@highstate/k8s 0.15.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (96) hide show
  1. package/dist/chunk-22GOWZQP.js +286 -0
  2. package/dist/chunk-22GOWZQP.js.map +1 -0
  3. package/dist/{chunk-VJL2BFKO.js → chunk-4G6LLC2X.js} +13 -24
  4. package/dist/chunk-4G6LLC2X.js.map +1 -0
  5. package/dist/{chunk-C6WHUOC3.js → chunk-BR2CLUUD.js} +15 -26
  6. package/dist/chunk-BR2CLUUD.js.map +1 -0
  7. package/dist/{chunk-EACAK6W4.js → chunk-DCUMJSO6.js} +17 -28
  8. package/dist/chunk-DCUMJSO6.js.map +1 -0
  9. package/dist/{chunk-NWXKLVBC.js → chunk-HJKJHTJM.js} +20 -30
  10. package/dist/chunk-HJKJHTJM.js.map +1 -0
  11. package/dist/{chunk-7H4L3DFC.js → chunk-KMLRI5UZ.js} +57 -70
  12. package/dist/chunk-KMLRI5UZ.js.map +1 -0
  13. package/dist/{chunk-6ACIPGW4.js → chunk-LGHFSXNT.js} +12 -13
  14. package/dist/chunk-LGHFSXNT.js.map +1 -0
  15. package/dist/{chunk-SEWB4FUB.js → chunk-OBDQONMV.js} +64 -23
  16. package/dist/chunk-OBDQONMV.js.map +1 -0
  17. package/dist/chunk-SL5CBM3A.js +301 -0
  18. package/dist/chunk-SL5CBM3A.js.map +1 -0
  19. package/dist/{chunk-3CKMDTYK.js → chunk-TWBMG6TD.js} +68 -91
  20. package/dist/chunk-TWBMG6TD.js.map +1 -0
  21. package/dist/{chunk-YTRQ6JRU.js → chunk-XRIC6EJ3.js} +159 -94
  22. package/dist/chunk-XRIC6EJ3.js.map +1 -0
  23. package/dist/{chunk-O64YZLA4.js → chunk-ZBFWQHE4.js} +21 -30
  24. package/dist/chunk-ZBFWQHE4.js.map +1 -0
  25. package/dist/{chunk-4VGISFL4.js → chunk-ZHVKK2U6.js} +12 -11
  26. package/dist/chunk-ZHVKK2U6.js.map +1 -0
  27. package/dist/cron-job-LX35I6HG.js +8 -0
  28. package/dist/cron-job-LX35I6HG.js.map +1 -0
  29. package/dist/deployment-HRJGAEJR.js +8 -0
  30. package/dist/{deployment-THUD5QUH.js.map → deployment-HRJGAEJR.js.map} +1 -1
  31. package/dist/highstate.manifest.json +2 -3
  32. package/dist/impl/gateway-route.js +10 -10
  33. package/dist/impl/gateway-route.js.map +1 -1
  34. package/dist/impl/tls-certificate.js +3 -3
  35. package/dist/index.js +39 -627
  36. package/dist/index.js.map +1 -1
  37. package/dist/job-J4BKBVQD.js +8 -0
  38. package/dist/job-J4BKBVQD.js.map +1 -0
  39. package/dist/stateful-set-LAJR5RL4.js +8 -0
  40. package/dist/{stateful-set-ABCZML4L.js.map → stateful-set-LAJR5RL4.js.map} +1 -1
  41. package/dist/units/cert-manager/index.js +7 -7
  42. package/dist/units/cluster-patch/index.js +9 -18
  43. package/dist/units/cluster-patch/index.js.map +1 -1
  44. package/dist/units/dns01-issuer/index.js +6 -6
  45. package/dist/units/dns01-issuer/index.js.map +1 -1
  46. package/dist/units/existing-cluster/index.js +19 -9
  47. package/dist/units/existing-cluster/index.js.map +1 -1
  48. package/dist/units/gateway-api/index.js +2 -2
  49. package/dist/units/gateway-api/index.js.map +1 -1
  50. package/dist/units/reduced-access-cluster/index.js +18 -25
  51. package/dist/units/reduced-access-cluster/index.js.map +1 -1
  52. package/package.json +6 -11
  53. package/src/cluster.ts +14 -14
  54. package/src/config-map.ts +16 -30
  55. package/src/container.ts +1 -1
  56. package/src/cron-job.ts +23 -41
  57. package/src/deployment.ts +23 -30
  58. package/src/gateway/gateway.ts +21 -29
  59. package/src/helm.ts +7 -8
  60. package/src/impl/gateway-route.ts +5 -13
  61. package/src/job.ts +20 -38
  62. package/src/namespace.ts +18 -22
  63. package/src/network-policy.ts +37 -36
  64. package/src/network.ts +18 -10
  65. package/src/pvc.ts +12 -28
  66. package/src/rbac.ts +75 -97
  67. package/src/scripting/bundle.ts +3 -3
  68. package/src/scripting/environment.ts +3 -3
  69. package/src/secret.ts +16 -30
  70. package/src/service.ts +86 -105
  71. package/src/shared.ts +82 -20
  72. package/src/stateful-set.ts +17 -28
  73. package/src/tls.ts +20 -31
  74. package/src/units/cluster-patch/index.ts +9 -19
  75. package/src/units/dns01-issuer/index.ts +6 -6
  76. package/src/units/existing-cluster/index.ts +28 -10
  77. package/src/units/gateway-api/index.ts +1 -1
  78. package/src/units/reduced-access-cluster/index.ts +16 -24
  79. package/src/worker.ts +7 -5
  80. package/src/workload.ts +172 -28
  81. package/dist/chunk-3CKMDTYK.js.map +0 -1
  82. package/dist/chunk-4VGISFL4.js.map +0 -1
  83. package/dist/chunk-6ACIPGW4.js.map +0 -1
  84. package/dist/chunk-7H4L3DFC.js.map +0 -1
  85. package/dist/chunk-C6WHUOC3.js.map +0 -1
  86. package/dist/chunk-EACAK6W4.js.map +0 -1
  87. package/dist/chunk-NWXKLVBC.js.map +0 -1
  88. package/dist/chunk-O64YZLA4.js.map +0 -1
  89. package/dist/chunk-SEWB4FUB.js.map +0 -1
  90. package/dist/chunk-VJL2BFKO.js.map +0 -1
  91. package/dist/chunk-YTRQ6JRU.js.map +0 -1
  92. package/dist/deployment-THUD5QUH.js +0 -8
  93. package/dist/stateful-set-ABCZML4L.js +0 -8
  94. package/dist/units/cluster-dns/index.js +0 -37
  95. package/dist/units/cluster-dns/index.js.map +0 -1
  96. package/src/units/cluster-dns/index.ts +0 -37
package/dist/{chunk-EACAK6W4.js → chunk-DCUMJSO6.js} RENAMED
@@ -1,7 +1,7 @@
1
- import { Service } from './chunk-3CKMDTYK.js';
2
- import { commonExtraArgs, Namespace, mapMetadata, getProvider } from './chunk-SEWB4FUB.js';
3
- import { output, ComponentResource, toPromise, interpolate, normalizeInputsAndMap, normalizeInputs, normalize } from '@highstate/pulumi';
4
- import { parseL3Endpoint } from '@highstate/common';
1
+ import { Service } from './chunk-TWBMG6TD.js';
2
+ import { commonExtraArgs, NamespacedResource, Namespace, mapMetadata, getProvider } from './chunk-OBDQONMV.js';
3
+ import { output, toPromise, interpolate, ComponentResource, normalizeInputsAndMap, normalizeInputs, normalize } from '@highstate/pulumi';
4
+ import { parseEndpoint } from '@highstate/common';
5
5
  import { getOrCreate } from '@highstate/contract';
6
6
  import { gateway } from '@highstate/gateway-api';
7
7
  import { omit, pipe, map } from 'remeda';
@@ -29,30 +29,19 @@ function resolveBackendRef(ref) {
29
29
  });
30
30
  }
31
31
  var gatewayExtraArgs = [...commonExtraArgs, "fqdn", "fqdns"];
32
- var Gateway = class _Gateway extends ComponentResource {
33
- constructor(type, name, args, opts, namespace, metadata, spec, status) {
34
- super(type, name, args, opts);
35
- this.namespace = namespace;
36
- this.metadata = metadata;
32
+ var Gateway = class _Gateway extends NamespacedResource {
33
+ constructor(type, name, args, opts, metadata, namespace, spec, status) {
34
+ super(type, name, args, opts, metadata, namespace);
37
35
  this.spec = spec;
38
36
  this.status = status;
39
37
  }
40
- /**
41
- * The cluster where the gateway is located.
42
- */
43
- get cluster() {
44
- return this.namespace.cluster;
45
- }
38
+ static apiVersion = "gateway.networking.k8s.io/v1";
39
+ static kind = "Gateway";
46
40
  /**
47
41
  * The Highstate gateway entity.
48
42
  */
49
43
  get entity() {
50
- return output({
51
- type: "gateway",
52
- clusterId: this.cluster.id,
53
- clusterName: this.cluster.name,
54
- metadata: this.metadata
55
- });
44
+ return output(this.entityBase);
56
45
  }
57
46
  /**
58
47
  * Returns the endpoints L3 endpoints on which the gateway is exposed.
