OAAO,IAAI,eAAA,CAAgB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC7C;AAAA,EAEA,OAAwB,YAAA,mBAAe,IAAI,GAAA,EAAqB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAahE,OAAO,GAAA,CAAI,MAAA,EAAqB,OAAA,EAAsC;AACpE,IAAA,OAAO,WAAA;AAAA,MACL,QAAA,CAAQ,YAAA;AAAA,MACR,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,QAAA,CAAQ,IAAI,IAAA,EAAM;AAAA,UACvB,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,gBAAA,CAAiB,MAAA,EAAQ,OAAO;AAAA,SACtD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CAAS,MAAA,EAA4B,OAAA,EAA+C;AAC/F,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAE7C,IAAA,OAAO,QAAA,CAAQ,GAAA,CAAI,cAAA,EAAgB,MAAA,CAAO,OAAO,CAAC,CAAA;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,gBAAgB,MAAA,EAAgE;AAC9E,IAAA,OAAO,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,MAAM,CAAA,SAAA,KAAa,eAAA,CAAgB,SAAA,EAAW,MAAM,CAAC,CAAA;AAAA,EACrF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,SAAA,GAA2C;AAC7C,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,SAAS,IAAA,CAAK,OAAA;AAAA,MACd,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,QAAQ,IAAA,CAAK;AAAA,KACd,EAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAS,QAAA,EAAU,IAAA,EAAM,MAAA,EAAO,KAAM;AAChD,MAAA,MAAM,gBAAA,GAAgD;AAAA,QACpD,aAAA,EAAe;AAAA,UACb,WAAW,OAAA,CAAQ,EAAA;AAAA,UACnB,aAAa,OAAA,CAAQ,IAAA;AAAA,UACrB,MAAM,QAAA,CAAS,IAAA;AAAA,UACf,WAAW,QAAA,CAAS,SAAA;AAAA,UACpB,UAAU,IAAA,CAAK,QAAA;AAAA,UACf,UAAA,EAAY,KAAK,KAAA,CAAM,CAAC,EAAE,UAAA,IAAc,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE;AAAA;AACxD,OACF;AAEA,MAAA,MAAM,kBAAA,GAAqB,IAAA,CAAK,UAAA,EAAY,GAAA,CAAI,CAAA,EAAA,MAAO;AAAA,QACrD,GAAG,gBAAgB,EAAE,CAAA;AAAA,QACrB,UAAA,EAAY,UAAA;AAAA,QACZ,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA;AAAA,QACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,QAC9C,QAAA,EAAU;AAAA,OACZ,CAAE,CAAA;AAEF,MAAA,IAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG;AACjC,QAAA,kBAAA,CAAmB,OAAA,CAAQ;AAAA,UACzB,IAAA,EAAM,UAAA;AAAA,UACN,UAAA,EAAY,UAAA;AAAA,UACZ,UAAU,CAAA,EAAG,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,SAAS,SAAS,CAAA,kBAAA,CAAA;AAAA,UAChD,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA;AAAA,UACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,UAC9C,QAAA,EAAU;AAAA,SACX,CAAA;AAAA,MACH;AAEA,MAAA,MAAM,oBACJ,IAAA,CAAK,IAAA,KAAS,aACV,OAAA,CAAQ,SAAA,CAAU,IAAI,CAAA,QAAA,MAAa;AAAA,QACjC,GAAI,QAAA;AAAA,QACJ,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,QAAA;AAAA,QACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,QAC9C,QAAA,EAAU;AAAA,OACZ,CAAE,IACF,EAAC;AAEP,MAAA,MAAM,qBAAA,GACJ,KAAK,IAAA,KAAS,cAAA,GACV,OAAO,YAAA,EAAc,OAAA,EAAS,IAAI,CAAA,QAAA,MAAa;AAAA,QAC7C,GAAG,eAAA,CAAgB,QAAA,CAAS,EAAA,IAAM,SAAS,QAAQ,CAAA;AAAA,QACnD,IAAA,EAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA;AAAA,QACpB,UAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,UAAU,WAAA,EAAY;AAAA,QAC9C,QAAA,EAAU;AAAA,OACZ,CAAE,IACF,EAAC;AAEP,MAAA,OAAO,QAAA;AAAA,QACL;AAAA,UACE,GAAI,sBAAsB,EAAC;AAAA,UAC3B,GAAI,yBAAyB,EAAC;AAAA,UAC9B,GAAI,qBAAqB;AAAC,SAC5B;AAAA,QACA;AAAA,OACF;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AASA,SAAS,iBAAA,CAAkB,MAAmB,OAAA,EAAsB;AAClE,EAAA,OAAO,MAAA,CAAO,IAAI,CAAA,CAAE,KAAA,CAAM,CAAAA,KAAAA,KAAQ;AAChC,IAAA,OAAO,SAAA;AAAA,MACL;AAAA,QACE,KAAA,EAAO,SAAA,CAAUA,KAAAA,CAAK,IAAA,EAAMA,MAAK,KAAK,CAAA;AAAA,QAEtC,WAAA,EAAaA,KAAAA,CAAK,QAAA,GACdA,KAAAA,CAAK,WAAA,GACHA,KAAAA,CAAK,WAAA,GACL,OAAA,CAAQ,WAAA,GACV,SAAA,CAAU,MAAA,EAAWA,KAAAA,CAAK,WAAW,CAAA;AAAA,QAEzC,IAAA,EAAM,cAAA,CAAeA,KAAAA,EAAM,OAAO;AAAA,OACpC;AAAA,MACA,IAAA,CAAKA,OAAM,gBAAgB;AAAA,KAC7B;AAAA,EACF,CAAC,CAAA;AACH;AAEA,IAAM,cAAA,GAAN,cAA6B,OAAA,CAAQ;AAAA,EACnC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAmB,IAAA,EAAiC;AAC5E,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC9D,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,OAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,iBAAA,CAAkB,IAAA,EAAM,OAAO;AAAA,SACvC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,uBAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,OAAA,CAAQ,UAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,OAAA,CAAQ,QAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAAA,EACF;AACF,CAAA;AAEA,IAAM,YAAA,GAAN,cAA2B,OAAA,CAAQ;AAAA,EACjC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAmB,IAAA,EAAiC;AAC5E,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC9D,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,YAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,iBAAA,CAAkB,IAAA,EAAM,OAAO;AAAA,SACvC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,4BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,OAAA,CAAQ,UAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,OAAA,CAAQ,QAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAAA,EACF;AACF,CAAA;AAcA,IAAM,cAAA,GAAN,cAA6B,OAAA,CAAQ;AAAA,EACnC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA0B,IAAA,EAAiC;AACnF,IAAA,KAAA;AAAA,MACE,8BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,UAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,MACrB,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,QAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE;AAAA,KACvB;AAAA,EACF;AACF,CAAA;AAcA,IAAM,eAAA,GAAN,cAA8B,OAAA,CAAQ;AAAA,EACpC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA2B,IAAA,EAAiC;AACpF,IAAA,MAAM,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC9D,MAAA,OAAO,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAA;AAAA,QACrB,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,+BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,OAAA,CAAQ,UAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,OAAA,CAAQ,QAAA;AAAA,MACR,OAAA,CAAQ,IAAA;AAAA,MACR,OAAA,CAAQ;AAAA,KACV;AAAA,EACF;AACF,CAAA;AAQO,SAAS,8BACd,IAAA,EACiC;AACjC,EAAA,OAAO;AAAA,IACL,MAAM,IAAA,CAAK,IAAA;AAAA,IACX,MAAM,IAAA,CAAK,aAAA;AAAA,IACX,YAAY,IAAA,CAAK,aAAA;AAAA,IACjB,UAAU,IAAA,CAAK;AAAA,GACjB;AACF;AAQO,SAAS,0BACd,OAAA,EACmC;AACnC,EAAA,OAAO;AAAA,IACL,WAAA,EAAa,QAAQ,IAAA,CAAK;AAAA,GAC5B;AACF;AASO,SAAS,cAAA,CACd,SACA,OAAA,EACe;AACf,EAAA,IAAI,SAAS,IAAA,EAAM;AACjB,IAAA,OAAO,OAAA,CAAQ,IAAA;AAAA,EACjB;AAEA,EAAA,IAAI,CAAC,SAAS,QAAA,EAAU;AACtB,IAAA,OAAO,WAAA;AAAA,EACT;AAEA,EAAA,OAAO,OAAA,CAAQ,MAAA,EAAQ,mBAAA,KAAwB,cAAA,GAAiB,cAAA,GAAiB,UAAA;AACnF;AAQO,SAAS,wBACd,QAAA,EACiC;AACjC,EAAA,OAAO;AAAA,IACL,MAAM,QAAA,CAAS,IAAA;AAAA,IACf,QAAA,EAAU,QAAA,CAAS,QAAA,CAAS,WAAA;AAAY,GAC1C;AACF","file":"chunk-3CKMDTYK.js","sourcesContent":["import { filterEndpoints, l4EndpointToString, parseL3Endpoint } from \"@highstate/common\"\nimport { check, getOrCreate } from \"@highstate/contract\"\nimport { k8s, type network } from \"@highstate/library\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n normalize,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { omit, uniqueBy } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport {\n commonExtraArgs,\n getProvider,\n mapMetadata,\n ScopedResource,\n type ScopedResourceArgs,\n} from \"./shared\"\n\nexport type ServiceArgs = ScopedResourceArgs & {\n /**\n * The port to expose the service on.\n */\n port?: Input<types.input.core.v1.ServicePort>\n\n /**\n * Whether the service should be exposed by `NodePort` or `LoadBalancer`.\n *\n * The type of the service will be determined automatically based on the cluster.\n */\n external?: Input<boolean>\n} & types.input.core.v1.ServiceSpec\n\nexport type CreateOrGetServiceArgs = ServiceArgs & {\n /**\n * The service entity to patch/retrieve.\n */\n existing: Input<k8s.Service> | undefined\n}\n\nconst serviceExtraArgs = [...commonExtraArgs, \"port\", \"ports\", \"external\"] as const\n\n/**\n * Checks if the endpoint is from the given cluster.\n *\n * @param endpoint The endpoint to check.\n * @param cluster The cluster to check against.\n * @returns True if the endpoint is from the cluster, false otherwise.\n */\nexport function isEndpointFromCluster(\n endpoint: network.L3Endpoint,\n cluster: k8s.Cluster,\n): endpoint is k8s.ServiceEndpoint {\n return (\n check(k8s.serviceEndpointSchema, endpoint) &&\n endpoint.metadata[\"k8s.service\"].clusterId === cluster.id\n )\n}\n\n/**\n * Represents a Kubernetes Service resource with endpoints and metadata.\n */\nexport abstract class Service extends ScopedResource {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n apiVersion: Output<string>,\n kind: Output<string>,\n namespace: Output<Namespace>,\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying Kubernetes service.\n */\n readonly spec: Output<types.output.core.v1.ServiceSpec>,\n\n /**\n * The status of the underlying Kubernetes service.\n */\n readonly status: Output<types.output.core.v1.ServiceStatus>,\n ) {\n super(type, name, args, opts, apiVersion, kind, namespace, metadata)\n }\n\n /**\n * The Highstate service entity.\n */\n get entity(): Output<k8s.Service> {\n return output({\n type: \"service\",\n clusterId: this.cluster.id,\n clusterName: this.cluster.name,\n metadata: this.metadata,\n endpoints: this.endpoints,\n })\n }\n\n /**\n * Creates a new service.\n */\n static create(name: string, args: ServiceArgs, opts?: ComponentResourceOptions): Service {\n return new CreatedService(name, args, opts)\n }\n\n /**\n * Creates a new service or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the service name.\n * @param args The arguments to create or patch the service with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetServiceArgs,\n opts?: ComponentResourceOptions,\n ): Service {\n if (args.existing) {\n return new ServicePatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedService(name, args, opts)\n }\n\n /**\n * Creates a new service or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the service name. Will not be used when existing service is retrieved.\n * @param args The arguments to create or get the service with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetServiceArgs,\n opts?: ComponentResourceOptions,\n ): Promise<Service> {\n if (args.existing) {\n return await Service.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedService(name, args, opts)\n }\n\n /**\n * Patches an existing service.\n *\n * Will throw an error if the service does not exist.\n *\n * @param name The name of the resource. May not be the same as the service name.\n * @param args The arguments to patch the service with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: ServiceArgs, opts?: ComponentResourceOptions): Service {\n return new ServicePatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes service.\n */\n static wrap(name: string, args: WrappedServiceArgs, opts?: ComponentResourceOptions): Service {\n return new WrappedService(name, args, opts)\n }\n\n /**\n * Gets an existing service.\n *\n * Will throw an error if the service does not exist.\n */\n static get(name: string, args: ExternalServiceArgs, opts?: ComponentResourceOptions): Service {\n return new ExternalService(name, args, opts)\n }\n\n private static readonly serviceCache = new Map<string, Service>()\n\n /**\n * Gets an existing service for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the service for.\n * @param cluster The cluster where the service is located.\n */\n static for(entity: k8s.Service, cluster: Input<k8s.Cluster>): Service {\n return getOrCreate(\n Service.serviceCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return Service.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResourceAsync(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing service for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the service for.\n * @param cluster The cluster where the service is located.\n */\n static async forAsync(entity: Input<k8s.Service>, cluster: Input<k8s.Cluster>): Promise<Service> {\n const resolvedEntity = await toPromise(entity)\n\n return Service.for(resolvedEntity, output(cluster))\n }\n\n /**\n * Returns the endpoints of the service applying the given filter.