@highstate/k8s 0.19.1 → 0.20.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-FE4SHRAJ.js → chunk-23X5SXQG.js} +22 -7
- package/dist/chunk-23X5SXQG.js.map +1 -0
- package/dist/{chunk-LGHFSXNT.js → chunk-ADHZK6V2.js} +14 -10
- package/dist/chunk-ADHZK6V2.js.map +1 -0
- package/dist/{chunk-VCXWCZ43.js → chunk-BTAEFJ5N.js} +27 -15
- package/dist/chunk-BTAEFJ5N.js.map +1 -0
- package/dist/{chunk-BR2CLUUD.js → chunk-IXE3OKB4.js} +27 -8
- package/dist/chunk-IXE3OKB4.js.map +1 -0
- package/dist/{chunk-TWBMG6TD.js → chunk-OG2OPX7B.js} +30 -12
- package/dist/chunk-OG2OPX7B.js.map +1 -0
- package/dist/{chunk-DCUMJSO6.js → chunk-P26SQ2ZB.js} +17 -51
- package/dist/chunk-P26SQ2ZB.js.map +1 -0
- package/dist/{chunk-MIC2BHGS.js → chunk-PG27ZY2H.js} +25 -7
- package/dist/chunk-PG27ZY2H.js.map +1 -0
- package/dist/chunk-PZYGZSN5.js +54 -0
- package/dist/{chunk-PZ5AY32C.js.map → chunk-PZYGZSN5.js.map} +1 -1
- package/dist/{chunk-YIJUVPU2.js → chunk-S77TE7UC.js} +27 -15
- package/dist/chunk-S77TE7UC.js.map +1 -0
- package/dist/{chunk-P2VOUU7E.js → chunk-SZKOAHNX.js} +383 -205
- package/dist/chunk-SZKOAHNX.js.map +1 -0
- package/dist/chunk-TOLFVF4S.js +889 -0
- package/dist/chunk-TOLFVF4S.js.map +1 -0
- package/dist/{chunk-RVB4WWZZ.js → chunk-TVKT3ZYX.js} +174 -18
- package/dist/chunk-TVKT3ZYX.js.map +1 -0
- package/dist/cron-job-RKB2HYTO.js +7 -0
- package/dist/{cron-job-NX4HD4FI.js.map → cron-job-RKB2HYTO.js.map} +1 -1
- package/dist/deployment-T35TUOL2.js +7 -0
- package/dist/{deployment-O2LJ5WR5.js.map → deployment-T35TUOL2.js.map} +1 -1
- package/dist/highstate.manifest.json +3 -2
- package/dist/impl/dynamic-endpoint-resolver.js +90 -0
- package/dist/impl/dynamic-endpoint-resolver.js.map +1 -0
- package/dist/impl/gateway-route.js +159 -62
- package/dist/impl/gateway-route.js.map +1 -1
- package/dist/impl/tls-certificate.js +6 -5
- package/dist/impl/tls-certificate.js.map +1 -1
- package/dist/index.js +106 -23
- package/dist/index.js.map +1 -1
- package/dist/job-PE4AKOHB.js +7 -0
- package/dist/job-PE4AKOHB.js.map +1 -0
- package/dist/stateful-set-LUIRHQJY.js +7 -0
- package/dist/{stateful-set-VJYKTQ72.js.map → stateful-set-LUIRHQJY.js.map} +1 -1
- package/dist/units/cert-manager/index.js +7 -8
- package/dist/units/cert-manager/index.js.map +1 -1
- package/dist/units/cluster-patch/index.js +6 -6
- package/dist/units/cluster-patch/index.js.map +1 -1
- package/dist/units/dns01-issuer/index.js +52 -15
- package/dist/units/dns01-issuer/index.js.map +1 -1
- package/dist/units/existing-cluster/index.js +39 -18
- package/dist/units/existing-cluster/index.js.map +1 -1
- package/dist/units/gateway-api/index.js +2 -2
- package/dist/units/reduced-access-cluster/index.js +8 -8
- package/dist/units/reduced-access-cluster/index.js.map +1 -1
- package/package.json +9 -7
- package/src/cluster.ts +12 -8
- package/src/config-map.ts +15 -5
- package/src/container.ts +4 -2
- package/src/cron-job.ts +25 -4
- package/src/deployment.ts +32 -17
- package/src/gateway/backend.ts +3 -3
- package/src/gateway/gateway.ts +12 -56
- package/src/helm.ts +354 -22
- package/src/impl/dynamic-endpoint-resolver.ts +109 -0
- package/src/impl/gateway-route.ts +231 -57
- package/src/impl/tls-certificate.ts +8 -3
- package/src/index.ts +1 -0
- package/src/job.ts +23 -5
- package/src/kubectl.ts +166 -0
- package/src/namespace.ts +47 -3
- package/src/network-policy.ts +1 -1
- package/src/pvc.ts +12 -2
- package/src/rbac.ts +28 -5
- package/src/scripting/environment.ts +3 -2
- package/src/secret.ts +15 -5
- package/src/service.ts +28 -6
- package/src/shared.ts +30 -2
- package/src/stateful-set.ts +32 -17
- package/src/tls.ts +31 -5
- package/src/units/cluster-patch/index.ts +5 -5
- package/src/units/dns01-issuer/index.ts +56 -12
- package/src/units/existing-cluster/index.ts +36 -15
- package/src/units/reduced-access-cluster/index.ts +6 -3
- package/src/worker.ts +4 -2
- package/src/workload.ts +453 -213
- package/dist/chunk-4G6LLC2X.js +0 -240
- package/dist/chunk-4G6LLC2X.js.map +0 -1
- package/dist/chunk-BR2CLUUD.js.map +0 -1
- package/dist/chunk-DCUMJSO6.js.map +0 -1
- package/dist/chunk-FE4SHRAJ.js.map +0 -1
- package/dist/chunk-KMLRI5UZ.js +0 -155
- package/dist/chunk-KMLRI5UZ.js.map +0 -1
- package/dist/chunk-LGHFSXNT.js.map +0 -1
- package/dist/chunk-MIC2BHGS.js.map +0 -1
- package/dist/chunk-OBDQONMV.js +0 -401
- package/dist/chunk-OBDQONMV.js.map +0 -1
- package/dist/chunk-P2VOUU7E.js.map +0 -1
- package/dist/chunk-PZ5AY32C.js +0 -9
- package/dist/chunk-RVB4WWZZ.js.map +0 -1
- package/dist/chunk-TWBMG6TD.js.map +0 -1
- package/dist/chunk-VCXWCZ43.js.map +0 -1
- package/dist/chunk-YIJUVPU2.js.map +0 -1
- package/dist/cron-job-NX4HD4FI.js +0 -8
- package/dist/deployment-O2LJ5WR5.js +0 -8
- package/dist/job-SYME6Y43.js +0 -8
- package/dist/job-SYME6Y43.js.map +0 -1
- package/dist/stateful-set-VJYKTQ72.js +0 -8
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../assets/images.json","../src/shared.ts","../src/rbac.ts","../src/namespace.ts","../src/secret.ts"],"names":["terminal-kubectl","worker.k8s-monitor","file","cluster","entity","ComponentResource","output","serviceAccount","core","kubeconfig","toPromise","makeEntityOutput","k8s","getOrCreate","secret","interpolate"],"mappings":";;;;;;;;;;AAAA,IAAA,cAAA,GAAA;AAAA,QAAA,CAAA,cAAA,EAAA;AAAA,EAAA,MAAA,EAAA,MAAA,MAAA;AAAA,EAAA,OAAA,EAAA,MAAA,cAAA;AAAA,EAAA,kBAAA,EAAA,MAAAA,gBAAAA;AAAA,EAAA,MAAA,EAAA,MAAA,MAAA;AAAA,EAAA,oBAAA,EAAA,MAAAC;AAAA,CAAA,CAAA;AACE,IAAAD,gBAAAA,GAAoB;AAAA,EAClB,IAAA,EAAQ,iDAAA;AAAA,EACR,GAAA,EAAO,QAAA;AAAA,EACP,KAAA,EAAS;AACX,CAAA;AACA,IAAAC,kBAAAA,GAAsB;AAAA,EACpB,IAAA,EAAQ,mDAAA;AAAA,EACR,GAAA,EAAO,OAAA;AAAA,EACP,KAAA,EAAS;AACX,CAAA;AACA,IAAA,MAAA,GAAU;AAAA,EACR,IAAA,EAAQ,QAAA;AAAA,EACR,GAAA,EAAO,QAAA;AAAA,EACP,KAAA,EAAS;AACX,CAAA;AACA,IAAA,MAAA,GAAU;AAAA,EACR,IAAA,EAAQ,QAAA;AAAA,EACR,GAAA,EAAO,QAAA;AAAA,EACP,KAAA,EAAS;AACX,CAAA;AApBF,IAAA,cAAA,GAAA;AAAA,EACE,kBAAA,EAAAD,gBAAAA;AAAA,EAKA,oBAAA,EAAAC,kBAAAA;AAAA,EAKA,MAAA;AAAA,EAKA;AAKF,CAAA;ACJA,IAAM,SAAA,uBAAgB,GAAA,EAAqC;AAEpD,SAAS,YAAY,OAAA,EAAgC;AAC1D,EAAA,MAAM,OAAO,CAAA,EAAG,OAAA,CAAQ,IAAI,CAAA,CAAA,EAAI,QAAQ,YAAY,CAAA,CAAA;AACpD,EAAA,MAAM,QAAA,GAAW,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AACnC,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,OAAA,CAAQ,IAAA,KAAS,iBAAA,EAAmB;AACzD,IAAA,MAAM,IAAI,MAAM,oEAAoE,CAAA;AAAA,EACtF;AAEA,EAAA,MAAM,QAAA,GAAW,IAAI,QAAA,CAAS,IAAA,EAAM;AAAA,IAClC,YAAY,MAAA,CAAO,OAAA,CAAQ,UAAA,CAAW,OAAA,CAAQ,MAAM,KAAK;AAAA,GAC1D,CAAA;AACD,EAAA,SAAA,CAAU,GAAA,CAAI,MAAM,QAAQ,CAAA;AAE5B,EAAA,OAAO,QAAA;AACT;AAEA,eAAsB,iBAAiB,OAAA,EAAgD;AACrF,EAAA,MAAM,eAAA,GAAkB,MAAM,SAAA,CAAU,OAAO,CAAA;AAE/C,EAAA,OAAO,YAAY,eAAe,CAAA;AACpC;AAEO,SAAS,6BAA6B,IAAA,EAA0C;AACrF,EAAA,OAAO,MAAA,CAAO,IAAI,CAAA,CAAE,KAAA,CAAM,CAAAC,KAAAA,KAAQ;AAChC,IAAA,IAAIA,KAAAA,CAAK,OAAA,CAAQ,IAAA,KAAS,iBAAA,EAAmB;AAC3C,MAAA,MAAM,IAAI,MAAM,yEAAyE,CAAA;AAAA,IAC3F;AAEA,IAAA,OAAOA,KAAAA,CAAK,QAAQ,KAAA,CAAM,KAAA;AAAA,EAC5B,CAAC,CAAA;AACH;AAEO,SAAS,4BAA4B,OAAA,EAA6C;AACvF,EAAA,OAAO,MAAA,CAAO,OAAO,CAAA,CAAE,KAAA,CAAM,CAAAC,QAAAA,KAAW;AACtC,IAAA,IAAIA,QAAAA,CAAQ,UAAA,CAAW,OAAA,CAAQ,IAAA,KAAS,iBAAA,EAAmB;AACzD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAOA,QAAAA,CAAQ,UAAA,CAAW,OAAA,CAAQ,KAAA,CAAM,KAAA;AAAA,EAC1C,CAAC,CAAA;AACH;AAqBO,IAAM,eAAA,GAAkB,CAAC,MAAA,EAAQ,WAAA,EAAa,UAAU;AAExD,SAAS,WAAA,CACd,MACA,YAAA,EACgD;AAChD,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA,CAAE,KAAA;AAAA,IAAM,cACjC,MAAA,CAAO;AAAA,MACL,GAAG,QAAA;AAAA,MACH,IAAA,EAAM,IAAA,CAAK,IAAA,IAAQ,QAAA,EAAU,IAAA,IAAQ,YAAA;AAAA,MACrC,SAAA,EACE,QAAA,EAAU,SAAA,KAAc,IAAA,CAAK,SAAA,GAAY,OAAO,IAAA,CAAK,SAAS,CAAA,CAAE,QAAA,CAAS,IAAA,GAAO,MAAA;AAAA,KACnF;AAAA,GACH;AACF;AAIO,SAAS,0BACd,QAAA,EACmC;AACnC,EAAA,IAAI,aAAA,IAAiB,QAAA,IAAY,kBAAA,IAAsB,QAAA,EAAU;AAC/D,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,WAAA,EAAa;AAAA,GACf;AACF;AAEO,SAAS,iBAAiB,SAAA,EAA0C;AACzE,EAAA,IAAI,SAAA,CAAU,UAAA,CAAW,SAAS,CAAA,EAAG;AACnC,IAAA,OAAO,UAAU,QAAA,CAAS,IAAA;AAAA,EAC5B;AAEA,EAAA,IAAI,IAAA,CAAK,EAAA,CAAG,SAAA,CAAU,UAAA,CAAW,SAAS,CAAA,EAAG;AAC3C,IAAA,OAAO,UAAU,QAAA,CAAS,IAAA;AAAA,EAC5B;AAEA,EAAA,OAAO,OAAO,SAAS,CAAA;AACzB;AAEO,SAAS,2BACd,SAAA,EACmC;AACnC,EAAA,OAAO;AAAA,IACL,WAAA,EAAa;AAAA,MACX,6BAAA,EAA+B;AAAA;AACjC,GACF;AACF;AAEO,SAAS,eAAA,CACd,QACA,OAAA,EACoB;AACpB,EAAA,OAAO,MAAA,CAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,MAAA,EAAAC,OAAAA,EAAQ,OAAA,EAAAD,UAAQ,KAAM;AAChE,IAAA,IAAIC,OAAAA,CAAO,SAAA,KAAcD,QAAAA,CAAQ,EAAA,EAAI;AACnC,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,qBAAA,EAAwBC,OAAAA,CAAO,IAAI,CAAA,EAAA,EAAKA,OAAAA,CAAO,QAAA,CAAS,IAAI,CAAA,IAAA,EAAOA,OAAAA,CAAO,SAAS,CAAA,MAAA,EAASD,QAAAA,CAAQ,EAAE,CAAA,CAAA;AAAA,OACxG;AAAA,IACF;AAEA,IAAA,OAAOA,QAAAA;AAAA,EACT,CAAC,CAAA;AACH;AASO,IAAe,QAAA,GAAf,cAAgC,iBAAA,CAAkB;AAAA,EAgB7C,YACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,IAAA,EAKS,SAKA,QAAA,EACT;AACA,IAAA,KAAA,CAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAPnB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAKA,IAAA,IAAA,CAAA,QAAA,GAAA,QAAA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EA7BA,OAAgB,UAAA;AAAA;AAAA;AAAA;AAAA,EAKhB,OAAgB,IAAA;AAAA;AAAA;AAAA;AAAA,EAKhB,OAAgB,YAAA,GAAwB,KAAA;AAAA;AAAA;AAAA;AAAA,EAwBxC,IAAI,UAAA,GAAa;AACf,IAAA,OAAQ,KAAK,WAAA,CAAgC,UAAA;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,IAAA,GAAO;AACT,IAAA,OAAQ,KAAK,WAAA,CAAgC,IAAA;AAAA,EAC/C;AAAA,EAEA,IAAI,YAAA,GAAe;AACjB,IAAA,OAAQ,KAAK,WAAA,CAAgC,YAAA;AAAA,EAC/C;AAAA,EAEA,IAAc,UAAA,GAAa;AACzB,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,KAAK,OAAA,CAAQ,EAAA;AAAA,MACxB,WAAA,EAAa,KAAK,OAAA,CAAQ,IAAA;AAAA,MAC1B,YAAY,IAAA,CAAK,UAAA;AAAA,MACjB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,YAAA,EAAc,KAAA;AAAA,MACd,UAAU,IAAA,CAAK;AAAA,KACjB;AAAA,EACF;AACF;AAOO,IAAe,kBAAA,GAAf,cAA0C,QAAA,CAAS;AAAA,EAG9C,YACR,IAAA,EACA,IAAA,EACA,IAAA,EACA,IAAA,EACA,UAKS,SAAA,EACT;AACA,IAAA,KAAA,CAAM,MAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,SAAA,CAAU,SAAS,QAAQ,CAAA;AAFhD,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EAGX;AAAA,EAfA,OAAgB,YAAA,GAAe,IAAA;AAAA,EAsB/B,IAAc,UAAA,GAAa;AACzB,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,KAAK,OAAA,CAAQ,EAAA;AAAA,MACxB,WAAA,EAAa,KAAK,OAAA,CAAQ,IAAA;AAAA,MAC1B,YAAY,IAAA,CAAK,UAAA;AAAA,MACjB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,YAAA,EAAc,IAAA;AAAA,MACd,UAAU,IAAA,CAAK;AAAA,KACjB;AAAA,EACF;AACF;;;AC1LO,IAAM,kBAAA,GAAN,cAAiCE,iBAAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAI/C,OAAA;AAAA,EAET,WAAA,CAAY,IAAA,EAAc,IAAA,EAA8B,IAAA,EAAiC;AACvF,IAAA,KAAA,CAAM,kCAAA,EAAoC,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAE1D,IAAA,MAAM,EAAE,cAAA,EAAgB,UAAA,EAAW,GAAIC,MAAAA,CAAO,KAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