@highstate/k8s 0.16.0 → 0.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/dist/{chunk-22GOWZQP.js → chunk-FE4SHRAJ.js} +3 -3
  2. package/dist/{chunk-22GOWZQP.js.map → chunk-FE4SHRAJ.js.map} +1 -1
  3. package/dist/{chunk-SL5CBM3A.js → chunk-MIC2BHGS.js} +3 -3
  4. package/dist/{chunk-SL5CBM3A.js.map → chunk-MIC2BHGS.js.map} +1 -1
  5. package/dist/{chunk-XRIC6EJ3.js → chunk-P2VOUU7E.js} +37 -18
  6. package/dist/chunk-P2VOUU7E.js.map +1 -0
  7. package/dist/{chunk-ZHVKK2U6.js → chunk-RVB4WWZZ.js} +5 -5
  8. package/dist/{chunk-ZHVKK2U6.js.map → chunk-RVB4WWZZ.js.map} +1 -1
  9. package/dist/{chunk-ZBFWQHE4.js → chunk-VCXWCZ43.js} +3 -3
  10. package/dist/{chunk-ZBFWQHE4.js.map → chunk-VCXWCZ43.js.map} +1 -1
  11. package/dist/{chunk-HJKJHTJM.js → chunk-YIJUVPU2.js} +3 -3
  12. package/dist/{chunk-HJKJHTJM.js.map → chunk-YIJUVPU2.js.map} +1 -1
  13. package/dist/cron-job-NX4HD4FI.js +8 -0
  14. package/dist/{cron-job-LX35I6HG.js.map → cron-job-NX4HD4FI.js.map} +1 -1
  15. package/dist/deployment-O2LJ5WR5.js +8 -0
  16. package/dist/{deployment-HRJGAEJR.js.map → deployment-O2LJ5WR5.js.map} +1 -1
  17. package/dist/highstate.manifest.json +2 -2
  18. package/dist/index.js +7 -7
  19. package/dist/job-SYME6Y43.js +8 -0
  20. package/dist/job-SYME6Y43.js.map +1 -0
  21. package/dist/stateful-set-VJYKTQ72.js +8 -0
  22. package/dist/{stateful-set-LAJR5RL4.js.map → stateful-set-VJYKTQ72.js.map} +1 -1
  23. package/dist/units/cert-manager/index.js +4 -4
  24. package/package.json +6 -6
  25. package/src/network-policy.ts +88 -3
  26. package/dist/chunk-XRIC6EJ3.js.map +0 -1
  27. package/dist/cron-job-LX35I6HG.js +0 -8
  28. package/dist/deployment-HRJGAEJR.js +0 -8
  29. package/dist/job-J4BKBVQD.js +0 -8
  30. package/dist/job-J4BKBVQD.js.map +0 -1
  31. package/dist/stateful-set-LAJR5RL4.js +0 -8
package/dist/{chunk-HJKJHTJM.js.map → chunk-YIJUVPU2.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/stateful-set.ts"],"names":["service","args","podTemplate","labels"],"mappings":";;;;;;;;AA4CO,IAAe,WAAA,GAAf,MAAe,YAAA,SAAoB,iBAAA,CAAkB;AAAA,EAIhD,WAAA,CACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,IAAA,EAEA,QAAA,EACA,SAAA,EACA,YAAA,EACA,UAAA,EACA,aAAA,EAEA,OAAA,EACA,MAAA,EAKS,MAKA,MAAA,EACT;AACA,IAAA,KAAA;AAAA,MACE,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,QAAA;AAAA,MACA,SAAA;AAAA,MACA,YAAA;AAAA,MACA,UAAA;AAAA,MACA,IAAA,CAAK,QAAA;AAAA,MACL,aAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AApBS,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAgBX;AAAA,EA1CA,OAAO,UAAA,GAAa,SAAA;AAAA,EACpB,OAAO,IAAA,GAAO,aAAA;AAAA,EA2Cd,IAAuB,gBAAA,GAA4D;AACjF,IAAA,OAAO,IAAA,CAAK,KAAK,QAAA,CAAS,QAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAkC;AACpC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,GAAG,IAAA,CAAK,UAAA;AAAA,MACR,OAAA,EAAS,KAAK,OAAA,CAAQ,MAAA;AAAA,MACtB,SAAA,EAAW,KAAK,OAAA,CAAQ;AAAA,KACzB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC/F,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,iBAAiB,IAAA,EAAM;AAAA,QAChC,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACsB;AACtB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,aAAY,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IACjF;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC9F,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,mBAAA,CAAoB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,OAAwB,gBAAA,mBAAmB,IAAI,GAAA,EAAyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaxE,OAAO,GAAA,CAAI,MAAA,EAAyB,OAAA,EAA0C;AAC5E,IAAA,OAAO,WAAA;AAAA,MACL,YAAA,CAAY,gBAAA;AAAA,MACZ,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,YAAA,CAAY,IAAI,IAAA,EAAM;AAAA,UAC3B,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,WAAA,CAAY,MAAA,EAAQ,OAAO;AAAA,SACjD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACsB;AACtB,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAC7C,IAAA,OAAO,YAAA,CAAY,GAAA,CAAI,cAAA,EAAgB,OAAO,CAAA;AAAA,EAChD;AAAA,EAEU,eAAA,GAAgD;AACxD,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,KAAA,EAAO,aAAA;AAAA,MACP,WAAA,EAAa,WAAA,CAAA,cAAA,EAA4B,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA,CAAA;AAAA,MAC3D,WAAA,EAAa,oCAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAAA,EAEA,IAAc,YAAA,GAAuB;AACnC,IAAA,OAAO,aAAA;AAAA,EACT;AACF;AAEA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,MAAA,EAAQ,WAAA,EAAa,eAAe,UAAA,EAAY,OAAA,EAAS,QAAO,GACtE,8BAAA;AAAA,MACE,IAAA;AAAA,MACA;AAAA,QACE,GAAG,IAAA;AAAA;AAAA,QAGH,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,KAAA,CAAM,CAAAA,QAAAA,MAAY,EAAE,GAAGA,QAAAA,EAAQ,CAAE;AAAA,OACjE;AAAA,MACA,MAAM,IAAA;AAAA,MACN;AAAA,KACF;AAEF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,OAAO,EAAE,IAAA,EAAM,aAAa,MAAA,EAAQ,OAAA,EAAS,CAAA,CAAE,KAAA;AAAA,YACnD,CAAC,EAAE,IAAA,EAAAC,KAAAA,EAAM,WAAA,EAAAC,cAAa,MAAA,EAAAC,OAAAA,EAAQ,OAAA,EAAAH,QAAAA,EAAQ,KAAM;AAC1C,cAAA,OAAO,SAAA;AAAA,gBACL;AAAA,kBACE,WAAA,EAAaA,UAAS,QAAA,CAAS,IAAA;AAAA,kBAC/B,QAAA,EAAUE,YAAAA;AAAA,kBACV,QAAA,EAAU,EAAE,WAAA,EAAaC,OAAAA;AAAO,iBAClC;AAAA,gBACA,IAAA,CAAKF,OAAM,0BAA0B;AAAA,eACvC;AAAA,YACF;AAAA;AACF,SACF;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,2BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAEA,IAAM,gBAAA,GAAN,cAA+B,WAAA,CAAY;AAAA,EACzC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,WAAA,EAAa,aAAA,EAAe,UAAA,EAAY,OAAA,EAAS,MAAA,EAAO,GAC9D,8BAAA,CAA+B,IAAA,EAAM,IAAA,EAAM,MAAM,IAAA,EAAM,MAAM,IAAI,CAAA;AAEnE,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,gBAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,MAAA,CAAO,EAAE,IAAA,EAAM,aAAa,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,IAAA,EAAAA,KAAAA,EAAM,WAAA,EAAAC,cAAY,KAAM;AACnE,YAAA,OAAO,SAAA;AAAA,cACL,EAAE,UAAUA,YAAAA,EAAY;AAAA,cACxB,IAAA,CAAKD,OAAM,0BAA0B;AAAA,aACvC;AAAA,UACF,CAAC;AAAA,SACH;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,gCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAsBA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA;AAAA,MACE,kCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,QAAA;AAAA,MACzB,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE;AAAA,KAC3B;AAAA,EACF;AACF,CAAA;AAcA,IAAM,mBAAA,GAAN,cAAkC,WAAA,CAAY;AAAA,EAC5C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA+B,IAAA,EAAiC;AACxF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAA,CAAK,GAAG,WAAA,CAAY,GAAA;AAAA,QACzB,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,mCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,EAAE,CAAA;AAAA,MACT,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,OAAO,MAAS,CAAA;AAAA,MAChB,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA","file":"chunk-HJKJHTJM.js","sourcesContent":["import type { AccessPointRoute } from \"@highstate/common\"\nimport type { k8s } from \"@highstate/library\"\nimport type { Container } from \"./container\"\nimport type { NetworkPolicy } from \"./network-policy\"\nimport type { Service } from \"./service\"\nimport { getOrCreate, type UnitTerminal } from \"@highstate/contract\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n type Output,\n output,\n toPromise,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { apps, type types } from \"@pulumi/kubernetes\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { omit } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport { getProvider, mapMetadata } from \"./shared\"\nimport {\n ExposableWorkload,\n type ExposableWorkloadArgs,\n exposableWorkloadExtraArgs,\n getExposableWorkloadComponents,\n type WorkloadTerminalArgs,\n} from \"./workload\"\n\nexport type StatefulSetArgs = Omit<ExposableWorkloadArgs, \"existing\"> &\n Omit<Partial<types.input.apps.v1.StatefulSetSpec>, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n\nexport type CreateOrGetStatefulSetArgs = StatefulSetArgs & {\n /**\n * The entity to use to determine the stateful set to patch.\n */\n existing: Input<k8s.StatefulSet> | undefined\n}\n\nexport abstract class StatefulSet extends ExposableWorkload {\n static apiVersion = \"apps/v1\"\n static kind = \"StatefulSet\"\n\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n namespace: Output<Namespace>,\n terminalArgs: Output<Unwrap<WorkloadTerminalArgs>>,\n containers: Output<Container[]>,\n networkPolicy: Output<NetworkPolicy | undefined>,\n\n service: Output<Service | undefined>,\n routes: Output<AccessPointRoute[]>,\n\n /**\n * The spec of the underlying Kubernetes stateful set.\n */\n readonly spec: Output<types.output.apps.v1.StatefulSetSpec>,\n\n /**\n * The status of the underlying Kubernetes stateful set.\n */\n readonly status: Output<types.output.apps.v1.StatefulSetStatus>,\n ) {\n super(\n type,\n name,\n args,\n opts,\n metadata,\n namespace,\n terminalArgs,\n containers,\n spec.template,\n networkPolicy,\n service,\n routes,\n )\n }\n\n protected override get templateMetadata(): Output<types.output.meta.v1.ObjectMeta> {\n return this.spec.template.metadata\n }\n\n /**\n * The Highstate stateful set entity.\n */\n get entity(): Output<k8s.StatefulSet> {\n return output({\n ...this.entityBase,\n service: this.service.entity,\n endpoints: this.service.endpoints,\n })\n }\n\n /**\n * Creates a new stateful set.\n */\n static create(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to create or patch the stateful set with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n if (args.existing) {\n return new StatefulSetPatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name. Will not be used when existing stateful set is retrieved.\n * @param args The arguments to create or get the stateful set with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): Promise<StatefulSet> {\n if (args.existing) {\n return await StatefulSet.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Patches an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to patch the stateful set with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new StatefulSetPatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes stateful set.\n */\n static wrap(\n name: string,\n args: WrappedStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new WrappedStatefulSet(name, args, opts)\n }\n\n /**\n * Gets an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n */\n static get(\n name: string,\n args: ExternalStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new ExternalStatefulSet(name, args, opts)\n }\n\n private static readonly statefulSetCache = new Map<string, StatefulSet>()\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static for(entity: k8s.StatefulSet, cluster: Input<k8s.Cluster>): StatefulSet {\n return getOrCreate(\n StatefulSet.statefulSetCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return StatefulSet.