\n *\n * If no filter is specified, the default behavior of `filterEndpoints` is used.\n *\n * @param filter If specified, the endpoints are filtered based on the given filter.\n * @returns The endpoints of the service.\n */\n filterEndpoints(filter?: network.EndpointFilter): Output<k8s.ServiceEndpoint[]> {\n return output(this.endpoints).apply(endpoints => filterEndpoints(endpoints, filter))\n }\n\n /**\n * Returns the endpoints of the service including both internal and external endpoints.\n */\n get endpoints(): Output<k8s.ServiceEndpoint[]> {\n return output({\n cluster: this.cluster,\n metadata: this.metadata,\n spec: this.spec,\n status: this.status,\n }).apply(({ cluster, metadata, spec, status }) => {\n const endpointMetadata: k8s.EndpointServiceMetadata = {\n \"k8s.service\": {\n clusterId: cluster.id,\n clusterName: cluster.name,\n name: metadata.name,\n namespace: metadata.namespace,\n selector: spec.selector,\n targetPort: spec.ports[0].targetPort ?? spec.ports[0].port,\n },\n }\n\n const clusterIpEndpoints = spec.clusterIPs?.map(ip => ({\n ...parseL3Endpoint(ip),\n visibility: \"internal\" as network.EndpointVisibility,\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n\n if (clusterIpEndpoints.length > 0) {\n clusterIpEndpoints.unshift({\n type: \"hostname\",\n visibility: \"internal\",\n hostname: `${metadata.name}.${metadata.namespace}.svc.cluster.local`,\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n })\n }\n\n const nodePortEndpoints =\n spec.type === \"NodePort\"\n ? cluster.endpoints.map(endpoint => ({\n ...(endpoint as network.L3Endpoint),\n port: spec.ports[0].nodePort,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n : []\n\n const loadBalancerEndpoints =\n spec.type === \"LoadBalancer\"\n ? status.loadBalancer?.ingress?.map(endpoint => ({\n ...parseL3Endpoint(endpoint.ip ?? endpoint.hostname),\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n : []\n\n return uniqueBy(\n [\n ...(clusterIpEndpoints ?? []),\n ...(loadBalancerEndpoints ?? []),\n ...(nodePortEndpoints ?? []),\n ],\n l4EndpointToString,\n )\n })\n }\n}\n\n/**\n * Creates the service spec configuration based on arguments and cluster settings.\n *\n * @param args The service arguments containing port and external configuration.\n * @param cluster The cluster where the service will be created.\n * @returns The service spec configuration.\n */\nfunction createServiceSpec(args: ServiceArgs, cluster: k8s.Cluster) {\n return output(args).apply(args => {\n return deepmerge(\n {\n ports: normalize(args.port, args.ports),\n\n externalIPs: args.external\n ? args.externalIPs\n ? args.externalIPs\n : cluster.externalIps\n : normalize(undefined, args.externalIPs),\n\n type: getServiceType(args, cluster),\n },\n omit(args, serviceExtraArgs),\n )\n })\n}\n\nclass CreatedService extends Service {\n constructor(name: string, args: ServiceArgs, opts?: ComponentResourceOptions) {\n const service = output(args.namespace).cluster.apply(cluster => {\n return new core.v1.Service(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: createServiceSpec(args, cluster),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:Service\",\n name,\n args,\n opts,\n\n service.apiVersion,\n service.kind,\n output(args.namespace),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\nclass ServicePatch extends Service {\n constructor(name: string, args: ServiceArgs, opts?: ComponentResourceOptions) {\n const service = output(args.namespace).cluster.apply(cluster => {\n return new core.v1.ServicePatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: createServiceSpec(args, cluster),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ServicePatch\",\n name,\n args,\n opts,\n\n service.apiVersion,\n service.kind,\n output(args.namespace),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\nexport type WrappedServiceArgs = {\n /**\n * The underlying Kubernetes service to wrap.\n */\n service: Input<core.v1.Service>\n\n /**\n * The namespace where the service is located.\n */\n namespace: Input<Namespace>\n}\n\nclass WrappedService extends Service {\n constructor(name: string, args: WrappedServiceArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedService\",\n name,\n args,\n opts,\n\n output(args.service).apiVersion,\n output(args.service).kind,\n output(args.namespace),\n output(args.service).metadata,\n output(args.service).spec,\n output(args.service).status,\n )\n }\n}\n\nexport type ExternalServiceArgs = {\n /**\n * The name of the service to get.\n */\n name: Input<string>\n\n /**\n * The namespace of the service to get.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalService extends Service {\n constructor(name: string, args: ExternalServiceArgs, opts?: ComponentResourceOptions) {\n const service = output(args.namespace).cluster.apply(cluster => {\n return core.v1.Service.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalService\",\n name,\n args,\n opts,\n\n service.apiVersion,\n service.kind,\n output(args.namespace),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\n/**\n * Maps a container port to a service port.\n *\n * @param port The container port to map.\n * @returns The corresponding service port configuration.\n */\nexport function mapContainerPortToServicePort(\n port: types.input.core.v1.ContainerPort,\n): types.input.core.v1.ServicePort {\n return {\n name: port.name,\n port: port.containerPort,\n targetPort: port.containerPort,\n protocol: port.protocol,\n }\n}\n\n/**\n * Maps a service to a label selector.\n *\n * @param service The service to extract the label selector from.\n * @returns The label selector based on the service's selector.\n */\nexport function mapServiceToLabelSelector(\n service: core.v1.Service,\n): types.input.meta.v1.LabelSelector {\n return {\n matchLabels: service.spec.selector,\n }\n}\n\n/**\n * Determines the appropriate service type based on the service arguments and cluster configuration.\n *\n * @param service The service configuration containing type and external properties.\n * @param cluster The cluster where the service will be created.\n * @returns The service type to use.\n */\nexport function getServiceType(\n service: Pick<ServiceArgs, \"type\" | \"external\"> | undefined,\n cluster: k8s.Cluster,\n): Input<string> {\n if (service?.type) {\n return service.type\n }\n\n if (!service?.external) {\n return \"ClusterIP\"\n }\n\n return cluster.quirks?.externalServiceType === \"LoadBalancer\" ? \"LoadBalancer\" : \"NodePort\"\n}\n\n/**\n * Converts a network L4 endpoint to a Kubernetes service port.\n *\n * @param endpoint The L4 endpoint to convert.\n * @returns The corresponding Kubernetes service port configuration.\n */\nexport function l4EndpointToServicePort(\n endpoint: network.L4Endpoint,\n): types.input.core.v1.ServicePort {\n return {\n port: endpoint.port,\n protocol: endpoint.protocol.toUpperCase(),\n }\n}\n"]}
package/dist/{chunk-23KLAP3X.js → chunk-3ZITTM5N.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { ExposableWorkload, getExposableWorkloadComponents, exposableWorkloadExtraArgs } from './chunk-4NWENXPT.js';
2
- import { Namespace, mapMetadata, getProvider } from './chunk-UHWJ2GDK.js';
1
+ import { ExposableWorkload, getExposableWorkloadComponents, exposableWorkloadExtraArgs } from './chunk-F4JMKHHE.js';
2
+ import { Namespace, mapMetadata, getProvider } from './chunk-SEWB4FUB.js';
3
3
  import { getOrCreate } from '@highstate/contract';
4
4
  import { output, toPromise, interpolate } from '@highstate/pulumi';
5
5
  import { apps } from '@pulumi/kubernetes';
@@ -19,6 +19,7 @@ var StatefulSet = class _StatefulSet extends ExposableWorkload {
19
19
  containers,
20
20
  namespace,
21
21
  metadata,
22
+ spec.template,
22
23
  networkPolicy,
23
24
  service,
24
25
  routes
@@ -212,18 +213,15 @@ var CreatedStatefulSet = class extends StatefulSet {
212
213
  };
213
214
  var StatefulSetPatch = class extends StatefulSet {
214
215
  constructor(name, args, opts) {
215
- const { labels, podTemplate, networkPolicy, containers, service, routes } = getExposableWorkloadComponents(name, args, () => this, opts);
216
+ const { podTemplate, networkPolicy, containers, service, routes } = getExposableWorkloadComponents(name, args, () => this, opts, true);
216
217
  const statefulSet = output(args.namespace).cluster.apply((cluster) => {
217
218
  return new apps.v1.StatefulSetPatch(
218
219
  name,
219
220
  {
220
221
  metadata: mapMetadata(args, name),
221
- spec: output({ args, podTemplate, labels }).apply(({ args: args2, podTemplate: podTemplate2, labels: labels2 }) => {
222
+ spec: output({ args, podTemplate }).apply(({ args: args2, podTemplate: podTemplate2 }) => {
222
223
  return deepmerge(
223
- {
224
- template: podTemplate2,
225
- selector: { matchLabels: labels2 }
226
- },
224
+ { template: podTemplate2 },
227
225
  omit(args2, exposableWorkloadExtraArgs)
228
226
  );
229
227
  })
@@ -305,5 +303,5 @@ var ExternalStatefulSet = class extends StatefulSet {
305
303
  };
306
304
 
307
305
  export { StatefulSet };
308
- //# sourceMappingURL=chunk-23KLAP3X.js.map
309
- //# sourceMappingURL=chunk-23KLAP3X.js.map
306
+ //# sourceMappingURL=chunk-3ZITTM5N.js.map
307
+ //# sourceMappingURL=chunk-3ZITTM5N.js.map
package/dist/chunk-3ZITTM5N.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/stateful-set.ts"],"names":["service","args","podTemplate","labels"],"mappings":";;;;;;;;AA4CO,IAAe,WAAA,GAAf,MAAe,YAAA,SAAoB,iBAAA,CAAkB;AAAA,EAChD,WAAA,CACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,MAEA,UAAA,EACA,IAAA,EACA,YAAA,EACA,UAAA,EACA,WACA,QAAA,EACA,aAAA,EAEA,OAAA,EACA,MAAA,EAKS,MAKA,MAAA,EACT;AACA,IAAA,KAAA;AAAA,MACE,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,UAAA;AAAA,MACA,IAAA;AAAA,MACA,YAAA;AAAA,MACA,UAAA;AAAA,MACA,SAAA;AAAA,MACA,QAAA;AAAA,MACA,IAAA,CAAK,QAAA;AAAA,MACL,aAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AAtBS,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAkBX;AAAA,EAEA,IAAuB,gBAAA,GAA4D;AACjF,IAAA,OAAO,IAAA,CAAK,KAAK,QAAA,CAAS,QAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAkC;AACpC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,IAAA,EAAM,cAAA;AAAA,MACN,SAAA,EAAW,KAAK,OAAA,CAAQ,EAAA;AAAA,MACxB,WAAA,EAAa,KAAK,OAAA,CAAQ,IAAA;AAAA,MAC1B,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,OAAA,EAAS,KAAK,OAAA,CAAQ;AAAA,KACvB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC/F,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,iBAAiB,IAAA,EAAM;AAAA,QAChC,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACsB;AACtB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,aAAY,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IACjF;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC9F,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,mBAAA,CAAoB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,OAAwB,gBAAA,mBAAmB,IAAI,GAAA,EAAyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaxE,OAAO,GAAA,CAAI,MAAA,EAAyB,OAAA,EAA0C;AAC5E,IAAA,OAAO,WAAA;AAAA,MACL,YAAA,CAAY,gBAAA;AAAA,MACZ,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,YAAA,CAAY,IAAI,IAAA,EAAM;AAAA,UAC3B,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,WAAA,CAAY,MAAA,EAAQ,OAAO;AAAA,SACjD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACsB;AACtB,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAC7C,IAAA,OAAO,YAAA,CAAY,GAAA,CAAI,cAAA,EAAgB,OAAO,CAAA;AAAA,EAChD;AAAA,EAEU,eAAA,GAAgD;AACxD,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,KAAA,EAAO,aAAA;AAAA,MACP,WAAA,EAAa,WAAA,CAAA,cAAA,EAA4B,