,KAAA,CAAM,CAAA,OAAA,KAAW;AACrF,MAAA,MAAM,QAAA,GAAW,YAAY,OAAO,CAAA;AACpC,MAAA,MAAM,aAAA,GAAgBA,MAAAA,CAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAA;AAEtD,MAAA,MAAMC,eAAAA,GAAiB,IAAIC,IAAAA,CAAK,EAAA,CAAG,cAAA;AAAA,QACjC,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA;AAAA,YACA,SAAA,EAAW;AAAA;AACb,SACF;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,WAAA,GAAc,IAAI,IAAA,CAAK,EAAA,CAAG,WAAA;AAAA,QAC9B,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU;AAAA,YACR,IAAA,EAAM,WAAA,CAAA,GAAA,EAAiB,aAAa,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,YAC5C,WAAA,EAAa;AAAA,cACX,2BAAA,EAA6B,WAAA,CAAA,6CAAA,EAA2D,IAAI,CAAA,oBAAA,EAAuB,aAAa,CAAA,EAAA;AAAA;AAClI,WACF;AAAA,UACA,OAAOF,MAAAA,CAAO;AAAA,YACZ,KAAA,EAAO,eAAA,CAAgB,IAAA,CAAK,IAAA,EAAM,KAAK,KAAK,CAAA;AAAA,YAC5C,SAAA,EAAW,IAAA,CAAK,SAAA,IAAa;AAAC,WAC/B,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,KAAA,EAAO,SAAA,EAAU,KAAM,cAAA,CAAe,KAAA,EAAO,SAAS,CAAC;AAAA,SACrE;AAAA,QACA,EAAE,QAAA;AAAS,OACb;AAEA,MAAA,MAAM,iBAAA,GAAoB,CAAC,SAAA,KAA6B;AACtD,QAAA,OAAO,IAAI,KAAK,EAAA,CAAG,WAAA;AAAA,UACjB,IAAA;AAAA,UACA;AAAA,YACE,QAAA,EAAU,EAAE,IAAA,EAAM,SAAA,EAAU;AAAA,YAC5B,OAAA,EAAS;AAAA,cACP,IAAA,EAAM,aAAA;AAAA,cACN,IAAA,EAAM,YAAY,QAAA,CAAS,IAAA;AAAA,cAC3B,QAAA,EAAU;AAAA,aACZ;AAAA,YACA,QAAA,EAAU;AAAA,cACR;AAAA,gBACE,IAAA,EAAM,gBAAA;AAAA,gBACN,IAAA,EAAMC,gBAAe,QAAA,CAAS,IAAA;AAAA,gBAC9B,SAAA,EAAW;AAAA;AACb;AACF,WACF;AAAA,UACA,EAAE,QAAA;AAAS,SACb;AAAA,MACF,CAAA;AAEA,MAAA,IAAI,KAAK,WAAA,EAAa;AACpB,QAAA,IAAI,KAAK,EAAA,CAAG,kBAAA;AAAA,UACV,IAAA;AAAA,UACA;AAAA,YACE,QAAA,EAAU,EAAE,IAAA,EAAK;AAAA,YACjB,OAAA,EAAS;AAAA,cACP,IAAA,EAAM,aAAA;AAAA,cACN,IAAA,EAAM,YAAY,QAAA,CAAS,IAAA;AAAA,cAC3B,QAAA,EAAU;AAAA,aACZ;AAAA,YACA,QAAA,EAAU;AAAA,cACR;AAAA,gBACE,IAAA,EAAM,gBAAA;AAAA,gBACN,IAAA,EAAMA,gBAAe,QAAA,CAAS,IAAA;AAAA,gBAC9B,SAAA,EAAW;AAAA;AACb;AACF,WACF;AAAA,UACA,EAAE,QAAA;AAAS,SACb;AAAA,MACF,CAAA,MAAO;AACL,QAAA,IAAI,IAAA,CAAK,yBAAyB,KAAA,EAAO;AACvC,UAAA,iBAAA,CAAkB,aAAa,CAAA;AAAA,QACjC;AAEA,QAAAD,MAAAA,CAAO,IAAA,CAAK,eAAA,IAAmB,EAAE,CAAA,CAC9B,KAAA,CAAM,GAAA,CAAI,gBAAgB,CAAC,CAAA,CAC3B,KAAA,CAAM,GAAA,CAAI,iBAAiB,CAAC,CAAA;AAAA,MACjC;AAEA,MAAA,OAAO,EAAE,cAAA,EAAAC,eAAAA,EAAgB,UAAA,EAAY,QAAQ,UAAA,EAAW;AAAA,IAC1D,CAAC,CAAA;AAED,IAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,MAAA,CAAO,CAAA,EAAG,IAAI,CAAA,MAAA,CAAA,EAAU;AAAA,MACvD,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,IAAA,EAAM,qCAAA;AAAA,MACN,QAAA,EAAU;AAAA,QACR,WAAA,EAAa;AAAA,UACX,oCAAA,EAAsC,eAAe,QAAA,CAAS;AAAA;AAChE;AACF,KACD,CAAA;AAED,IAAA,IAAA,CAAK,UAAUD,MAAAA,CAAO;AAAA,MACpB,OAAA,EAASA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA;AAAA,MAChC,UAAA;AAAA,MACA,QAAA,EAAU,iBAAA,CAAkB,QAAA,CAAS,OAAO,CAAA;AAAA,MAC5C,cAAA,EAAgB,eAAe,QAAA,CAAS,IAAA;AAAA,MACxC,gBAAA,EAAkB,eAAe,QAAA,CAAS;AAAA,KAC3C,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAS,UAAA,EAAAG,WAAAA,EAAY,QAAA,EAAU,cAAA,EAAAF,eAAAA,EAAgB,gBAAA,EAAiB,KAAM;AAChF,MAAA,IAAIE,WAAAA,CAAW,OAAA,CAAQ,IAAA,KAAS,iBAAA,EAAmB;AACjD,QAAA,MAAM,IAAI,MAAM,oEAAoE,CAAA;AAAA,MACtF;AAEA,MAAA,MAAM,MAAA,GAAS,IAAI,UAAA,EAAW;AAC9B,MAAA,MAAA,CAAO,cAAA,CAAeA,WAAAA,CAAW,OAAA,CAAQ,KAAA,CAAM,KAAK,CAAA;AAGpD,MAAA,MAAA,CAAO,QAAQ,EAAC;AAChB,MAAA,MAAA,CAAO,WAAW,EAAC;AAEnB,MAAA,MAAA,CAAO,QAAQ,EAAE,IAAA,EAAMF,eAAAA,EAAgB,KAAA,EAAO,UAAU,CAAA;AAExD,MAAA,MAAA,CAAO,UAAA,CAAW;AAAA,QAChB,IAAA,EAAM,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QACzB,OAAA,EAAS,MAAA,CAAO,QAAA,CAAS,CAAC,CAAA,CAAE,IAAA;AAAA,QAC5B,IAAA,EAAMA;AAAA,OACP,CAAA;AAED,MAAA,MAAA,CAAO,iBAAA,CAAkB,MAAA,CAAO,QAAA,CAAS,CAAC,EAAE,IAAI,CAAA;AAEhD,MAAA,OAAO;AAAA,QACL,GAAG,OAAA;AAAA,QACH,YAAA,EAAc,gBAAA;AAAA,QACd,YAAY,UAAA,CAAW;AAAA,UACrB,QAAQ,MAAA,CAAO,UAAA;AAAA,UACf,QAAA,EAAU,GAAG,gBAAgB,CAAA,WAAA,CAAA;AAAA,UAC7B,IAAA,EAAM;AAAA,YACJ,KAAA,EAAO,qBAAqBA,eAAc,CAAA;AAAA,WAC5C;AAAA,UACA,KAAA,EAAO;AAAA,YACL,OAAA,EAAS;AAAA,cACP,IAAA,EAAM,iBAAA;AAAA,cACN,KAAA,EAAO,OAAO,YAAA;AAAa,aAC7B;AAAA,YACA,IAAA,EAAM;AAAA,cACJ,IAAA,EAAM,YAAA;AAAA,cACN,WAAA,EAAa,WAAA;AAAA,cACb,IAAA,EAAM;AAAA;AACR;AACF,SACD;AAAA,OACH;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AAEA,eAAe,cAAA,CACb,OACA,SAAA,EAC2C;AAC3C,EAAA,KAAA,MAAW,YAAY,SAAA,EAAW;AAChC,IAAA,MAAM,SAAS,MAAMG,SAAAA;AAAA,MACnB,QAAA,YAAoB,kBAAA,GAAqB,QAAA,CAAS,MAAA,GAAS;AAAA,KAC7D;AAEA,IAAA,MAAM,QAAA,GAAW,MAAA,CAAO,UAAA,CAAW,QAAA,CAAS,GAAG,CAAA,GAC3C,MAAA,CAAO,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,GAC9B,EAAA;AAEJ,IAAA,MAAM,kBAAA,GAAqB,CAAA,EAAG,MAAA,CAAO,IAAA,CAAK,aAAa,CAAA,CAAA,CAAA;AAEvD,IAAA,MAAM,YAAA,GAAe,KAAA,CAAM,IAAA,CAAK,CAAA,IAAA,KAAQ;AACtC,MAAA,MAAM,cAAA,GAAiB,KAAK,SAAA,EAAW,MAAA,KAAW,KAAK,IAAA,CAAK,SAAA,CAAU,CAAC,CAAA,KAAM,QAAA;AAC7E,MAAA,MAAM,cAAA,GACJ,KAAK,SAAA,EAAW,MAAA,KAAW,KAAK,IAAA,CAAK,SAAA,CAAU,CAAC,CAAA,KAAM,kBAAA;AAExD,MAAA,OAAO,cAAA,IAAkB,cAAA;AAAA,IAC3B,CAAC,CAAA;AAED,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,gBAAgB,MAAMA,SAAAA;AAAA,MACjC,MAAA,CAAO;AAAA;AAAA,QAEL,GAAI,YAAA,CAAa,aAAA,IAAiB,EAAC;AAAA,QACnC,OAAO,QAAA,CAAS;AAAA,OACjB;AAAA,KACH;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;;;AClOO,IAAe,SAAA,GAAf,MAAe,UAAA,SAAkB,QAAA,CAAS;AAAA,EAW/C,WAAA,CACE,MACA,IAAA,EACA,IAAA,EACA,MAEA,OAAA,EACA,QAAA,EAKS,MAKA,MAAA,EACT;AACA,IAAA,KAAA,CAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,SAAS,QAAQ,CAAA;AAPtC,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAGX;AAAA,EA9BA,OAAgB,UAAA,GAAa,IAAA;AAAA,EAC7B,OAAgB,IAAA,GAAO,WAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOvB,kBAAA;AAAA;AAAA;AAAA;AAAA,EA2BA,IAAI,MAAA,GAAgC;AAClC,IAAA,OAAO,gBAAA,CAAiB;AAAA,MACtB,QAAQ,GAAA,CAAI,eAAA;AAAA,MACZ,QAAA,EAAU,KAAK,QAAA,CAAS,GAAA;AAAA,MACxB,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO,KAAK,QAAA,CAAS;AAAA,OACvB;AAAA,MACA,KAAA,EAAO;AAAA,QACL,GAAG,IAAA,CAAK;AAAA;AACV,KACD,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAqB,IAAA,EAA4C;AAC3F,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACW;AACX,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACoB;AACpB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,UAAA,CAAU,gBAAA,CAAiB,IAAA,CAAK,QAAA,EAAU,KAAK,OAAO,CAAA;AAAA,IACrE;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,UAAA,CAAU,QAAA,CAAS,IAAA,CAAK,QAAA,EAAU,KAAK,OAAO,CAAA;AAAA,IAC7D;AAEA,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACW;AACX,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,eAAe,IAAA,EAAM;AAAA,QAC9B,GAAG,IAAA;AAAA,QACH,IAAA,EAAMJ,QAAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,SAAA;AAAA,QACrC,OAAA,EAAS,eAAA,CAAgB,IAAA,CAAK,QAAA,EAAU,KAAK,OAAO;AAAA,OACrD,CAAA;AAAA,IACH;AAEA,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,eAAe,IAAA,EAAM;AAAA,QAC9B,GAAG,IAAA;AAAA,QACH,IAAA,EAAMA,QAAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS,IAAA;AAAA,QACrC,OAAA,EAAS,eAAA,CAAgB,IAAA,CAAK,QAAA,EAAU,KAAK,OAAO;AAAA,OACrD,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAqB,IAAA,EAA4C;AAC1F,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,GAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACW;AACX,IAAA,OAAO,IAAI,iBAAA,CAAkB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC/C;AAAA,EAEA,OAAwB,cAAA,mBAAiB,IAAI,GAAA,EAAuB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAapE,OAAO,GAAA,CAAI,MAAA,EAAuB,OAAA,EAAwC;AACxE,IAAA,OAAO,WAAA;AAAA,MACL,UAAA,CAAU,cAAA;AAAA,MACV,CAAA,EAAG,OAAO,WAAW,CAAA,CAAA,EAAI,OAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,MAAA,CAAO,SAAS,CAAA,CAAA;AAAA,MACjE,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,UAAA,CAAU,IAAI,IAAA,EAAM;AAAA,UACzB,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,OAAA,EAAS,eAAA,CAAgB,MAAA,EAAQ,OAAO;AAAA,SACzC,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACoB;AACpB,IAAA,MAAM,cAAA,GAAiB,MAAMI,SAAAA,CAAU,MAAM,CAAA;AAE7C,IAAA,OAAO,UAAA,CAAU,GAAA,CAAI,cAAA,EAAgB,OAAO,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,OAAO,WAAA,CAAY,QAAA,EAAkC,OAAA,EAAwC;AAC3F,IAAA,OAAO,WAAA;AAAA,MACL,UAAA,CAAU,cAAA;AAAA,MACV,CAAA,EAAG,SAAS,WAAW,CAAA,CAAA,EAAI,SAAS,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,QAAA,CAAS,SAAS,CAAA,CAAA;AAAA,MAC5E,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,UAAA,CAAU,IAAI,IAAA,EAAM;AAAA,UACzB,IAAA,EAAM,SAAS,QAAA,CAAS,SAAA;AAAA,UACxB,OAAA,EAAS,eAAA,CAAgB,QAAA,EAAU,OAAO;AAAA,SAC3C,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,gBAAA,CACX,QAAA,EACA,OAAA,EACoB;AACpB,IAAA,MAAM,gBAAA,GAAmB,MAAMA,SAAAA,CAAU,QAAQ,CAAA;AAEjD,IAAA,OAAO,UAAA,CAAU,WAAA,CAAY,gBAAA,EAAkB,OAAO,CAAA;AAAA,EACxD;AACF;AAEA,SAAS,oBAAA,CACP,MACA,YAAA,EACgD;AAChD,EAAA,OAAO,WAAA,CAAY,IAAA,EAAM,YAAY,CAAA,CAAE,MAAM,CAAA,QAAA,KAAY;AACvD,IAAA,IAAI,KAAK,UAAA,EAAY;AACnB,MAAA,QAAA,CAAS,MAAA,GAAS;AAAA,QAChB,GAAG,QAAA,CAAS,MAAA;AAAA,QACZ,oCAAA,EAAsC;AAAA,OACxC;AAAA,IACF;AAEA,IAAA,OAAO,QAAA;AAAA,EACT,CAAC,CAAA;AACH;AAEA,IAAM,gBAAA,GAAN,cAA+B,SAAA,CAAU;AAAA,EACvC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAqB,IAAA,EAAiC;AAC9E,IAAA,MAAM,YAAYJ,QAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAM,CAAA,OAAA,KAAW;AACtD,MAAA,OAAO,IAAIE,KAAK,EAAA,CAAG,SAAA;AAAA,QACjB,IAAA;AAAA,QACA,EAAE,QAAA,EAAU,oBAAA,CAAqB,IAAA,EAAM,IAAI,CAAA,EAAE;AAAA,QAC7C,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,yBAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACAF,QAAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnB,SAAA,CAAU,QAAA;AAAA,MACV,SAAA,CAAU,IAAA;AAAA,MACV,SAAA,CAAU;AAAA,KACZ;AAEA,IAAA,MAAM,QAAQ,IAAI,kBAAA;AAAA,MAChB,GAAG,IAAI,CAAA,aAAA,CAAA;AAAA,MACP;AAAA,QACE,SAAA,EAAW,IAAA;AAAA,QACX,KAAA,EAAO;AAAA,UACL;AAAA,YACE,SAAA,EAAW,CAAC,EAAE,CAAA;AAAA,YACd,SAAA,EAAW,CAAC,UAAU,CAAA;AAAA,YACtB,KAAA,EAAO,CAAC,KAAK;AAAA,WACf;AAAA,UACA;AAAA,YACE,SAAA,EAAW,CAAC,EAAE,CAAA;AAAA,YACd,SAAA,EAAW,CAAC,MAAM,CAAA;AAAA,YAClB,KAAA,EAAO,CAAC,KAAA,EAAO,MAAM;AAAA,WACvB;AAAA,UACA;AAAA,YACE,SAAA,EAAW,CAAC,EAAE,CAAA;AAAA,YACd,SAAA,EAAW,CAAC,kBAAkB,CAAA;AAAA,YAC9B,KAAA,EAAO,CAAC,QAAQ;AAAA;AAClB;AACF,OACF;AAAA,MACA,EAAE,QAAQ,IAAA;AAAK,KACjB;AAEA,IAAA,IAAA,CAAK,qBAAqB,KAAA,CAAM,OAAA;AAAA,EAClC;AACF,CAAA;AAEA,IAAM,cAAA,GAAN,cAA6B,SAAA,CAAU;AAAA,EACrC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAqB,IAAA,EAAiC;AAC9E,IAAA,MAAM,YAAYA,QAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAM,CAAA,OAAA,KAAW;AACtD,MAAA,OAAO,IAAIE,KAAK,EAAA,CAAG,cAAA;AAAA,QACjB,IAAA;AAAA,QACA,EAAE,QAAA,EAAU,oBAAA,CAAqB,IAAA,EAAM,IAAI,CAAA,EAAE;AAAA,QAC7C,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,8BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACAF,QAAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnB,SAAA,CAAU,QAAA;AAAA,MACV,SAAA,CAAU,IAAA;AAAA,MACV,SAAA,CAAU;AAAA,KACZ;AAAA,EACF;AACF,CAAA;AA0BA,IAAM,iBAAA,GAAN,cAAgC,SAAA,CAAU;AAAA,EACxC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA6B,IAAA,EAAiC;AACtF,IAAA,MAAM,YAAYA,QAAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAM,CAAA,OAAA,KAAW;AACtD,MAAA