@@ -62,7 +51,7 @@ var Gateway = class _Gateway extends ComponentResource {
62
51
  if (!addresses) {
63
52
  return [];
64
53
  }
65
- return addresses.map((address) => parseL3Endpoint(address.value));
54
+ return addresses.map((address) => parseEndpoint(address.value));
66
55
  });
67
56
  }
68
57
  /**
@@ -228,8 +217,8 @@ var CreatedGateway = class extends Gateway {
228
217
  name,
229
218
  args,
230
219
  opts,
231
- output(args.namespace),
232
220
  gatewayResource.metadata,
221
+ output(args.namespace),
233
222
  gatewayResource.spec,
234
223
  gatewayResource.status
235
224
  );
@@ -252,8 +241,8 @@ var GatewayPatch = class extends Gateway {
252
241
  name,
253
242
  args,
254
243
  opts,
255
- output(args.namespace),
256
244
  gatewayResource.metadata,
245
+ output(args.namespace),
257
246
  gatewayResource.spec,
258
247
  gatewayResource.status
259
248
  );
@@ -266,8 +255,8 @@ var WrappedGateway = class extends Gateway {
266
255
  name,
267
256
  args,
268
257
  opts,
269
- output(args.namespace),
270
258
  output(args.gateway).metadata,
259
+ output(args.namespace),
271
260
  output(args.gateway).spec,
272
261
  output(args.gateway).status
273
262
  );
@@ -287,8 +276,8 @@ var ExternalGateway = class extends Gateway {
287
276
  name,
288
277
  args,
289
278
  opts,
290
- output(args.namespace),
291
279
  gatewayResource.metadata,
280
+ output(args.namespace),
292
281
  gatewayResource.spec,
293
282
  gatewayResource.status
294
283
  );
@@ -434,5 +423,5 @@ var UdpRoute = class extends ComponentResource {
434
423
  };
435
424
 
436
425
  export { Gateway, HttpRoute, TcpRoute, UdpRoute, mapHttpRouteRuleMatch, resolveBackendRef };
437
- //# sourceMappingURL=chunk-EACAK6W4.js.map
438
- //# sourceMappingURL=chunk-EACAK6W4.js.map
426
+ //# sourceMappingURL=chunk-DCUMJSO6.js.map
427
+ //# sourceMappingURL=chunk-DCUMJSO6.js.map
package/dist/chunk-DCUMJSO6.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/gateway/backend.ts","../src/gateway/gateway.ts","../src/gateway/http-route.ts","../src/gateway/tcp-route.ts","../src/gateway/udp-route.ts"],"names":["output","gateway","ComponentResource","normalizeInputsAndMap"],"mappings":";;;;;;;;AAoCO,SAAS,kBAAkB,GAAA,EAAiD;AACjF,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,EAAG;AAC3B,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,IAAA,EAAM,IAAI,QAAA,CAAS,IAAA;AAAA,MACnB,SAAA,EAAW,IAAI,QAAA,CAAS,SAAA;AAAA,MACxB,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE;AAAA,KACzB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,aAAa,GAAA,EAAK;AACpB,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAElC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,IAAA,EAAM,QAAQ,QAAA,CAAS,IAAA;AAAA,MACvB,SAAA,EAAW,QAAQ,QAAA,CAAS,SAAA;AAAA,MAC5B,MAAM,GAAA,CAAI;AAAA,KACX,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,MAAA,CAAO;AAAA,IACZ,MAAM,GAAA,CAAI,IAAA;AAAA,IACV,WAAW,GAAA,CAAI,SAAA;AAAA,IACf,MAAM,GAAA,CAAI;AAAA,GACX,CAAA;AACH;ACfA,IAAM,gBAAA,GAAmB,CAAC,GAAG,eAAA,EAAiB,QAAQ,OAAO,CAAA;AAKtD,IAAe,OAAA,GAAf,MAAe,QAAA,SAAgB,kBAAA,CAAmB;AAAA,EAI7C,WAAA,CACR,MACA,IAAA,EACA,IAAA,EACA,MAKA,QAAA,EACA,SAAA,EAKS,MAKA,MAAA,EACT;AACA,IAAA,KAAA,CAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,UAAU,SAAS,CAAA;AAPxC,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAGX;AAAA,EA1BA,OAAgB,UAAA,GAAa,8BAAA;AAAA,EAC7B,OAAgB,IAAA,GAAO,SAAA;AAAA;AAAA;AAAA;AAAA,EA8BvB,IAAI,MAAA,GAA8B;AAChC,IAAA,OAAOA,MAAAA,CAAO,KAAK,UAAU,CAAA;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,SAAA,GAA0C;AAC5C,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,SAAA,CAAU,KAAA,CAAM,CAAA,SAAA,KAAa;AAC9C,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,OAAO,EAAC;AAAA,MACV;AAEA,MAAA,OAAO,UAAU,GAAA,CAAI,CAAA,OAAA,KAAW,aAAA,CAAc,OAAA,CAAQ,KAAK,CAAC,CAAA;AAAA,IAC9D,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAmB,IAAA,EAA0C;AACvF,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACS;AACT,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,aAAa,IAAA,EAAM;AAAA,QAC5B,GAAG,IAAA;AAAA,QACH,IAAA,EAAMA,MAAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAUA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACkB;AAClB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,SAAQ,QAAA,CAAS,IAAA,CAAK,UAAUA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IAC7E;AAEA,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAmB,IAAA,EAA0C;AACtF,IAAA,OAAO,IAAI,YAAA,CAAa,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CAAK,IAAA,EAAc,IAAA,EAA0B,IAAA,EAA0C;AAC5F,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CAAI,IAAA,EAAc,IAAA,EAA2B,IAAA,EAA0C;AAC5F,IAAA,OAAO,IAAI,eAAA,CAAgB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC7C;AAAA,EAEA,OAAwB,YAAA,mBAAe,IAAI,GAAA,EAAqB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAahE,OAAO,GAAA,CAAI,MAAA,EAAqB,OAAA,EAAsC;AACpE,IAAA,OAAO,WAAA;AAAA,MACL,QAAA,CAAQ,YAAA;AAAA,MACR,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,QAAA,CAAQ,IAAI,IAAA,EAAM;AAAA,UACvB,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,gBAAA,CAAiB,MAAA,EAAQ,OAAO;AAAA,SACtD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CAAS,MAAA,EAA4B,OAAA,EAA+C;AAC/F,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAE7C,IAAA,OAAO,QAAA,CAAQ,GAAA,CAAI,cAAA,EAAgBA,MAAAA,CAAO,OAAO,CAAC,CAAA;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,aAAa,UAAA,CACX,IAAA,EACA,IAAA,EACkB;AAClB,IAAA,MAAM,EAAE,IAAA,EAAM,SAAA,EAAW,OAAA,EAAQ,GAAI,MAAM,SAAA,CAAU;AAAA,MACnD,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,SAAA,EAAWA,MAAAA,CAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAA;AAAA,MAC3C,OAAA,EAASA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE;AAAA,KACjC,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,SAAS,IAAI,OAAA,CAAQ,IAAI,CAAA,CAAA,EAAI,OAAA,CAAQ,EAAE,CAAA,CAAA;AAEnE,IAAA,MAAM,QAAA,GAAW,QAAA,CAAQ,YAAA,CAAa,GAAA,CAAI,QAAQ,CAAA;AAClD,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,QAAA,CAAQ,KAAA;AAAA,QACN,QAAA;AAAA,QACA;AAAA,UACE,IAAA;AAAA,UACA,WAAW,IAAA,CAAK,SAAA;AAAA,UAChB,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA;AAAA,OACF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT;AAEA,IAAA,MAAM,UAAU,QAAA,CAAQ,MAAA;AAAA,MACtB,QAAA;AAAA,MACA;AAAA,QACE,GAAG,IAAA;AAAA,QACH,IAAA;AAAA,QACA,WAAW,IAAA,CAAK;AAAA,OAClB;AAAA,MACA;AAAA,KACF;AAEA,IAAA,QAAA,CAAQ,YAAA,CAAa,GAAA,CAAI,QAAA,EAAU,OAAO,CAAA;AAC1C,IAAA,OAAO,OAAA;AAAA,EACT;AACF;AAEA,IAAM,cAAA,GAAN,cAA6B,OAAA,CAAQ;AAAA,EACnC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAmB,IAAA,EAAiC;AAC5E,IAAA,MAAM,kBAAkBA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AACtE,MAAA,OAAO,IAAI,QAAQ,EAAA,CAAG,OAAA;AAAA,QACpB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,gBAAgB;AAAA,SACnC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,uBAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,eAAA,CAAgB,QAAA;AAAA,MAChBA,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,eAAA,CAAgB,IAAA;AAAA,MAChB,eAAA,CAAgB;AAAA,KAClB;AAAA,EACF;AACF,CAAA;AAEA,IAAM,YAAA,GAAN,cAA2B,OAAA,CAAQ;AAAA,EACjC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAmB,IAAA,EAAiC;AAC5E,IAAA,MAAM,kBAAkBA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AACtE,MAAA,OAAO,IAAI,QAAQ,EAAA,CAAG,YAAA;AAAA,QACpB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,IAAA,CAAK,IAAA,EAAM,gBAAgB;AAAA,SACnC;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,4BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,eAAA,CAAgB,QAAA;AAAA,MAChBA,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,eAAA,CAAgB,IAAA;AAAA,MAChB,eAAA,CAAgB;AAAA,KAClB;AAAA,EACF;AACF,CAAA;AAcA,IAAM,cAAA,GAAN,cAA6B,OAAA,CAAQ;AAAA,EACnC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA0B,IAAA,EAAiC;AACnF,IAAA,KAAA;AAAA,MACE,8BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEAA,MAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,QAAA;AAAA,MACrBA,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrBA,MAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,MACrBA,MAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE;AAAA,KACvB;AAAA,EACF;AACF,CAAA;AAcA,IAAM,eAAA,GAAN,cAA8B,OAAA,CAAQ;AAAA,EACpC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA2B,IAAA,EAAiC;AACpF,IAAA,MAAM,kBAAkBA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AACtE,MAAA,OAAO,OAAA,CAAQ,GAAG,OAAA,CAAQ,GAAA;AAAA,QACxB,IAAA;AAAA,QACA,WAAA,CAAA,EAAcA,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,+BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,eAAA,CAAgB,QAAA;AAAA,MAChBA,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,eAAA,CAAgB,IAAA;AAAA,MAChB,eAAA,CAAgB;AAAA,KAClB;AAAA,EACF;AACF,CAAA;ACxTO,IAAM,SAAA,GAAN,cAAwB,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAI/B,KAAA;AAAA,EAEhB,WAAA,CAAY,IAAA,EAAc,IAAA,EAAqB,IAAA,EAAiC;AAC9E,IAAA,KAAA,CAAM,yBAAA,EAA2B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEjD,IAAA,IAAA,CAAK,QAAQA,MAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AACzD,MAAA,OAAO,IAAIC,QAAQ,EAAA,CAAG,SAAA;AAAA,QACpB,IAAA;AAAA,QACA;AAAA,UACE,UAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA,CAAE,MAAM,CAAA,QAAA,MAAa;AAAA,YACnD,GAAG,QAAA;AAAA,YACH,WAAWD,MAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,UAAU,QAAA,CAAS;AAAA,WACrD,CAAE,CAAA;AAAA,UACF,IAAA,EAAM;AAAA,YACJ,SAAA,EAAW,eAAA,CAAgB,IAAA,CAAK,QAAA,EAAU,KAAK,SAAS,CAAA;AAAA,YAExD,UAAA,EAAY;AAAA,cACV;AAAA,gBACE,IAAA,EAAMA,MAAAA,CAAO,IAAA,CAAK,OAAO,EAAE,QAAA,CAAS;AAAA;AACtC,aACF;AAAA,YAEA,OAAO,qBAAA,CAAsB,IAAA,CAAK,IAAA,EAAM,IAAA,CAAK,OAAO,CAAA,IAAA,MAAS;AAAA,cAC3D,UAAU,IAAA,CAAK,QAAA;AAAA,cAEf,OAAA,EAAS,IAAA;AAAA,gBACP,SAAA,CAAU,IAAA,CAAK,KAAA,EAAO,IAAA,CAAK,OAAO,CAAA;AAAA,gBAClC,IAAI,qBAAqB,CAAA;AAAA,gBACzB;AAAA,eACF;AAAA,cAEA,OAAA,EAAS,SAAA,CAAU,IAAA,CAAK,MAAA,EAAQ,KAAK,OAAO,CAAA;AAAA,cAC5C,aAAa,qBAAA,CAAsB,IAAA,CAAK,OAAA,EAAS,IAAA,CAAK,UAAU,iBAAiB;AAAA,aACnF,CAAE;AAAA;AACJ,SACF;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AAEA,SAAS,oBACP,OAAA,EACoD;AACpD,EAAA,OAAO,OAAA,CAAQ,MAAA,GAAS,OAAA,GAAU,CAAC,EAAE,IAAA,EAAM,EAAE,IAAA,EAAM,YAAA,EAAc,KAAA,EAAO,GAAA,EAAI,EAAG,CAAA;AACjF;AAEO,SAAS,sBACd,KAAA,EACkD;AAClD,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAO,EAAE,IAAA,EAAM,EAAE,MAAM,YAAA,EAAc,KAAA,EAAO,OAAM,EAAE;AAAA,EACtD;