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA,CAAA;AAAA,MAC3D,WAAA,EAAa,oCAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAAA,EAEA,IAAc,YAAA,GAAuB;AACnC,IAAA,OAAO,aAAA;AAAA,EACT;AACF;AAEA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,MAAA,EAAQ,WAAA,EAAa,eAAe,UAAA,EAAY,OAAA,EAAS,QAAO,GACtE,8BAAA;AAAA,MACE,IAAA;AAAA,MACA;AAAA,QACE,GAAG,IAAA;AAAA;AAAA,QAGH,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,KAAA,CAAM,CAAAA,QAAAA,MAAY,EAAE,GAAGA,QAAAA,EAAQ,CAAE;AAAA,OACjE;AAAA,MACA,MAAM,IAAA;AAAA,MACN;AAAA,KACF;AAEF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,OAAO,EAAE,IAAA,EAAM,aAAa,MAAA,EAAQ,OAAA,EAAS,CAAA,CAAE,KAAA;AAAA,YACnD,CAAC,EAAE,IAAA,EAAAC,KAAAA,EAAM,WAAA,EAAAC,cAAa,MAAA,EAAAC,OAAAA,EAAQ,OAAA,EAAAH,QAAAA,EAAQ,KAAM;AAC1C,cAAA,OAAO,SAAA;AAAA,gBACL;AAAA,kBACE,WAAA,EAAaA,UAAS,QAAA,CAAS,IAAA;AAAA,kBAC/B,QAAA,EAAUE,YAAAA;AAAA,kBACV,QAAA,EAAU,EAAE,WAAA,EAAaC,OAAAA;AAAO,iBAClC;AAAA,gBACA,IAAA,CAAKF,OAAM,0BAA0B;AAAA,eACvC;AAAA,YACF;AAAA;AACF,SACF;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,2BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,UAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAEA,IAAM,gBAAA,GAAN,cAA+B,WAAA,CAAY;AAAA,EACzC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,WAAA,EAAa,aAAA,EAAe,UAAA,EAAY,OAAA,EAAS,MAAA,EAAO,GAC9D,8BAAA,CAA+B,IAAA,EAAM,IAAA,EAAM,MAAM,IAAA,EAAM,MAAM,IAAI,CAAA;AAEnE,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,gBAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,MAAA,CAAO,EAAE,IAAA,EAAM,aAAa,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,IAAA,EAAAA,KAAAA,EAAM,WAAA,EAAAC,cAAY,KAAM;AACnE,YAAA,OAAO,SAAA;AAAA,cACL,EAAE,UAAUA,YAAAA,EAAY;AAAA,cACxB,IAAA,CAAKD,OAAM,0BAA0B;AAAA,aACvC;AAAA,UACF,CAAC;AAAA,SACH;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,gCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,UAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAsBA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA;AAAA,MACE,kCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,UAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,MAAA,CAAO,EAAE,CAAA;AAAA,MACT,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,QAAA;AAAA,MAEzB,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE;AAAA,KAC3B;AAAA,EACF;AACF,CAAA;AAcA,IAAM,mBAAA,GAAN,cAAkC,WAAA,CAAY;AAAA,EAC5C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA+B,IAAA,EAAiC;AACxF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAA,CAAK,GAAG,WAAA,CAAY,GAAA;AAAA,QACzB,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,mCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,UAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,MAAA,CAAO,EAAE,CAAA;AAAA,MACT,MAAA,CAAO,EAAE,CAAA;AAAA,MACT,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MAEZ,OAAO,MAAS,CAAA;AAAA,MAChB,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA","file":"chunk-3ZITTM5N.js","sourcesContent":["import type { AccessPointRoute } from \"@highstate/common\"\nimport type { k8s } from \"@highstate/library\"\nimport type { Container } from \"./container\"\nimport type { NetworkPolicy } from \"./network-policy\"\nimport type { Service } from \"./service\"\nimport { getOrCreate, type UnitTerminal } from \"@highstate/contract\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n type Output,\n output,\n toPromise,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { apps, type types } from \"@pulumi/kubernetes\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { omit } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport { getProvider, mapMetadata } from \"./shared\"\nimport {\n ExposableWorkload,\n type ExposableWorkloadArgs,\n exposableWorkloadExtraArgs,\n getExposableWorkloadComponents,\n type WorkloadTerminalArgs,\n} from \"./workload\"\n\nexport type StatefulSetArgs = Omit<ExposableWorkloadArgs, \"existing\"> &\n Omit<Partial<types.input.apps.v1.StatefulSetSpec>, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n\nexport type CreateOrGetStatefulSetArgs = StatefulSetArgs & {\n /**\n * The entity to use to determine the stateful set to patch.\n */\n existing: Input<k8s.StatefulSet> | undefined\n}\n\nexport abstract class StatefulSet extends ExposableWorkload {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n apiVersion: Output<string>,\n kind: Output<string>,\n terminalArgs: Output<Unwrap<WorkloadTerminalArgs>>,\n containers: Output<Container[]>,\n namespace: Output<Namespace>,\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n networkPolicy: Output<NetworkPolicy | undefined>,\n\n service: Output<Service | undefined>,\n routes: Output<AccessPointRoute[]>,\n\n /**\n * The spec of the underlying Kubernetes stateful set.\n */\n readonly spec: Output<types.output.apps.v1.StatefulSetSpec>,\n\n /**\n * The status of the underlying Kubernetes stateful set.\n */\n readonly status: Output<types.output.apps.v1.StatefulSetStatus>,\n ) {\n super(\n type,\n name,\n args,\n opts,\n apiVersion,\n kind,\n terminalArgs,\n containers,\n namespace,\n metadata,\n spec.template,\n networkPolicy,\n service,\n routes,\n )\n }\n\n protected override get templateMetadata(): Output<types.output.meta.v1.ObjectMeta> {\n return this.spec.template.metadata\n }\n\n /**\n * The Highstate stateful set entity.\n */\n get entity(): Output<k8s.StatefulSet> {\n return output({\n type: \"stateful-set\",\n clusterId: this.cluster.id,\n clusterName: this.cluster.name,\n metadata: this.metadata,\n service: this.service.entity,\n })\n }\n\n /**\n * Creates a new stateful set.\n */\n static create(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to create or patch the stateful set with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n if (args.existing) {\n return new StatefulSetPatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name. Will not be used when existing stateful set is retrieved.\n * @param args The arguments to create or get the stateful set with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): Promise<StatefulSet> {\n if (args.existing) {\n return await StatefulSet.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Patches an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to patch the stateful set with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new StatefulSetPatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes stateful set.\n */\n static wrap(\n name: string,\n args: WrappedStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new WrappedStatefulSet(name, args, opts)\n }\n\n /**\n * Gets an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n */\n static get(\n name: string,\n args: ExternalStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new ExternalStatefulSet(name, args, opts)\n }\n\n private static readonly statefulSetCache = new Map<string, StatefulSet>()\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static for(entity: k8s.StatefulSet, cluster: Input<k8s.Cluster>): StatefulSet {\n return getOrCreate(\n StatefulSet.statefulSetCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return StatefulSet.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResource(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static async forAsync(\n entity: Input<k8s.StatefulSet>,\n cluster: Input<k8s.Cluster>,\n ): Promise<StatefulSet> {\n const resolvedEntity = await toPromise(entity)\n return StatefulSet.for(resolvedEntity, cluster)\n }\n\n protected getTerminalMeta(): Output<UnitTerminal[\"meta\"]> {\n return output({\n title: \"StatefulSet\",\n globalTitle: interpolate`StatefulSet | ${this.metadata.name}`,\n description: \"The shell inside the stateful set.\",\n icon: \"devicon:kubernetes\",\n })\n }\n\n protected get resourceType(): string {\n return \"statefulset\"\n }\n}\n\nclass CreatedStatefulSet extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { labels, podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(\n name,\n {\n ...args,\n\n // force create a service since it is required for stateful sets\n service: output(args.service).apply(service => ({ ...service })),\n },\n () => this,\n opts,\n )\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSet(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate, labels, service }).apply(\n ({ args, podTemplate, labels, service }) => {\n return deepmerge(\n {\n serviceName: service?.metadata.name,\n template: podTemplate,\n selector: { matchLabels: labels },\n },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n },\n ),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.apiVersion,\n statefulSet.kind,\n output(args.terminal ?? {}),\n containers,\n output(args.namespace),\n statefulSet.metadata,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nclass StatefulSetPatch extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(name, args, () => this, opts, true)\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSetPatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate }).apply(({ args, podTemplate }) => {\n return deepmerge(\n { template: podTemplate },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n }),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSetPatch\",\n name,\n args,\n opts,\n\n statefulSet.apiVersion,\n statefulSet.kind,\n output(args.terminal ?? {}),\n containers,\n output(args.namespace),\n statefulSet.metadata,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nexport type WrappedStatefulSetArgs = {\n /**\n * The underlying Kubernetes stateful set to wrap.\n */\n statefulSet: Input<apps.v1.StatefulSet>\n\n // TODO: remove\n service?: Input<Service>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n\n /**\n * The args for the terminal to use.\n */\n terminal?: Input<WorkloadTerminalArgs>\n}\n\nclass WrappedStatefulSet extends StatefulSet {\n constructor(name: string, args: WrappedStatefulSetArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedStatefulSet\",\n name,\n args,\n opts,\n\n output(args.statefulSet).apiVersion,\n output(args.statefulSet).kind,\n output(args.terminal ?? {}),\n output([]),\n output(args.namespace),\n output(args.statefulSet).metadata,\n\n output(undefined),\n output(args.service),\n output([]),\n\n output(args.statefulSet).spec,\n output(args.statefulSet).status,\n )\n }\n}\n\nexport type ExternalStatefulSetArgs = {\n /**\n * The name of the stateful set to get.\n */\n name: Input<string>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalStatefulSet extends StatefulSet {\n constructor(name: string, args: ExternalStatefulSetArgs, opts?: ComponentResourceOptions) {\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return apps.v1.StatefulSet.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalStatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.apiVersion,\n statefulSet.kind,\n output({}),\n output([]),\n output(args.namespace),\n statefulSet.metadata,\n\n output(undefined),\n output(undefined),\n output([]),\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n"]}
package/dist/{chunk-5CMNORLF.js → chunk-6ACIPGW4.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { images_exports } from './chunk-UHWJ2GDK.js';
1
+ import { images_exports } from './chunk-SEWB4FUB.js';
2
2
  import { text } from '@highstate/contract';
3
3
  import { output, fileFromString } from '@highstate/pulumi';
4
4
  import { CoreV1Api } from '@kubernetes/client-node';
@@ -61,5 +61,5 @@ function createK8sTerminal(kubeconfig) {
61
61
  }
62
62
 
63
63
  export { createK8sTerminal, detectExternalIps };
64
- //# sourceMappingURL=chunk-5CMNORLF.js.map
65
- //# sourceMappingURL=chunk-5CMNORLF.js.map
64
+ //# sourceMappingURL=chunk-6ACIPGW4.js.map
65
+ //# sourceMappingURL=chunk-6ACIPGW4.js.map