,OAAOE,KAAK,EAAA,CAAG,SAAA,CAAU,GAAA,CAAI,IAAA,EAAM,KAAK,IAAA,EAAM;AAAA,QAC5C,GAAG,IAAA;AAAA,QACH,MAAA,EAAQ,IAAA;AAAA,QACR,QAAA,EAAU,YAAY,OAAO;AAAA,OAC9B,CAAA;AAAA,IACH,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,iCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACAF,QAAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnB,SAAA,CAAU,QAAA;AAAA,MACV,SAAA,CAAU,IAAA;AAAA,MACV,SAAA,CAAU;AAAA,KACZ;AAAA,EACF;AACF,CAAA;AAEA,IAAM,gBAAA,GAAN,cAA+B,SAAA,CAAU;AAAA,EACvC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA4B,IAAA,EAAiC;AACrF,IAAA,KAAA;AAAA,MACE,gCAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MAEAA,QAAAA,CAAO,KAAK,OAAO,CAAA;AAAA,MACnBA,QAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,QAAA;AAAA,MACvBA,QAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,IAAA;AAAA,MACvBA,QAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE;AAAA,KACzB;AAAA,EACF;AACF,CAAA;;;AClZO,IAAe,MAAA,GAAf,MAAe,OAAA,SAAe,kBAAA,CAAmB;AAAA,EAI5C,WAAA,CACR,MACA,IAAA,EACA,IAAA,EACA,MAEA,QAAA,EACA,SAAA,EAKS,MAKA,UAAA,EACT;AACA,IAAA,KAAA,CAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,UAAU,SAAS,CAAA;AAPxC,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAKA,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AAAA,EAGX;AAAA,EAvBA,OAAO,UAAA,GAAa,IAAA;AAAA,EACpB,OAAO,IAAA,GAAO,QAAA;AAAA;AAAA;AAAA;AAAA,EA2Bd,IAAI,MAAA,GAA6B;AAC/B,IAAA,OAAOK,gBAAAA,CAAiB;AAAA,MACtB,QAAQC,GAAAA,CAAI,YAAA;AAAA,MACZ,QAAA,EAAU,KAAK,QAAA,CAAS,GAAA;AAAA,MACxB,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO,KAAK,QAAA,CAAS;AAAA,OACvB;AAAA,MACA,KAAA,EAAO;AAAA,QACL,GAAG,IAAA,CAAK;AAAA;AACV,KACD,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,SAAS,GAAA,EAA6B;AACpC,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA,CAAE,KAAA,CAAM,CAAA,KAAA,KAAS,MAAA,CAAO,IAAA,CAAK,KAAA,EAAO,QAAQ,CAAA,CAAE,QAAA,EAAU,CAAA;AAAA,EAC9E;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAA,CAAO,IAAA,EAAc,IAAA,EAAkB,IAAA,EAAyC;AACrF,IAAA,OAAO,IAAI,aAAA,CAAc,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,aAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACQ;AACR,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAI,YAAY,IAAA,EAAM;AAAA,QAC3B,GAAG,IAAA;AAAA,QACH,IAAA,EAAMN,MAAAA,CAAO,IAAA,CAAK,QAAQ,EAAE,QAAA,CAAS;AAAA,OACtC,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAI,aAAA,CAAc,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAAa,WAAA,CACX,IAAA,EACA,IAAA,EACA,IAAA,EACiB;AACjB,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,MAAM,QAAO,QAAA,CAAS,IAAA,CAAK,UAAUA,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAO,CAAA;AAAA,IAC5E;AAEA,IAAA,OAAO,IAAI,aAAA,CAAc,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,KAAA,CAAM,IAAA,EAAc,IAAA,EAAkB,IAAA,EAAyC;AACpF,IAAA,OAAO,IAAI,WAAA,CAAY,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAA,CAAK,IAAA,EAAc,IAAA,EAAyB,IAAA,EAAyC;AAC1F,IAAA,OAAO,IAAI,aAAA,CAAc,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,GAAA,CAAI,IAAA,EAAc,IAAA,EAA0B,IAAA,EAAyC;AAC1F,IAAA,OAAO,IAAI,cAAA,CAAe,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5C;AAAA,EAEA,OAAwB,WAAA,mBAAc,IAAI,GAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAa9D,OAAO,GAAA,CAAI,MAAA,EAAgC,OAAA,EAAqC;AAC9E,IAAA,OAAOO,WAAAA;AAAA,MACL,OAAA,CAAO,WAAA;AAAA,MACP,CAAA,EAAG,MAAA,CAAO,WAAW,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EAAI,MAAA,CAAO,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,OAAO,SAAS,CAAA,CAAA;AAAA,MAC9F,CAAA,IAAA,KAAQ;AACN,QAAA,OAAO,OAAA,CAAO,IAAI,IAAA,EAAM;AAAA,UACtB,IAAA,EAAM,OAAO,QAAA,CAAS,IAAA;AAAA,UACtB,SAAA,EAAW,SAAA,CAAU,WAAA,CAAY,MAAA,EAAQ,OAAO;AAAA,SACjD,CAAA;AAAA,MACH;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,QAAA,CACX,MAAA,EACA,OAAA,EACiB;AACjB,IAAA,MAAM,cAAA,GAAiB,MAAMH,SAAAA,CAAU,MAAM,CAAA;AAC7C,IAAA,OAAO,OAAA,CAAO,GAAA,CAAI,cAAA,EAAgB,OAAO,CAAA;AAAA,EAC3C;AACF;AAEA,IAAM,aAAA,GAAN,cAA4B,MAAA,CAAO;AAAA,EACjC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAkB,IAAA,EAAiC;AAC3E,IAAA,MAAMI,UAASR,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC7D,MAAA,OAAO,IAAIE,KAAK,EAAA,CAAG,MAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,YAAY,IAAA,CAAK,UAAA;AAAA,UACjB,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,sBAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACAM,OAAAA,CAAO,QAAA;AAAA,MACPR,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrBQ,OAAAA,CAAO,IAAA;AAAA,MACPA,OAAAA,CAAO;AAAA,KACT;AAAA,EACF;AACF,CAAA;AAEA,IAAM,WAAA,GAAN,cAA0B,MAAA,CAAO;AAAA,EAC/B,WAAA,CAAY,IAAA,EAAc,IAAA,EAAkB,IAAA,EAAiC;AAC3E,IAAA,MAAMA,UAASR,MAAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC7D,MAAA,OAAO,IAAIE,KAAK,EAAA,CAAG,WAAA;AAAA,QACjB,IAAA;AAAA,QACA;AAAA,UACE,QAAA,EAAU,WAAA,CAAY,IAAA,EAAM,IAAI,CAAA;AAAA,UAChC,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,YAAY,IAAA,CAAK,UAAA;AAAA,UACjB,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO;AAAA;AAC/B,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,2BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACAM,OAAAA,CAAO,QAAA;AAAA,MACPR,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrBQ,OAAAA,CAAO,IAAA;AAAA,MACPA,OAAAA,CAAO;AAAA,KACT;AAAA,EACF;AACF,CAAA;AAcA,IAAM,aAAA,GAAN,cAA4B,MAAA,CAAO;AAAA,EACjC,WAAA,CAAY,IAAA,EAAc,IAAA,EAAyB,IAAA,EAAiC;AAClF,IAAA,KAAA;AAAA,MACE,6BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACAR,MAAAA,CAAO,IAAA,CAAK,MAAM,CAAA,CAAE,QAAA;AAAA,MACpBA,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrBA,MAAAA,CAAO,IAAA,CAAK,MAAM,CAAA,CAAE,IAAA;AAAA,MACpBA,MAAAA,CAAO,IAAA,CAAK,MAAM,CAAA,CAAE;AAAA,KACtB;AAAA,EACF;AACF,CAAA;AAcA,IAAM,cAAA,GAAN,cAA6B,MAAA,CAAO;AAAA,EAClC,WAAA,CAAY,IAAA,EAAc,IAAA,EAA0B,IAAA,EAAiC;AACnF,IAAA,MAAMQ,OAAAA,GAASR,OAAO,IAAA,CAAK,SAAS,EAAE,OAAA,CAAQ,KAAA,CAAM,OAAM,OAAA,KAAW;AACnE,MAAA,MAAMQ,OAAAA,GAASN,IAAAA,CAAK,EAAA,CAAG,MAAA,CAAO,GAAA;AAAA,QAC5B,IAAA;AAAA,QACAO,WAAAA,CAAAA,EAAcT,OAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,IAAA,CAAK,IAAI,CAAA,CAAA;AAAA,QAC/D,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,MAAM,QAAA,EAAU,WAAA,CAAY,OAAO,CAAA;AAAE,OAC1D;AAGA,MAAA,MAAM,SAAA,GAAY,MAAMI,SAAAA,CAAUJ,MAAAA,CAAO,KAAK,SAAS,CAAA,CAAE,SAAS,IAAI,CAAA;AACtE,MAAA,MAAM,YAAA,GAAe,MAAMI,SAAAA,CAAU,IAAA,CAAK,IAAI,CAAA;AAC9C,MAAA,MAAM,QAAA,GAAW,MAAMA,SAAAA,CAAUI,OAAAA,CAAO,QAAQ,CAAA;AAChD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,OAAA,EAAU,YAAY,CAAA,cAAA,EAAiB,SAAS,CAAA,UAAA,CAAY,CAAA;AAAA,MAC9E;AAEA,MAAA,OAAOA,OAAAA;AAAA,IACT,CAAC,CAAA;AAED,IAAA,KAAA;AAAA,MACE,8BAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACAA,OAAAA,CAAO,QAAA;AAAA,MACPR,MAAAA,CAAO,KAAK,SAAS,CAAA;AAAA,MACrBQ,OAAAA,CAAO,IAAA;AAAA,MACPA,OAAAA,CAAO;AAAA,KACT;AAAA,EACF;AACF,CAAA","file":"chunk-TOLFVF4S.js","sourcesContent":["{\n \"terminal-kubectl\": {\n \"name\": \"ghcr.io/highstate-io/highstate/terminal.kubectl\",\n \"tag\": \"latest\",\n \"image\": \"ghcr.io/highstate-io/highstate/terminal.kubectl:latest@sha256:31cf095ec6acc0b3a5088c92483d88dc1e2e7dd7fcbf2ec8de29a0171debd8aa\"\n },\n \"worker.k8s-monitor\": {\n \"name\": \"ghcr.io/highstate-io/highstate/worker.k8s-monitor\",\n \"tag\": \"debug\",\n \"image\": \"ghcr.io/highstate-io/highstate/worker.k8s-monitor:debug@sha256:808eccda739d1e963d345a92612f3ca64ecf64de71a6010daa0e1fffbfc7aa5c\"\n },\n \"alpine\": {\n \"name\": \"alpine\",\n \"tag\": \"latest\",\n \"image\": \"alpine:latest@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659\"\n },\n \"ubuntu\": {\n \"name\": \"ubuntu\",\n \"tag\": \"latest\",\n \"image\": \"ubuntu:latest@sha256:84e77dee7d1bc93fb029a45e3c6cb9d8aa4831ccfcc7103d36e876938d28895b\"\n }\n}\n","import type { PartialKeys } from \"@highstate/contract\"\nimport type { common, k8s } from \"@highstate/library\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n type Output,\n output,\n secret,\n toPromise,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { core, Provider, type types } from \"@pulumi/kubernetes\"\nimport * as images from \"../assets/images.json\"\nimport { Namespace } from \"./namespace\"\n\nconst providers = new Map<`${string}.${string}`, Provider>()\n\nexport function getProvider(cluster: k8s.Cluster): Provider {\n const name = `${cluster.name}.${cluster.connectionId}` as const\n const existing = providers.get(name)\n if (existing) {\n return existing\n }\n\n if (cluster.kubeconfig.content.type !== \"embedded-secret\") {\n throw new Error(\"Only embedded secrets are supported for cluster kubeconfig for now\")\n }\n\n const provider = new Provider(name, {\n kubeconfig: secret(cluster.kubeconfig.content.value.value),\n })\n providers.set(name, provider)\n\n return provider\n}\n\nexport async function getProviderAsync(cluster: Input<k8s.Cluster>): Promise<Provider> {\n const resolvedCluster = await toPromise(cluster)\n\n return getProvider(resolvedCluster)\n}\n\nexport function getEmbeddedSecretFileContent(file: Input<common.File>): Output<string> {\n return output(file).apply(file => {\n if (file.content.type !== \"embedded-secret\") {\n throw new Error(\"Only embedded-secret file contents are supported for kubeconfig for now\")\n }\n\n return file.content.value.value\n })\n}\n\nexport function getClusterKubeconfigContent(cluster: Input<k8s.Cluster>): Output<string> {\n return output(cluster).apply(cluster => {\n if (cluster.kubeconfig.content.type !== \"embedded-secret\") {\n throw new Error(\n \"Only embedded-secret file contents are supported for cluster kubeconfig for now\",\n )\n }\n\n return cluster.kubeconfig.content.value.value\n })\n}\n\nexport type NamespaceLike = core.v1.Namespace | Namespace | string\n\nexport type ScopedResourceArgs = {\n /**\n * The name of the resource.\n */\n name?: Input<string>\n\n /**\n * The namespace to create the resource in.\n */\n namespace: Input<Namespace>\n\n /**\n * The metadata to apply to the resource.\n */\n metadata?: Input<types.input.meta.v1.ObjectMeta>\n}\n\nexport const commonExtraArgs = [\"name\", \"namespace\", \"metadata\"] as const\n\nexport function mapMetadata(\n args: PartialKeys<ScopedResourceArgs, \"namespace\">,\n fallbackName?: string,\n): Output<Unwrap<types.input.meta.v1.ObjectMeta>> {\n return output(args.metadata).apply(metadata =>\n output({\n ...metadata,\n name: args.name ?? metadata?.name ?? fallbackName,\n namespace:\n metadata?.namespace ?? (args.namespace ? output(args.namespace).metadata.name : undefined),\n }),\n )\n}\n\nexport type SelectorLike = types.input.meta.v1.LabelSelector | Record<string, Input<string>>\n\nexport function mapSelectorLikeToSelector(\n selector: SelectorLike,\n): types.input.meta.v1.LabelSelector {\n if (\"matchLabels\" in selector || \"matchExpressions\" in selector) {\n return selector\n }\n\n return {\n matchLabels: selector as Record<string, Input<string>>,\n }\n}\n\nexport function getNamespaceName(namespace: NamespaceLike): Output<string> {\n if (Namespace.isInstance(namespace)) {\n return namespace.metadata.name\n }\n\n if (core.v1.Namespace.isInstance(namespace)) {\n return namespace.metadata.name\n }\n\n return output(namespace)\n}\n\nexport function mapNamespaceNameToSelector(\n namespace: Input<string>,\n): types.input.meta.v1.LabelSelector {\n return {\n matchLabels: {\n \"kubernetes.io/metadata.name\": namespace,\n },\n }\n}\n\nexport function validateCluster(\n entity: Input<k8s.Resource>,\n cluster: Input<k8s.Cluster>,\n): Input<k8s.Cluster> {\n return output({ entity, cluster }).apply(({ entity, cluster }) => {\n if (entity.clusterId !