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResource(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static async forAsync(\n entity: Input<k8s.StatefulSet>,\n cluster: Input<k8s.Cluster>,\n ): Promise<StatefulSet> {\n const resolvedEntity = await toPromise(entity)\n return StatefulSet.for(resolvedEntity, cluster)\n }\n\n protected getTerminalMeta(): Output<UnitTerminal[\"meta\"]> {\n return output({\n title: \"StatefulSet\",\n globalTitle: interpolate`StatefulSet | ${this.metadata.name}`,\n description: \"The shell inside the stateful set.\",\n icon: \"devicon:kubernetes\",\n })\n }\n\n protected get resourceType(): string {\n return \"statefulset\"\n }\n}\n\nclass CreatedStatefulSet extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { labels, podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(\n name,\n {\n ...args,\n\n // force create a service since it is required for stateful sets\n service: output(args.service).apply(service => ({ ...service })),\n },\n () => this,\n opts,\n )\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSet(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate, labels, service }).apply(\n ({ args, podTemplate, labels, service }) => {\n return deepmerge(\n {\n serviceName: service?.metadata.name,\n template: podTemplate,\n selector: { matchLabels: labels },\n },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n },\n ),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n containers,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nclass StatefulSetPatch extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(name, args, () => this, opts, true)\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSetPatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate }).apply(({ args, podTemplate }) => {\n return deepmerge(\n { template: podTemplate },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n }),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSetPatch\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n containers,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nexport type WrappedStatefulSetArgs = {\n /**\n * The underlying Kubernetes stateful set to wrap.\n */\n statefulSet: Input<apps.v1.StatefulSet>\n\n // TODO: remove\n service?: Input<Service>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n\n /**\n * The args for the terminal to use.\n */\n terminal?: Input<WorkloadTerminalArgs>\n}\n\nclass WrappedStatefulSet extends StatefulSet {\n constructor(name: string, args: WrappedStatefulSetArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedStatefulSet\",\n name,\n args,\n opts,\n\n output(args.statefulSet).metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n output([]),\n\n output(undefined),\n output(args.service),\n output([]),\n\n output(args.statefulSet).spec,\n output(args.statefulSet).status,\n )\n }\n}\n\nexport type ExternalStatefulSetArgs = {\n /**\n * The name of the stateful set to get.\n */\n name: Input<string>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalStatefulSet extends StatefulSet {\n constructor(name: string, args: ExternalStatefulSetArgs, opts?: ComponentResourceOptions) {\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return apps.v1.StatefulSet.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalStatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output({}),\n output([]),\n\n output(undefined),\n output(undefined),\n output([]),\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/stateful-set.ts"],"names":["service","args","podTemplate","labels"],"mappings":";;;;;;;;AA4CO,IAAe,WAAA,GAAf,MAAe,YAAA,SAAoB,iBAAA,CAAkB;AAAA,EAIhD,WAAA,CACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,IAAA,EAEA,QAAA,EACA,SAAA,EACA,YAAA,EACA,UAAA,EACA,aAAA,EAEA,OAAA,EACA,MAAA,EAKS,MAKA,MAAA,EACT;AACA,IAAA,KAAA;AAAA,MACE,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,QAAA;AAAA,MACA,SAAA;AAAA,MACA,YAAA;AAAA,MACA,UAAA;AAAA,MACA,IAAA,CAAK,QAAA;AAAA,MACL,aAAA;AAAA,MACA,OAAA;AAAA,MACA;AAAA,KACF;AApBS,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAgBX;AAAA,EA1CA,OAAO,UAAA,GAAa,SAAA;AAAA,EACpB,OAAO,IAAA,GAAO,aAAA;AAAA,EA2Cd,IAAuB,gBAAA,GAA4D;AACjF,IAAA,OAAO,IAAA,CAAK,KAAK,QAAA,CAAS,QAAA;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,MAAA,GAAkC;AACpC,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,GAAG,IAAA,CAAK,UAAA;AAAA,MACR,OAAA,EAAS,KAAK,OAAA,CAAQ,MAAA;AAAA,MACtB,SAAA,EAAW,KAAK,OAAA,CAAQ;AAAA,KACzB,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC/F,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,iBAAiB,IAAA,EAAM;AAAA,QAChC,GAAG,IAAA;AAAA,QACH,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,SAAA,EAAW,UAAU,gBAAA,CAAiB,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO;AAAA,OACpF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACsB;AACtB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,aAAY,QAAA,CAAS,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IACjF;AAEA,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAuB,IAAA,EAA8C;AAC9F,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,mBAAA,CAAoB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,OAAwB,gBAAA,mBAAmB,IAAI,GAAA,EAAyB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaxE,OAAO,GAAA,CAAI,MAAA,EAAyB,OAAA,EAA0C;AAC5E,IAAA,OAAO,WAAA;AAAA,MACL,YAAA,CAAY,gBAAA;AAAA,MACZ,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,YAAA,CAAY,IAAI,IAAA,EAAM;AAAA,UAC3B,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,WAAA,CAAY,MAAA,EAAQ,OAAO;AAAA,SACjD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACsB;AACtB,IAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAC7C,IAAA,OAAO,YAAA,CAAY,GAAA,CAAI,cAAA,EAAgB,OAAO,CAAA;AAAA,EAChD;AAAA,EAEU,eAAA,GAAgD;AACxD,IAAA,OAAO,MAAA,CAAO;AAAA,MACZ,KAAA,EAAO,aAAA;AAAA,MACP,WAAA,EAAa,WAAA,CAAA,cAAA,EAA4B,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA,CAAA;AAAA,MAC3D,WAAA,EAAa,oCAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAAA,EAEA,IAAc,YAAA,GAAuB;AACnC,IAAA,OAAO,aAAA;AAAA,EACT;AACF;AAEA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,MAAA,EAAQ,WAAA,EAAa,eAAe,UAAA,EAAY,OAAA,EAAS,QAAO,GACtE,8BAAA;AAAA,MACE,IAAA;AAAA,MACA;AAAA,QACE,GAAG,IAAA;AAAA;AAAA,QAGH,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,KAAA,CAAM,CAAAA,QAAAA,MAAY,EAAE,GAAGA,QAAAA,EAAQ,CAAE;AAAA,OACjE;AAAA,MACA,MAAM,IAAA;AAAA,MACN;AAAA,KACF;AAEF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,OAAO,EAAE,IAAA,EAAM,aAAa,MAAA,EAAQ,OAAA,EAAS,CAAA,CAAE,KAAA;AAAA,YACnD,CAAC,EAAE,IAAA,EAAAC,KAAAA,EAAM,WAAA,EAAAC,cAAa,MAAA,EAAAC,OAAAA,EAAQ,OAAA,EAAAH,QAAAA,EAAQ,KAAM;AAC1C,cAAA,OAAO,SAAA;AAAA,gBACL;AAAA,kBACE,WAAA,EAAaA,UAAS,QAAA,CAAS,IAAA;AAAA,kBAC/B,QAAA,EAAUE,YAAAA;AAAA,kBACV,QAAA,EAAU,EAAE,WAAA,EAAaC,OAAAA;AAAO,iBAClC;AAAA,gBACA,IAAA,CAAKF,OAAM,0BAA0B;AAAA,eACvC;AAAA,YACF;AAAA;AACF,SACF;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,2BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAEA,IAAM,gBAAA,GAAN,cAA+B,WAAA,CAAY;AAAA,EACzC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,MAAM,EAAE,WAAA,EAAa,aAAA,EAAe,UAAA,EAAY,OAAA,EAAS,MAAA,EAAO,GAC9D,8BAAA,CAA+B,IAAA,EAAM,IAAA,EAAM,MAAM,IAAA,EAAM,MAAM,IAAI,CAAA;AAEnE,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,gBAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,IAAA,EAAM,MAAA,CAAO,EAAE,IAAA,EAAM,aAAa,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,IAAA,EAAAA,KAAAA,EAAM,WAAA,EAAAC,cAAY,KAAM;AACnE,YAAA,OAAO,SAAA;AAAA,cACL,EAAE,UAAUA,YAAAA,EAAY;AAAA,cACxB,IAAA,CAAKD,OAAM,0BAA0B;AAAA,aACvC;AAAA,UACF,CAAC;AAAA,SACH;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,gCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,UAAA;AAAA,MACA,aAAA;AAAA,MAEA,OAAA;AAAA,MACA,MAAA;AAAA,MAEA,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA;AAsBA,IAAM,kBAAA,GAAN,cAAiC,WAAA,CAAY;AAAA,EAC3C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA;AAAA,MACE,kCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,QAAA;AAAA,MACzB,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,MAC1B,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE,IAAA;AAAA,MACzB,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,CAAE;AAAA,KAC3B;AAAA,EACF;AACF,CAAA;AAcA,IAAM,mBAAA,GAAN,cAAkC,WAAA,CAAY;AAAA,EAC5C,WAAA,CAAY,IAAA,EAAc,IAAA,EAA+B,IAAA,EAAiC;AACxF,IAAA,MAAM,cAAc,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAClE,MAAA,OAAO,IAAA,CAAK,GAAG,WAAA,CAAY,GAAA;AAAA,QACzB,IAAA;AAAA,QACA,WAAA,CAAA,EAAc,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,mCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEA,WAAA,CAAY,QAAA;AAAA,MACZ,MAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrB,MAAA,CAAO,EAAE,CAAA;AAAA,MACT,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,OAAO,MAAS,CAAA;AAAA,MAChB,OAAO,MAAS,CAAA;AAAA,MAChB,MAAA,CAAO,EAAE,CAAA;AAAA,MAET,WAAA,CAAY,IAAA;AAAA,MACZ,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACF,CAAA","file":"chunk-YIJUVPU2.js","sourcesContent":["import type { AccessPointRoute } from \"@highstate/common\"\nimport type { k8s } from \"@highstate/library\"\nimport type { Container } from \"./container\"\nimport type { NetworkPolicy } from \"./network-policy\"\nimport type { Service } from \"./service\"\nimport { getOrCreate, type UnitTerminal } from \"@highstate/contract\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n type Output,\n output,\n toPromise,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { apps, type types } from \"@pulumi/kubernetes\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { omit } from \"remeda\"\nimport { Namespace } from \"./namespace\"\nimport { getProvider, mapMetadata } from \"./shared\"\nimport {\n ExposableWorkload,\n type ExposableWorkloadArgs,\n exposableWorkloadExtraArgs,\n getExposableWorkloadComponents,\n type WorkloadTerminalArgs,\n} from \"./workload\"\n\nexport type StatefulSetArgs = Omit<ExposableWorkloadArgs, \"existing\"> &\n Omit<Partial<types.input.apps.v1.StatefulSetSpec>, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n\nexport type CreateOrGetStatefulSetArgs = StatefulSetArgs & {\n /**\n * The entity to use to determine the stateful set to patch.\n */\n existing: Input<k8s.StatefulSet> | undefined\n}\n\nexport abstract class StatefulSet extends ExposableWorkload {\n static apiVersion = \"apps/v1\"\n static kind = \"StatefulSet\"\n\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n namespace: Output<Namespace>,\n terminalArgs: Output<Unwrap<WorkloadTerminalArgs>>,\n containers: Output<Container[]>,\n networkPolicy: Output<NetworkPolicy | undefined>,\n\n service: Output<Service | undefined>,\n routes: Output<AccessPointRoute[]>,\n\n /**\n * The spec of the underlying Kubernetes stateful set.