AAEA,EAAA,OAAO,KAAA;AACT;ACtGO,IAAM,QAAA,GAAN,cAAuBE,iBAAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAI9B,KAAA;AAAA,EAEhB,WAAA,CAAY,IAAA,EAAc,IAAA,EAAoB,IAAA,EAAiC;AAC7E,IAAA,KAAA,CAAM,wBAAA,EAA0B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEhD,IAAA,MAAM,aAAA,GAAgBF,MAAAA,CAAO,IAAA,CAAK,OAAO,CAAA;AAEzC,IAAA,MAAM,aAAaA,MAAAA,CAAO;AAAA,MACxB,OAAA,EAAS,aAAA;AAAA,MACT,cAAc,IAAA,CAAK;AAAA,KACpB,CAAA,CAAE,KAAA;AAAA,MACD,CAAC,EAAE,OAAA,EAAAC,QAAAA,EAAS,cAAa,KACvB;AAAA,QACE;AAAA,UACE,KAAA,EAAO,2BAAA;AAAA,UACP,IAAA,EAAM,SAAA;AAAA,UACN,IAAA,EAAMA,SAAQ,QAAA,CAAS,IAAA;AAAA,UACvB,SAAA,EAAWA,QAAAA,CAAQ,SAAA,CAAU,QAAA,CAAS,IAAA;AAAA,UACtC,WAAA,EAAa;AAAA;AACf;AACF,KACJ;AAEA,IAAA,MAAM,cAAcE,qBAAAA,CAAsB,IAAA,CAAK,OAAA,EAAS,IAAA,CAAK,UAAU,iBAAiB,CAAA;AAExF,IAAA,IAAA,CAAK,KAAA,GAAQ,aAAA,CAAc,OAAA,CAAQ,KAAA,CAAM,CAAA,OAAA,KAAW;AAClD,MAAA,OAAO,IAAIF,QAAQ,QAAA,CAAS,QAAA;AAAA,QAC1B,IAAA;AAAA,QACA;AAAA,UACE,UAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA,CAAE,MAAM,CAAA,QAAA,MAAa;AAAA,YACnD,GAAG,QAAA;AAAA,YACH,SAAA,EAAW,aAAA,CAAc,SAAA,CAAU,QAAA,CAAS;AAAA,WAC9C,CAAE,CAAA;AAAA,UACF,IAAA,EAAM;AAAA,YACJ,UAAA;AAAA,YACA,KAAA,EAAO;AAAA,cACL;AAAA,gBACE;AAAA;AACF;AACF;AACF,SACF;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AClDO,IAAM,QAAA,GAAN,cAAuBC,iBAAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAI9B,KAAA;AAAA,EAEhB,WAAA,CAAY,IAAA,EAAc,IAAA,EAAoB,IAAA,EAAiC;AAC7E,IAAA,KAAA,CAAM,wBAAA,EAA0B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEhD,IAAA,MAAM,aAAA,GAAgBF,MAAAA,CAAO,IAAA,CAAK,OAAO,CAAA;AAEzC,IAAA,MAAM,aAAaA,MAAAA,CAAO;AAAA,MACxB,OAAA,EAAS,aAAA;AAAA,MACT,cAAc,IAAA,CAAK;AAAA,KACpB,CAAA,CAAE,KAAA;AAAA,MACD,CAAC,EAAE,OAAA,EAAAC,QAAAA,EAAS,cAAa,KACvB;AAAA,QACE;AAAA,UACE,KAAA,EAAO,2BAAA;AAAA,UACP,IAAA,EAAM,SAAA;AAAA,UACN,IAAA,EAAMA,SAAQ,QAAA,CAAS,IAAA;AAAA,UACvB,SAAA,EAAWA,QAAAA,CAAQ,SAAA,CAAU,QAAA,CAAS,IAAA;AAAA,UACtC,WAAA,EAAa;AAAA;AACf;AACF,KACJ;AAEA,IAAA,MAAM,cAAcE,qBAAAA,CAAsB,IAAA,CAAK,OAAA,EAAS,IAAA,CAAK,UAAU,iBAAiB,CAAA;AAExF,IAAA,IAAA,CAAK,KAAA,GAAQ,aAAA,CAAc,OAAA,CAAQ,KAAA,CAAM,CAAA,OAAA,KAAW;AAClD,MAAA,OAAO,IAAIF,QAAQ,QAAA,CAAS,QAAA;AAAA,QAC1B,IAAA;AAAA,QACA;AAAA,UACE,UAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA,CAAE,MAAM,CAAA,QAAA,MAAa;AAAA,YACnD,GAAG,QAAA;AAAA,YACH,SAAA,EAAW,aAAA,CAAc,SAAA,CAAU,QAAA,CAAS;AAAA,WAC9C,CAAE,CAAA;AAAA,UACF,IAAA,EAAM;AAAA,YACJ,UAAA;AAAA,YACA,KAAA,EAAO;AAAA,cACL;AAAA,gBACE;AAAA;AACF;AACF;AACF,SACF;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF","file":"chunk-DCUMJSO6.js","sourcesContent":["import type { core } from \"@pulumi/kubernetes\"\nimport { type Input, type Output, output, type Unwrap } from \"@highstate/pulumi\"\nimport { Service } from \"../service\"\n\nexport interface FullBackendRef {\n /**\n * The name of the resource being referenced.\n */\n name: Input<string>\n\n /**\n * The namespace of the resource being referenced.\n * May be undefined if the resource is not in a namespace.\n */\n namespace?: Input<string | undefined>\n\n /**\n * The port of the resource being referenced.\n */\n port: Input<number>\n}\n\nexport interface ServiceBackendRef {\n /**\n * The name of the service being referenced.\n */\n service: Input<core.v1.Service>\n\n /**\n * The port of the service being referenced.\n */\n port: Input<number>\n}\n\nexport type BackendRef = FullBackendRef | ServiceBackendRef | Service\n\nexport function resolveBackendRef(ref: BackendRef): Output<Unwrap<FullBackendRef>> {\n if (Service.isInstance(ref)) {\n return output({\n name: ref.metadata.name,\n namespace: ref.metadata.namespace,\n port: ref.spec.ports[0].port,\n })\n }\n\n if (\"service\" in ref) {\n const service = output(ref.service)\n\n return output({\n name: service.metadata.name,\n namespace: service.metadata.namespace,\n port: ref.port,\n })\n }\n\n return output({\n name: ref.name,\n namespace: ref.namespace,\n port: ref.port,\n })\n}\n","import type { k8s, network } from \"@highstate/library\"\nimport type { types } from \"@pulumi/kubernetes\"\nimport type { SetRequired } from \"type-fest\"\nimport { parseEndpoint } from \"@highstate/common\"\nimport { getOrCreate } from \"@highstate/contract\"\nimport { gateway, type types as gwTypes } from \"@highstate/gateway-api\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n type Inputs,\n interpolate,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { omit } from \"remeda\"\nimport { Namespace } from \"../namespace\"\nimport {\n commonExtraArgs,\n getProvider,\n mapMetadata,\n NamespacedResource,\n type ScopedResourceArgs,\n} from \"../shared\"\n\nexport type GatewayArgs = ScopedResourceArgs & {\n /**\n * The FQDN to configure the listeners for.\n */\n fqdn?: Input<string>\n\n /**\n * The FQDNs to configure the listeners for.\n */\n fqdns?: InputArray<string>\n} & gwTypes.input.gateway.v1.GatewaySpec\n\nexport type CreateOrGetGatewayArgs = GatewayArgs & {\n /**\n * The gateway entity to patch/retrieve.\n */\n existing: Input<k8s.Gateway> | undefined\n}\n\nconst gatewayExtraArgs = [...commonExtraArgs, \"fqdn\", \"fqdns\"] as const\n\n/**\n * Represents a Kubernetes Gateway resource.\n */\nexport abstract class Gateway extends NamespacedResource {\n static readonly apiVersion = \"gateway.networking.k8s.io/v1\"\n static readonly kind = \"Gateway\"\n\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The namespace where the gateway is located.\n */\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n namespace: Output<Namespace>,\n\n /**\n * The spec of the underlying Gateway resource.\n */\n readonly spec: Output<gwTypes.output.gateway.v1.GatewaySpec>,\n\n /**\n * The status of the underlying Gateway resource.\n */\n readonly status: Output<gwTypes.output.gateway.v1.GatewayStatus>,\n ) {\n super(type, name, args, opts, metadata, namespace)\n }\n\n /**\n * The Highstate gateway entity.\n */\n get entity(): Output<k8s.Gateway> {\n return output(this.entityBase)\n }\n\n /**\n * Returns the endpoints L3 endpoints on which the gateway is exposed.\n */\n get endpoints(): Output<network.L3Endpoint[]> {\n return this.status.addresses.apply(addresses => {\n if (!addresses) {\n return []\n }\n\n return addresses.map(address => parseEndpoint(address.value))\n })\n }\n\n /**\n * Creates a new gateway.\n */\n static create(name: string, args: GatewayArgs, opts?: ComponentResourceOptions): Gateway {\n return new CreatedGateway(name, args, opts)\n }\n\n /**\n * Creates a new gateway or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the gateway name.\n * @param args The arguments to create or patch the gateway with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetGatewayArgs,\n opts?: ComponentResourceOptions,\n ): Gateway {\n if (args.existing) {\n return new GatewayPatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedGateway(name, args, opts)\n }\n\n /**\n * Creates a new gateway or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the gateway name. Will not be used when existing gateway is retrieved.\n * @param args The arguments to create or get the gateway with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetGatewayArgs,\n opts?: ComponentResourceOptions,\n ): Promise<Gateway> {\n if (args.existing) {\n return await Gateway.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedGateway(name, args, opts)\n }\n\n /**\n * Patches an existing gateway.\n *\n * Will throw an error if the gateway does not exist.\n *\n * @param name The name of the resource. May not be the same as the gateway name.\n * @param args The arguments to patch the gateway with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: GatewayArgs, opts?: ComponentResourceOptions): Gateway {\n return new GatewayPatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes gateway.\n */\n static wrap(name: string, args: WrappedGatewayArgs, opts?: ComponentResourceOptions): Gateway {\n return new WrappedGateway(name, args, opts)\n }\n\n /**\n * Gets an existing gateway.\n *\n * Will throw an error if the gateway does not exist.\n */\n static get(name: string, args: ExternalGatewayArgs, opts?: ComponentResourceOptions): Gateway {\n return new ExternalGateway(name, args, opts)\n }\n\n private static readonly gatewayCache = new Map<string, Gateway>()\n\n /**\n * Gets an existing gateway for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{gatewayName}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the gateway for.\n * @param cluster The cluster where the gateway is located.\n */\n static for(entity: k8s.Gateway, cluster: Input<k8s.Cluster>): Gateway {\n return getOrCreate(\n Gateway.gatewayCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return Gateway.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResourceAsync(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing gateway for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{gatewayName}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the gateway for.\n * @param cluster The cluster where the gateway is located.\n */\n static async forAsync(entity: Input<k8s.Gateway>, cluster: Input<k8s.Cluster>): Promise<Gateway> {\n const resolvedEntity = await toPromise(entity)\n\n return Gateway.for(resolvedEntity, output(cluster))\n }\n\n /**\n * Creates a gateway with the provided name/namespace/cluster only once.\n *\n * It automatically names the resource with the following format: `{name}.{namespace}.{clusterName}.{clusterId}`.\n *\n * On subsequent calls the gateway is patched with the union of existing and requested listeners.\n * Only the listeners field is modified to avoid altering other spec fields.\n *\n * @param name The name of the gateway to create.\n * @param args The arguments to create the gateway with.\n * @param opts Optional resource options.\n */\n static async createOnce(\n args: SetRequired<GatewayArgs, \"name\">,\n opts?: ComponentResourceOptions,\n ): Promise<Gateway> {\n const { name, namespace, cluster } = await toPromise({\n name: args.name,\n namespace: output(args.namespace).metadata.name,\n cluster: output(args.namespace).cluster,\n })\n\n const fullName = `${name}.${namespace}.${cluster.name}.