== cluster.id) {\n throw new Error(\n `Cluster mismatch for ${entity.kind} \"${entity.metadata.name}\": \"${entity.clusterId}\" != \"${cluster.id}\"`,\n )\n }\n\n return cluster\n })\n}\n\nexport { images }\n\n/**\n * Base class for all Kubernetes resources.\n *\n * Provides common functionality for resources that have a cluster and entity.\n */\nexport abstract class Resource extends ComponentResource {\n /**\n * The Kubernetes API version (e.g., \"v1\", \"apps/v1\", \"batch/v1\").\n */\n static readonly apiVersion: string\n\n /**\n * The Kubernetes kind (e.g., \"ConfigMap\", \"Deployment\", \"CronJob\").\n */\n static readonly kind: string\n\n /**\n * Whether the resource is namespaced.\n */\n static readonly isNamespaced: boolean = false\n\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The cluster where the resource is located.\n */\n readonly cluster: Output<k8s.Cluster>,\n\n /**\n * The metadata of the underlying Kubernetes resource.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * The Kubernetes API version (e.g., \"v1\", \"apps/v1\", \"batch/v1\").\n */\n get apiVersion() {\n return (this.constructor as typeof Resource).apiVersion\n }\n\n /**\n * The Kubernetes kind (e.g., \"ConfigMap\", \"Deployment\", \"CronJob\").\n */\n get kind() {\n return (this.constructor as typeof Resource).kind\n }\n\n get isNamespaced() {\n return (this.constructor as typeof Resource).isNamespaced\n }\n\n protected get entityBase() {\n return {\n clusterId: this.cluster.id,\n clusterName: this.cluster.name,\n apiVersion: this.apiVersion,\n kind: this.kind,\n isNamespaced: false,\n metadata: this.metadata,\n }\n }\n}\n\n/**\n * Base class for all Kubernetes namespaced resources.\n *\n * Provides common functionality for resources that have a cluster, namespace, metadata, and entity.\n */\nexport abstract class NamespacedResource extends Resource {\n static readonly isNamespaced = true\n\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The namespace where the resource is located.\n */\n readonly namespace: Output<Namespace>,\n ) {\n super(type, name, args, opts, namespace.cluster, metadata)\n }\n\n /**\n * The Highstate resource entity.\n */\n abstract get entity(): Output<k8s.NamespacedResource>\n\n protected get entityBase() {\n return {\n clusterId: this.cluster.id,\n clusterName: this.cluster.name,\n apiVersion: this.apiVersion,\n kind: this.kind,\n isNamespaced: true,\n metadata: this.metadata,\n } as const\n }\n}\n","import type { Namespace } from \"./namespace\"\nimport { common, type k8s } from \"@highstate/library\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n interpolate,\n makeEntity,\n normalizeInputs,\n type Output,\n output,\n toPromise,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { core, rbac, type types } from \"@pulumi/kubernetes\"\nimport { map, unique } from \"remeda\"\nimport { Secret } from \"./secret\"\nimport {\n getNamespaceName,\n getProvider,\n NamespacedResource,\n type NamespaceLike,\n type Resource,\n} from \"./shared\"\n\nexport type ClusterAccessScopeArgs = {\n /**\n * The namespace to create the ServiceAccount in.\n */\n namespace: Input<Namespace>\n\n /**\n * The RBAC rule to apply to the `ServiceAccount`.\n *\n * It will be used to create ClusterRole.\n */\n rule?: Input<types.input.rbac.v1.PolicyRule>\n\n /**\n * The RBAC rules to apply to the `ServiceAccount`.\n *\n * It will be used to create `ClusterRole`.\n */\n rules?: InputArray<types.input.rbac.v1.PolicyRule>\n\n /**\n * Whether to allow the `ServiceAccount` to access resources in the namespace where it is created.\n *\n * By default, it is set to `true`.\n */\n allowOriginNamespace?: boolean\n\n /**\n * The extra namespaces to bind to the `ClusterRole` and allow `ServiceAccount` to access them\n * with specified `rules`.\n */\n extraNamespaces?: InputArray<NamespaceLike>\n\n /**\n * Whether to create `ClusterRoleBinding` instead of `RoleBinding` to allow cluster-wide access.\n *\n * This will allow the `ServiceAccount` to access all namespaces and cluster resources.\n */\n clusterWide?: boolean\n\n /**\n * The extra resources to merge into passed rules.\n *\n * Resources will be merged into rule `resourceNames` if they exactly match rule's `apiGroups` and `resources`.\n * If rule specifies multiple apiGroups or resources, resources will not be merged into it.\n */\n resources?: InputArray<Resource | k8s.Resource>\n}\n\nexport class ClusterAccessScope extends ComponentResource {\n /**\n * The cluster entity with the reduced access.\n */\n readonly cluster: Output<k8s.Cluster>\n\n constructor(name: string, args: ClusterAccessScopeArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ClusterAccessScope\", name, args, opts)\n\n const { serviceAccount, kubeconfig } = output(args.namespace).cluster.apply(cluster => {\n const provider = getProvider(cluster)\n const namespaceName = output(args.namespace).metadata.name\n\n const serviceAccount = new core.v1.ServiceAccount(\n name,\n {\n metadata: {\n name,\n namespace: namespaceName,\n },\n },\n { provider },\n )\n\n const clusterRole = new rbac.v1.ClusterRole(\n name,\n {\n metadata: {\n name: interpolate`hs.${namespaceName}.${name}`,\n annotations: {\n \"kubernetes.io/description\": interpolate`Created by Highstate for the ServiceAccount \"${name}\" in the namespace \"${namespaceName}\".`,\n },\n },\n rules: output({\n rules: normalizeInputs(args.rule, args.rules),\n resources: args.resources ?? [],\n }).apply(({ rules, resources }) => mergeResources(rules, resources)),\n },\n { provider },\n )\n\n const createRoleBinding = (namespace: Input<string>) => {\n return new rbac.v1.RoleBinding(\n name,\n {\n metadata: { name, namespace },\n roleRef: {\n kind: \"ClusterRole\",\n name: clusterRole.metadata.name,\n apiGroup: \"rbac.authorization.k8s.io\",\n },\n subjects: [\n {\n kind: \"ServiceAccount\",\n name: serviceAccount.metadata.name,\n namespace: namespaceName,\n },\n ],\n },\n { provider },\n )\n }\n\n if (args.clusterWide) {\n new rbac.v1.ClusterRoleBinding(\n name,\n {\n metadata: { name },\n roleRef: {\n kind: \"ClusterRole\",\n name: clusterRole.metadata.name,\n apiGroup: \"rbac.authorization.k8s.io\",\n },\n subjects: [\n {\n kind: \"ServiceAccount\",\n name: serviceAccount.metadata.name,\n namespace: namespaceName,\n },\n ],\n },\n { provider },\n )\n } else {\n if (args.allowOriginNamespace !== false) {\n createRoleBinding(namespaceName)\n }\n\n output(args.extraNamespaces ?? [])\n .apply(map(getNamespaceName))\n .apply(map(createRoleBinding))\n }\n\n return { serviceAccount, kubeconfig: cluster.kubeconfig }\n })\n\n const accessTokenSecret = Secret.create(`${name}-token`, {\n namespace: args.namespace,\n type: \"kubernetes.io/service-account-token\",\n metadata: {\n annotations: {\n \"kubernetes.io/service-account.name\": serviceAccount.metadata.name,\n },\n },\n })\n\n this.cluster = output({\n cluster: output(args.namespace).cluster,\n kubeconfig,\n newToken: accessTokenSecret.getValue(\"token\"),\n serviceAccount: serviceAccount.metadata.name,\n serviceAccountId: serviceAccount.metadata.uid,\n }).apply(({ cluster, kubeconfig, newToken, serviceAccount, serviceAccountId }) => {\n if (kubeconfig.content.type !== \"embedded-secret\") {\n throw new Error(\"Only embedded secrets are supported for cluster kubeconfig for now\")\n }\n\n const config = new KubeConfig()\n config.loadFromString(kubeconfig.content.value.value)\n\n // clear all existing contexts and users\n config.users = []\n config.contexts = []\n\n config.addUser({ name: serviceAccount, token: newToken })\n\n config.addContext({\n name: config.clusters[0].name,\n cluster: config.clusters[0].name,\n user: serviceAccount,\n })\n\n config.setCurrentContext(config.clusters[0].name)\n\n return {\n ...cluster,\n connectionId: serviceAccountId,\n kubeconfig: makeEntity({\n entity: common.fileEntity,\n identity: `${serviceAccountId}:kubeconfig`,\n meta: {\n title: `kubeconfig for SA ${serviceAccount}`,\n },\n value: {\n content: {\n type: \"embedded-secret\",\n value: config.exportConfig(),\n },\n meta: {\n name: \"kubeconfig\",\n contentType: \"text/yaml\",\n mode: 0o600,\n },\n },\n }),\n }\n })\n }\n}\n\nasync function mergeResources(\n rules: Unwrap<types.input.rbac.v1.PolicyRule>[],\n resources: (Resource | k8s.Resource)[],\n): Promise<types.input.rbac.v1.PolicyRule[]> {\n for (const resource of resources) {\n const entity = await toPromise(\n resource instanceof NamespacedResource ? resource.entity : resource,\n )\n\n const apiGroup = entity.apiVersion.includes(\"/\") // e.g., \"apps/v1\"\n ? entity.apiVersion.split(\"/\")[0]\n : \"\"\n\n const resourceCollection = `${entity.kind.toLowerCase()}s`\n\n const matchingRule = rules.find(rule => {\n const apiGroupsMatch = rule.apiGroups?.length === 1 && rule.apiGroups[0] === apiGroup\n const resourcesMatch =\n rule.resources?.length === 1 && rule.resources[0] === resourceCollection\n\n return apiGroupsMatch && resourcesMatch\n })\n\n if (!matchingRule) {\n continue\n }\n\n matchingRule.resourceNames = await toPromise(\n unique([\n //\n ...(matchingRule.resourceNames ?? []),\n entity.metadata.name,\n ]),\n )\n }\n\n return rules\n}\n","import { getOrCreate } from \"@highstate/contract\"\nimport { k8s } from \"@highstate/library\"\nimport { makeEntityOutput, toPromise } from \"@highstate/pulumi\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n type Output,\n output,\n type Unwrap,\n} from \"@pulumi/pulumi\"\nimport { ClusterAccessScope } from \"./rbac\"\nimport {\n getProvider,\n mapMetadata,\n Resource,\n type ScopedResourceArgs,\n validateCluster,\n} from \"./shared\"\n\nexport type NamespaceArgs = Omit<ScopedResourceArgs, \"namespace\"> & {\n /**\n * The cluster where the namespace is located.\n */\n cluster: Input<k8s.Cluster>\n\n /**\n * Whether to apply \"pod-security.kubernetes.io/enforce=privileged\" label to the namespace.\n */\n privileged?: boolean\n}\n\nexport type CreateOrGetNamespaceArgs = NamespaceArgs & {\n /**\n * The resource to use to determine the name of the namespace.