\n */\n readonly spec: Output<types.output.apps.v1.StatefulSetSpec>,\n\n /**\n * The status of the underlying Kubernetes stateful set.\n */\n readonly status: Output<types.output.apps.v1.StatefulSetStatus>,\n ) {\n super(\n type,\n name,\n args,\n opts,\n metadata,\n namespace,\n terminalArgs,\n containers,\n spec.template,\n networkPolicy,\n service,\n routes,\n )\n }\n\n protected override get templateMetadata(): Output<types.output.meta.v1.ObjectMeta> {\n return this.spec.template.metadata\n }\n\n /**\n * The Highstate stateful set entity.\n */\n get entity(): Output<k8s.StatefulSet> {\n return output({\n ...this.entityBase,\n service: this.service.entity,\n endpoints: this.service.endpoints,\n })\n }\n\n /**\n * Creates a new stateful set.\n */\n static create(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to create or patch the stateful set with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n if (args.existing) {\n return new StatefulSetPatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n namespace: Namespace.forResourceAsync(args.existing, output(args.namespace).cluster),\n })\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Creates a new stateful set or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the stateful set name. Will not be used when existing stateful set is retrieved.\n * @param args The arguments to create or get the stateful set with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): Promise<StatefulSet> {\n if (args.existing) {\n return await StatefulSet.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedStatefulSet(name, args, opts)\n }\n\n /**\n * Patches an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n *\n * @param name The name of the resource. May not be the same as the stateful set name.\n * @param args The arguments to patch the stateful set with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions): StatefulSet {\n return new StatefulSetPatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes stateful set.\n */\n static wrap(\n name: string,\n args: WrappedStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new WrappedStatefulSet(name, args, opts)\n }\n\n /**\n * Gets an existing stateful set.\n *\n * Will throw an error if the stateful set does not exist.\n */\n static get(\n name: string,\n args: ExternalStatefulSetArgs,\n opts?: ComponentResourceOptions,\n ): StatefulSet {\n return new ExternalStatefulSet(name, args, opts)\n }\n\n private static readonly statefulSetCache = new Map<string, StatefulSet>()\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static for(entity: k8s.StatefulSet, cluster: Input<k8s.Cluster>): StatefulSet {\n return getOrCreate(\n StatefulSet.statefulSetCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return StatefulSet.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResource(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing stateful set for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the stateful set for.\n * @param cluster The cluster where the stateful set is located.\n */\n static async forAsync(\n entity: Input<k8s.StatefulSet>,\n cluster: Input<k8s.Cluster>,\n ): Promise<StatefulSet> {\n const resolvedEntity = await toPromise(entity)\n return StatefulSet.for(resolvedEntity, cluster)\n }\n\n protected getTerminalMeta(): Output<UnitTerminal[\"meta\"]> {\n return output({\n title: \"StatefulSet\",\n globalTitle: interpolate`StatefulSet | ${this.metadata.name}`,\n description: \"The shell inside the stateful set.\",\n icon: \"devicon:kubernetes\",\n })\n }\n\n protected get resourceType(): string {\n return \"statefulset\"\n }\n}\n\nclass CreatedStatefulSet extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { labels, podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(\n name,\n {\n ...args,\n\n // force create a service since it is required for stateful sets\n service: output(args.service).apply(service => ({ ...service })),\n },\n () => this,\n opts,\n )\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSet(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate, labels, service }).apply(\n ({ args, podTemplate, labels, service }) => {\n return deepmerge(\n {\n serviceName: service?.metadata.name,\n template: podTemplate,\n selector: { matchLabels: labels },\n },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n },\n ),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n containers,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nclass StatefulSetPatch extends StatefulSet {\n constructor(name: string, args: StatefulSetArgs, opts?: ComponentResourceOptions) {\n const { podTemplate, networkPolicy, containers, service, routes } =\n getExposableWorkloadComponents(name, args, () => this, opts, true)\n\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return new apps.v1.StatefulSetPatch(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: output({ args, podTemplate }).apply(({ args, podTemplate }) => {\n return deepmerge(\n { template: podTemplate },\n omit(args, exposableWorkloadExtraArgs),\n ) as types.input.apps.v1.StatefulSetSpec\n }),\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:StatefulSetPatch\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n containers,\n networkPolicy,\n\n service,\n routes,\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n\nexport type WrappedStatefulSetArgs = {\n /**\n * The underlying Kubernetes stateful set to wrap.