${cluster.id}`\n\n const existing = Gateway.gatewayCache.get(fullName)\n if (existing) {\n Gateway.patch(\n fullName,\n {\n name,\n namespace: args.namespace,\n listeners: args.listeners,\n },\n opts,\n )\n\n return existing\n }\n\n const created = Gateway.create(\n fullName,\n {\n ...args,\n name,\n namespace: args.namespace,\n },\n opts,\n )\n\n Gateway.gatewayCache.set(fullName, created)\n return created\n }\n}\n\nclass CreatedGateway extends Gateway {\n constructor(name: string, args: GatewayArgs, opts?: ComponentResourceOptions) {\n const gatewayResource = output(args.namespace).cluster.apply(cluster => {\n return new gateway.v1.Gateway(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: omit(args, gatewayExtraArgs),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:Gateway\",\n name,\n args,\n opts,\n\n gatewayResource.metadata as Output<types.output.meta.v1.ObjectMeta>,\n output(args.namespace),\n gatewayResource.spec,\n gatewayResource.status,\n )\n }\n}\n\nclass GatewayPatch extends Gateway {\n constructor(name: string, args: GatewayArgs, opts?: ComponentResourceOptions) {\n const gatewayResource = output(args.namespace).cluster.apply(cluster => {\n return new gateway.v1.GatewayPatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: omit(args, gatewayExtraArgs),\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:GatewayPatch\",\n name,\n args,\n opts,\n\n gatewayResource.metadata as Output<types.output.meta.v1.ObjectMeta>,\n output(args.namespace),\n gatewayResource.spec,\n gatewayResource.status,\n )\n }\n}\n\nexport type WrappedGatewayArgs = {\n /**\n * The underlying Kubernetes gateway to wrap.\n */\n gateway: Input<gateway.v1.Gateway>\n\n /**\n * The namespace where the gateway is located.\n */\n namespace: Input<Namespace>\n}\n\nclass WrappedGateway extends Gateway {\n constructor(name: string, args: WrappedGatewayArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedGateway\",\n name,\n args,\n opts,\n\n output(args.gateway).metadata as Output<types.output.meta.v1.ObjectMeta>,\n output(args.namespace),\n output(args.gateway).spec,\n output(args.gateway).status,\n )\n }\n}\n\nexport type ExternalGatewayArgs = {\n /**\n * The name of the gateway to get.\n */\n name: Input<string>\n\n /**\n * The namespace of the gateway to get.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalGateway extends Gateway {\n constructor(name: string, args: ExternalGatewayArgs, opts?: ComponentResourceOptions) {\n const gatewayResource = output(args.namespace).cluster.apply(cluster => {\n return gateway.v1.Gateway.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalGateway\",\n name,\n args,\n opts,\n\n gatewayResource.metadata as Output<types.output.meta.v1.ObjectMeta>,\n output(args.namespace),\n gatewayResource.spec,\n gatewayResource.status,\n )\n }\n}\n","import type { Gateway } from \"./gateway\"\nimport { gateway, type types } from \"@highstate/gateway-api\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n normalize,\n normalizeInputs,\n normalizeInputsAndMap,\n type Output,\n output,\n} from \"@highstate/pulumi\"\nimport { map, pipe } from \"remeda\"\nimport { getProvider, mapMetadata, type ScopedResourceArgs } from \"../shared\"\nimport { type BackendRef, resolveBackendRef } from \"./backend\"\n\nexport type HttpRouteArgs = Omit<ScopedResourceArgs, \"namespace\"> & {\n /**\n * The gateway to associate with the route.\n */\n gateway: Input<Gateway>\n\n /**\n * The alias for `hostnames: [hostname]`.\n */\n hostname?: Input<string>\n\n /**\n * The rule of the route.\n */\n rule?: Input<HttpRouteRuleArgs>\n\n /**\n * The rules of the route.\n */\n rules?: InputArray<HttpRouteRuleArgs>\n} & Omit<Partial<types.input.gateway.v1.HTTPRouteSpec>, \"rules\">\n\nexport type HttpRouteRuleArgs = Omit<\n types.input.gateway.v1.HTTPRouteSpecRules,\n \"matches\" | \"filters\" | \"backendRefs\"\n> & {\n /**\n * The conditions of the rule.\n * Can be specified as string to match on the path.\n */\n matches?: InputArray<HttpRouteRuleMatchOptions>\n\n /**\n * The condition of the rule.\n * Can be specified as string to match on the path.\n */\n match?: Input<HttpRouteRuleMatchOptions>\n\n /**\n * The filters of the rule.\n */\n filters?: InputArray<types.input.gateway.v1.HTTPRouteSpecRulesFilters>\n\n /**\n * The filter of the rule.\n */\n filter?: Input<types.input.gateway.v1.HTTPRouteSpecRulesFilters>\n\n /**\n * The service to route to.\n */\n backend?: Input<BackendRef>\n\n /**\n * The services to route to.\n */\n backends?: InputArray<BackendRef>\n}\n\nexport type HttpRouteRuleMatchOptions = types.input.gateway.v1.HTTPRouteSpecRulesMatches | string\n\nexport class HttpRoute extends ComponentResource {\n /**\n * The underlying Kubernetes resource.\n */\n public readonly route: Output<gateway.v1.HTTPRoute>\n\n constructor(name: string, args: HttpRouteArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:HttpRoute\", name, args, opts)\n\n this.route = output(args.gateway).cluster.apply(cluster => {\n return new gateway.v1.HTTPRoute(\n name,\n {\n metadata: mapMetadata(args, name).apply(metadata => ({\n ...metadata,\n namespace: output(args.gateway).namespace.metadata.name,\n })),\n spec: {\n hostnames: normalizeInputs(args.hostname, args.hostnames),\n\n parentRefs: [\n {\n name: output(args.gateway).metadata.name,\n },\n ],\n\n rules: normalizeInputsAndMap(args.rule, args.rules, rule => ({\n timeouts: rule.timeouts,\n\n matches: pipe(\n normalize(rule.match, rule.matches),\n map(mapHttpRouteRuleMatch),\n addDefaultPathMatch,\n ),\n\n filters: normalize(rule.filter, rule.filters),\n backendRefs: normalizeInputsAndMap(rule.backend, rule.backends, resolveBackendRef),\n })),\n } satisfies types.input.gateway.v1.HTTPRouteSpec,\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n }\n}\n\nfunction addDefaultPathMatch(\n matches: types.input.gateway.v1.HTTPRouteSpecRulesMatches[],\n): types.input.gateway.v1.HTTPRouteSpecRulesMatches[] {\n return matches.length ? matches : [{ path: { type: \"PathPrefix\", value: \"/\" } }]\n}\n\nexport function mapHttpRouteRuleMatch(\n match: HttpRouteRuleMatchOptions,\n): types.input.gateway.v1.HTTPRouteSpecRulesMatches {\n if (typeof match === \"string\") {\n return { path: { type: \"PathPrefix\", value: match } }\n }\n\n return match\n}\n","import type { Gateway } from \"./gateway\"\nimport { gateway, type types } from \"@highstate/gateway-api\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n normalizeInputsAndMap,\n type Output,\n output,\n} from \"@highstate/pulumi\"\nimport { getProvider, mapMetadata, type ScopedResourceArgs } from \"../shared\"\nimport { type BackendRef, resolveBackendRef } from \"./backend\"\n\nexport type TcpRouteArgs = Omit<ScopedResourceArgs, \"namespace\"> & {\n /**\n * The gateway to associate with the route.\n */\n gateway: Input<Gateway>\n\n /**\n * The name of the listener to attach the route to.\n */\n listenerName: Input<string>\n\n /**\n * The backend reference handled by the route.\n */\n backend?: Input<BackendRef>\n\n /**\n * The backend references handled by the route.\n */\n backends?: InputArray<BackendRef>\n}\n\nexport class TcpRoute extends ComponentResource {\n /**\n * The underlying Kubernetes resource.\n */\n public readonly route: Output<gateway.v1alpha2.TCPRoute>\n\n constructor(name: string, args: TcpRouteArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:TcpRoute\", name, args, opts)\n\n const gatewayOutput = output(args.gateway)\n\n const parentRefs = output({\n gateway: gatewayOutput,\n listenerName: args.listenerName,\n }).apply(\n ({ gateway, listenerName }) =>\n [\n {\n group: \"gateway.networking.k8s.io\",\n kind: \"Gateway\",\n name: gateway.metadata.name,\n namespace: gateway.namespace.metadata.name,\n sectionName: listenerName,\n },\n ] satisfies types.input.gateway.v1alpha2.TCPRouteSpecParentRefs[],\n )\n\n const backendRefs = normalizeInputsAndMap(args.backend, args.backends, resolveBackendRef)\n\n this.route = gatewayOutput.cluster.apply(cluster => {\n return new gateway.v1alpha2.TCPRoute(\n name,\n {\n metadata: mapMetadata(args, name).apply(metadata => ({\n ...metadata,\n namespace: gatewayOutput.namespace.metadata.name,\n })),\n spec: {\n parentRefs,\n rules: [\n {\n backendRefs,\n },\n ],\n } satisfies types.input.gateway.v1alpha2.TCPRouteSpec,\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n }\n}\n","import type { Gateway } from \"./gateway\"\nimport { gateway, type types } from \"@highstate/gateway-api\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n normalizeInputsAndMap,\n type Output,\n output,\n} from \"@highstate/pulumi\"\nimport { getProvider, mapMetadata, type ScopedResourceArgs } from \"../shared\"\nimport { type BackendRef, resolveBackendRef } from \"./backend\"\n\nexport type UdpRouteArgs = Omit<ScopedResourceArgs, \"namespace\"> & {\n /**\n * The gateway to associate with the route.\n */\n gateway: Input<Gateway>\n\n /**\n * The name of the listener to attach the route to.\n */\n listenerName: Input<string>\n\n /**\n * The backend reference handled by the route.\n */\n backend?: Input<BackendRef>\n\n /**\n * The backend references handled by the route.\n */\n backends?: InputArray<BackendRef>\n}\n\nexport class UdpRoute extends ComponentResource {\n /**\n * The underlying Kubernetes resource.\n */\n public readonly route: Output<gateway.v1alpha2.UDPRoute>\n\n constructor(name: string, args: UdpRouteArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:UdpRoute\", name, args, opts)\n\n const gatewayOutput = output(args.gateway)\n\n const parentRefs = output({\n gateway: gatewayOutput,\n listenerName: args.listenerName,\n }).apply(\n ({ gateway, listenerName }) =>\n [\n {\n group: \"gateway.networking.k8s.io\",\n kind: \"Gateway\",\n name: gateway.metadata.name,\n namespace: gateway.namespace.metadata.name,\n sectionName: listenerName,\n },\n ] satisfies types.input.gateway.v1alpha2.UDPRouteSpecParentRefs[],\n )\n\n const backendRefs = normalizeInputsAndMap(args.backend, args.backends, resolveBackendRef)\n\n this.route = gatewayOutput.cluster.apply(cluster => {\n return new gateway.v1alpha2.UDPRoute(\n name,\n {\n metadata: mapMetadata(args, name).apply(metadata => ({\n ...metadata,\n namespace: gatewayOutput.namespace.metadata.name,\n })),\n spec: {\n parentRefs,\n rules: [\n {\n backendRefs,\n },\n ],\n } satisfies types.input.gateway.v1alpha2.UDPRouteSpec,\n },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n }\n}\n"]}