package/dist/{chunk-5CMNORLF.js.map → chunk-6ACIPGW4.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/cluster.ts"],"names":[],"mappings":";;;;;AAMA,SAAS,YAAY,EAAA,EAAY;AAC/B,EAAA,MAAM,cAAA,GAAiB,0BAAA;AACvB,EAAA,OAAO,cAAA,CAAe,KAAK,EAAE,CAAA;AAC/B;AAEA,eAAsB,iBAAA,CACpB,YACA,iBAAA,EACmB;AACnB,EAAA,MAAM,OAAA,GAAU,UAAA,CAAW,aAAA,CAAc,SAAS,CAAA;AAClD,EAAA,MAAM,KAAA,GAAQ,MAAM,OAAA,CAAQ,QAAA,EAAS;AAErC,EAAA,OAAO,KAAA,CAAM,KAAA,CAAM,OAAA,CAAQ,CAAA,IAAA,KAAQ;AACjC,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAC7C,IAAA,MAAM,aAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW,OAAA,CAAQ,SAAS,YAAY,CAAA;AAC1E,IAAA,MAAM,aAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW,OAAA,CAAQ,SAAS,YAAY,CAAA;AAE1E,IAAA,MAAM,SAAmB,EAAC;AAE1B,IAAA,IAAI,YAAY,OAAA,EAAS;AACvB,MAAA,MAAA,CAAO,IAAA,CAAK,WAAW,OAAO,CAAA;AAAA,IAChC;AAEA,IAAA,IAAI,UAAA,EAAY,OAAA,IAAW,iBAAA,KAAsB,QAAA,EAAU;AACzD,MAAA,MAAA,CAAO,IAAA,CAAK,WAAW,OAAO,CAAA;AAAA,IAChC;AAEA,IAAA,IAAI,UAAA,EAAY,WAAW,iBAAA,KAAsB,QAAA,IAAY,CAAC,WAAA,CAAY,UAAA,CAAW,OAAO,CAAA,EAAG;AAC7F,MAAA,MAAA,CAAO,IAAA,CAAK,WAAW,OAAO,CAAA;AAAA,IAChC;AAEA,IAAA,OAAO,MAAA;AAAA,EACT,CAAC,CAAA;AACH;AAEO,SAAS,kBAAkB,UAAA,EAAiD;AACjF,EAAA,OAAO,MAAA,CAAO;AAAA,IACZ,IAAA,EAAM,YAAA;AAAA,IAEN,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO,oBAAA;AAAA,MACP,WAAA,EAAa,2CAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACR;AAAA,IAEA,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO,cAAA,CAAO,kBAAkB,CAAA,CAAE,KAAA;AAAA,MAClC,OAAA,EAAS,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA,MAE/B,KAAA,EAAO;AAAA,QACL,eAAe,cAAA,CAAe,YAAA,EAAc,YAAY,EAAE,QAAA,EAAU,MAAM,CAAA;AAAA,QAE1E,aAAA,EAAe,cAAA;AAAA,UACb,YAAA;AAAA,UACA,IAAA;AAAA;AAAA;;AAAA;AAAA;;AAAA;AAAA,UAAA;AAAA;AASF,OACF;AAAA,MAEA,GAAA,EAAK;AAAA,QACH,UAAA,EAAY;AAAA;AACd;AACF,GACD,CAAA;AACH","file":"chunk-5CMNORLF.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport { text, type UnitTerminal } from \"@highstate/contract\"\nimport { fileFromString, type Input, type Output, output } from \"@highstate/pulumi\"\nimport { CoreV1Api, type KubeConfig } from \"@kubernetes/client-node\"\nimport { images } from \"./shared\"\n\nfunction isPrivateIp(ip: string) {\n const privateIpRegex = /^(10|172\\.16|192\\.168)\\./\n return privateIpRegex.test(ip)\n}\n\nexport async function detectExternalIps(\n kubeConfig: KubeConfig,\n internalIpsPolicy: k8s.InternalIpsPolicy,\n): Promise<string[]> {\n const nodeApi = kubeConfig.makeApiClient(CoreV1Api)\n const nodes = await nodeApi.listNode()\n\n return nodes.items.flatMap(node => {\n const addresses = node.status?.addresses ?? []\n const externalIp = addresses.find(address => address.type === \"ExternalIP\")\n const internalIp = addresses.find(address => address.type === \"InternalIP\")\n\n const result: string[] = []\n\n if (externalIp?.address) {\n result.push(externalIp.address)\n }\n\n if (internalIp?.address && internalIpsPolicy === \"always\") {\n result.push(internalIp.address)\n }\n\n if (internalIp?.address && internalIpsPolicy === \"public\" && !isPrivateIp(internalIp.address)) {\n result.push(internalIp.address)\n }\n\n return result\n })\n}\n\nexport function createK8sTerminal(kubeconfig: Input<string>): Output<UnitTerminal> {\n return output({\n name: \"management\",\n\n meta: {\n title: \"Cluster Management\",\n description: \"Manage the cluster using kubectl and helm\",\n icon: \"devicon:kubernetes\",\n },\n\n spec: {\n image: images[\"terminal-kubectl\"].image,\n command: [\"bash\", \"/welcome.sh\"],\n\n files: {\n \"/kubeconfig\": fileFromString(\"kubeconfig\", kubeconfig, { isSecret: true }),\n\n \"/welcome.sh\": fileFromString(\n \"welcome.sh\",\n text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo\n\n exec bash\n `,\n ),\n },\n\n env: {\n KUBECONFIG: \"/kubeconfig\",\n },\n },\n })\n}\n"]}
1
+ {"version":3,"sources":["../src/cluster.ts"],"names":[],"mappings":";;;;;AAMA,SAAS,YAAY,EAAA,EAAY;AAC/B,EAAA,MAAM,cAAA,GAAiB,0BAAA;AACvB,EAAA,OAAO,cAAA,CAAe,KAAK,EAAE,CAAA;AAC/B;AAEA,eAAsB,iBAAA,CACpB,YACA,iBAAA,EACmB;AACnB,EAAA,MAAM,OAAA,GAAU,UAAA,CAAW,aAAA,CAAc,SAAS,CAAA;AAClD,EAAA,MAAM,KAAA,GAAQ,MAAM,OAAA,CAAQ,QAAA,EAAS;AAErC,EAAA,OAAO,KAAA,CAAM,KAAA,CAAM,OAAA,CAAQ,CAAA,IAAA,KAAQ;AACjC,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAC7C,IAAA,MAAM,aAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW,OAAA,CAAQ,SAAS,YAAY,CAAA;AAC1E,IAAA,MAAM,aAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW,OAAA,CAAQ,SAAS,YAAY,CAAA;AAE1E,IAAA,MAAM,SAAmB,EAAC;AAE1B,IAAA,IAAI,YAAY,OAAA,EAAS;AACvB,MAAA,MAAA,CAAO,IAAA,CAAK,WAAW,OAAO,CAAA;AAAA,IAChC;AAEA,IAAA,IAAI,UAAA,EAAY,OAAA,IAAW,iBAAA,KAAsB,QAAA,EAAU;AACzD,MAAA,MAAA,CAAO,IAAA,CAAK,WAAW,OAAO,CAAA;AAAA,IAChC;AAEA,IAAA,IAAI,UAAA,EAAY,WAAW,iBAAA,KAAsB,QAAA,IAAY,CAAC,WAAA,CAAY,UAAA,CAAW,OAAO,CAAA,EAAG;AAC7F,MAAA,MAAA,CAAO,IAAA,CAAK,WAAW,OAAO,CAAA;AAAA,IAChC;AAEA,IAAA,OAAO,MAAA;AAAA,EACT,CAAC,CAAA;AACH;AAEO,SAAS,kBAAkB,UAAA,EAAiD;AACjF,EAAA,OAAO,MAAA,CAAO;AAAA,IACZ,IAAA,EAAM,YAAA;AAAA,IAEN,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO,oBAAA;AAAA,MACP,WAAA,EAAa,2CAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACR;AAAA,IAEA,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO,cAAA,CAAO,kBAAkB,CAAA,CAAE,KAAA;AAAA,MAClC,OAAA,EAAS,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA,MAE/B,KAAA,EAAO;AAAA,QACL,eAAe,cAAA,CAAe,YAAA,EAAc,YAAY,EAAE,QAAA,EAAU,MAAM,CAAA;AAAA,QAE1E,aAAA,EAAe,cAAA;AAAA,UACb,YAAA;AAAA,UACA,IAAA;AAAA;AAAA;;AAAA;AAAA;;AAAA;AAAA,UAAA;AAAA;AASF,OACF;AAAA,MAEA,GAAA,EAAK;AAAA,QACH,UAAA,EAAY;AAAA;AACd;AACF,GACD,CAAA;AACH","file":"chunk-6ACIPGW4.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport { text, type UnitTerminal } from \"@highstate/contract\"\nimport { fileFromString, type Input, type Output, output } from \"@highstate/pulumi\"\nimport { CoreV1Api, type KubeConfig } from \"@kubernetes/client-node\"\nimport { images } from \"./shared\"\n\nfunction isPrivateIp(ip: string) {\n const privateIpRegex = /^(10|172\\.16|192\\.168)\\./\n return privateIpRegex.test(ip)\n}\n\nexport async function detectExternalIps(\n kubeConfig: KubeConfig,\n internalIpsPolicy: k8s.InternalIpsPolicy,\n): Promise<string[]> {\n const nodeApi = kubeConfig.makeApiClient(CoreV1Api)\n const nodes = await nodeApi.listNode()\n\n return nodes.items.flatMap(node => {\n const addresses = node.status?.addresses ?? []\n const externalIp = addresses.find(address => address.type === \"ExternalIP\")\n const internalIp = addresses.find(address => address.type === \"InternalIP\")\n\n const result: string[] = []\n\n if (externalIp?.address) {\n result.push(externalIp.address)\n }\n\n if (internalIp?.address && internalIpsPolicy === \"always\") {\n result.push(internalIp.address)\n }\n\n if (internalIp?.address && internalIpsPolicy === \"public\" && !isPrivateIp(internalIp.address)) {\n result.push(internalIp.address)\n }\n\n return result\n })\n}\n\nexport function createK8sTerminal(kubeconfig: Input<string>): Output<UnitTerminal> {\n return output({\n name: \"management\",\n\n meta: {\n title: \"Cluster Management\",\n description: \"Manage the cluster using kubectl and helm\",\n icon: \"devicon:kubernetes\",\n },\n\n spec: {\n image: images[\"terminal-kubectl\"].image,\n command: [\"bash\", \"/welcome.sh\"],\n\n files: {\n \"/kubeconfig\": fileFromString(\"kubeconfig\", kubeconfig, { isSecret: true }),\n\n \"/welcome.sh\": fileFromString(\n \"welcome.sh\",\n text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo\n\n exec bash\n `,\n ),\n },\n\n env: {\n KUBECONFIG: \"/kubeconfig\",\n },\n },\n })\n}\n"]}
package/dist/{chunk-SY7FPT77.js → chunk-7H4L3DFC.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { Secret } from './chunk-LR6OTL6T.js';
2
- import { getProvider, getNamespaceName } from './chunk-UHWJ2GDK.js';
1
+ import { Secret } from './chunk-VJL2BFKO.js';
2
+ import { getProvider, getNamespaceName } from './chunk-SEWB4FUB.js';
3
3
  import { ComponentResource, output, normalizeInputs, interpolate, toPromise } from '@highstate/pulumi';
4
4
  import { KubeConfig } from '@kubernetes/client-node';
5
5
  import { core, rbac } from '@pulumi/kubernetes';
@@ -164,5 +164,5 @@ var ClusterAccessScope = class _ClusterAccessScope extends ComponentResource {
164
164
  };
165
165
 
166
166
  export { ClusterAccessScope };
167
- //# sourceMappingURL=chunk-SY7FPT77.js.map
168
- //# sourceMappingURL=chunk-SY7FPT77.js.map
167
+ //# sourceMappingURL=chunk-7H4L3DFC.js.map
168
+ //# sourceMappingURL=chunk-7H4L3DFC.js.map
package/dist/{chunk-SY7FPT77.js.map → chunk-7H4L3DFC.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/rbac.ts"],"names":["serviceAccount","kubeconfig"],"mappings":";;;;;;;;AAqFO,IAAM,kBAAA,GAAN,MAAM,mBAAA,SAA2B,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAI/C,OAAA;AAAA,EAET,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA,CAAM,kCAAA,EAAoC,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAE1D,IAAA,MAAM,EAAE,cAAA,EAAgB,UAAA,EAAW,GAAI,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,KAAA,CAAM,CAAA,OAAA,KAAW;AACrF,MAAA,MAAM,QAAA,GAAW,YAAY,OAAO,CAAA;AACpC,MAAA,MAAM,aAAA,GAAgB,MAAA,CAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAA;AAEtD,MAAA,MAAMA,eAAAA,GAAiB,IAAI,IAAA,CAAK,EAAA,CAAG,cAAA;AAAA,QACjC,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA;AAAA,YACA,SAAA,EAAW;AAAA;AACb,SACF;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,WAAA,GAAc,IAAI,IAAA,CAAK,EAAA,CAAG,WAAA;AAAA,QAC9B,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA,EAAM,WAAA,CAAA,UAAA,EAAwB,aAAa,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,YACnD,WAAA,EAAa;AAAA,cACX,2BAAA,EAA6B,WAAA,CAAA,6CAAA,EAA2D,IAAI,CAAA,oBAAA,EAAuB,aAAa,CAAA,EAAA;AAAA;AAClI,WACF;AAAA,UACA,KAAA,EAAO,eAAA,CAAgB,IAAA,CAAK,IAAA,EAAM,KAAK,KAAK;AAAA,SAC9C;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,iBAAA,GAAoB,CAAC,SAAA,KAA6B;AACtD,QAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,UACjB,IAAA;AAAA,UACA;AAAA,YACE,QAAA,EAAU,EAAE,IAAA,EAAM,SAAA,EAAU;AAAA,YAC5B,OAAA,EAAS;AAAA,cACP,IAAA,EAAM,aAAA;AAAA,cACN,IAAA,EAAM,YAAY,QAAA,CAAS,IAAA;AAAA,cAC3B,QAAA,EAAU;AAAA,aACZ;AAAA,YACA,QAAA,EAAU;AAAA,cACR;AAAA,gBACE,IAAA,EAAM,gBAAA;AAAA,gBACN,IAAA,EAAMA,gBAAe,QAAA,CAAS,IAAA;AAAA,gBAC9B,SAAA,EAAW;AAAA;AACb;AACF,WACF;AAAA,UACA,EAAE,QAAA;AAAS,SACb;AAAA,MACF,CAAA;AAEA,MAAA,IAAI,IAAA,CAAK,wBAAwB,IAAA,EAAM;AACrC,QAAA,iBAAA,CAAkB,aAAa,CAAA;AAAA,MACjC;AAEA,MAAA,MAAA,CAAO,IAAA,CAAK,eAAA,IAAmB,EAAE,CAAA,CAC9B,KAAA,CAAM,GAAA,CAAI,gBAAgB,CAAC,CAAA,CAC3B,KAAA,CAAM,GAAA,CAAI,iBAAiB,CAAC,CAAA;AAE/B,MAAA,OAAO,EAAE,cAAA,EAAAA,eAAAA,EAAgB,UAAA,EAAY,QAAQ,UAAA,EAAW;AAAA,IAC1D,CAAC,CAAA;AAED,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,MAAA,CAAO,CAAA,EAAG,IAAI,CAAA,MAAA,CAAA,EAAU;AAAA,MACvD,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,IAAA,EAAM,qCAAA;AAAA,MACN,QAAA,EAAU;AAAA,QACR,WAAA,EAAa;AAAA,UACX,oCAAA,EAAsC,eAAe,QAAA,CAAS;AAAA;AAChE;AACF,KACD,CAAA;AAED,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO;AAAA,MACpB,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA;AAAA,MAChC,UAAA;AAAA,MACA,QAAA,EAAU,iBAAA,CAAkB,QAAA,CAAS,OAAO,CAAA;AAAA,MAC5C,cAAA,EAAgB,eAAe,QAAA,CAAS;AAAA,KACzC,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAS,UAAA,EAAAC,WAAAA,EAAY,QAAA,EAAU,cAAA,EAAAD,eAAAA,EAAe,KAAM;AAC9D,MAAA,MAAM,MAAA,GAAS,IAAI,UAAA,EAAW;AAC9B,MAAA,MAAA,CAAO,eAAeC,WAAU,CAAA;AAGhC,MAAA,MAAA,CAAO,QAAQ,EAAC;AAChB,MAAA,MAAA,CAAO,WAAW,EAAC;AAEnB,MAAA,MAAA,CAAO,QAAQ,EAAE,IAAA,EAAMD,eAAAA,EAAgB,KAAA,EAAO,UAAU,CAAA;AAExD,MAAA,MAAA,CAAO,UAAA,CAAW;AAAA,QAChB,IAAA,EAAM,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QACzB,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QAC5B,IAAA,EAAMA;AAAA,OACP,CAAA;AAED,MAAA,MAAA,CAAO,iBAAA,CAAkB,MAAA,CAAO,QAAA,CAAS,CAAC,EAAE,IAAI,CAAA;AAEhD,MAAA,OAAO;AAAA,QACL,GAAG,OAAA;AAAA,QACH,YAAY,SAAA,CAAU,IAAA,CAAK,MAAM,MAAA,CAAO,YAAA,EAAc,CAAC;AAAA,OACzD;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,aAAa,YAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EAC6B;AAC7B,IAAA,MAAM,WAAW,MAAM,SAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,KAAA;AAAA,QAAM,CAAA,SAAA,KAC3B,SAAA,CAAU,GAAA,CAAI,CAAA,CAAA,MAAM;AAAA,UAClB,WAAA,EAAa,CAAA,CAAE,SAAA,CAAU,QAAA,CAAS,GAAA;AAAA,UAClC,WAAW,CAAA,CAAE,SAAA;AAAA,UACb,UAAU,CAAA,CAAE,QAAA;AAAA,UACZ,YAAY,CAAA,CAAE,UAAA;AAAA,UACd,MAAM,CAAA,CAAE;AAAA,SACV,CAAE;AAAA;AACJ,KACF;AAEA,IAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AACzB,MAAA,MAAM,IAAI,MAAM,wCAAwC,CAAA;AAAA,IAC1D;AAEA,IAAA,IAAI,MAAA,CAAO,SAAS,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,WAAW,CAAC,CAAA,CAAE,MAAA,GAAS,CAAA,EAAG;AACvD,MAAA,MAAM,IAAI,MAAM,kDAAkD,CAAA;AAAA,IACpE;AAEA,IAAA,MAAM,aAAA,GAAgB,MAAM,SAAA,CAAU,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,SAAS,GAAG,CAAA;AAEzE,IAAA,IAAI,QAAA,CAAS,CAAC,CAAA,CAAE,WAAA,KAAgB,aAAA,EAAe;AAC7C,MAAA,MAAM,IAAI,MAAM,wEAAwE,CAAA;AAAA,IAC1F;AAEA,IAAA,IAAI,KAAK,gBAAA,EAAkB;AAEzB,MAAA,MAAM,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,EAAG,CAAA,CAAE,UAAU,CAAA,EAAA,EAAK,CAAA,CAAE,IAAI,CAAA,CAAE,CAAC,CAAA;AAE1E,MAAA,OAAO,IAAI,mBAAA;AAAA,QACT,IAAA;AAAA,QACA;AAAA,UACE,WAAW,IAAA,CAAK,SAAA;AAAA,UAChB,KAAA,EAAO,WAAA,CAAY,GAAA,CAAI,CAAA,CAAA,KAAK;AAC1B,YAAA,MAAM,CAAC,UAAA,EAAY,IAAI,CAAA,GAAI,CAAA,CAAE,MAAM,IAAI,CAAA;AAEvC,YAAA,OAAO;AAAA,cACL,SAAA,EAAW,UAAA,KAAe,IAAA,GAAO,CAAC,EAAE,CAAA,GAAI,CAAC,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAAA,cACjE,WAAW,CAAC,CAAA,EAAG,IAAA,CAAK,WAAA,EAAa,CAAA,CAAA,CAAG,CAAA;AAAA,cACpC,OAAO,IAAA,CAAK;AAAA,aACd;AAAA,UACF,CAAC;AAAA,SACH;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAO,IAAI,mBAAA;AAAA,MACT,IAAA;AAAA,MACA;AAAA,QACE,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA,EAAO,QAAA,CAAS,GAAA,CAAI,CAAA,CAAA,MAAM;AAAA,UACxB,SAAA,EAAW,CAAA,CAAE,UAAA,KAAe,IAAA,GAAO,CAAC,EAAE,CAAA,GAAI,CAAC,CAAA,CAAE,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAAA,UACrE,SAAA,EAAW,CAAC,CAAA,CAAE,IAAA,CAAK,WAAA,MAAiB,CAAA,CAAE,QAAA,EAAU,IAAA,GAAO,GAAA,GAAM,EAAA,CAAG,CAAA;AAAA,UAChE,aAAA,EAAe,EAAE,QAAA,EAAU,IAAA,GAAO,CAAC,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,GAAI,MAAA;AAAA,UACtD,OAAO,IAAA,CAAK;AAAA,SACd,CAAE;AAAA,OACJ;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACF","file":"chunk-SY7FPT77.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { Namespace } from \"./namespace\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n interpolate,\n normalizeInputs,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { core, rbac, type types } from \"@pulumi/kubernetes\"\nimport { map, unique } from \"remeda\"\nimport { stringify } from \"yaml\"\nimport { Secret } from \"./secret\"\nimport { getNamespaceName, getProvider, type NamespaceLike, type ScopedResource } from \"./shared\"\n\nexport type ClusterAccessScopeArgs = {\n /**\n * The namespace to locate the ServiceAccount in.\n */\n namespace: Input<Namespace>\n\n /**\n * The RBAC rule to apply to the `ServiceAccount`.\n *\n * It will be used to create ClusterRole.\n */\n rule?: Input<types.input.rbac.v1.PolicyRule>\n\n /**\n * The RBAC rules to apply to the `ServiceAccount`.\n *\n * It will be used to create `ClusterRole`.\n */\n rules?: InputArray<types.input.rbac.v1.PolicyRule>\n\n /**\n * Whether to allow the `ServiceAccount` to access resources in the namespace where it is created.\n *\n * By default, it is set to `true`.\n */\n allowOriginNamespace?: boolean\n\n /**\n * The extra namespaces to bind to the `ClusterRole` and allow `ServiceAccount` to access them\n * with specified `rules`.\n */\n extraNamespaces?: InputArray<NamespaceLike>\n\n /**\n * Whether to create `ClusterRoleBinding` to bind the `ServiceAccount` to the `ClusterRole`.\n *\n * This will allow the `ServiceAccount` to access all namespaces and cluster resources.\n */\n clusterWide?: boolean\n}\n\nexport type ClusterAccessScopeForResourcesArgs = {\n /**\n * The namespace to locate the `ServiceAccount` in.\n */\n namespace: Input<Namespace>\n\n /**\n * The verbs to allow on the resources.\n */\n verbs: string[]\n\n /**\n * The resources to allow verbs on.\n */\n resources: InputArray<ScopedResource>\n\n /**\n * Whether to allow access on the whole collection rather than specific resources.\n *\n * The provided resources in this case will be used to determine the types and api groups only.\n */\n collectionAccess?: boolean\n}\n\nexport class ClusterAccessScope extends ComponentResource {\n /**\n * The cluster entity with the reduced access.\n */\n readonly cluster: Output<k8s.Cluster>\n\n constructor(name: string, args: ClusterAccessScopeArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ClusterAccessScope\", name, args, opts)\n\n const { serviceAccount, kubeconfig } = output(args.namespace).cluster.apply(cluster => {\n const provider = getProvider(cluster)\n const namespaceName = output(args.namespace).metadata.name\n\n const serviceAccount = new core.v1.ServiceAccount(\n name,\n {\n metadata: {\n name,\n namespace: namespaceName,\n },\n },\n { provider },\n )\n\n const clusterRole = new rbac.v1.ClusterRole(\n name,\n {\n metadata: {\n name: interpolate`highstate.${namespaceName}.${name}`,\n annotations: {\n \"kubernetes.io/description\": interpolate`Created by Highstate for the ServiceAccount \"${name}\" in the namespace \"${namespaceName}\".`,\n },\n },\n rules: normalizeInputs(args.rule, args.rules),\n },\n { provider },\n )\n\n const createRoleBinding = (namespace: Input<string>) => {\n return new rbac.v1.RoleBinding(\n name,\n {\n metadata: { name, namespace },\n roleRef: {\n kind: \"ClusterRole\",\n name: clusterRole.metadata.name,\n apiGroup: \"rbac.authorization.k8s.io\",\n },\n subjects: [\n {\n kind: \"ServiceAccount\",\n name: serviceAccount.metadata.name,\n namespace: namespaceName,\n },\n ],\n },\n { provider },\n )\n }\n\n if (args.allowOriginNamespace ?? true) {\n createRoleBinding(namespaceName)\n }\n\n output(args.extraNamespaces ?? [])\n .apply(map(getNamespaceName))\n .apply(map(createRoleBinding))\n\n return { serviceAccount, kubeconfig: cluster.kubeconfig }\n })\n\n const accessTokenSecret = Secret.create(`${name}-token`, {\n namespace: args.namespace,\n type: \"kubernetes.io/service-account-token\",\n metadata: {\n annotations: {\n \"kubernetes.io/service-account.name\": serviceAccount.metadata.name,\n },\n },\n })\n\n this.cluster = output({\n cluster: output(args.namespace).cluster,\n kubeconfig,\n newToken: accessTokenSecret.getValue(\"token\"),\n serviceAccount: serviceAccount.metadata.name,\n }).apply(({ cluster, kubeconfig, newToken, serviceAccount }) => {\n const config = new KubeConfig()\n config.loadFromString(kubeconfig)\n\n // clear all existing contexts and users\n config.users = []\n config.contexts = []\n\n config.addUser({ name: serviceAccount, token: newToken })\n\n config.addContext({\n name: config.clusters[0].name,\n cluster: config.clusters[0].name,\n user: serviceAccount,\n })\n\n config.setCurrentContext(config.clusters[0].name)\n\n return {\n ...cluster,\n kubeconfig: stringify(JSON.parse(config.exportConfig())),\n }\n })\n }\n\n /**\n * Creates `ClusterAccessScope` for the given resources with the specified verbs.\n *\n * All resources must belong to the same namespace in the same cluster.\n *\n * @param name The name of the resource and the ServiceAccount.\n * @param resources The resources to create access scope for.\n * @param verbs The verbs to allow on the resources.\n */\n static async forResources(\n name: string,\n args: ClusterAccessScopeForResourcesArgs,\n opts?: ComponentResourceOptions,\n ): Promise<ClusterAccessScope> {\n const resolved = await toPromise(\n output(args.resources).apply(resources =>\n resources.map(r => ({\n namespaceId: r.namespace.metadata.uid,\n namespace: r.namespace,\n metadata: r.metadata,\n apiVersion: r.apiVersion,\n kind: r.kind,\n })),\n ),\n )\n\n if (resolved.length === 0) {\n throw new Error(\"No resources provided to forResources.\")\n }\n\n if (unique(resolved.map(r => r.namespaceId)).length > 1) {\n throw new Error(\"All resources must belong to the same namespace.\")\n }\n\n const saNamespaceId = await toPromise(output(args.namespace).metadata.uid)\n\n if (resolved[0].namespaceId !== saNamespaceId) {\n throw new Error(\"The resources must belong to the same namespace as the ServiceAccount.\")\n }\n\n if (args.collectionAccess) {\n // when collection access is requested, we only need to know the types and api groups\n const uniqueTypes = unique(resolved.map(r => `${r.apiVersion}::${r.kind}`))\n\n return new ClusterAccessScope(\n name,\n {\n namespace: args.namespace,\n rules: uniqueTypes.map(t => {\n const [apiVersion, kind] = t.split(\"::\")\n\n return {\n apiGroups: apiVersion === \"v1\" ? [\"\"] : [apiVersion.split(\"/\")[0]],\n resources: [`${kind.toLowerCase()}s`],\n verbs: args.verbs,\n }\n }),\n },\n opts,\n )\n }\n\n return new ClusterAccessScope(\n name,\n {\n namespace: args.namespace,\n rules: resolved.map(r => ({\n apiGroups: r.apiVersion === \"v1\" ? [\"\"] : [r.apiVersion.split(\"/\")[0]],\n resources: [r.kind.toLowerCase() + (r.metadata?.name ? \"s\" : \"\")],\n resourceNames: r.metadata?.name ? [r.metadata.name] : undefined,\n verbs: args.verbs,\n })),\n },\n opts,\n )\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/rbac.ts"],"names":["serviceAccount","kubeconfig"],"mappings":";;;;;;;;AAqFO,IAAM,kBAAA,GAAN,MAAM,mBAAA,SAA2B,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAI/C,OAAA;AAAA,EAET,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA,CAAM,kCAAA,EAAoC,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAE1D,IAAA,MAAM,EAAE,cAAA,EAAgB,UAAA,EAAW,GAAI,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,KAAA,CAAM,CAAA,OAAA,KAAW;AACrF,MAAA,MAAM,QAAA,GAAW,YAAY,OAAO,CAAA;AACpC,MAAA,MAAM,aAAA,GAAgB,MAAA,CAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAA;AAEtD,MAAA,MAAMA,eAAAA,GAAiB,IAAI,IAAA,CAAK,EAAA,CAAG,cAAA;AAAA,QACjC,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA;AAAA,YACA,SAAA,EAAW;AAAA;AACb,SACF;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,WAAA,GAAc,IAAI,IAAA,CAAK,EAAA,CAAG,WAAA;AAAA,QAC9B,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA,EAAM,WAAA,CAAA,UAAA,EAAwB,aAAa,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,YACnD,WAAA,EAAa;AAAA,cACX,2BAAA,EAA6B,WAAA,CAAA,6CAAA,EAA2D,IAAI,CAAA,oBAAA,EAAuB,aAAa,CAAA,EAAA;AAAA;AAClI,WACF;AAAA,UACA,KAAA,EAAO,eAAA,CAAgB,IAAA,CAAK,IAAA,EAAM,KAAK,KAAK;AAAA,SAC9C;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,iBAAA,GAAoB,CAAC,SAAA,KAA6B;AACtD,QAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,UACjB,IAAA;AAAA,UACA;AAAA,YACE,QAAA,EAAU,EAAE,IAAA,EAAM,SAAA,EAAU;AAAA,YAC5B,OAAA,EAAS;AAAA,cACP,IAAA,EAAM,aAAA;AAAA,cACN,IAAA,EAAM,YAAY,QAAA,CAAS,IAAA;AAAA,cAC3B,QAAA,EAAU;AAAA,aACZ;AAAA,YACA,QAAA,EAAU;AAAA,cACR;AAAA,gBACE,IAAA,EAAM,gBAAA;AAAA,gBACN,IAAA,EAAMA,gBAAe,QAAA,CAAS,IAAA;AAAA,gBAC9B,SAAA,EAAW;AAAA;AACb;AACF,WACF;AAAA,UACA,EAAE,QAAA;AAAS,SACb;AAAA,MACF,CAAA;AAEA,MAAA,IAAI,IAAA,CAAK,wBAAwB,IAAA,EAAM;AACrC,QAAA,iBAAA,CAAkB,aAAa,CAAA;AAAA,MACjC;AAEA,MAAA,MAAA,CAAO,IAAA,CAAK,eAAA,IAAmB,EAAE,CAAA,CAC9B,KAAA,CAAM,GAAA,CAAI,gBAAgB,CAAC,CAAA,CAC3B,KAAA,CAAM,GAAA,CAAI,iBAAiB,CAAC,CAAA;AAE/B,MAAA,OAAO,EAAE,cAAA,EAAAA,eAAAA,EAAgB,UAAA,EAAY,QAAQ,UAAA,EAAW;AAAA,IAC1D,CAAC,CAAA;AAED,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,MAAA,CAAO,CAAA,EAAG,IAAI,CAAA,MAAA,CAAA,EAAU;AAAA,MACvD,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,IAAA,EAAM,qCAAA;AAAA,MACN,QAAA,EAAU;AAAA,QACR,WAAA,EAAa;AAAA,UACX,oCAAA,EAAsC,eAAe,QAAA,CAAS;AAAA;AAChE;AACF,KACD,CAAA;AAED,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO;AAAA,MACpB,