\n */\n statefulSet: Input<apps.v1.StatefulSet>\n\n // TODO: remove\n service?: Input<Service>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n\n /**\n * The args for the terminal to use.\n */\n terminal?: Input<WorkloadTerminalArgs>\n}\n\nclass WrappedStatefulSet extends StatefulSet {\n constructor(name: string, args: WrappedStatefulSetArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedStatefulSet\",\n name,\n args,\n opts,\n\n output(args.statefulSet).metadata,\n output(args.namespace),\n output(args.terminal ?? {}),\n output([]),\n\n output(undefined),\n output(args.service),\n output([]),\n\n output(args.statefulSet).spec,\n output(args.statefulSet).status,\n )\n }\n}\n\nexport type ExternalStatefulSetArgs = {\n /**\n * The name of the stateful set to get.\n */\n name: Input<string>\n\n /**\n * The namespace where the stateful set is located.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalStatefulSet extends StatefulSet {\n constructor(name: string, args: ExternalStatefulSetArgs, opts?: ComponentResourceOptions) {\n const statefulSet = output(args.namespace).cluster.apply(cluster => {\n return apps.v1.StatefulSet.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:ExternalStatefulSet\",\n name,\n args,\n opts,\n\n statefulSet.metadata,\n output(args.namespace),\n output({}),\n output([]),\n\n output(undefined),\n output(undefined),\n output([]),\n\n statefulSet.spec,\n statefulSet.status,\n )\n }\n}\n"]}
package/dist/cron-job-NX4HD4FI.js ADDED
@@ -0,0 +1,8 @@
1
+ export { CronJob } from './chunk-MIC2BHGS.js';
2
+ import './chunk-P2VOUU7E.js';
3
+ import './chunk-TWBMG6TD.js';
4
+ import './chunk-4G6LLC2X.js';
5
+ import './chunk-OBDQONMV.js';
6
+ import './chunk-PZ5AY32C.js';
7
+ //# sourceMappingURL=cron-job-NX4HD4FI.js.map
8
+ //# sourceMappingURL=cron-job-NX4HD4FI.js.map
package/dist/{cron-job-LX35I6HG.js.map → cron-job-NX4HD4FI.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"cron-job-LX35I6HG.js"}
1
+ {"version":3,"sources":[],"names":[],"mappings":"","file":"cron-job-NX4HD4FI.js"}
package/dist/deployment-O2LJ5WR5.js ADDED
@@ -0,0 +1,8 @@
1
+ export { Deployment } from './chunk-VCXWCZ43.js';
2
+ import './chunk-P2VOUU7E.js';
3
+ import './chunk-TWBMG6TD.js';
4
+ import './chunk-4G6LLC2X.js';
5
+ import './chunk-OBDQONMV.js';
6
+ import './chunk-PZ5AY32C.js';
7
+ //# sourceMappingURL=deployment-O2LJ5WR5.js.map
8
+ //# sourceMappingURL=deployment-O2LJ5WR5.js.map
package/dist/{deployment-HRJGAEJR.js.map → deployment-O2LJ5WR5.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"deployment-HRJGAEJR.js"}
1
+ {"version":3,"sources":[],"names":[],"mappings":"","file":"deployment-O2LJ5WR5.js"}
package/dist/highstate.manifest.json CHANGED
@@ -7,7 +7,7 @@
7
7
  "./dist/units/existing-cluster/index.js": 2212294583,
8
8
  "./dist/units/gateway-api/index.js": 2212294583,
9
9
  "./dist/units/reduced-access-cluster/index.js": 2212294583,
10
- "./dist/impl/gateway-route.js": 2250615747,
11
- "./dist/impl/tls-certificate.js": 3253474514
10
+ "./dist/impl/gateway-route.js": 930486534,
11
+ "./dist/impl/tls-certificate.js": 1450378747
12
12
  }
13
13
  }
package/dist/index.js CHANGED
@@ -1,10 +1,10 @@
1
- export { Job } from './chunk-22GOWZQP.js';
2
- export { CronJob } from './chunk-SL5CBM3A.js';
3
- export { Chart, RenderedChart, getChartService, getChartServiceOutput, resolveHelmChart } from './chunk-ZHVKK2U6.js';
4
- export { Deployment } from './chunk-ZBFWQHE4.js';
5
- export { StatefulSet } from './chunk-HJKJHTJM.js';
6
- import { ConfigMap } from './chunk-XRIC6EJ3.js';
7
- export { ConfigMap, ExposableWorkload, NativeNetworkPolicy, NetworkPolicy, PersistentVolumeClaim, Workload, exposableWorkloadExtraArgs, getAutoVolumeName, getBestEndpoint, getExposableWorkloadComponents, getFallbackContainerName, getWorkloadComponents, getWorkloadVolumeResourceUuid, mapContainerEnvironment, mapContainerToRaw, mapEnvironmentSource, mapVolumeMount, mapWorkloadVolume, networkPolicyMediator, podSpecDefaults, requireBestEndpoint, workloadExtraArgs } from './chunk-XRIC6EJ3.js';
1
+ export { Job } from './chunk-FE4SHRAJ.js';
2
+ export { CronJob } from './chunk-MIC2BHGS.js';
3
+ export { Chart, RenderedChart, getChartService, getChartServiceOutput, resolveHelmChart } from './chunk-RVB4WWZZ.js';
4
+ export { Deployment } from './chunk-VCXWCZ43.js';
5
+ export { StatefulSet } from './chunk-YIJUVPU2.js';
6
+ import { ConfigMap } from './chunk-P2VOUU7E.js';
7
+ export { ConfigMap, ExposableWorkload, NativeNetworkPolicy, NetworkPolicy, PersistentVolumeClaim, Workload, exposableWorkloadExtraArgs, getAutoVolumeName, getBestEndpoint, getExposableWorkloadComponents, getFallbackContainerName, getWorkloadComponents, getWorkloadVolumeResourceUuid, mapContainerEnvironment, mapContainerToRaw, mapEnvironmentSource, mapVolumeMount, mapWorkloadVolume, networkPolicyMediator, podSpecDefaults, requireBestEndpoint, workloadExtraArgs } from './chunk-P2VOUU7E.js';
8
8
  export { dns01SolverMediator } from './chunk-HH2JJELM.js';