package/dist/{chunk-NWXKLVBC.js → chunk-HJKJHTJM.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { ExposableWorkload, getExposableWorkloadComponents, exposableWorkloadExtraArgs } from './chunk-YTRQ6JRU.js';
2
- import { Namespace, mapMetadata, getProvider } from './chunk-SEWB4FUB.js';
1
+ import { ExposableWorkload, getExposableWorkloadComponents, exposableWorkloadExtraArgs } from './chunk-XRIC6EJ3.js';
2
+ import { Namespace, mapMetadata, getProvider } from './chunk-OBDQONMV.js';
3
3
  import { getOrCreate } from '@highstate/contract';
4
4
  import { output, toPromise, interpolate } from '@highstate/pulumi';
5
5
  import { apps } from '@pulumi/kubernetes';
@@ -7,18 +7,16 @@ import { deepmerge } from 'deepmerge-ts';
7
7
  import { omit } from 'remeda';
8
8
 
9
9
  var StatefulSet = class _StatefulSet extends ExposableWorkload {
10
- constructor(type, name, args, opts, apiVersion, kind, terminalArgs, containers, namespace, metadata, networkPolicy, service, routes, spec, status) {
10
+ constructor(type, name, args, opts, metadata, namespace, terminalArgs, containers, networkPolicy, service, routes, spec, status) {
11
11
  super(
12
12
  type,
13
13
  name,
14
14
  args,
15
15
  opts,
16
- apiVersion,
17
- kind,
16
+ metadata,
17
+ namespace,
18
18
  terminalArgs,
19
19
  containers,
20
- namespace,
21
- metadata,
22
20
  spec.template,
23
21
  networkPolicy,
24
22
  service,
@@ -27,6 +25,8 @@ var StatefulSet = class _StatefulSet extends ExposableWorkload {
27
25
  this.spec = spec;
28
26
  this.status = status;
29
27
  }
28
+ static apiVersion = "apps/v1";
29
+ static kind = "StatefulSet";
30
30
  get templateMetadata() {
31
31
  return this.spec.template.metadata;
32
32
  }
@@ -35,11 +35,9 @@ var StatefulSet = class _StatefulSet extends ExposableWorkload {
35
35
  */
36
36
  get entity() {
37
37
  return output({
38
- type: "stateful-set",
39
- clusterId: this.cluster.id,
40
- clusterName: this.cluster.name,
41
- metadata: this.metadata,
42
- service: this.service.entity
38
+ ...this.entityBase,
39
+ service: this.service.entity,
40
+ endpoints: this.service.endpoints
43
41
  });
44
42
  }
45
43
  /**
@@ -197,12 +195,10 @@ var CreatedStatefulSet = class extends StatefulSet {
197
195
  name,
198
196
  args,
199
197
  opts,
200
- statefulSet.apiVersion,
201
- statefulSet.kind,
198
+ statefulSet.metadata,
199
+ output(args.namespace),
202
200
  output(args.terminal ?? {}),
203
201
  containers,
204
- output(args.namespace),
205
- statefulSet.metadata,
206
202
  networkPolicy,
207
203
  service,
208
204
  routes,
@@ -238,12 +234,10 @@ var StatefulSetPatch = class extends StatefulSet {
238
234
  name,
239
235
  args,
240
236
  opts,
241
- statefulSet.apiVersion,
242
- statefulSet.kind,
237
+ statefulSet.metadata,
238
+ output(args.namespace),
243
239
  output(args.terminal ?? {}),
244
240
  containers,
245
- output(args.namespace),
246
- statefulSet.metadata,
247
241
  networkPolicy,
248
242
  service,
249
243
  routes,
@@ -259,12 +253,10 @@ var WrappedStatefulSet = class extends StatefulSet {
259
253
  name,
260
254
  args,
261
255
  opts,
262
- output(args.statefulSet).apiVersion,
263
- output(args.statefulSet).kind,
256
+ output(args.statefulSet).metadata,
257
+ output(args.namespace),
264
258
  output(args.terminal ?? {}),
265
259
  output([]),
266
- output(args.namespace),
267
- output(args.statefulSet).metadata,
268
260
  output(void 0),
269
261
  output(args.service),
270
262
  output([]),
@@ -287,12 +279,10 @@ var ExternalStatefulSet = class extends StatefulSet {
287
279
  name,
288
280
  args,
289
281
  opts,
290
- statefulSet.apiVersion,
291
- statefulSet.kind,
282
+ statefulSet.metadata,
283
+ output(args.namespace),
292
284
  output({}),
293
285
  output([]),
294
- output(args.namespace),
295
- statefulSet.metadata,
296
286
  output(void 0),
297
287
  output(void 0),
298
288
  output([]),
@@ -303,5 +293,5 @@ var ExternalStatefulSet = class extends StatefulSet {
303
293
  };
304
294
 
305
295
  export { StatefulSet };
306
- //# sourceMappingURL=chunk-NWXKLVBC.js.map
307
- //# sourceMappingURL=chunk-NWXKLVBC.js.map
296
+ //# sourceMappingURL=chunk-HJKJHTJM.js.map
297
+ //# sourceMappingURL=chunk-HJKJHTJM.js.map
package/dist/chunk-HJKJHTJM.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/stateful-set.ts"],"names":["service","args","podTemplate","labels"],"mappings":";;;;;;;;AA4CO,IAAe,WAAA,GAAf,MAAe,YAAA,SAAoB,iBAAA,CAAkB;AAAA,EAIhD,WAAA,CACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,IAAA,EAEA,QAAA,EACA,SAAA,EACA,YAAA,EACA,UAAA,EACA,aAAA,EAEA,OAAA,EACA,MAAA,EAKS,MAKA,MAAA,EACT;AACA,IAAA,KAAA;AAAA,MACE,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,QAAA;AAAA,MACA,SAAA;AAAA,MACA,YAAA;AAAA,MACA,UAAA;AAAA,MACA,IAAA,CAAK,QAAA;AAAA,MACL,aAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AApBS,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAgBX;AAAA,EA1CA,OAAO,UAAA,GAAa,SAAA;AAAA,EACpB,OAAO,IAAA,GAAO,aAAA;AAAA,EA2Cd,IAAuB,gBAAA,GAA4D;AACjF,IAAA,OAAO,IAAA,CAAK,KAAK,QAAA,CAAS,QAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAkC;AACpC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,GAAG,IAAA,CAAK,UAAA;AAAA,MACR,OAAA,EAAS,KAAK,OAAA,CAAQ,MAAA;AAAA,MACtB,SAAA,EAAW,KAAK,OAAA,CAAQ;AAAA,KACzB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC/F,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,iBAAiB,IAAA,EAAM;AAAA,QAChC,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACsB;AACtB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,aAAY,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IACjF;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC9F,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,mBAAA,CAAoB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,OAAwB,gBAAA,mBAAmB,IAAI,GAAA,EAAyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaxE,OAAO,GAAA,CAAI,MAAA,EAAyB,OAAA,EAA0C;AAC5E,IAAA,OAAO,WAAA;AAAA,MACL,YAAA,CAAY,gBAAA;AAAA,MACZ,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,YAAA,CAAY,IAAI,IAAA,EAAM;AAAA,UAC3B,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,WAAA,CAAY,MAAA,EAAQ,OAAO;AAAA,SACjD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACsB;AACtB,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAC7C,IAAA,OAAO,YAAA,CAAY,GAAA,CAAI,cAAA,EAAgB,OAAO,CAAA;AAAA,EAChD;AAAA,EAEU,eAAA,GAAgD;AACxD,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,KAAA,EAAO,aAAA;AAAA,MACP,WAAA,EAAa,WAAA,CAAA,cAAA,EAA4B,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA,CAAA;AAAA,MAC3D,WAAA,EAAa,oCAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAAA,EAEA,IAAc,YAAA,GAAuB;AACnC,IAAA,OAAO,aAAA;AAAA,EACT;AACF;AAEA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,MAAA,EAAQ,WAAA,EAAa,eAAe,UAAA,EAAY,OAAA,EAAS,QAAO,GACtE,8BAAA;AAAA,MACE,IAAA;AAAA,MACA;AAAA,QACE,GAAG,IAAA;AAAA;AAAA,QAGH,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,KAAA,CAAM,CAAAA,QAAAA,MAAY,EAAE,GAAGA,QAAAA,EAAQ,CAAE;AAAA,OACjE;AAAA,MACA,MAAM,IAAA;AAAA,MACN;AAAA,KACF;AAEF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,OAAO,EAAE,IAAA,EAAM,aAAa,MAAA,EAAQ,OAAA,EAAS,CAAA,CAAE,KAAA;AAAA,YACnD,CAAC,EAAE,IAAA,EAAAC,KAAAA,EAAM,WAAA,EAAAC,cAAa,MAAA,EAAAC,OAAAA,EAAQ,OAAA,EAAAH,QAAAA,EAAQ,KAAM;AAC1C,cAAA,OAAO,SAAA;AAAA,gBACL;AAAA,kBACE,WAAA,EAAaA,UAAS,QAAA,CAAS,IAAA;AAAA,kBAC/B,QAAA,EAAUE,YAAAA;AAAA,kBACV,QAAA,EAAU,EAAE,WAAA,EAAaC,OAAAA;AAAO,iBAClC;AAAA,gBACA,IAAA,CAAKF,OAAM,0BAA0B;AAAA,eACvC;AAAA,YACF;AAAA;AACF,SACF;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,2BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAEA,IAAM,gBAAA,GAAN,cAA+B,WAAA,CAAY;AAAA,EACzC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,WAAA,EAAa,aAAA,EAAe,UAAA,EAAY,OAAA,EAAS,MAAA,EAAO,GAC9D,8BAAA,CAA+B,IAAA,EAAM,IAAA,EAAM,MAAM,IAAA,EAAM,MAAM,IAAI,CAAA;AAEnE,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,gBAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,MAAA,CAAO,EAAE,IAAA,EAAM,aAAa,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,IAAA,EAAAA,KAAAA,EAAM,WAAA,EAAAC,cAAY,KAAM;AACnE,YAAA,OAAO,SAAA;AAAA,cACL,EAAE,UAAUA,YAAAA,EAAY;AAAA,cACxB,IAAA,CAAKD,OAAM,0BAA0B;AAAA,aACvC;AAAA,UACF,CAAC;AAAA,SACH;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,gCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAsBA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA;AAAA,MACE,kCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,QAAA;AAAA,MACzB,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE;AAAA,KAC3B;AAAA,EACF;AACF,CAAA;AAcA,IAAM,mBAAA,GAAN,cAAkC,WAAA,CAAY;AAAA,EAC5C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA+B,IAAA,EAAiC;AACxF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAA,CAAK,GAAG,WAAA,CAAY,GAAA;AAAA,QACzB,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,mCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,EAAE,CAAA;AAAA,MACT,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,OAAO,MAAS,CAAA;AAAA,MAChB,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA","file":"chunk-HJKJHTJM.js","sourcesContent":["import type { AccessPointRoute } from \"@highstate/common\"\nimport type { k8s } from \"@highstate/library\"\nimport type { Container } from \"./container\"\nimport type { NetworkPolicy } from \"./network-policy\"\nimport type { Service } from \"./service\"\nimport { getOrCreate, type UnitTerminal } from \"@highstate/contract\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n type Output,\n output,\n toPromise,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { apps, type types } from \"@pulumi/kubernetes\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { omit } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport { getProvider, mapMetadata } from \"./shared\"\nimport {\n ExposableWorkload,\n type ExposableWorkloadArgs,\n exposableWorkloadExtraArgs,\n getExposableWorkloadComponents,\n type WorkloadTerminalArgs,\n} from \"./workload\"\n\nexport type StatefulSetArgs = Omit<ExposableWorkloadArgs, \"existing\"> &\n Omit<Partial<types.input.apps.v1.StatefulSetSpec>, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n\nexport type CreateOrGetStatefulSetArgs = StatefulSetArgs & {\n /**\n * The entity to use to determine the stateful set to patch.