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA;AAAA,MAChC,UAAA;AAAA,MACA,QAAA,EAAU,iBAAA,CAAkB,QAAA,CAAS,OAAO,CAAA;AAAA,MAC5C,cAAA,EAAgB,eAAe,QAAA,CAAS;AAAA,KACzC,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAS,UAAA,EAAAC,WAAAA,EAAY,QAAA,EAAU,cAAA,EAAAD,eAAAA,EAAe,KAAM;AAC9D,MAAA,MAAM,MAAA,GAAS,IAAI,UAAA,EAAW;AAC9B,MAAA,MAAA,CAAO,eAAeC,WAAU,CAAA;AAGhC,MAAA,MAAA,CAAO,QAAQ,EAAC;AAChB,MAAA,MAAA,CAAO,WAAW,EAAC;AAEnB,MAAA,MAAA,CAAO,QAAQ,EAAE,IAAA,EAAMD,eAAAA,EAAgB,KAAA,EAAO,UAAU,CAAA;AAExD,MAAA,MAAA,CAAO,UAAA,CAAW;AAAA,QAChB,IAAA,EAAM,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QACzB,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QAC5B,IAAA,EAAMA;AAAA,OACP,CAAA;AAED,MAAA,MAAA,CAAO,iBAAA,CAAkB,MAAA,CAAO,QAAA,CAAS,CAAC,EAAE,IAAI,CAAA;AAEhD,MAAA,OAAO;AAAA,QACL,GAAG,OAAA;AAAA,QACH,YAAY,SAAA,CAAU,IAAA,CAAK,MAAM,MAAA,CAAO,YAAA,EAAc,CAAC;AAAA,OACzD;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,aAAa,YAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EAC6B;AAC7B,IAAA,MAAM,WAAW,MAAM,SAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,KAAA;AAAA,QAAM,CAAA,SAAA,KAC3B,SAAA,CAAU,GAAA,CAAI,CAAA,CAAA,MAAM;AAAA,UAClB,WAAA,EAAa,CAAA,CAAE,SAAA,CAAU,QAAA,CAAS,GAAA;AAAA,UAClC,WAAW,CAAA,CAAE,SAAA;AAAA,UACb,UAAU,CAAA,CAAE,QAAA;AAAA,UACZ,YAAY,CAAA,CAAE,UAAA;AAAA,UACd,MAAM,CAAA,CAAE;AAAA,SACV,CAAE;AAAA;AACJ,KACF;AAEA,IAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AACzB,MAAA,MAAM,IAAI,MAAM,wCAAwC,CAAA;AAAA,IAC1D;AAEA,IAAA,IAAI,MAAA,CAAO,SAAS,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,WAAW,CAAC,CAAA,CAAE,MAAA,GAAS,CAAA,EAAG;AACvD,MAAA,MAAM,IAAI,MAAM,kDAAkD,CAAA;AAAA,IACpE;AAEA,IAAA,MAAM,aAAA,GAAgB,MAAM,SAAA,CAAU,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,SAAS,GAAG,CAAA;AAEzE,IAAA,IAAI,QAAA,CAAS,CAAC,CAAA,CAAE,WAAA,KAAgB,aAAA,EAAe;AAC7C,MAAA,MAAM,IAAI,MAAM,wEAAwE,CAAA;AAAA,IAC1F;AAEA,IAAA,IAAI,KAAK,gBAAA,EAAkB;AAEzB,MAAA,MAAM,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,EAAG,CAAA,CAAE,UAAU,CAAA,EAAA,EAAK,CAAA,CAAE,IAAI,CAAA,CAAE,CAAC,CAAA;AAE1E,MAAA,OAAO,IAAI,mBAAA;AAAA,QACT,IAAA;AAAA,QACA;AAAA,UACE,WAAW,IAAA,CAAK,SAAA;AAAA,UAChB,KAAA,EAAO,WAAA,CAAY,GAAA,CAAI,CAAA,CAAA,KAAK;AAC1B,YAAA,MAAM,CAAC,UAAA,EAAY,IAAI,CAAA,GAAI,CAAA,CAAE,MAAM,IAAI,CAAA;AAEvC,YAAA,OAAO;AAAA,cACL,SAAA,EAAW,UAAA,KAAe,IAAA,GAAO,CAAC,EAAE,CAAA,GAAI,CAAC,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAAA,cACjE,WAAW,CAAC,CAAA,EAAG,IAAA,CAAK,WAAA,EAAa,CAAA,CAAA,CAAG,CAAA;AAAA,cACpC,OAAO,IAAA,CAAK;AAAA,aACd;AAAA,UACF,CAAC;AAAA,SACH;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAO,IAAI,mBAAA;AAAA,MACT,IAAA;AAAA,MACA;AAAA,QACE,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA,EAAO,QAAA,CAAS,GAAA,CAAI,CAAA,CAAA,MAAM;AAAA,UACxB,SAAA,EAAW,CAAA,CAAE,UAAA,KAAe,IAAA,GAAO,CAAC,EAAE,CAAA,GAAI,CAAC,CAAA,CAAE,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA;AAAA,UACrE,SAAA,EAAW,CAAC,CAAA,CAAE,IAAA,CAAK,WAAA,MAAiB,CAAA,CAAE,QAAA,EAAU,IAAA,GAAO,GAAA,GAAM,EAAA,CAAG,CAAA;AAAA,UAChE,aAAA,EAAe,EAAE,QAAA,EAAU,IAAA,GAAO,CAAC,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,GAAI,MAAA;AAAA,UACtD,OAAO,IAAA,CAAK;AAAA,SACd,CAAE;AAAA,OACJ;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACF","file":"chunk-7H4L3DFC.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { Namespace } from \"./namespace\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n interpolate,\n normalizeInputs,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { core, rbac, type types } from \"@pulumi/kubernetes\"\nimport { map, unique } from \"remeda\"\nimport { stringify } from \"yaml\"\nimport { Secret } from \"./secret\"\nimport { getNamespaceName, getProvider, type NamespaceLike, type ScopedResource } from \"./shared\"\n\nexport type ClusterAccessScopeArgs = {\n /**\n * The namespace to locate the ServiceAccount in.\n */\n namespace: Input<Namespace>\n\n /**\n * The RBAC rule to apply to the `ServiceAccount`.\n *\n * It will be used to create ClusterRole.\n */\n rule?: Input<types.input.rbac.v1.PolicyRule>\n\n /**\n * The RBAC rules to apply to the `ServiceAccount`.\n *\n * It will be used to create `ClusterRole`.\n */\n rules?: InputArray<types.input.rbac.v1.PolicyRule>\n\n /**\n * Whether to allow the `ServiceAccount` to access resources in the namespace where it is created.\n *\n * By default, it is set to `true`.\n */\n allowOriginNamespace?: boolean\n\n /**\n * The extra namespaces to bind to the `ClusterRole` and allow `ServiceAccount` to access them\n * with specified `rules`.\n */\n extraNamespaces?: InputArray<NamespaceLike>\n\n /**\n * Whether to create `ClusterRoleBinding` to bind the `ServiceAccount` to the `ClusterRole`.\n *\n * This will allow the `ServiceAccount` to access all namespaces and cluster resources.\n */\n clusterWide?: boolean\n}\n\nexport type ClusterAccessScopeForResourcesArgs = {\n /**\n * The namespace to locate the `ServiceAccount` in.\n */\n namespace: Input<Namespace>\n\n /**\n * The verbs to allow on the resources.\n */\n verbs: string[]\n\n /**\n * The resources to allow verbs on.\n */\n resources: InputArray<ScopedResource>\n\n /**\n * Whether to allow access on the whole collection rather than specific resources.\n *\n * The provided resources in this case will be used to determine the types and api groups only.\n */\n collectionAccess?: boolean\n}\n\nexport class ClusterAccessScope extends ComponentResource {\n /**\n * The cluster entity with the reduced access.\n */\n readonly cluster: Output<k8s.Cluster>\n\n constructor(name: string, args: ClusterAccessScopeArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ClusterAccessScope\", name, args, opts)\n\n const { serviceAccount, kubeconfig } = output(args.namespace).cluster.apply(cluster => {\n const provider = getProvider(cluster)\n const namespaceName = output(args.namespace).metadata.name\n\n const serviceAccount = new core.v1.ServiceAccount(\n name,\n {\n metadata: {\n name,\n namespace: namespaceName,\n },\n },\n { provider },\n )\n\n const clusterRole = new rbac.v1.ClusterRole(\n name,\n {\n metadata: {\n name: interpolate`highstate.${namespaceName}.${name}`,\n annotations: {\n \"kubernetes.io/description\": interpolate`Created by Highstate for the ServiceAccount \"${name}\" in the namespace \"${namespaceName}\".`,\n },\n },\n rules: normalizeInputs(args.rule, args.rules),\n },\n { provider },\n )\n\n const createRoleBinding = (namespace: Input<string>) => {\n return new rbac.v1.RoleBinding(\n name,\n {\n metadata: { name, namespace },\n roleRef: {\n kind: \"ClusterRole\",\n name: clusterRole.metadata.name,\n apiGroup: \"rbac.authorization.k8s.io\",\n },\n subjects: [\n {\n kind: \"ServiceAccount\",\n name: serviceAccount.metadata.name,\n namespace: namespaceName,\n },\n ],\n },\n { provider },\n )\n }\n\n if (args.allowOriginNamespace ?? true) {\n createRoleBinding(namespaceName)\n }\n\n output(args.extraNamespaces ?? [])\n .apply(map(getNamespaceName))\n .apply(map(createRoleBinding))\n\n return { serviceAccount, kubeconfig: cluster.kubeconfig }\n })\n\n const accessTokenSecret = Secret.create(`${name}-token`, {\n namespace: args.namespace,\n type: \"kubernetes.io/service-account-token\",\n metadata: {\n annotations: {\n \"kubernetes.io/service-account.name\": serviceAccount.metadata.name,\n },\n },\n })\n\n this.cluster = output({\n cluster: output(args.namespace).cluster,\n kubeconfig,\n newToken: accessTokenSecret.getValue(\"token\"),\n serviceAccount: serviceAccount.metadata.name,\n }).apply(({ cluster, kubeconfig, newToken, serviceAccount }) => {\n const config = new KubeConfig()\n config.loadFromString(kubeconfig)\n\n // clear all existing contexts and users\n config.users = []\n config.contexts = []\n\n config.addUser({ name: serviceAccount, token: newToken })\n\n config.addContext({\n name: config.clusters[0].name,\n cluster: config.clusters[0].name,\n user: serviceAccount,\n })\n\n config.setCurrentContext(config.clusters[0].name)\n\n return {\n ...cluster,\n kubeconfig: stringify(JSON.parse(config.exportConfig())),\n }\n })\n }\n\n /**\n * Creates `ClusterAccessScope` for the given resources with the specified verbs.\n *\n * All resources must belong to the same namespace in the same cluster.\n *\n * @param name The name of the resource and the ServiceAccount.\n * @param resources The resources to create access scope for.\n * @param verbs The verbs to allow on the resources.\n */\n static async forResources(\n name: string,\n args: ClusterAccessScopeForResourcesArgs,\n opts?: ComponentResourceOptions,\n ): Promise<ClusterAccessScope> {\n const resolved = await toPromise(\n output(args.resources).apply(resources =>\n resources.map(r => ({\n namespaceId: r.namespace.metadata.uid,\n namespace: r.namespace,\n metadata: r.metadata,\n apiVersion: r.apiVersion,\n kind: r.kind,\n })),\n ),\n )\n\n if (resolved.length === 0) {\n throw new Error(\"No resources provided to forResources.\")\n }\n\n if (unique(resolved.map(r => r.namespaceId)).length > 1) {\n throw new Error(\"All resources must belong to the same namespace.\")\n }\n\n const saNamespaceId = await toPromise(output(args.namespace).metadata.uid)\n\n if (resolved[0].namespaceId !== saNamespaceId) {\n throw new Error(\"The resources must belong to the same namespace as the ServiceAccount.\")\n }\n\n if (args.collectionAccess) {\n // when collection access is requested, we only need to know the types and api groups\n const uniqueTypes = unique(resolved.map(r => `${r.apiVersion}::${r.kind}`))\n\n return new ClusterAccessScope(\n name,\n {\n namespace: args.namespace,\n rules: uniqueTypes.map(t => {\n const [apiVersion, kind] = t.split(\"::\")\n\n return {\n apiGroups: apiVersion === \"v1\" ? [\"\"] : [apiVersion.split(\"/\")[0]],\n resources: [`${kind.toLowerCase()}s`],\n verbs: args.verbs,\n }\n }),\n },\n opts,\n )\n }\n\n return new ClusterAccessScope(\n name,\n {\n namespace: args.namespace,\n rules: resolved.map(r => ({\n apiGroups: r.apiVersion === \"v1\" ? [\"\"] : [r.apiVersion.split(\"/\")[0]],\n resources: [r.kind.toLowerCase() + (r.metadata?.name ? \"s\" : \"\")],\n resourceNames: r.metadata?.name ? [r.metadata.name] : undefined,\n verbs: args.verbs,\n })),\n },\n opts,\n )\n }\n}\n"]}
package/dist/{chunk-77AY36LR.js → chunk-C6WHUOC3.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { Secret } from './chunk-LR6OTL6T.js';
2
- import { Namespace, mapMetadata, commonExtraArgs, getProvider } from './chunk-UHWJ2GDK.js';
1
+ import { Secret } from './chunk-VJL2BFKO.js';
2
+ import { Namespace, mapMetadata, commonExtraArgs, getProvider } from './chunk-SEWB4FUB.js';
3
3
  import { cert_manager } from '@highstate/cert-manager';
4
4
  import { getOrCreate } from '@highstate/contract';
5
5
  import { ComponentResource, output, toPromise, interpolate } from '@highstate/pulumi';
@@ -237,5 +237,5 @@ var ExternalCertificate = class extends Certificate {
237
237
  };
238
238
 
239
239
  export { Certificate };
240
- //# sourceMappingURL=chunk-77AY36LR.js.map
241
- //# sourceMappingURL=chunk-77AY36LR.js.map
240
+ //# sourceMappingURL=chunk-C6WHUOC3.js.map
241
+ //# sourceMappingURL=chunk-C6WHUOC3.js.map