9
9
  import { ClusterAccessScope } from './chunk-KMLRI5UZ.js';
10
10
  export { ClusterAccessScope } from './chunk-KMLRI5UZ.js';
package/dist/job-SYME6Y43.js ADDED
@@ -0,0 +1,8 @@
1
+ export { Job } from './chunk-FE4SHRAJ.js';
2
+ import './chunk-P2VOUU7E.js';
3
+ import './chunk-TWBMG6TD.js';
4
+ import './chunk-4G6LLC2X.js';
5
+ import './chunk-OBDQONMV.js';
6
+ import './chunk-PZ5AY32C.js';
7
+ //# sourceMappingURL=job-SYME6Y43.js.map
8
+ //# sourceMappingURL=job-SYME6Y43.js.map
package/dist/job-SYME6Y43.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":[],"names":[],"mappings":"","file":"job-SYME6Y43.js"}
package/dist/stateful-set-VJYKTQ72.js ADDED
@@ -0,0 +1,8 @@
1
+ export { StatefulSet } from './chunk-YIJUVPU2.js';
2
+ import './chunk-P2VOUU7E.js';
3
+ import './chunk-TWBMG6TD.js';
4
+ import './chunk-4G6LLC2X.js';
5
+ import './chunk-OBDQONMV.js';
6
+ import './chunk-PZ5AY32C.js';
7
+ //# sourceMappingURL=stateful-set-VJYKTQ72.js.map
8
+ //# sourceMappingURL=stateful-set-VJYKTQ72.js.map
package/dist/{stateful-set-LAJR5RL4.js.map → stateful-set-VJYKTQ72.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"stateful-set-LAJR5RL4.js"}
1
+ {"version":3,"sources":[],"names":[],"mappings":"","file":"stateful-set-VJYKTQ72.js"}
package/dist/units/cert-manager/index.js CHANGED
@@ -1,7 +1,7 @@
1
- import { Chart } from '../../chunk-ZHVKK2U6.js';
2
- import '../../chunk-ZBFWQHE4.js';
3
- import '../../chunk-HJKJHTJM.js';
4
- import '../../chunk-XRIC6EJ3.js';
1
+ import { Chart } from '../../chunk-RVB4WWZZ.js';
2
+ import '../../chunk-VCXWCZ43.js';
3
+ import '../../chunk-YIJUVPU2.js';
4
+ import '../../chunk-P2VOUU7E.js';
5
5
  import '../../chunk-TWBMG6TD.js';
6
6
  import '../../chunk-4G6LLC2X.js';
7
7
  import { Namespace } from '../../chunk-OBDQONMV.js';
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@highstate/k8s",
3
- "version": "0.16.0",
3
+ "version": "0.18.0",
4
4
  "type": "module",
5
5
  "files": [
6
6
  "dist",
@@ -73,17 +73,17 @@
73
73
  "remeda": "^2.21.0",
74
74
  "yaml": "^2.8.1",
75
75
  "@highstate/cert-manager": "0.14.0",
76
- "@highstate/common": "0.16.0",
77
- "@highstate/contract": "0.17.0",
76
+ "@highstate/common": "0.18.0",
77
+ "@highstate/contract": "0.18.0",
78
78
  "@highstate/gateway-api": "0.14.0",
79
- "@highstate/library": "0.16.0",
80
- "@highstate/pulumi": "0.17.0"
79
+ "@highstate/library": "0.18.0",
80
+ "@highstate/pulumi": "0.18.0"
81
81
  },
82
82
  "devDependencies": {
83
83
  "@biomejs/biome": "2.2.0",
84
84
  "@typescript/native-preview": "^7.0.0-dev.20250920.1",
85
85
  "type-fest": "^4.41.0",
86
- "@highstate/cli": "0.17.0"
86
+ "@highstate/cli": "0.18.0"
87
87
  },
88
88
  "repository": {
89
89
  "url": "https://github.com/highstate-io/highstate"
package/src/network-policy.ts CHANGED
@@ -67,6 +67,11 @@ export type IngressRuleArgs = {
67
67
  */
68
68
  fromAll?: Input<boolean>
69
69
 
70
+ /**
71
+ * Whether to allow all incoming traffic from the cluster internal pods.
72
+ */
73
+ fromClusterPods?: Input<boolean>
74
+
70
75
  /**
71
76
  * The allowed cidr for incoming traffic.
72
77
  *
@@ -139,6 +144,26 @@ export type IngressRuleArgs = {
139
144
  */
140
145
  fromNamespaces?: InputArray<NamespaceLike>
141
146
 
147
+ /**
148
+ * The namespace selector to allow traffic from.
149
+ *
150
+ * If provided, it will match all pods in the matched namespaces.
151
+ * Will be merged with `fromNamespace(s)`.
152
+ *
153
+ * Will be ORed with other conditions inside the same rule (except ports and selectors).
154
+ */
155
+ fromNamespaceSelector?: Input<SelectorLike>
156
+
157
+ /**
158
+ * The list of namespace selectors to allow traffic from.
159
+ *
160
+ * If provided, it will match all pods in the matched namespaces.
161
+ * Will be merged with `fromNamespace(s)`.
162
+ *
163
+ * Will be ORed with other conditions inside the same rule (except ports and selectors).
164
+ */
165
+ fromNamespaceSelectors?: InputArray<SelectorLike>
166
+
142
167
  /**
143
168
  * The selector for incoming traffic.
144
169
  *
@@ -182,6 +207,11 @@ export type EgressRuleArgs = {
182
207
  */
183
208
  toAll?: Input<boolean>
184
209
 
210
+ /**
211
+ * Whether to allow all outgoing traffic to the cluster internal pods.
212
+ */
213
+ toClusterPods?: Input<boolean>
214
+
185
215
  /**
186
216
  * The allowed cidr for outgoing traffic.
187
217
  *
@@ -268,6 +298,26 @@ export type EgressRuleArgs = {
268
298
  */
269
299
  toNamespaces?: InputArray<NamespaceLike>
270
300
 
301
+ /**
302
+ * The namespace selector to allow traffic to.
303
+ *
304
+ * If provided, it will match all pods in the matched namespaces.
305
+ * Will be merged with `toNamespace(s)`.
306
+ *
307
+ * Will be ORed with other conditions inside the same rule (except ports and selectors).
308
+ */
309
+ toNamespaceSelector?: Input<SelectorLike>
310
+
311
+ /**
312
+ * The list of namespace selectors to allow traffic to.
313
+ *
314
+ * If provided, it will match all pods in the matched namespaces.
315
+ * Will be merged with `toNamespace(s)`.
316
+ *
317
+ * Will be ORed with other conditions inside the same rule (except ports and selectors).
318
+ */
319
+ toNamespaceSelectors?: InputArray<SelectorLike>
320
+
271
321
  /**
272
322
  * The selector for outgoing traffic.