\n */\n existing: Input<k8s.StatefulSet> | undefined\n}\n\nexport abstract class StatefulSet extends ExposableWorkload {\n static apiVersion = \"apps/v1\"\n static kind = \"StatefulSet\"\n\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n namespace: Output<Namespace>,\n terminalArgs: Output<Unwrap<WorkloadTerminalArgs>>,\n containers: Output<Container[]>,\n networkPolicy: Output<NetworkPolicy | undefined>,\n\n service: Output<Service | undefined>,\n routes: Output<AccessPointRoute[]>,\n\n /**\n * The spec of the underlying Kubernetes stateful set.\n */\n readonly spec: Output<types.output.apps.v1.StatefulSetSpec>,\n\n /**\n * The status of the underlying Kubernetes stateful set.\n */\n readonly status: Output<types.output.apps.v1.StatefulSetStatus>,\n ) {\n super(\n type,\n name,\n args,\n opts,\n metadata,\n namespace,\n terminalArgs,\n containers,\n spec.template,\n networkPolicy,\n service,\n routes,\n )\n }\n\n protected override get templateMetadata(): Output<types.output.meta.v1.ObjectMeta> {\n return this.spec.template.metadata\n }\n\n /**\n * The Highstate stateful set entity.\n */\n get entity(): Output<k8s.StatefulSet> {\n return output({\n ...this.entityBase,\n service: this.service.entity,\n endpoints: this.service.endpoints,\n })\n }\n\n /**\n * Creates a new stateful set.\n */\n static create(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to create or patch the stateful set with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n if (args.existing) {\n return new StatefulSetPatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name. Will not be used when existing stateful set is retrieved.\n * @param args The arguments to create or get the stateful set with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): Promise<StatefulSet> {\n if (args.existing) {\n return await StatefulSet.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Patches an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to patch the stateful set with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new StatefulSetPatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes stateful set.\n */\n static wrap(\n name: string,\n args: WrappedStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new WrappedStatefulSet(name, args, opts)\n }\n\n /**\n * Gets an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n */\n static get(\n name: string,\n args: ExternalStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new ExternalStatefulSet(name, args, opts)\n }\n\n private static readonly statefulSetCache = new Map<string, StatefulSet>()\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static for(entity: k8s.StatefulSet, cluster: Input<k8s.Cluster>): StatefulSet {\n return getOrCreate(\n StatefulSet.statefulSetCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return StatefulSet.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResource(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static async forAsync(\n entity: Input<k8s.StatefulSet>,\n cluster: Input<k8s.Cluster>,\n ): Promise<StatefulSet> {\n const resolvedEntity = await toPromise(entity)\n return StatefulSet.for(resolvedEntity, cluster)\n }\n\n protected getTerminalMeta(): Output<UnitTerminal[\"meta\"]> {\n return output({\n title: \"StatefulSet\",\n globalTitle: interpolate`StatefulSet | ${this.metadata.name}`,\n description: \"The shell inside the stateful set.\",\n icon: \"devicon:kubernetes\",\n })\n }\n\n protected get resourceType(): string {\n return \"statefulset\"\n }\n}\n\nclass CreatedStatefulSet extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { labels, podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(\n name,\n {\n ...args,\n\n // force create a service since it is required for stateful sets\n service: output(args.service).apply(service => ({ ...service })),\n },\n () => this,\n opts,\n )\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSet(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate, labels, service }).apply(\n ({ args, podTemplate, labels, service }) => {\n return deepmerge(\n {\n serviceName: service?.metadata.name,\n template: podTemplate,\n selector: { matchLabels: labels },\n },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n },\n ),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n containers,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nclass StatefulSetPatch extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(name, args, () => this, opts, true)\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSetPatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate }).apply(({ args, podTemplate }) => {\n return deepmerge(\n { template: podTemplate },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n }),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSetPatch\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n containers,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nexport type WrappedStatefulSetArgs = {\n /**\n * The underlying Kubernetes stateful set to wrap.\n */\n statefulSet: Input<apps.v1.StatefulSet>\n\n // TODO: remove\n service?: Input<Service>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n\n /**\n * The args for the terminal to use.\n */\n terminal?: Input<WorkloadTerminalArgs>\n}\n\nclass WrappedStatefulSet extends StatefulSet {\n constructor(name: string, args: WrappedStatefulSetArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedStatefulSet\",\n name,\n args,\n opts,\n\n output(args.statefulSet).metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n output([]),\n\n output(undefined),\n output(args.service),\n output([]),\n\n output(args.statefulSet).spec,\n output(args.statefulSet).status,\n )\n }\n}\n\nexport type ExternalStatefulSetArgs = {\n /**\n * The name of the stateful set to get.\n */\n name: Input<string>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalStatefulSet extends StatefulSet {\n constructor(name: string, args: ExternalStatefulSetArgs, opts?: ComponentResourceOptions) {\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return apps.v1.StatefulSet.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalStatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output({}),\n output([]),\n\n output(undefined),\n output(undefined),\n output([]),\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n"]}
package/dist/{chunk-7H4L3DFC.js → chunk-KMLRI5UZ.js} RENAMED
@@ -1,12 +1,12 @@
1
- import { Secret } from './chunk-VJL2BFKO.js';
2
- import { getProvider, getNamespaceName } from './chunk-SEWB4FUB.js';
1
+ import { Secret } from './chunk-4G6LLC2X.js';
2
+ import { getProvider, getNamespaceName, NamespacedResource } from './chunk-OBDQONMV.js';
3
3
  import { ComponentResource, output, normalizeInputs, interpolate, toPromise } from '@highstate/pulumi';
4
4
  import { KubeConfig } from '@kubernetes/client-node';
5
5
  import { core, rbac } from '@pulumi/kubernetes';
6
6
  import { map, unique } from 'remeda';
7
7
  import { stringify } from 'yaml';
8
8
 
9
- var ClusterAccessScope = class _ClusterAccessScope extends ComponentResource {
9
+ var ClusterAccessScope = class extends ComponentResource {
10
10
  /**
11
11
  * The cluster entity with the reduced access.
12
12
  */
@@ -30,12 +30,15 @@ var ClusterAccessScope = class _ClusterAccessScope extends ComponentResource {
30
30
  name,
31
31
  {
32
32
  metadata: {
33
- name: interpolate`highstate.${namespaceName}.${name}`,
33
+ name: interpolate`hs.${namespaceName}.${name}`,
34
34
  annotations: {
35
35
  "kubernetes.io/description": interpolate`Created by Highstate for the ServiceAccount "${name}" in the namespace "${namespaceName}".`
36
36
  }
37
37
  },
38
- rules: normalizeInputs(args.rule, args.rules)
38
+ rules: output({
39
+ rules: normalizeInputs(args.rule, args.rules),
40
+ resources: args.resources ?? []
41
+ }).apply(({ rules, resources }) => mergeResources(rules, resources))
39
42
  },
40
43
  { provider }
41
44
  );
@@ -60,10 +63,32 @@ var ClusterAccessScope = class _ClusterAccessScope extends ComponentResource {
60
63
  { provider }
61
64
  );
62
65
  };
63
- if (args.allowOriginNamespace ?? true) {
64
- createRoleBinding(namespaceName);
66
+ if (args.clusterWide) {
67
+ new rbac.v1.ClusterRoleBinding(
68
+ name,
69
+ {
70
+ metadata: { name },
71
+ roleRef: {
72
+ kind: "ClusterRole",
73
+ name: clusterRole.metadata.name,
74
+ apiGroup: "rbac.authorization.k8s.io"
75
+ },
76
+ subjects: [
77
+ {
78
+ kind: "ServiceAccount",
79
+ name: serviceAccount2.metadata.name,
80
+ namespace: namespaceName
81
+ }
82
+ ]
83
+ },
84
+ { provider }
85
+ );
86
+ } else {
87
+ if (args.allowOriginNamespace !== false) {
88
+ createRoleBinding(namespaceName);
89
+ }
90
+ output(args.extraNamespaces ?? []).apply(map(getNamespaceName)).apply(map(createRoleBinding));
65
91
  }
66
- output(args.extraNamespaces ?? []).apply(map(getNamespaceName)).apply(map(createRoleBinding));
67
92
  return { serviceAccount: serviceAccount2, kubeconfig: cluster.kubeconfig };
68
93
  });
69
94
  const accessTokenSecret = Secret.create(`${name}-token`, {
@@ -98,71 +123,33 @@ var ClusterAccessScope = class _ClusterAccessScope extends ComponentResource {
98
123
  };
99
124
  });
100
125
  }
101
- /**
102
- * Creates `ClusterAccessScope` for the given resources with the specified verbs.
103
- *
104
- * All resources must belong to the same namespace in the same cluster.
105
- *
106
- * @param name The name of the resource and the ServiceAccount.
107
- * @param resources The resources to create access scope for.
108
- * @param verbs The verbs to allow on the resources.
109
- */
110
- static async forResources(name, args, opts) {
111
- const resolved = await toPromise(
112
- output(args.resources).apply(