package/dist/{chunk-77AY36LR.js.map → chunk-C6WHUOC3.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/tls.ts"],"names":[],"mappings":";;;;;;;AA+BO,IAAe,WAAA,GAAf,MAAe,YAAA,SAAoB,iBAAA,CAAkB;AAAA,EAGhD,WAAA,CACR,MACiB,IAAA,EACjB,IAAA,EACA,MAKS,SAAA,EAKA,QAAA,EAKA,MAKA,MAAA,EACT;AACA,IAAA,KAAA,CAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAxBX,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAOR,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAKA,IAAA,IAAA,CAAA,QAAA,GAAA,QAAA;AAKA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAGX;AAAA,EA7BQ,OAAA;AAAA;AAAA;AAAA;AAAA,EAkCR,IAAI,OAAA,GAA+B;AACjC,IAAA,OAAO,KAAK,SAAA,CAAU,OAAA;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAqC;AACvC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,IAAA,EAAM,aAAA;AAAA,MACN,SAAA,EAAW,KAAK,OAAA,CAAQ,EAAA;AAAA,MACxB,WAAA,EAAa,KAAK,OAAA,CAAQ,IAAA;AAAA,MAC1B,UAAU,IAAA,CAAK;AAAA,KAChB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAyB;AAC3B,IAAA,IAAI,KAAK,OAAA,EAAS;AAChB,MAAA,OAAO,IAAA,CAAK,OAAA;AAAA,IACd;AAEA,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO;AAAA,MACpB,YAAY,IAAA,CAAK,IAAA,CAAK,KAAA,CAAM,CAAA,IAAA,KAAQ,KAAK,UAAU,CAAA;AAAA,MACnD,WAAW,IAAA,CAAK;AAAA,KACjB,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,UAAA,EAAY,WAAU,KAAM;AACtC,MAAA,OAAO,MAAA,CAAO,GAAA,CAAI,CAAA,EAAG,IAAA,CAAK,IAAI,CAAA,OAAA,CAAA,EAAW;AAAA,QACvC,IAAA,EAAM,UAAA;AAAA,QACN;AAAA,OACD,CAAA;AAAA,IACH,CAAC,CAAA;AAED,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC/F,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,iBAAiB,IAAA,EAAM;AAAA,QAChC,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACsB;AACtB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,aAAY,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IACjF;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC9F,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,mBAAA,CAAoB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,OAAwB,gBAAA,mBAAmB,IAAI,GAAA,EAAyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaxE,OAAO,GAAA,CAAI,MAAA,EAAyB,OAAA,EAA0C;AAC5E,IAAA,OAAO,WAAA;AAAA,MACL,YAAA,CAAY,gBAAA;AAAA,MACZ,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,YAAA,CAAY,IAAI,IAAA,EAAM;AAAA,UAC3B,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,gBAAA,CAAiB,MAAA,EAAQ,OAAO;AAAA,SACtD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACsB;AACtB,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAC7C,IAAA,OAAO,YAAA,CAAY,GAAA,CAAI,cAAA,EAAgB,MAAA,CAAO,OAAO,CAAC,CAAA;AAAA,EACxD;AACF;AAEA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,aAAa,EAAA,CAAG,WAAA;AAAA,QACzB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,eAAe;AAAA,SAClC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,2BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAEA,IAAM,gBAAA,GAAN,cAA+B,WAAA,CAAY;AAAA,EACzC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,aAAa,EAAA,CAAG,gBAAA;AAAA,QACzB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,eAAe;AAAA,SAClC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,gCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAcA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA;AAAA,MACE,kCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,QAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE;AAAA,KAC3B;AAAA,EACF;AACF,CAAA;AAcA,IAAM,mBAAA,GAAN,cAAkC,WAAA,CAAY;AAAA,EAC5C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA+B,IAAA,EAAiC;AACxF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,YAAA,CAAa,GAAG,WAAA,CAAY,GAAA;AAAA,QACjC,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,mCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA","file":"chunk-77AY36LR.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { types } from \"@pulumi/kubernetes\"\nimport { cert_manager, type types as cmTypes } from \"@highstate/cert-manager\"\nimport { getOrCreate } from \"@highstate/contract\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { omit } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport { Secret } from \"./secret\"\nimport { commonExtraArgs, getProvider, mapMetadata, type ScopedResourceArgs } from \"./shared\"\n\nexport type CertificateArgs = ScopedResourceArgs & cmTypes.input.cert_manager.v1.CertificateSpec\n\nexport type CreateOrGetCertificateArgs = CertificateArgs & {\n /**\n * The certificate entity to patch/retrieve.\n */\n existing: Input<k8s.Certificate> | undefined\n}\n\n/**\n * Represents a cert-manager Certificate resource with metadata and secret.\n */\nexport abstract class Certificate extends ComponentResource {\n private _secret?: Output<Secret>\n\n protected constructor(\n type: string,\n private readonly name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The namespace where the certificate is located.\n */\n readonly namespace: Output<Namespace>,\n\n /**\n * The metadata of the underlying cert-manager certificate.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying cert-manager certificate.\n */\n readonly spec: Output<cmTypes.output.cert_manager.v1.CertificateSpec>,\n\n /**\n * The status of the underlying cert-manager certificate.\n */\n readonly status: Output<cmTypes.output.cert_manager.v1.CertificateStatus>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * The cluster where the certificate is located.\n */\n get cluster(): Output<k8s.Cluster> {\n return this.namespace.cluster\n }\n\n /**\n * The Highstate certificate entity.\n */\n get entity(): Output<k8s.ScopedResource> {\n return output({\n type: \"certificate\",\n clusterId: this.cluster.id,\n clusterName: this.cluster.name,\n metadata: this.metadata,\n })\n }\n\n /**\n * The secret containing the certificate data.\n */\n get secret(): Output<Secret> {\n if (this._secret) {\n return this._secret\n }\n\n this._secret = output({\n secretName: this.spec.apply(spec => spec.secretName),\n namespace: this.namespace,\n }).apply(({ secretName, namespace }) => {\n return Secret.get(`${this.name}.secret`, {\n name: secretName,\n namespace,\n })\n })\n\n return this._secret\n }\n\n /**\n * Creates a new certificate.\n */\n static create(name: string, args: CertificateArgs, opts?: ComponentResourceOptions): Certificate {\n return new CreatedCertificate(name, args, opts)\n }\n\n /**\n * Creates a new certificate or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the certificate name.\n * @param args The arguments to create or patch the certificate with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Certificate {\n if (args.existing) {\n return new CertificatePatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedCertificate(name, args, opts)\n }\n\n /**\n * Creates a new certificate or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the certificate name. Will not be used when existing certificate is retrieved.\n * @param args The arguments to create or get the certificate with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Promise<Certificate> {\n if (args.existing) {\n return await Certificate.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedCertificate(name, args, opts)\n }\n\n /**\n * Patches an existing certificate.\n *\n * Will throw an error if the certificate does not exist.\n *\n * @param name The name of the resource. May not be the same as the certificate name.\n * @param args The arguments to patch the certificate with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: CertificateArgs, opts?: ComponentResourceOptions): Certificate {\n return new CertificatePatch(name, args, opts)\n }\n\n /**\n * Wraps an existing cert-manager certificate.\n */\n static wrap(\n name: string,\n args: WrappedCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Certificate {\n return new WrappedCertificate(name, args, opts)\n }\n\n /**\n * Gets an existing certificate.\n *\n * Will throw an error if the certificate does not exist.\n */\n static get(\n name: string,\n args: ExternalCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Certificate {\n return new ExternalCertificate(name, args, opts)\n }\n\n private static readonly certificateCache = new Map<string, Certificate>()\n\n /**\n * Gets an existing certificate for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the certificate for.\n * @param cluster The cluster where the certificate is located.\n */\n static for(entity: k8s.Certificate, cluster: Input<k8s.Cluster>): Certificate {\n return getOrCreate(\n Certificate.certificateCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return Certificate.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResourceAsync(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing certificate for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the certificate for.\n * @param cluster The cluster where the certificate is located.\n */\n static async forAsync(\n entity: Input<k8s.Certificate>,\n cluster: Input<k8s.Cluster>,\n ): Promise<Certificate> {\n const resolvedEntity = await toPromise(entity)\n return Certificate.for(resolvedEntity, output(cluster))\n }\n}\n\nclass CreatedCertificate extends Certificate {\n constructor(name: string, args: CertificateArgs, opts?: ComponentResourceOptions) {\n const certificate = output(args.namespace).cluster.apply(cluster => {\n return new cert_manager.v1.Certificate(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: omit(args, commonExtraArgs),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:Certificate\",\n name,\n args,\n opts,\n\n output(args.namespace),\n certificate.metadata as Output<types.output.meta.v1.ObjectMeta>,\n certificate.spec,\n certificate.status,\n )\n }\n}\n\nclass CertificatePatch extends Certificate {\n constructor(name: string, args: CertificateArgs, opts?: ComponentResourceOptions) {\n const certificate = output(args.namespace).cluster.apply(cluster => {\n return new cert_manager.v1.CertificatePatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: omit(args, commonExtraArgs),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:CertificatePatch\",\n name,\n args,\n opts,\n\n output(args.namespace),\n certificate.metadata as Output<types.output.meta.v1.ObjectMeta>,\n certificate.spec,\n certificate.status,\n )\n }\n}\n\nexport type WrappedCertificateArgs = {\n /**\n * The underlying cert-manager certificate to wrap.\n */\n certificate: Input<cert_manager.v1.Certificate>\n\n /**\n * The namespace where the certificate is located.\n */\n namespace: Input<Namespace>\n}\n\nclass WrappedCertificate extends Certificate {\n constructor(name: string, args: WrappedCertificateArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedCertificate\",\n name,\n args,\n opts,\n\n output(args.namespace),\n output(args.certificate).metadata as Output<types.output.meta.v1.ObjectMeta>,\n output(args.certificate).spec,\n output(args.certificate).status,\n )\n }\n}\n\nexport type ExternalCertificateArgs = {\n /**\n * The name of the certificate to get.\n */\n name: Input<string>\n\n /**\n * The namespace of the certificate to get.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalCertificate extends Certificate {\n constructor(name: string, args: ExternalCertificateArgs, opts?: ComponentResourceOptions) {\n const certificate = output(args.namespace).cluster.apply(cluster => {\n return cert_manager.v1.Certificate.