\n *\n * If not provided, the namespace will be created, otherwise it will be retrieved/patched.\n */\n resource?: Input<k8s.NamespacedResource>\n\n /**\n * The namespace entity to patch/retrieve.\n */\n existing?: Input<k8s.Namespace> | undefined\n}\n\nexport abstract class Namespace extends Resource {\n static readonly apiVersion = \"v1\"\n static readonly kind = \"Namespace\"\n\n /**\n * The cluster entity authorized to port-forward into the namespace.\n *\n * Only created for namespaces created with `create` or `createOrGet` methods, not for wrapped or external namespaces.\n */\n portForwardCluster?: Output<k8s.Cluster>\n\n constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n cluster: Output<k8s.Cluster>,\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying Kubernetes namespace.\n */\n readonly spec: Output<types.output.core.v1.NamespaceSpec>,\n\n /**\n * The status of the underlying Kubernetes namespace.\n */\n readonly status: Output<types.output.core.v1.NamespaceStatus>,\n ) {\n super(type, name, args, opts, cluster, metadata)\n }\n\n /**\n * The Highstate namespace entity.\n */\n get entity(): Output<k8s.Namespace> {\n return makeEntityOutput({\n entity: k8s.namespaceEntity,\n identity: this.metadata.uid,\n meta: {\n title: this.metadata.name,\n },\n value: {\n ...this.entityBase,\n },\n })\n }\n\n /**\n * Creates a new namespace.\n */\n static create(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions): Namespace {\n return new CreatedNamespace(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes namespace.\n */\n static wrap(\n name: string,\n args: WrappedNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Namespace {\n return new WrappedNamespace(name, args, opts)\n }\n\n /**\n * Creates a new namespace or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the namespace name. Will not be used when existing namespace is retrieved.\n * @param args The arguments to create or get the namespace with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Promise<Namespace> {\n if (args.resource) {\n return await Namespace.forResourceAsync(args.resource, args.cluster)\n }\n\n if (args.existing) {\n return await Namespace.forAsync(args.existing, args.cluster)\n }\n\n return new CreatedNamespace(name, args, opts)\n }\n\n /**\n * Creates a new namespace or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the namespace name.\n * @param args The arguments to create or patch the namespace with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Namespace {\n if (args.resource) {\n return new NamespacePatch(name, {\n ...args,\n name: output(args.resource).metadata.namespace,\n cluster: validateCluster(args.resource, args.cluster),\n })\n }\n\n if (args.existing) {\n return new NamespacePatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n cluster: validateCluster(args.existing, args.cluster),\n })\n }\n\n return new CreatedNamespace(name, args, opts)\n }\n\n /**\n * Patches an existing namespace.\n *\n * Will throw an error if the namespace does not exist.\n *\n * @param name The name of the resource. May not be the same as the namespace name.\n * @param args The arguments to patch the namespace with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions): Namespace {\n return new NamespacePatch(name, args, opts)\n }\n\n /**\n * Gets an existing namespace.\n *\n * Will throw an error if the namespace does not exist.\n *\n * @param name The name of the resource. May not be the same as the namespace name.\n * @param args The arguments to get the namespace with.\n * @param opts Optional resource options.\n */\n static get(\n name: string,\n args: ExternalNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Namespace {\n return new ExternalNamespace(name, args, opts)\n }\n\n private static readonly namespaceCache = new Map<string, Namespace>()\n\n /**\n * Gets an existing namespace for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{clusterId}`.\n *\n * This method it idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the namespace for.\n * @param cluster The cluster where the namespace is located.\n */\n static for(entity: k8s.Namespace, cluster: Input<k8s.Cluster>): Namespace {\n return getOrCreate(\n Namespace.namespaceCache,\n `${entity.clusterName}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return Namespace.get(name, {\n name: entity.metadata.name,\n cluster: validateCluster(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing namespace for a given entity.\n * Prefer this method over `get` when possible.\n *\n * @param entity The entity to get the namespace for.\n * @param cluster The cluster where the namespace is located.\n */\n static async forAsync(\n entity: Input<k8s.Namespace>,\n cluster: Input<k8s.Cluster>,\n ): Promise<Namespace> {\n const resolvedEntity = await toPromise(entity)\n\n return Namespace.for(resolvedEntity, cluster)\n }\n\n /**\n * Gets an existing namespace where the provided resource is located.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{clusterId}`.\n *\n * This method it idempotent and will return the same instance for the same resource.\n *\n * @param resource The resource to get the namespace for.\n * @param cluster The cluster where the namespace is located.\n */\n static forResource(resource: k8s.NamespacedResource, cluster: Input<k8s.Cluster>): Namespace {\n return getOrCreate(\n Namespace.namespaceCache,\n `${resource.clusterName}.${resource.metadata.namespace}.${resource.clusterId}`,\n name => {\n return Namespace.get(name, {\n name: resource.metadata.namespace,\n cluster: validateCluster(resource, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing namespace for a given entity.\n * Prefer this method over `get` when possible.\n *\n * @param resource The resource to get the namespace for.\n * @param cluster The cluster where the namespace is located.\n */\n static async forResourceAsync(\n resource: Input<k8s.NamespacedResource>,\n cluster: Input<k8s.Cluster>,\n ): Promise<Namespace> {\n const resolvedResource = await toPromise(resource)\n\n return Namespace.forResource(resolvedResource, cluster)\n }\n}\n\nfunction mapNamespaceMetadata(\n args: NamespaceArgs,\n fallbackName: string,\n): Output<Unwrap<types.input.meta.v1.ObjectMeta>> {\n return mapMetadata(args, fallbackName).apply(metadata => {\n if (args.privileged) {\n metadata.labels = {\n ...metadata.labels,\n \"pod-security.kubernetes.io/enforce\": \"privileged\",\n }\n }\n\n return metadata\n })\n}\n\nclass CreatedNamespace extends Namespace {\n constructor(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions) {\n const namespace = output(args.cluster).apply(cluster => {\n return new core.v1.Namespace(\n name,\n { metadata: mapNamespaceMetadata(args, name) },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:Namespace\",\n name,\n args,\n opts,\n output(args.cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n\n const scope = new ClusterAccessScope(\n `${name}-port-forward`,\n {\n namespace: this,\n rules: [\n {\n apiGroups: [\"\"],\n resources: [\"services\"],\n verbs: [\"get\"],\n },\n {\n apiGroups: [\"\"],\n resources: [\"pods\"],\n verbs: [\"get\", \"list\"],\n },\n {\n apiGroups: [\"\"],\n resources: [\"pods/portforward\"],\n verbs: [\"create\"],\n },\n ],\n },\n { parent: this },\n )\n\n this.portForwardCluster = scope.cluster\n }\n}\n\nclass NamespacePatch extends Namespace {\n constructor(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions) {\n const namespace = output(args.cluster).apply(cluster => {\n return new core.v1.NamespacePatch(\n name,\n { metadata: mapNamespaceMetadata(args, name) },\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n })\n\n super(\n \"highstate:k8s:NamespacePatch\",\n name,\n args,\n opts,\n output(args.cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n\nexport type WrappedNamespaceArgs = {\n /**\n * The underlying Kubernetes namespace to wrap.\n */\n namespace: Input<core.v1.Namespace>\n\n /**\n * The cluster where the namespace is located.\n */\n cluster: Input<k8s.Cluster>\n}\n\nexport type ExternalNamespaceArgs = {\n /**\n * The real name of the namespace in the cluster.\n */\n name: Input<string>\n\n /**\n * The cluster where the namespace is located.\n */\n cluster: Input<k8s.Cluster>\n}\n\nclass ExternalNamespace extends Namespace {\n constructor(name: string, args: ExternalNamespaceArgs, opts?: ComponentResourceOptions) {\n const namespace = output(args.cluster).apply(cluster => {\n return core.v1.Namespace.get(name, args.name, {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n })\n })\n\n super(\n \"highstate:k8s:ExternalNamespace\",\n name,\n args,\n opts,\n output(args.cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n\nclass WrappedNamespace extends Namespace {\n constructor(name: string, args: WrappedNamespaceArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedNamespace\",\n name,\n args,\n opts,\n\n output(args.cluster),\n output(args.namespace).metadata,\n output(args.namespace).spec,\n output(args.namespace).status,\n )\n }\n}\n","import { getOrCreate } from \"@highstate/contract\"\nimport { k8s } from \"@highstate/library\"\nimport {\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n interpolate,\n makeEntityOutput,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport { Namespace } from \"./namespace\"\nimport { getProvider, mapMetadata, NamespacedResource, type ScopedResourceArgs } from \"./shared\"\n\nexport type SecretArgs = ScopedResourceArgs &\n Omit<types.input.core.v1.Secret, \"kind\" | \"metadata\" | \"apiVersion\">\n\nexport type CreateOrGetSecretArgs = SecretArgs & {\n /**\n * The secret entity to patch/retrieve.\n */\n existing: Input<k8s.NamespacedResource> | undefined\n}\n\n/**\n * Represents a Kubernetes Secret resource with metadata and data.\n */\nexport abstract class Secret extends NamespacedResource {\n static apiVersion = \"v1\"\n static kind = \"Secret\"\n\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n namespace: Output<Namespace>,\n\n /**\n * The data of the underlying Kubernetes secret.\n */\n readonly data: Output<Record<string, string>>,\n\n /**\n * The stringData of the underlying Kubernetes secret.\n */\n readonly stringData: Output<Record<string, string>>,\n ) {\n super(type, name, args, opts, metadata, namespace)\n }\n\n /**\n * The Highstate secret entity.\n */\n get entity(): Output<k8s.Secret> {\n return makeEntityOutput({\n entity: k8s.secretEntity,\n identity: this.metadata.uid,\n meta: {\n title: this.metadata.name,\n },\n value: {\n ...this.entityBase,\n },\n })\n }\n\n /**\n * Gets the value of the secret field by the given key in `data`.