113
- (resources) => resources.map((r) => ({
114
- namespaceId: r.namespace.metadata.uid,
115
- namespace: r.namespace,
116
- metadata: r.metadata,
117
- apiVersion: r.apiVersion,
118
- kind: r.kind
119
- }))
120
- )
126
+ };
127
+ async function mergeResources(rules, resources) {
128
+ for (const resource of resources) {
129
+ const entity = await toPromise(
130
+ resource instanceof NamespacedResource ? resource.entity : resource
121
131
  );
122
- if (resolved.length === 0) {
123
- throw new Error("No resources provided to forResources.");
124
- }
125
- if (unique(resolved.map((r) => r.namespaceId)).length > 1) {
126
- throw new Error("All resources must belong to the same namespace.");
127
- }
128
- const saNamespaceId = await toPromise(output(args.namespace).metadata.uid);
129
- if (resolved[0].namespaceId !== saNamespaceId) {
130
- throw new Error("The resources must belong to the same namespace as the ServiceAccount.");
131
- }
132
- if (args.collectionAccess) {
133
- const uniqueTypes = unique(resolved.map((r) => `${r.apiVersion}::${r.kind}`));
134
- return new _ClusterAccessScope(
135
- name,
136
- {
137
- namespace: args.namespace,
138
- rules: uniqueTypes.map((t) => {
139
- const [apiVersion, kind] = t.split("::");
140
- return {
141
- apiGroups: apiVersion === "v1" ? [""] : [apiVersion.split("/")[0]],
142
- resources: [`${kind.toLowerCase()}s`],
143
- verbs: args.verbs
144
- };
145
- })
146
- },
147
- opts
148
- );
132
+ const apiGroup = entity.apiVersion.includes("/") ? entity.apiVersion.split("/")[0] : "";
133
+ const resourceCollection = `${entity.kind.toLowerCase()}s`;
134
+ const matchingRule = rules.find((rule) => {
135
+ const apiGroupsMatch = rule.apiGroups?.length === 1 && rule.apiGroups[0] === apiGroup;
136
+ const resourcesMatch = rule.resources?.length === 1 && rule.resources[0] === resourceCollection;
137
+ return apiGroupsMatch && resourcesMatch;
138
+ });
139
+ if (!matchingRule) {
140
+ continue;
149
141
  }
150
- return new _ClusterAccessScope(
151
- name,
152
- {
153
- namespace: args.namespace,
154
- rules: resolved.map((r) => ({
155
- apiGroups: r.apiVersion === "v1" ? [""] : [r.apiVersion.split("/")[0]],
156
- resources: [r.kind.toLowerCase() + (r.metadata?.name ? "s" : "")],
157
- resourceNames: r.metadata?.name ? [r.metadata.name] : void 0,
158
- verbs: args.verbs
159
- }))
160
- },
161
- opts
142
+ matchingRule.resourceNames = await toPromise(
143
+ unique([
144
+ //
145
+ ...matchingRule.resourceNames ?? [],
146
+ entity.metadata.name
147
+ ])
162
148
  );
163
149
  }
164
- };
150
+ return rules;
151
+ }
165
152
 
166
153
  export { ClusterAccessScope };
167
- //# sourceMappingURL=chunk-7H4L3DFC.js.map
168
- //# sourceMappingURL=chunk-7H4L3DFC.js.map
154
+ //# sourceMappingURL=chunk-KMLRI5UZ.js.map
155
+ //# sourceMappingURL=chunk-KMLRI5UZ.js.map
package/dist/chunk-KMLRI5UZ.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/rbac.ts"],"names":["serviceAccount","kubeconfig"],"mappings":";;;;;;;;AA4EO,IAAM,kBAAA,GAAN,cAAiC,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAI/C,OAAA;AAAA,EAET,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA,CAAM,kCAAA,EAAoC,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAE1D,IAAA,MAAM,EAAE,cAAA,EAAgB,UAAA,EAAW,GAAI,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,KAAA,CAAM,CAAA,OAAA,KAAW;AACrF,MAAA,MAAM,QAAA,GAAW,YAAY,OAAO,CAAA;AACpC,MAAA,MAAM,aAAA,GAAgB,MAAA,CAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAA;AAEtD,MAAA,MAAMA,eAAAA,GAAiB,IAAI,IAAA,CAAK,EAAA,CAAG,cAAA;AAAA,QACjC,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA;AAAA,YACA,SAAA,EAAW;AAAA;AACb,SACF;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,WAAA,GAAc,IAAI,IAAA,CAAK,EAAA,CAAG,WAAA;AAAA,QAC9B,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA,EAAM,WAAA,CAAA,GAAA,EAAiB,aAAa,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,YAC5C,WAAA,EAAa;AAAA,cACX,2BAAA,EAA6B,WAAA,CAAA,6CAAA,EAA2D,IAAI,CAAA,oBAAA,EAAuB,aAAa,CAAA,EAAA;AAAA;AAClI,WACF;AAAA,UACA,OAAO,MAAA,CAAO;AAAA,YACZ,KAAA,EAAO,eAAA,CAAgB,IAAA,CAAK,IAAA,EAAM,KAAK,KAAK,CAAA;AAAA,YAC5C,SAAA,EAAW,IAAA,CAAK,SAAA,IAAa;AAAC,WAC/B,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,KAAA,EAAO,SAAA,EAAU,KAAM,cAAA,CAAe,KAAA,EAAO,SAAS,CAAC;AAAA,SACrE;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,iBAAA,GAAoB,CAAC,SAAA,KAA6B;AACtD,QAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,UACjB,IAAA;AAAA,UACA;AAAA,YACE,QAAA,EAAU,EAAE,IAAA,EAAM,SAAA,EAAU;AAAA,YAC5B,OAAA,EAAS;AAAA,cACP,IAAA,EAAM,aAAA;AAAA,cACN,IAAA,EAAM,YAAY,QAAA,CAAS,IAAA;AAAA,cAC3B,QAAA,EAAU;AAAA,aACZ;AAAA,YACA,QAAA,EAAU;AAAA,cACR;AAAA,gBACE,IAAA,EAAM,gBAAA;AAAA,gBACN,IAAA,EAAMA,gBAAe,QAAA,CAAS,IAAA;AAAA,gBAC9B,SAAA,EAAW;AAAA;AACb;AACF,WACF;AAAA,UACA,EAAE,QAAA;AAAS,SACb;AAAA,MACF,CAAA;AAEA,MAAA,IAAI,KAAK,WAAA,EAAa;AACpB,QAAA,IAAI,KAAK,EAAA,CAAG,kBAAA;AAAA,UACV,IAAA;AAAA,UACA;AAAA,YACE,QAAA,EAAU,EAAE,IAAA,EAAK;AAAA,YACjB,OAAA,EAAS;AAAA,cACP,IAAA,EAAM,aAAA;AAAA,cACN,IAAA,EAAM,YAAY,QAAA,CAAS,IAAA;AAAA,cAC3B,QAAA,EAAU;AAAA,aACZ;AAAA,YACA,QAAA,EAAU;AAAA,cACR;AAAA,gBACE,IAAA,EAAM,gBAAA;AAAA,gBACN,IAAA,EAAMA,gBAAe,QAAA,CAAS,IAAA;AAAA,gBAC9B,SAAA,EAAW;AAAA;AACb;AACF,WACF;AAAA,UACA,EAAE,QAAA;AAAS,SACb;AAAA,MACF,CAAA,MAAO;AACL,QAAA,IAAI,IAAA,CAAK,yBAAyB,KAAA,EAAO;AACvC,UAAA,iBAAA,CAAkB,aAAa,CAAA;AAAA,QACjC;AAEA,QAAA,MAAA,CAAO,IAAA,CAAK,eAAA,IAAmB,EAAE,CAAA,CAC9B,KAAA,CAAM,GAAA,CAAI,gBAAgB,CAAC,CAAA,CAC3B,KAAA,CAAM,GAAA,CAAI,iBAAiB,CAAC,CAAA;AAAA,MACjC;AAEA,MAAA,OAAO,EAAE,cAAA,EAAAA,eAAAA,EAAgB,UAAA,EAAY,QAAQ,UAAA,EAAW;AAAA,IAC1D,CAAC,CAAA;AAED,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,MAAA,CAAO,CAAA,EAAG,IAAI,CAAA,MAAA,CAAA,EAAU;AAAA,MACvD,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,IAAA,EAAM,qCAAA;AAAA,MACN,QAAA,EAAU;AAAA,QACR,WAAA,EAAa;AAAA,UACX,oCAAA,EAAsC,eAAe,QAAA,CAAS;AAAA;AAChE;AACF,KACD,CAAA;AAED,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO;AAAA,MACpB,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA;AAAA,MAChC,UAAA;AAAA,MACA,QAAA,EAAU,iBAAA,CAAkB,QAAA,CAAS,OAAO,CAAA;AAAA,MAC5C,cAAA,EAAgB,eAAe,QAAA,CAAS;AAAA,KACzC,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAS,UAAA,EAAAC,WAAAA,EAAY,QAAA,EAAU,cAAA,EAAAD,eAAAA,EAAe,KAAM;AAC9D,MAAA,MAAM,MAAA,GAAS,IAAI,UAAA,EAAW;AAC9B,MAAA,MAAA,CAAO,eAAeC,WAAU,CAAA;AAGhC,MAAA,MAAA,CAAO,QAAQ,EAAC;AAChB,MAAA,MAAA,CAAO,WAAW,EAAC;AAEnB,MAAA,MAAA,CAAO,QAAQ,EAAE,IAAA,EAAMD,eAAAA,EAAgB,KAAA,EAAO,UAAU,CAAA;AAExD,MAAA,MAAA,CAAO,UAAA,CAAW;AAAA,QAChB,IAAA,EAAM,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QACzB,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QAC5B,IAAA,EAAMA;AAAA,OACP,CAAA;AAED,MAAA,MAAA,CAAO,iBAAA,CAAkB,MAAA,CAAO,QAAA,CAAS,CAAC,EAAE,IAAI,CAAA;AAEhD,MAAA,OAAO;AAAA,QACL,GAAG,OAAA;AAAA,QACH,YAAY,SAAA,CAAU,IAAA,CAAK,MAAM,MAAA,CAAO,YAAA,EAAc,CAAC;AAAA,OACzD;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AAEA,eAAe,cAAA,CACb,OACA,SAAA,EAC2C;AAC3C,EAAA,KAAA,MAAW,YAAY,SAAA,EAAW;AAChC,IAAA,MAAM,SAAS,MAAM,SAAA;AAAA,MACnB,QAAA,YAAoB,kBAAA,GAAqB,QAAA,CAAS,MAAA,GAAS;AAAA,KAC7D;AAEA,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,UAAA,CAAW,QAAA,CAAS,GAAG,CAAA,GAC3C,MAAA,CAAO,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,GAC9B,EAAA;AAEJ,IAAA,MAAM,kBAAA,GAAqB,CAAA,EAAG,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA,CAAA,CAAA;AAEvD,IAAA,MAAM,YAAA,GAAe,KAAA,CAAM,IAAA,CAAK,CAAA,IAAA,KAAQ;AACtC,MAAA,MAAM,cAAA,GAAiB,KAAK,SAAA,EAAW,MAAA,KAAW,KAAK,IAAA,CAAK,SAAA,CAAU,CAAC,CAAA,KAAM,QAAA;AAC7E,MAAA,MAAM,cAAA,GACJ,KAAK,SAAA,EAAW,MAAA,KAAW,KAAK,IAAA,CAAK,SAAA,CAAU,CAAC,CAAA,KAAM,kBAAA;AAExD,MAAA,OAAO,cAAA,IAAkB,cAAA;AAAA,IAC3B,CAAC,CAAA;AAED,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,gBAAgB,MAAM,SAAA;AAAA,MACjC,MAAA,CAAO;AAAA;AAAA,QAEL,GAAI,YAAA,CAAa,aAAA,IAAiB,EAAC;AAAA,QACnC,OAAO,QAAA,CAAS;AAAA,OACjB;AAAA,KACH;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT","file":"chunk-KMLRI5UZ.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { Namespace } from \"./namespace\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n interpolate,\n normalizeInputs,\n type Output,\n output,\n toPromise,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { core, rbac, type types } from \"@pulumi/kubernetes\"\nimport { map, unique } from \"remeda\"\nimport { stringify } from \"yaml\"\nimport { Secret } from \"./secret\"\nimport {\n getNamespaceName,\n getProvider,\n NamespacedResource,\n type NamespaceLike,\n type Resource,\n} from \"./shared\"\n\nexport type ClusterAccessScopeArgs = {\n /**\n * The namespace to create the ServiceAccount in.\n */\n namespace: Input<Namespace>\n\n /**\n * The RBAC rule to apply to the `ServiceAccount`.\n *\n * It will be used to create ClusterRole.\n */\n rule?: Input<types.input.rbac.v1.PolicyRule>\n\n /**\n * The RBAC rules to apply to the `ServiceAccount`.\n *\n * It will be used to create `ClusterRole`.\n */\n rules?: InputArray<types.input.rbac.v1.PolicyRule>\n\n /**\n * Whether to allow the `ServiceAccount` to access resources in the namespace where it is created.\n *\n * By default, it is set to `true`.\n */\n allowOriginNamespace?: boolean\n\n /**\n * The extra namespaces to bind to the `ClusterRole` and allow `ServiceAccount` to access them\n * with specified `rules`.\n */\n extraNamespaces?: InputArray<NamespaceLike>\n\n /**\n * Whether to create `ClusterRoleBinding` instead of `RoleBinding` to allow cluster-wide access.\n *\n * This will allow the `ServiceAccount` to access all namespaces and cluster resources.\n */\n clusterWide?: boolean\n\n /**\n * The extra resources to merge into passed rules.\n *\n * Resources will be merged into rule `resourceNames` if they exactly match rule's `apiGroups` and `resources`.\n * If rule specifies multiple apiGroups or resources, resources will not be merged into it.\n */\n resources?: InputArray<Resource | k8s.Resource>\n}\n\nexport class ClusterAccessScope extends ComponentResource {\n /**\n * The cluster entity with the reduced access.