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalCertificate\",\n name,\n args,\n opts,\n\n output(args.namespace),\n certificate.metadata as Output<types.output.meta.v1.ObjectMeta>,\n certificate.spec,\n certificate.status,\n )\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/tls.ts"],"names":[],"mappings":";;;;;;;AA+BO,IAAe,WAAA,GAAf,MAAe,YAAA,SAAoB,iBAAA,CAAkB;AAAA,EAGhD,WAAA,CACR,MACiB,IAAA,EACjB,IAAA,EACA,MAKS,SAAA,EAKA,QAAA,EAKA,MAKA,MAAA,EACT;AACA,IAAA,KAAA,CAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAxBX,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAOR,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAKA,IAAA,IAAA,CAAA,QAAA,GAAA,QAAA;AAKA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAGX;AAAA,EA7BQ,OAAA;AAAA;AAAA;AAAA;AAAA,EAkCR,IAAI,OAAA,GAA+B;AACjC,IAAA,OAAO,KAAK,SAAA,CAAU,OAAA;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAqC;AACvC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,IAAA,EAAM,aAAA;AAAA,MACN,SAAA,EAAW,KAAK,OAAA,CAAQ,EAAA;AAAA,MACxB,WAAA,EAAa,KAAK,OAAA,CAAQ,IAAA;AAAA,MAC1B,UAAU,IAAA,CAAK;AAAA,KAChB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAyB;AAC3B,IAAA,IAAI,KAAK,OAAA,EAAS;AAChB,MAAA,OAAO,IAAA,CAAK,OAAA;AAAA,IACd;AAEA,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO;AAAA,MACpB,YAAY,IAAA,CAAK,IAAA,CAAK,KAAA,CAAM,CAAA,IAAA,KAAQ,KAAK,UAAU,CAAA;AAAA,MACnD,WAAW,IAAA,CAAK;AAAA,KACjB,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,UAAA,EAAY,WAAU,KAAM;AACtC,MAAA,OAAO,MAAA,CAAO,GAAA,CAAI,CAAA,EAAG,IAAA,CAAK,IAAI,CAAA,OAAA,CAAA,EAAW;AAAA,QACvC,IAAA,EAAM,UAAA;AAAA,QACN;AAAA,OACD,CAAA;AAAA,IACH,CAAC,CAAA;AAED,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC/F,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,iBAAiB,IAAA,EAAM;AAAA,QAChC,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACsB;AACtB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,aAAY,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IACjF;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC9F,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,mBAAA,CAAoB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,OAAwB,gBAAA,mBAAmB,IAAI,GAAA,EAAyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaxE,OAAO,GAAA,CAAI,MAAA,EAAyB,OAAA,EAA0C;AAC5E,IAAA,OAAO,WAAA;AAAA,MACL,YAAA,CAAY,gBAAA;AAAA,MACZ,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,YAAA,CAAY,IAAI,IAAA,EAAM;AAAA,UAC3B,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,gBAAA,CAAiB,MAAA,EAAQ,OAAO;AAAA,SACtD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACsB;AACtB,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAC7C,IAAA,OAAO,YAAA,CAAY,GAAA,CAAI,cAAA,EAAgB,MAAA,CAAO,OAAO,CAAC,CAAA;AAAA,EACxD;AACF;AAEA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,aAAa,EAAA,CAAG,WAAA;AAAA,QACzB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,eAAe;AAAA,SAClC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,2BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAEA,IAAM,gBAAA,GAAN,cAA+B,WAAA,CAAY;AAAA,EACzC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,aAAa,EAAA,CAAG,gBAAA;AAAA,QACzB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,eAAe;AAAA,SAClC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,gCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAcA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA;AAAA,MACE,kCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,QAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE;AAAA,KAC3B;AAAA,EACF;AACF,CAAA;AAcA,IAAM,mBAAA,GAAN,cAAkC,WAAA,CAAY;AAAA,EAC5C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA+B,IAAA,EAAiC;AACxF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,YAAA,CAAa,GAAG,WAAA,CAAY,GAAA;AAAA,QACjC,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,mCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,WAAA,CAAY,QAAA;AAAA,MACZ,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA","file":"chunk-C6WHUOC3.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { types } from \"@pulumi/kubernetes\"\nimport { cert_manager, type types as cmTypes } from \"@highstate/cert-manager\"\nimport { getOrCreate } from \"@highstate/contract\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { omit } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport { Secret } from \"./secret\"\nimport { commonExtraArgs, getProvider, mapMetadata, type ScopedResourceArgs } from \"./shared\"\n\nexport type CertificateArgs = ScopedResourceArgs & cmTypes.input.cert_manager.v1.CertificateSpec\n\nexport type CreateOrGetCertificateArgs = CertificateArgs & {\n /**\n * The certificate entity to patch/retrieve.\n */\n existing: Input<k8s.Certificate> | undefined\n}\n\n/**\n * Represents a cert-manager Certificate resource with metadata and secret.\n */\nexport abstract class Certificate extends ComponentResource {\n private _secret?: Output<Secret>\n\n protected constructor(\n type: string,\n private readonly name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The namespace where the certificate is located.\n */\n readonly namespace: Output<Namespace>,\n\n /**\n * The metadata of the underlying cert-manager certificate.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying cert-manager certificate.\n */\n readonly spec: Output<cmTypes.output.cert_manager.v1.CertificateSpec>,\n\n /**\n * The status of the underlying cert-manager certificate.\n */\n readonly status: Output<cmTypes.output.cert_manager.v1.CertificateStatus>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * The cluster where the certificate is located.\n */\n get cluster(): Output<k8s.Cluster> {\n return this.namespace.cluster\n }\n\n /**\n * The Highstate certificate entity.\n */\n get entity(): Output<k8s.ScopedResource> {\n return output({\n type: \"certificate\",\n clusterId: this.cluster.id,\n clusterName: this.cluster.name,\n metadata: this.metadata,\n })\n }\n\n /**\n * The secret containing the certificate data.\n */\n get secret(): Output<Secret> {\n if (this._secret) {\n return this._secret\n }\n\n this._secret = output({\n secretName: this.spec.apply(spec => spec.secretName),\n namespace: this.namespace,\n }).apply(({ secretName, namespace }) => {\n return Secret.get(`${this.name}.secret`, {\n name: secretName,\n namespace,\n })\n })\n\n return this._secret\n }\n\n /**\n * Creates a new certificate.\n */\n static create(name: string, args: CertificateArgs, opts?: ComponentResourceOptions): Certificate {\n return new CreatedCertificate(name, args, opts)\n }\n\n /**\n * Creates a new certificate or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the certificate name.\n * @param args The arguments to create or patch the certificate with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Certificate {\n if (args.existing) {\n return new CertificatePatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedCertificate(name, args, opts)\n }\n\n /**\n * Creates a new certificate or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the certificate name. Will not be used when existing certificate is retrieved.\n * @param args The arguments to create or get the certificate with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Promise<Certificate> {\n if (args.existing) {\n return await Certificate.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedCertificate(name, args, opts)\n }\n\n /**\n * Patches an existing certificate.\n *\n * Will throw an error if the certificate does not exist.\n *\n * @param name The name of the resource. May not be the same as the certificate name.\n * @param args The arguments to patch the certificate with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: CertificateArgs, opts?: ComponentResourceOptions): Certificate {\n return new CertificatePatch(name, args, opts)\n }\n\n /**\n * Wraps an existing cert-manager certificate.\n */\n static wrap(\n name: string,\n args: WrappedCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Certificate {\n return new WrappedCertificate(name, args, opts)\n }\n\n /**\n * Gets an existing certificate.\n *\n * Will throw an error if the certificate does not exist.\n */\n static get(\n name: string,\n args: ExternalCertificateArgs,\n opts?: ComponentResourceOptions,\n ): Certificate {\n return new ExternalCertificate(name, args, opts)\n }\n\n private static readonly certificateCache = new Map<string, Certificate>()\n\n /**\n * Gets an existing certificate for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the certificate for.\n * @param cluster The cluster where the certificate is located.\n */\n static for(entity: k8s.Certificate, cluster: Input<k8s.Cluster>): Certificate {\n return getOrCreate(\n Certificate.certificateCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return Certificate.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResourceAsync(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing certificate for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the certificate for.\n * @param cluster The cluster where the certificate is located.\n */\n static async forAsync(\n entity: Input<k8s.Certificate>,\n cluster: Input<k8s.Cluster>,\n ): Promise<Certificate> {\n const resolvedEntity = await toPromise(entity)\n return Certificate.for(resolvedEntity, output(cluster))\n }\n}\n\nclass CreatedCertificate extends Certificate {\n constructor(name: string, args: CertificateArgs, opts?: ComponentResourceOptions) {\n const certificate = output(args.namespace).cluster.apply(cluster => {\n return new cert_manager.v1.Certificate(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: omit(args, commonExtraArgs),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:Certificate\",\n name,\n args,\n opts,\n\n output(args.namespace),\n certificate.metadata as Output<types.output.meta.v1.ObjectMeta>,\n certificate.spec,\n certificate.status,\n )\n }\n}\n\nclass CertificatePatch extends Certificate {\n constructor(name: string, args: CertificateArgs, opts?: ComponentResourceOptions) {\n const certificate = output(args.namespace).cluster.apply(cluster => {\n return new cert_manager.v1.CertificatePatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: omit(args, commonExtraArgs),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:CertificatePatch\",\n name,\n args,\n opts,\n\n output(args.namespace),\n certificate.metadata as Output<types.output.meta.v1.ObjectMeta>,\n certificate.spec,\n certificate.status,\n )\n }\n}\n\nexport type WrappedCertificateArgs = {\n /**\n * The underlying cert-manager certificate to wrap.\n */\n certificate: Input<cert_manager.v1.Certificate>\n\n /**\n * The namespace where the certificate is located.\n */\n namespace: Input<Namespace>\n}\n\nclass WrappedCertificate extends Certificate {\n constructor(name: string, args: WrappedCertificateArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedCertificate\",\n name,\n args,\n opts,\n\n output(args.namespace),\n output(args.certificate).metadata as Output<types.output.meta.v1.ObjectMeta>,\n output(args.certificate).spec,\n output(args.certificate).status,\n )\n }\n}\n\nexport type ExternalCertificateArgs = {\n /**\n * The name of the certificate to get.\n */\n name: Input<string>\n\n /**\n * The namespace of the certificate to get.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalCertificate extends Certificate {\n constructor(name: string, args: ExternalCertificateArgs, opts?: ComponentResourceOptions) {\n const certificate = output(args.namespace).cluster.apply(cluster => {\n return cert_manager.v1.Certificate.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalCertificate\",\n name,\n args,\n opts,\n\n output(args.namespace),\n certificate.metadata as Output<types.output.meta.v1.ObjectMeta>,\n certificate.spec,\n certificate.status,\n )\n }\n}\n"]}
package/dist/{chunk-Q35R54GK.js → chunk-EACAK6W4.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { Service } from './chunk-DJE2YX64.js';
2
- import { commonExtraArgs, Namespace, mapMetadata, getProvider } from './chunk-UHWJ2GDK.js';
1
+ import { Service } from './chunk-3CKMDTYK.js';
2
+ import { commonExtraArgs, Namespace, mapMetadata, getProvider } from './chunk-SEWB4FUB.js';
3
3
  import { output, ComponentResource, toPromise, interpolate, normalizeInputsAndMap, normalizeInputs, normalize } from '@highstate/pulumi';
4
4
  import { parseL3Endpoint } from '@highstate/common';
5
5
  import { getOrCreate } from '@highstate/contract';
@@ -434,5 +434,5 @@ var UdpRoute = class extends ComponentResource {
434
434
  };
435
435
 
436
436
  export { Gateway, HttpRoute, TcpRoute, UdpRoute, mapHttpRouteRuleMatch, resolveBackendRef };
437
- //# sourceMappingURL=chunk-Q35R54GK.js.map
438
- //# sourceMappingURL=chunk-Q35R54GK.js.map
437
+ //# sourceMappingURL=chunk-EACAK6W4.js.map
438
+ //# sourceMappingURL=chunk-EACAK6W4.js.map