\n *\n * Automatically decodes the base64 value.\n *\n * @param key The key of the secret.\n * @returns The value of the secret.\n */\n getValue(key: string): Output<string> {\n return this.data[key].apply(value => Buffer.from(value, \"base64\").toString())\n }\n\n /**\n * Creates a new secret.\n */\n static create(name: string, args: SecretArgs, opts?: ComponentResourceOptions): Secret {\n return new CreatedSecret(name, args, opts)\n }\n\n /**\n * Creates a new secret or patches an existing one.\n *\n * @param name The name of the resource. May not be the same as the secret name.\n * @param args The arguments to create or patch the secret with.\n * @param opts Optional resource options.\n */\n static createOrPatch(\n name: string,\n args: CreateOrGetSecretArgs,\n opts?: ComponentResourceOptions,\n ): Secret {\n if (args.existing) {\n return new SecretPatch(name, {\n ...args,\n name: output(args.existing).metadata.name,\n })\n }\n\n return new CreatedSecret(name, args, opts)\n }\n\n /**\n * Creates a new secret or gets an existing one.\n *\n * @param name The name of the resource. May not be the same as the secret name. Will not be used when existing secret is retrieved.\n * @param args The arguments to create or get the secret with.\n * @param opts Optional resource options.\n */\n static async createOrGet(\n name: string,\n args: CreateOrGetSecretArgs,\n opts?: ComponentResourceOptions,\n ): Promise<Secret> {\n if (args.existing) {\n return await Secret.forAsync(args.existing, output(args.namespace).cluster)\n }\n\n return new CreatedSecret(name, args, opts)\n }\n\n /**\n * Patches an existing secret.\n *\n * Will throw an error if the secret does not exist.\n *\n * @param name The name of the resource. May not be the same as the secret name.\n * @param args The arguments to patch the secret with.\n * @param opts Optional resource options.\n */\n static patch(name: string, args: SecretArgs, opts?: ComponentResourceOptions): Secret {\n return new SecretPatch(name, args, opts)\n }\n\n /**\n * Wraps an existing Kubernetes secret.\n */\n static wrap(name: string, args: WrappedSecretArgs, opts?: ComponentResourceOptions): Secret {\n return new WrappedSecret(name, args, opts)\n }\n\n /**\n * Gets an existing secret.\n *\n * Will throw an error if the secret does not exist.\n */\n static get(name: string, args: ExternalSecretArgs, opts?: ComponentResourceOptions): Secret {\n return new ExternalSecret(name, args, opts)\n }\n\n private static readonly secretCache = new Map<string, Secret>()\n\n /**\n * Gets an existing secret for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the secret for.\n * @param cluster The cluster where the secret is located.\n */\n static for(entity: k8s.NamespacedResource, cluster: Input<k8s.Cluster>): Secret {\n return getOrCreate(\n Secret.secretCache,\n `${entity.clusterName}.${entity.metadata.namespace}.${entity.metadata.name}.${entity.clusterId}`,\n name => {\n return Secret.get(name, {\n name: entity.metadata.name,\n namespace: Namespace.forResource(entity, cluster),\n })\n },\n )\n }\n\n /**\n * Gets an existing secret for a given entity.\n * Prefer this method over `get` when possible.\n *\n * It automatically names the resource with the following format: `{clusterName}.{namespace}.{name}.{clusterId}`.\n *\n * This method is idempotent and will return the same instance for the same entity.\n *\n * @param entity The entity to get the secret for.\n * @param cluster The cluster where the secret is located.\n */\n static async forAsync(\n entity: Input<k8s.NamespacedResource>,\n cluster: Input<k8s.Cluster>,\n ): Promise<Secret> {\n const resolvedEntity = await toPromise(entity)\n return Secret.for(resolvedEntity, cluster)\n }\n}\n\nclass CreatedSecret extends Secret {\n constructor(name: string, args: SecretArgs, opts?: ComponentResourceOptions) {\n const secret = output(args.namespace).cluster.apply(cluster => {\n return new core.v1.Secret(\n name,\n {\n metadata: mapMetadata(args, name),\n data: args.data,\n stringData: args.stringData,\n type: args.type,\n immutable: args.immutable,\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:Secret\",\n name,\n args,\n opts,\n secret.metadata,\n output(args.namespace),\n secret.data,\n secret.stringData,\n )\n }\n}\n\nclass SecretPatch extends Secret {\n constructor(name: string, args: SecretArgs, opts?: ComponentResourceOptions) {\n const secret = output(args.namespace).cluster.apply(cluster => {\n return new core.v1.SecretPatch(\n name,\n {\n metadata: mapMetadata(args, name),\n data: args.data,\n stringData: args.stringData,\n type: args.type,\n immutable: args.immutable,\n },\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:SecretPatch\",\n name,\n args,\n opts,\n secret.metadata,\n output(args.namespace),\n secret.data,\n secret.stringData,\n )\n }\n}\n\nexport type WrappedSecretArgs = {\n /**\n * The underlying Kubernetes secret to wrap.\n */\n secret: Input<core.v1.Secret>\n\n /**\n * The namespace where the secret is located.\n */\n namespace: Input<Namespace>\n}\n\nclass WrappedSecret extends Secret {\n constructor(name: string, args: WrappedSecretArgs, opts?: ComponentResourceOptions) {\n super(\n \"highstate:k8s:WrappedSecret\",\n name,\n args,\n opts,\n output(args.secret).metadata,\n output(args.namespace),\n output(args.secret).data,\n output(args.secret).stringData,\n )\n }\n}\n\nexport type ExternalSecretArgs = {\n /**\n * The name of the secret to get.\n */\n name: Input<string>\n\n /**\n * The namespace where the secret is located.\n */\n namespace: Input<Namespace>\n}\n\nclass ExternalSecret extends Secret {\n constructor(name: string, args: ExternalSecretArgs, opts?: ComponentResourceOptions) {\n const secret = output(args.namespace).cluster.apply(async cluster => {\n const secret = core.v1.Secret.get(\n name,\n interpolate`${output(args.namespace).metadata.name}/${args.name}`,\n { ...opts, parent: this, provider: getProvider(cluster) },\n )\n\n // TODO: investigate why this needed\n const namespace = await toPromise(output(args.namespace).metadata.name)\n const resolvedName = await toPromise(args.name)\n const metadata = await toPromise(secret.metadata)\n if (!metadata) {\n throw new Error(`Secret ${resolvedName} in namespace ${namespace} not found`)\n }\n\n return secret\n })\n\n super(\n \"highstate:k8s:ExternalSecret\",\n name,\n args,\n opts,\n secret.metadata,\n output(args.namespace),\n secret.data,\n secret.stringData,\n )\n }\n}\n"]}
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import { Deployment } from './chunk-
|
|
2
|
-
import { StatefulSet } from './chunk-
|
|
3
|
-
import { NetworkPolicy } from './chunk-
|
|
4
|
-
import { createServiceSpec, Service } from './chunk-
|
|
5
|
-
import { getNamespaceName, getProvider } from './chunk-
|
|
1
|
+
import { Deployment } from './chunk-BTAEFJ5N.js';
|
|
2
|
+
import { StatefulSet } from './chunk-S77TE7UC.js';
|
|
3
|
+
import { NetworkPolicy } from './chunk-SZKOAHNX.js';
|
|
4
|
+
import { createServiceSpec, Service } from './chunk-OG2OPX7B.js';
|
|
5
|
+
import { getNamespaceName, getProvider } from './chunk-TOLFVF4S.js';
|
|
6
6
|
import { mkdir, unlink, readFile } from 'node:fs/promises';
|
|
7
7
|
import { resolve } from 'node:path';
|
|
8
8
|
import { AccessPointRoute } from '@highstate/common';
|
|
@@ -55,7 +55,7 @@ var Chart = class extends ComponentResource {
|
|
|
55
55
|
...resourceArgs.props,
|
|
56
56
|
spec: {
|
|
57
57
|
...spec,
|
|
58
|
-
...omit(serviceSpec, ["ports"])
|
|
58
|
+
...serviceSpec.ports?.length !== 0 ? serviceSpec : omit(serviceSpec, ["ports"])
|
|
59
59
|
}
|
|
60
60
|
},
|
|
61
61
|
opts: resourceArgs.opts
|
|
@@ -67,20 +67,77 @@ var Chart = class extends ComponentResource {
|
|
|
67
67
|
}
|
|
68
68
|
);
|
|
69
69
|
});
|
|
70
|
-
this.routes = output(
|
|
70
|
+
this.routes = output(
|
|
71
|
+
normalizeInputs(
|
|
72
|
+
args.route ? { name: "default", route: args.route } : void 0,
|
|
73
|
+
args.routes ? Object.entries(args.routes).map(([name2, route]) => ({ name: name2, route })) : void 0
|
|
74
|
+
)
|
|
75
|
+
).apply(async (routes) => {
|
|
71
76
|
if (routes.length === 0) {
|
|
72
77
|
return [];
|
|
73
78
|
}
|
|
74
79
|
return await Promise.all(
|
|
75
|
-
routes.map(async (route) => {
|
|
80
|
+
routes.map(async ({ name: routeName, route }) => {
|
|
81
|
+
const { serviceName: _serviceName, rules: _rules, ...baseRoute } = route;
|
|
82
|
+
const accessPoint = route.accessPoint ?? args.accessPoint;
|
|
83
|
+
if (!accessPoint) {
|
|
84
|
+
throw new Error(
|
|
85
|
+
`Access point is required for chart route "${name}-${routeName}". Set it on the route or on Chart args.accessPoint`
|
|
86
|
+
);
|
|
87
|
+
}
|
|
88
|
+
const namespace2 = await toPromise(args.namespace);
|
|
89
|
+
const routeRules = await toPromise(route.rules);
|
|
90
|
+
const routeRuleValues = Object.values(routeRules ?? {});
|
|
91
|
+
const defaultServiceName = route.serviceName ?? args.serviceName ?? name;
|
|
92
|
+
const defaultServicePort = route.servicePort ?? args.servicePort;
|
|
93
|
+
const needsDefaultBackend = routeRuleValues.length === 0;
|
|
94
|
+
const defaultService = needsDefaultBackend ? await this.getService(defaultServiceName) : void 0;
|
|
95
|
+
const defaultServiceEndpoints = needsDefaultBackend && defaultService ? await this.resolveServiceEndpoints(
|
|
96
|
+
defaultService,
|
|
97
|
+
defaultServiceName,
|
|
98
|
+
defaultServicePort,
|
|
99
|
+
`${name}-${routeName}`
|
|
100
|
+
) : void 0;
|
|
101
|
+
const resolvedRules = routeRules ? await Promise.all(
|
|
102
|
+
Object.entries(routeRules).map(async ([ruleName, rule]) => {
|
|
103
|
+
const ruleServiceName = rule.serviceName ?? defaultServiceName;
|
|
104
|
+
const ruleService = await this.getService(ruleServiceName);
|
|
105
|
+
const ruleServicePort = rule.servicePort ?? route.servicePort ?? args.servicePort;
|
|
106
|
+
const ruleServiceEndpoints = await this.resolveServiceEndpoints(
|
|
107
|
+
ruleService,
|
|
108
|
+
ruleServiceName,
|
|
109
|
+
ruleServicePort,
|
|
110
|
+
`${name}-${routeName}:${ruleName}`
|
|
111
|
+
);
|
|
112
|
+
return [
|
|
113
|
+
ruleName,
|
|
114
|
+
[
|
|
115
|
+
{
|
|
116
|
+
...omit(rule, ["serviceName", "servicePort"]),
|
|
117
|
+
backend: {
|
|
118
|
+
endpoints: ruleServiceEndpoints
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
]
|
|
122
|
+
];
|
|
123
|
+
})
|
|
124
|
+
) : void 0;
|
|
125
|
+
const resolvedRulesInput = resolvedRules ? Object.fromEntries(resolvedRules) : void 0;
|
|
76
126
|
return new AccessPointRoute(
|
|
77
|
-
name
|
|
127
|
+
`${name}-${routeName}`,
|
|
78
128
|
{
|
|
79
|
-
...