273
323
  *
@@ -359,10 +409,12 @@ export type NetworkPolicyArgs = ScopedResourceArgs & {
359
409
 
360
410
  export type NormalizedRuleArgs = {
361
411
  all: boolean
412
+ clusterPods: boolean
362
413
  cidrs: string[]
363
414
  fqdns: string[]
364
415
  services: core.v1.Service[]
365
416
  namespaces: NamespaceLike[]
417
+ namespaceSelectors: SelectorLike[]
366
418
  selectors: SelectorLike[]
367
419
  ports: NetworkPolicyPort[]
368
420
  }
@@ -422,9 +474,11 @@ export class NetworkPolicy extends ComponentResource {
422
474
  if (args.allowKubeDns) {
423
475
  extraEgressRules.push({
424
476
  namespaces: ["kube-system"],
477
+ namespaceSelectors: [],
425
478
  selectors: [{ matchLabels: { "k8s-app": "kube-dns" } }],
426
479
  ports: [{ port: 53, protocol: "UDP" }],
427
480
  all: false,
481
+ clusterPods: false,
428
482
  cidrs: [],
429
483
  fqdns: [],
430
484
  services: [],
@@ -467,10 +521,15 @@ export class NetworkPolicy extends ComponentResource {
467
521
  return [
468
522
  {
469
523
  all: rule.fromAll ?? false,
524
+ clusterPods: rule.fromClusterPods ?? false,
470
525
  cidrs: normalize(rule.fromCidr, rule.fromCidrs).concat(l3OnlyRule?.cidrs ?? []),
471
526
  fqdns: [],
472
527
  services: normalize(rule.fromService, rule.fromServices),
473
528
  namespaces: normalize(rule.fromNamespace, rule.fromNamespaces),
529
+ namespaceSelectors: normalize(
530
+ rule.fromNamespaceSelector,
531
+ rule.fromNamespaceSelectors,
532
+ ),
474
533
  selectors: normalize(rule.fromSelector, rule.fromSelectors),
475
534
  ports: normalize(rule.toPort, rule.toPorts),
476
535
  } as NormalizedRuleArgs,
@@ -519,10 +578,12 @@ export class NetworkPolicy extends ComponentResource {
519
578
  return [
520
579
  {
521
580
  all: rule.toAll ?? false,
581
+ clusterPods: rule.toClusterPods ?? false,
522
582
  cidrs: normalize(rule.toCidr, rule.toCidrs).concat(l3OnlyRule?.cidrs ?? []),
523
583
  fqdns: normalize(rule.toFqdn, rule.toFqdns).concat(l3OnlyRule?.fqdns ?? []),
524
584
  services: normalize(rule.toService, rule.toServices),
525
585
  namespaces: normalize(rule.toNamespace, rule.toNamespaces),
586
+ namespaceSelectors: normalize(rule.toNamespaceSelector, rule.toNamespaceSelectors),
526
587
  selectors: normalize(rule.toSelector, rule.toSelectors),
527
588
  ports: normalize(rule.toPort, rule.toPorts),
528
589
  } as NormalizedRuleArgs,
@@ -590,10 +651,12 @@ export class NetworkPolicy extends ComponentResource {
590
651
 
591
652
  return {
592
653
  all: false,
654
+ clusterPods: false,
593
655
  cidrs,
594
656
  fqdns,
595
657
  services: [],
596
658
  namespaces: namespace ? [namespace] : [],
659
+ namespaceSelectors: [],
597
660
  selectors,
598
661
  ports,
599
662
  }
@@ -602,10 +665,12 @@ export class NetworkPolicy extends ComponentResource {
602
665
  private static isEmptyRule(rule: NormalizedRuleArgs): boolean {
603
666
  return (
604
667
  !rule.all &&
668
+ !rule.clusterPods &&
605
669
  rule.cidrs.length === 0 &&
606
670
  rule.fqdns.length === 0 &&
607
671
  rule.services.length === 0 &&
608
672
  rule.namespaces.length === 0 &&
673
+ rule.namespaceSelectors.length === 0 &&
609
674
  rule.selectors.length === 0 &&
610
675
  rule.ports.length === 0
611
676
  )
@@ -917,7 +982,11 @@ export class NativeNetworkPolicy extends ComponentResource {
917
982
  ): types.input.networking.v1.NetworkPolicyIngressRule[] {
918
983
  return uniqueBy(
919
984
  args.ingressRules.map(rule => ({
920
- from: rule.all ? [] : NativeNetworkPolicy.createRulePeers(rule),
985
+ from: rule.all
986
+ ? []
987
+ : rule.clusterPods
988
+ ? [{ namespaceSelector: {} }]
989
+ : NativeNetworkPolicy.createRulePeers(rule),
921
990
  ports: NativeNetworkPolicy.mapPorts(rule.ports),
922
991
  })),
923
992
  rule => JSON.stringify(rule),
@@ -968,7 +1037,11 @@ export class NativeNetworkPolicy extends ComponentResource {
968
1037
  args.egressRules
969
1038
  .map(rule => {
970
1039
  return {
971
- to: rule.all ? [] : NativeNetworkPolicy.createRulePeers(rule),
1040
+ to: rule.all
1041
+ ? []
1042
+ : rule.clusterPods
1043
+ ? [{ namespaceSelector: {} }]
1044
+ : NativeNetworkPolicy.createRulePeers(rule),
972
1045
  ports: NativeNetworkPolicy.mapPorts(rule.ports),
973
1046
  } as types.input.networking.v1.NetworkPolicyEgressRule
974
1047
  })
@@ -1020,7 +1093,10 @@ export class NativeNetworkPolicy extends ComponentResource {
1020
1093
  podSelector: mapSelectorLikeToSelector(selector),
1021
1094
  }))
1022
1095
 
1023
- const namespacePeers = args.namespaces.map(NativeNetworkPolicy.createNamespacePeer)
1096
+ const namespacePeers = [
1097
+ ...args.namespaces.map(NativeNetworkPolicy.createNamespacePeer),
1098
+ ...args.namespaceSelectors.map(NativeNetworkPolicy.createNamespaceSelectorPeer),
1099
+ ]
1024
1100
 
1025
1101
  if (namespacePeers.length === 0) {
1026
1102
  // if there are no namespaces, we can just return selector peers
@@ -1050,6 +1126,15 @@ export class NativeNetworkPolicy extends ComponentResource {
1050
1126
  return { namespaceSelector }
1051
1127
  }
1052
1128
 
1129
+ private static createNamespaceSelectorPeer(
1130
+ this: void,
1131
+ selector: SelectorLike,
1132
+ ): types.input.networking.v1.NetworkPolicyPeer {
1133
+ return {
1134
+ namespaceSelector: mapSelectorLikeToSelector(selector),
1135
+ }
1136
+ }
1137
+
1053
1138
  private static mapPorts(
1054
1139
  ports: NetworkPolicyPort[],
1055
1140
  ): types.input.networking.v1.NetworkPolicyPort[] {