\n */\n readonly cluster: Output<k8s.Cluster>\n\n constructor(name: string, args: ClusterAccessScopeArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ClusterAccessScope\", name, args, opts)\n\n const { serviceAccount, kubeconfig } = output(args.namespace).cluster.apply(cluster => {\n const provider = getProvider(cluster)\n const namespaceName = output(args.namespace).metadata.name\n\n const serviceAccount = new core.v1.ServiceAccount(\n name,\n {\n metadata: {\n name,\n namespace: namespaceName,\n },\n },\n { provider },\n )\n\n const clusterRole = new rbac.v1.ClusterRole(\n name,\n {\n metadata: {\n name: interpolate`hs.${namespaceName}.${name}`,\n annotations: {\n \"kubernetes.io/description\": interpolate`Created by Highstate for the ServiceAccount \"${name}\" in the namespace \"${namespaceName}\".`,\n },\n },\n rules: output({\n rules: normalizeInputs(args.rule, args.rules),\n resources: args.resources ?? [],\n }).apply(({ rules, resources }) => mergeResources(rules, resources)),\n },\n { provider },\n )\n\n const createRoleBinding = (namespace: Input<string>) => {\n return new rbac.v1.RoleBinding(\n name,\n {\n metadata: { name, namespace },\n roleRef: {\n kind: \"ClusterRole\",\n name: clusterRole.metadata.name,\n apiGroup: \"rbac.authorization.k8s.io\",\n },\n subjects: [\n {\n kind: \"ServiceAccount\",\n name: serviceAccount.metadata.name,\n namespace: namespaceName,\n },\n ],\n },\n { provider },\n )\n }\n\n if (args.clusterWide) {\n new rbac.v1.ClusterRoleBinding(\n name,\n {\n metadata: { name },\n roleRef: {\n kind: \"ClusterRole\",\n name: clusterRole.metadata.name,\n apiGroup: \"rbac.authorization.k8s.io\",\n },\n subjects: [\n {\n kind: \"ServiceAccount\",\n name: serviceAccount.metadata.name,\n namespace: namespaceName,\n },\n ],\n },\n { provider },\n )\n } else {\n if (args.allowOriginNamespace !== false) {\n createRoleBinding(namespaceName)\n }\n\n output(args.extraNamespaces ?? [])\n .apply(map(getNamespaceName))\n .apply(map(createRoleBinding))\n }\n\n return { serviceAccount, kubeconfig: cluster.kubeconfig }\n })\n\n const accessTokenSecret = Secret.create(`${name}-token`, {\n namespace: args.namespace,\n type: \"kubernetes.io/service-account-token\",\n metadata: {\n annotations: {\n \"kubernetes.io/service-account.name\": serviceAccount.metadata.name,\n },\n },\n })\n\n this.cluster = output({\n cluster: output(args.namespace).cluster,\n kubeconfig,\n newToken: accessTokenSecret.getValue(\"token\"),\n serviceAccount: serviceAccount.metadata.name,\n }).apply(({ cluster, kubeconfig, newToken, serviceAccount }) => {\n const config = new KubeConfig()\n config.loadFromString(kubeconfig)\n\n // clear all existing contexts and users\n config.users = []\n config.contexts = []\n\n config.addUser({ name: serviceAccount, token: newToken })\n\n config.addContext({\n name: config.clusters[0].name,\n cluster: config.clusters[0].name,\n user: serviceAccount,\n })\n\n config.setCurrentContext(config.clusters[0].name)\n\n return {\n ...cluster,\n kubeconfig: stringify(JSON.parse(config.exportConfig())),\n }\n })\n }\n}\n\nasync function mergeResources(\n rules: Unwrap<types.input.rbac.v1.PolicyRule>[],\n resources: (Resource | k8s.Resource)[],\n): Promise<types.input.rbac.v1.PolicyRule[]> {\n for (const resource of resources) {\n const entity = await toPromise(\n resource instanceof NamespacedResource ? resource.entity : resource,\n )\n\n const apiGroup = entity.apiVersion.includes(\"/\") // e.g., \"apps/v1\"\n ? entity.apiVersion.split(\"/\")[0]\n : \"\"\n\n const resourceCollection = `${entity.kind.toLowerCase()}s`\n\n const matchingRule = rules.find(rule => {\n const apiGroupsMatch = rule.apiGroups?.length === 1 && rule.apiGroups[0] === apiGroup\n const resourcesMatch =\n rule.resources?.length === 1 && rule.resources[0] === resourceCollection\n\n return apiGroupsMatch && resourcesMatch\n })\n\n if (!matchingRule) {\n continue\n }\n\n matchingRule.resourceNames = await toPromise(\n unique([\n //\n ...(matchingRule.resourceNames ?? []),\n entity.metadata.name,\n ]),\n )\n }\n\n return rules\n}\n"]}
package/dist/{chunk-6ACIPGW4.js → chunk-LGHFSXNT.js} RENAMED
@@ -1,12 +1,9 @@
1
- import { images_exports } from './chunk-SEWB4FUB.js';
1
+ import { images_exports } from './chunk-OBDQONMV.js';
2
+ import { parseAddress, isPrivateAddress } from '@highstate/common';
2
3
  import { text } from '@highstate/contract';
3
4
  import { output, fileFromString } from '@highstate/pulumi';
4
5
  import { CoreV1Api } from '@kubernetes/client-node';
5
6
 
6
- function isPrivateIp(ip) {
7
- const privateIpRegex = /^(10|172\.16|192\.168)\./;
8
- return privateIpRegex.test(ip);
9
- }
10
7
  async function detectExternalIps(kubeConfig, internalIpsPolicy) {
11
8
  const nodeApi = kubeConfig.makeApiClient(CoreV1Api);
12
9
  const nodes = await nodeApi.listNode();
@@ -14,15 +11,17 @@ async function detectExternalIps(kubeConfig, internalIpsPolicy) {
14
11
  const addresses = node.status?.addresses ?? [];
15
12
  const externalIp = addresses.find((address) => address.type === "ExternalIP");
16
13
  const internalIp = addresses.find((address) => address.type === "InternalIP");
14
+ const externalAddress = externalIp ? parseAddress(externalIp.address) : void 0;
15
+ const internalAddress = internalIp ? parseAddress(internalIp.address) : void 0;
17
16
  const result = [];
18
- if (externalIp?.address) {
19
- result.push(externalIp.address);
17
+ if (externalAddress) {
18
+ result.push(externalAddress);
20
19
  }
21
- if (internalIp?.address && internalIpsPolicy === "always") {
22
- result.push(internalIp.address);
20
+ if (internalAddress && internalIpsPolicy === "always") {
21
+ result.push(internalAddress);
23
22
  }
24
- if (internalIp?.address && internalIpsPolicy === "public" && !isPrivateIp(internalIp.address)) {
25
- result.push(internalIp.address);
23
+ if (internalAddress && internalIpsPolicy === "public" && !isPrivateAddress(internalAddress)) {
24
+ result.push(internalAddress);
26
25
  }
27
26
  return result;
28
27
  });
@@ -61,5 +60,5 @@ function createK8sTerminal(kubeconfig) {
61
60
  }
62
61
 
63
62
  export { createK8sTerminal, detectExternalIps };
64
- //# sourceMappingURL=chunk-6ACIPGW4.js.map
65
- //# sourceMappingURL=chunk-6ACIPGW4.js.map
63
+ //# sourceMappingURL=chunk-LGHFSXNT.js.map
64
+ //# sourceMappingURL=chunk-LGHFSXNT.js.map
package/dist/chunk-LGHFSXNT.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/cluster.ts"],"names":[],"mappings":";;;;;;AAOA,eAAsB,iBAAA,CACpB,YACA,iBAAA,EAC4B;AAC5B,EAAA,MAAM,OAAA,GAAU,UAAA,CAAW,aAAA,CAAc,SAAS,CAAA;AAClD,EAAA,MAAM,KAAA,GAAQ,MAAM,OAAA,CAAQ,QAAA,EAAS;AAErC,EAAA,OAAO,KAAA,CAAM,KAAA,CAAM,OAAA,CAAQ,CAAA,IAAA,KAAQ;AACjC,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAE7C,IAAA,MAAM,aAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW,OAAA,CAAQ,SAAS,YAAY,CAAA;AAC1E,IAAA,MAAM,aAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW,OAAA,CAAQ,SAAS,YAAY,CAAA;AAE1E,IAAA,MAAM,eAAA,GAAkB,UAAA,GAAa,YAAA,CAAa,UAAA,CAAW,OAAO,CAAA,GAAI,MAAA;AACxE,IAAA,MAAM,eAAA,GAAkB,UAAA,GAAa,YAAA,CAAa,UAAA,CAAW,OAAO,CAAA,GAAI,MAAA;AAExE,IAAA,MAAM,SAA4B,EAAC;AAEnC,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,MAAA,CAAO,KAAK,eAAe,CAAA;AAAA,IAC7B;AAEA,IAAA,IAAI,eAAA,IAAmB,sBAAsB,QAAA,EAAU;AACrD,MAAA,MAAA,CAAO,KAAK,eAAe,CAAA;AAAA,IAC7B;AAEA,IAAA,IAAI,mBAAmB,iBAAA,KAAsB,QAAA,IAAY,CAAC,gBAAA,CAAiB,eAAe,CAAA,EAAG;AAC3F,MAAA,MAAA,CAAO,KAAK,eAAe,CAAA;AAAA,IAC7B;AAEA,IAAA,OAAO,MAAA;AAAA,EACT,CAAC,CAAA;AACH;AAEO,SAAS,kBAAkB,UAAA,EAAiD;AACjF,EAAA,OAAO,MAAA,CAAO;AAAA,IACZ,IAAA,EAAM,YAAA;AAAA,IAEN,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO,oBAAA;AAAA,MACP,WAAA,EAAa,2CAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACR;AAAA,IAEA,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO,cAAA,CAAO,kBAAkB,CAAA,CAAE,KAAA;AAAA,MAClC,OAAA,EAAS,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA,MAE/B,KAAA,EAAO;AAAA,QACL,eAAe,cAAA,CAAe,YAAA,EAAc,YAAY,EAAE,QAAA,EAAU,MAAM,CAAA;AAAA,QAE1E,aAAA,EAAe,cAAA;AAAA,UACb,YAAA;AAAA,UACA,IAAA;AAAA;AAAA;;AAAA;AAAA;;AAAA;AAAA,UAAA;AAAA;AASF,OACF;AAAA,MAEA,GAAA,EAAK;AAAA,QACH,UAAA,EAAY;AAAA;AACd;AACF,GACD,CAAA;AACH","file":"chunk-LGHFSXNT.js","sourcesContent":["import type { k8s, network } from \"@highstate/library\"\nimport { isPrivateAddress, parseAddress } from \"@highstate/common\"\nimport { text, type UnitTerminal } from \"@highstate/contract\"\nimport { fileFromString, type Input, type Output, output } from \"@highstate/pulumi\"\nimport { CoreV1Api, type KubeConfig } from \"@kubernetes/client-node\"\nimport { images } from \"./shared\"\n\nexport async function detectExternalIps(\n kubeConfig: KubeConfig,\n internalIpsPolicy: k8s.InternalIpsPolicy,\n): Promise<network.Address[]> {\n const nodeApi = kubeConfig.makeApiClient(CoreV1Api)\n const nodes = await nodeApi.listNode()\n\n return nodes.items.flatMap(node => {\n const addresses = node.status?.addresses ?? []\n\n const externalIp = addresses.find(address => address.type === \"ExternalIP\")\n const internalIp = addresses.find(address => address.type === \"InternalIP\")\n\n const externalAddress = externalIp ? parseAddress(externalIp.address) : undefined\n const internalAddress = internalIp ? parseAddress(internalIp.address) : undefined\n\n const result: network.Address[] = []\n\n if (externalAddress) {\n result.push(externalAddress)\n }\n\n if (internalAddress && internalIpsPolicy === \"always\") {\n result.push(internalAddress)\n }\n\n if (internalAddress && internalIpsPolicy === \"public\" && !isPrivateAddress(internalAddress)) {\n result.push(internalAddress)\n }\n\n return result\n })\n}\n\nexport function createK8sTerminal(kubeconfig: Input<string>): Output<UnitTerminal> {\n return output({\n name: \"management\",\n\n meta: {\n title: \"Cluster Management\",\n description: \"Manage the cluster using kubectl and helm\",\n icon: \"devicon:kubernetes\",\n },\n\n spec: {\n image: images[\"terminal-kubectl\"].image,\n command: [\"bash\", \"/welcome.sh\"],\n\n files: {\n \"/kubeconfig\": fileFromString(\"kubeconfig\", kubeconfig, { isSecret: true }),\n\n \"/welcome.sh\": fileFromString(\n \"welcome.sh\",\n text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo\n\n exec bash\n `,\n ),\n },\n\n env: {\n KUBECONFIG: \"/kubeconfig\",\n },\n },\n })\n}\n"]}