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
129
|
+
...baseRoute,
|
|
130
|
+
accessPoint,
|
|
131
|
+
...defaultService ? {
|
|
132
|
+
backend: {
|
|
133
|
+
endpoints: defaultServiceEndpoints
|
|
134
|
+
}
|
|
135
|
+
} : {},
|
|
136
|
+
rules: resolvedRulesInput,
|
|
137
|
+
metadata: {
|
|
138
|
+
...route.metadata ?? {},
|
|
139
|
+
"k8s.namespace": namespace2
|
|
140
|
+
}
|
|
84
141
|
},
|
|
85
142
|
{ ...opts, parent: this }
|
|
86
143
|
);
|
|
@@ -154,16 +211,78 @@ var Chart = class extends ComponentResource {
|
|
|
154
211
|
workloads;
|
|
155
212
|
set service(_value) {
|
|
156
213
|
}
|
|
157
|
-
// biome-ignore lint/correctness/noUnusedPrivateClassMembers: for pulumi which for some reason tries to copy all properties
|
|
158
214
|
set terminals(_value) {
|
|
159
215
|
}
|
|
160
216
|
get service() {
|
|
161
217
|
return this.getServiceOutput(void 0);
|
|
162
218
|
}
|
|
219
|
+
get deployment() {
|
|
220
|
+
return this.getDeploymentOutput(this.name);
|
|
221
|
+
}
|
|
222
|
+
get statefulSet() {
|
|
223
|
+
return this.getStatefulSetOutput(this.name);
|
|
224
|
+
}
|
|
163
225
|
get terminals() {
|
|
164
|
-
return this.workloads.apply((workloads) =>
|
|
226
|
+
return this.workloads.apply((workloads) => {
|
|
227
|
+
const terminalsByWorkload = workloads.map(
|
|
228
|
+
(workload) => output({ terminals: workload.terminals, workloadName: workload.metadata.name })
|
|
229
|
+
);
|
|
230
|
+
return output(terminalsByWorkload).apply((workloadTerminals) => {
|
|
231
|
+
const hasMultipleWorkloads = workloadTerminals.length > 1;
|
|
232
|
+
return workloadTerminals.flatMap(({ terminals, workloadName }) => {
|
|
233
|
+
if (!hasMultipleWorkloads) {
|
|
234
|
+
return terminals;
|
|
235
|
+
}
|
|
236
|
+
return terminals.map((terminal) => ({
|
|
237
|
+
...terminal,
|
|
238
|
+
meta: {
|
|
239
|
+
...terminal.meta,
|
|
240
|
+
title: `${terminal.meta.title} | ${workloadName}`
|
|
241
|
+
}
|
|
242
|
+
}));
|
|
243
|
+
});
|
|
244
|
+
});
|
|
245
|
+
});
|
|
165
246
|
}
|
|
166
247
|
services = /* @__PURE__ */ new Map();
|
|
248
|
+
async resolveServiceEndpoints(service, serviceName, servicePort, routeName) {
|
|
249
|
+
const endpoints = await toPromise(service.endpoints);
|
|
250
|
+
const servicePorts = await toPromise(service.spec.ports);
|
|
251
|
+
if (endpoints.length === 0) {
|
|
252
|
+
throw new Error(
|
|
253
|
+
`No endpoints found for service "${serviceName}" in chart route "${routeName}"`
|
|
254
|
+
);
|
|
255
|
+
}
|
|
256
|
+
let resolvedServicePort;
|
|
257
|
+
if (servicePort != null) {
|
|
258
|
+
const requestedServicePort = await toPromise(servicePort);
|
|
259
|
+
if (typeof requestedServicePort === "string") {
|
|
260
|
+
const namedPort = servicePorts?.find((port) => port.name === requestedServicePort);
|
|
261
|
+
if (!namedPort) {
|
|
262
|
+
throw new Error(
|
|
263
|
+
`Named port "${requestedServicePort}" not found for service "${serviceName}" in chart route "${routeName}"`
|
|
264
|
+
);
|
|
265
|
+
}
|
|
266
|
+
resolvedServicePort = namedPort.port;
|
|
267
|
+
} else {
|
|
268
|
+
resolvedServicePort = requestedServicePort;
|
|
269
|
+
}
|
|
270
|
+
} else {
|
|
271
|
+
resolvedServicePort = endpoints[0]?.port;
|
|
272
|
+
}
|
|
273
|
+
if (resolvedServicePort == null) {
|
|
274
|
+
throw new Error(
|
|
275
|
+
`Unable to resolve service port for service "${serviceName}" in chart route "${routeName}"`
|
|
276
|
+
);
|
|
277
|
+
}
|
|
278
|
+
const filteredEndpoints = endpoints.filter((endpoint) => endpoint.port === resolvedServicePort);
|
|
279
|
+
if (filteredEndpoints.length === 0) {
|
|
280
|
+
throw new Error(
|
|
281
|
+
`No endpoints with port ${resolvedServicePort} found for service "${serviceName}" in chart route "${routeName}"`
|
|
282
|
+
);
|
|
283
|
+
}
|
|
284
|
+
return filteredEndpoints;
|
|
285
|
+
}
|
|
167
286
|
getServiceOutput(name) {
|
|
168
287
|
return output({ args: this.args, chart: this.chart }).apply(({ args, chart }) => {
|
|
169
288
|
const resolvedName = name ?? args.serviceName ?? this.name;
|
|
@@ -181,9 +300,46 @@ var Chart = class extends ComponentResource {
|
|
|
181
300
|
return wrappedService;
|
|
182
301
|
});
|
|
183
302
|
}
|
|
303
|
+
getWorkloadOutput(name) {
|
|
304
|
+
return this.workloads.apply(async (workloads) => {
|
|
305
|
+
const workloadsWithNames = await toPromise(
|
|
306
|
+
workloads.map((workload) => output({ workload, name: workload.metadata.name }))
|
|
307
|
+
);
|
|
308
|
+
const item = workloadsWithNames.find((w) => w.name === name);
|
|
309
|
+
if (!item) {
|
|
310
|
+
throw new Error(`Workload with name '${name}' not found in the chart workloads`);
|
|
311
|
+
}
|
|
312
|
+
return item.workload;
|
|
313
|
+
});
|
|
314
|
+
}
|
|
315
|
+
getDeploymentOutput(name) {
|
|
316
|
+
return this.getWorkloadOutput(name).apply((workload) => {
|
|
317
|
+
if (workload instanceof Deployment) {
|
|
318
|
+
return workload;
|
|
319
|
+
}
|
|
320
|
+
throw new Error(`Workload with name '${name}' is not a Deployment`);
|
|
321
|
+
});
|
|
322
|
+
}
|
|
323
|
+
getStatefulSetOutput(name) {
|
|
324
|
+
return this.getWorkloadOutput(name).apply((workload) => {
|
|
325
|
+
if (workload instanceof StatefulSet) {
|
|
326
|
+
return workload;
|
|
327
|
+
}
|
|
328
|
+
throw new Error(`Workload with name '${name}' is not a StatefulSet`);
|
|
329
|
+
});
|
|
330
|
+
}
|
|
184
331
|
getService(name) {
|
|
185
332
|
return toPromise(this.getServiceOutput(name));
|
|
186
333
|
}
|
|
334
|
+
getWorkload(name) {
|
|
335
|
+
return toPromise(this.getWorkloadOutput(name));
|
|
336
|
+
}
|
|
337
|
+
getDeployment(name) {
|
|
338
|
+
return toPromise(this.getDeploymentOutput(name));
|
|
339
|
+
}
|
|
340
|
+
getStatefulSet(name) {
|
|
341
|
+
return toPromise(this.getStatefulSetOutput(name));
|
|
342
|
+
}
|
|
187
343
|
};
|
|
188
344
|
var RenderedChart = class extends ComponentResource {
|
|
189
345
|
/**
|
|
@@ -263,5 +419,5 @@ function getChartService(chart, name) {
|
|
|
263
419
|
}
|
|
264
420
|
|
|
265
421
|
export { Chart, RenderedChart, getChartService, getChartServiceOutput, resolveHelmChart };
|
|
266
|
-
//# sourceMappingURL=chunk-
|
|
267
|
-
//# sourceMappingURL=chunk-
|
|
422
|
+
//# sourceMappingURL=chunk-TVKT3ZYX.js.map
|
|
423
|
+
//# sourceMappingURL=chunk-TVKT3ZYX.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/helm.ts"],"names":["namespace","name","args","services"],"mappings":";;;;;;;;;;;;;;;;;AAiNO,IAAM,KAAA,GAAN,cAAoB,iBAAA,CAAkB;AAAA,EAqB3C,WAAA,CACmB,IAAA,EACA,IAAA,EACA,IAAA,EACjB;AACA,IAAA,KAAA,CAAM,qBAAA,EAAuB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAJ5B,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAIjB,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,KAAA;AAAA,MAAM,CAAAA,UAAAA,KAC7C,MAAA,CAAOA,aAAY,gBAAA,CAAiBA,UAAS,IAAI,SAAS;AAAA,KAC5D;AAEA,IAAA,IAAA,CAAK,QAAQ,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC3D,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,KAAA;AAAA,QACjB,IAAA;AAAA,QACA,IAAA;AAAA,UACE;AAAA,YACE,GAAG,IAAA;AAAA,YACH,KAAA,EAAO,gBAAA,CAAiB,IAAA,CAAK,KAAK,CAAA;AAAA,YAClC;AAAA,WACF;AAAA,UACA,CAAC,SAAS,QAAQ;AAAA,SACpB;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO,CAAA;AAAA,UAE7B,UAAA,EAAY;AAAA,YACV,GAAI,IAAA,EAAM,UAAA,IAAc,EAAC;AAAA,YAEzB,OAAM,YAAA,KAAgB;AACpB,cAAA,MAAMA,UAAAA,GAAY,MAAM,SAAA,CAAU,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,SAAS,IAAI,CAAA;AAEtE,cAAA,MAAM,WAAA,GAAc,KAAK,WAAA,IAAe,IAAA;AACxC,cAAA,MAAM,eAAe,CAAA,EAAG,IAAI,CAAA,CAAA,EAAIA,UAAS,IAAI,WAAW,CAAA,CAAA;AAExD,cAAA,IACE,YAAA,CAAa,IAAA,KAAS,4BAAA,IACtB,YAAA,CAAa,SAAS,YAAA,EACtB;AACA,gBAAA,MAAM,OAAO,MAAM,SAAA;AAAA,kBACjB,aAAa,KAAA,CAAM;AAAA,iBACrB;AAEA,gBAAA,MAAM,WAAA,GAAc,MAAM,SAAA,CAAU,iBAAA,CAAkB,KAAK,OAAA,IAAW,EAAC,EAAG,OAAO,CAAC,CAAA;AAElF,gBAAA,OAAO;AAAA,kBACL,KAAA,EAAO;AAAA,oBACL,GAAG,YAAA,CAAa,KAAA;AAAA,oBAChB,IAAA,EAAM;AAAA,sBACJ,GAAG,IAAA;AAAA,sBACH,GAAI,WAAA,CAAY,KAAA,EAAO,MAAA,KAAW,CAAA,GAC9B,cACA,IAAA,CAAK,WAAA,EAAa,CAAC,OAAO,CAAC;AAAA;AACjC,mBACF;AAAA,kBACA,MAAM,YAAA,CAAa;AAAA,iBACrB;AAAA,cACF;AAEA,cAAA,OAAO,MAAA;AAAA,YACT;AAAA;AACF;AACF,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,MACZ,eAAA;AAAA,QACE,IAAA,CAAK,QAAQ,EAAE,IAAA,EAAM,WAAW,KAAA,EAAO,IAAA,CAAK,OAAM,GAAI,MAAA;AAAA,QACtD,KAAK,MAAA,GACD,MAAA,CAAO,QAAQ,IAAA,CAAK,MAAM,EAAE,GAAA,CAAI,CAAC,CAACC,KAAAA,EAAM,KAAK,CAAA,MAAO,EAAE,MAAAA,KAAAA,EAAM,KAAA,GAAQ,CAAA,GACpE;AAAA;AACN,KACF,CAAE,KAAA,CAAM,OAAM,MAAA,KAAU;AACtB,MAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,QAAA,OAAO,EAAC;AAAA,MACV;AAEA,MAAA,OAAO,MAAM,OAAA,CAAQ,GAAA;AAAA,QACnB,OAAO,GAAA,CAAI,OAAO,EAAE,IAAA,EAAM,SAAA,EAAW,OAAM,KAAM;AAC/C,UAAA,MAAM,EAAE,WAAA,EAAa,YAAA,EAAc,OAAO,MAAA,EAAQ,GAAG,WAAU,GAAI,KAAA;AACnE,UAAA,MAAM,WAAA,GAAc,KAAA,CAAM,WAAA,IAAe,IAAA,CAAK,WAAA;AAE9C,UAAA,IAAI,CAAC,WAAA,EAAa;AAChB,YAAA,MAAM,IAAI,KAAA;AAAA,cACR,CAAA,0CAAA,EAA6C,IAAI,CAAA,CAAA,EAAI,SAAS,CAAA,mDAAA;AAAA,aAChE;AAAA,UACF;AAEA,UAAA,MAAMD,UAAAA,GAAY,MAAM,SAAA,CAAU,IAAA,CAAK,SAAS,CAAA;AAEhD,UAAA,MAAM,UAAA,GAAc,MAAM,SAAA,CAAU,KAAA,CAAM,KAAK,CAAA;AAC/C,UAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,MAAA,CAAO,UAAA,IAAc,EAAE,CAAA;AAEtD,UAAA,MAAM,kBAAA,GAAqB,KAAA,CAAM,WAAA,IAAe,IAAA,CAAK,WAAA,IAAe,IAAA;AACpE,UAAA,MAAM,kBAAA,GAAqB,KAAA,CAAM,WAAA,IAAe,IAAA,CAAK,WAAA;AACrD,UAAA,MAAM,mBAAA,GAAsB,gBAAgB,MAAA,KAAW,CAAA;AAEvD,UAAA,MAAM,iBAAiB,mBAAA,GACnB,MAAM,IAAA,CAAK,UAAA,CAAW,kBAAkB,CAAA,GACxC,MAAA;AAEJ,UAAA,MAAM,uBAAA,GACJ,mBAAA,IAAuB,cAAA,GACnB,MAAM,IAAA,CAAK,uBAAA;AAAA,YACT,cAAA;AAAA,YACA,kBAAA;AAAA,YACA,kBAAA;AAAA,YACA,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,SAAS,CAAA;AAAA,WACtB,GACA,MAAA;AAEN,UAAA,MAAM,aAAA,GAAgB,UAAA,GAClB,MAAM,OAAA,CAAQ,GAAA;AAAA,YACZ,MAAA,CAAO,QAAQ,UAAU,CAAA,CAAE,IAAI,OAAO,CAAC,QAAA,EAAU,IAAI,CAAA,KAAM;AACzD,cAAA,MAAM,eAAA,GAAkB,KAAK,WAAA,IAAe,kBAAA;AAC5C,cAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,UAAA,CAAW,eAAe,CAAA;AACzD,cAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,WAAA,IAAe,KAAA,CAAM,eAAe,IAAA,CAAK,WAAA;AACtE,cAAA,MAAM,oBAAA,GAAuB,MAAM,IAAA,CAAK,uBAAA;AAAA,gBACtC,WAAA;AAAA,gBACA,eAAA;AAAA,gBACA,eAAA;AAAA,gBACA,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,SAAS,IAAI,QAAQ,CAAA;AAAA,eAClC;AAEA,cAAA,OAAO;AAAA,gBACL,QAAA;AAAA,gBACA;AAAA,kBACE;AAAA,oBACE,GAAG,IAAA,CAAK,IAAA,EAAM,CAAC,aAAA,EAAe,aAAa,CAAC,CAAA;AAAA,oBAC5C,OAAA,EAAS;AAAA,sBACP,SAAA,EAAW;AAAA;AACb;AACF;AACF,eACF;AAAA,YACF,CAAC;AAAA,WACH,GACA,MAAA;AAEJ,UAAA,MAAM,kBAAA,GAAqB,aAAA,GACtB,MAAA,CAAO,WAAA,CAAY,aAAa,CAAA,GACjC,MAAA;AAEJ,UAAA,OAAO,IAAI,gBAAA;AAAA,YACT,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA;AAAA,YACpB;AAAA,cACE,GAAG,SAAA;AAAA,cACH,WAAA;AAAA,cACA,GAAI,cAAA,GACA;AAAA,gBACE,OAAA,EAAS;AAAA,kBACP,SAAA,EAAW;AAAA;AACb,kBAEF,EAAC;AAAA,cACL,KAAA,EAAO,kBAAA;AAAA,cACP,QAAA,EAAU;AAAA,gBACR,GAAI,KAAA,CAAM,QAAA,IAAY,EAAC;AAAA,gBACvB,eAAA,EAAiBA;AAAA;AACnB,aACF;AAAA,YACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,IAAA;AAAK,WAC1B;AAAA,QACF,CAAC;AAAA,OACH;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,kBAAkB,MAAA,CAAO,IAAI,CAAA,CAAE,KAAA,CAAM,CAAAE,KAAAA,KAAQ;AAChD,MAAA,MAAM,QAAA,GAAW,SAAA,CAAUA,KAAAA,CAAK,aAAA,EAAeA,MAAK,eAAe,CAAA;AAEnE,MAAA,OAAO,MAAA;AAAA,QACL,QAAA,CAAS,IAAI,CAAA,MAAA,KAAU;AACrB,UAAA,OAAO,IAAI,aAAA;AAAA,YACT,IAAA;AAAA,YACA;AAAA,cACE,GAAG,MAAA;AAAA,cACH,WAAWA,KAAAA,CAAK,SAAA;AAAA,cAChB,WAAA,EAAa,kCAAkC,IAAI,CAAA,CAAA;AAAA,aACrD;AAAA,YACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,IAAA;AAAK,WAC1B;AAAA,QACF,CAAC;AAAA,OACH;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,YAAY,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,CAAE,MAAM,CAAA,KAAA,KAAS;AACjD,MAAA,OAAO,MAAA;AAAA,QACL,KAAA,CAAM,SAAA,CAAU,KAAA,CAAM,CAAA,SAAA,KAAa;AACjC,UAAA,OAAO,SAAA,CACJ,IAAI,CAAA,QAAA,KAAY;AACf,YAAA,IAAI,IAAA,CAAK,EAAA,CAAG,UAAA,CAAW,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC3C,cAAA,OAAO,QAAA,CAAS,QAAA,CAAS,IAAA,CAAK,KAAA,CAAM,CAAAD,KAAAA,KAAQ;AAC1C,gBAAA,OAAO,UAAA,CAAW,IAAA;AAAA,kBAChBA,KAAAA;AAAA,kBACA,EAAE,WAAW,IAAA,CAAK,SAAA,EAAW,YAAY,QAAA,EAAU,QAAA,EAAU,KAAK,QAAA,EAAS;AAAA,kBAC3E,IAAA,CAAK;AAAA,iBACP;AAAA,cACF,CAAC,CAAA;AAAA,YACH;AAEA,YAAA,IAAI,IAAA,CAAK,EAAA,CAAG,WAAA,CAAY,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC5C,cAAA,OAAO,QAAA,CAAS,QAAA,CAAS,IAAA,CAAK,KAAA,CAAM,CAAAA,KAAAA,KAAQ;AAC1C,gBAAA,OAAO,WAAA,CAAY,IAAA;AAAA,kBACjBA,KAAAA;AAAA,kBACA;AAAA,oBACE,WAAW,IAAA,CAAK,SAAA;AAAA,oBAChB,WAAA,EAAa,QAAA;AAAA,oBACb,OAAA,EAAS,IAAA,CAAK,gBAAA,CAAiBA,KAAI,CAAA;AAAA,oBACnC,UAAU,IAAA,CAAK;AAAA,mBACjB;AAAA,kBACA,IAAA,CAAK;AAAA,iBACP;AAAA,cACF,CAAC,CAAA;AAAA,YACH;AAEA,YAAA,OAAO,MAAA;AAAA,UACT,CAAC,CAAA,CACA,MAAA,CAAO,YAAY,CAAA;AAAA,QACxB,CAAC;AAAA,OACH;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAhPgB,KAAA;AAAA;AAAA;AAAA;AAAA,EAKA,MAAA;AAAA;AAAA;AAAA;AAAA,EAKA,eAAA;AAAA;AAAA;AAAA;AAAA,EAKA,SAAA;AAAA,EAmOhB,IAAY,QAAQ,MAAA,EAAe;AAAA,EAAC;AAAA,EAEpC,IAAY,UAAU,MAAA,EAAe;AAAA,EAAC;AAAA,EAEtC,IAAI,OAAA,GAA2B;AAC7B,IAAA,OAAO,IAAA,CAAK,iBAAiB,MAAS,CAAA;AAAA,EACxC;AAAA,EAEA,IAAI,UAAA,GAAiC;AACnC,IAAA,OAAO,IAAA,CAAK,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA;AAAA,EAC3C;AAAA,EAEA,IAAI,WAAA,GAAmC;AACrC,IAAA,OAAO,IAAA,CAAK,oBAAA,CAAqB,IAAA,CAAK,IAAI,CAAA;AAAA,EAC5C;AAAA,EAEA,IAAI,SAAA,GAAoC;AACtC,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,KAAA,CAAM,CAAA,SAAA,KAAa;AACvC,MAAA,MAAM,sBAAsB,SAAA,CAAU,GAAA;AAAA,QAAI,CAAA,QAAA,KACxC,MAAA,CAAO,EAAE,SAAA,EAAW,QAAA,CAAS,WAAW,YAAA,EAAc,QAAA,CAAS,QAAA,CAAS,IAAA,EAAM;AAAA,OAChF;AAEA,MAAA,OAAO,MAAA,CAAO,mBAAmB,CAAA,CAAE,KAAA,CAAM,CAAA,iBAAA,KAAqB;AAC5D,QAAA,MAAM,oBAAA,GAAuB,kBAAkB,MAAA,GAAS,CAAA;AAExD,QAAA,OAAO,kBAAkB,OAAA,CAAQ,CAAC,EAAE,SAAA,EAAW,cAAa,KAAM;AAChE,UAAA,IAAI,CAAC,oBAAA,EAAsB;AACzB,YAAA,OAAO,SAAA;AAAA,UACT;AAEA,UAAA,OAAO,SAAA,CAAU,IAAI,CAAA,QAAA,MAAa;AAAA,YAChC,GAAG,QAAA;AAAA,YACH,IAAA,EAAM;AAAA,cACJ,GAAG,QAAA,CAAS,IAAA;AAAA,cACZ,OAAO,CAAA,EAAG,QAAA,CAAS,IAAA,CAAK,KAAK,MAAM,YAAY,CAAA;AAAA;AACjD,WACF,CAAE,CAAA;AAAA,QACJ,CAAC,CAAA;AAAA,MACH,CAAC,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EACH;AAAA,EAEiB,QAAA,uBAAe,GAAA,EAAqB;AAAA,EAErD,MAAc,uBAAA,CACZ,OAAA,EACA,WAAA,EACA,aACA,SAAA,EACA;AACA,IAAA,MAAM,SAAA,GAAY,MAAM,SAAA,CAAU,OAAA,CAAQ,SAAS,CAAA;AACnD,IAAA,MAAM,YAAA,GAAe,MAAM,SAAA,CAAU,OAAA,CAAQ,KAAK,KAAK,CAAA;AAEvD,IAAA,IAAI,SAAA,CAAU,WAAW,CAAA,EAAG;AAC1B,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,gCAAA,EAAmC,WAAW,CAAA,kBAAA,EAAqB,SAAS,CAAA,CAAA;AAAA,OAC9E;AAAA,IACF;AAEA,IAAA,IAAI,mBAAA;AAEJ,IAAA,IAAI,eAAe,IAAA,EAAM;AACvB,MAAA,MAAM,oBAAA,GAAuB,MAAM,SAAA,CAAU,WAAW,CAAA;AAExD,MAAA,IAAI,OAAO,yBAAyB,QAAA,EAAU;AAC5C,QAAA,MAAM,YAAY,YAAA,EAAc,IAAA,CAAK,CAAA,IAAA,KAAQ,IAAA,CAAK,SAAS,oBAAoB,CAAA;AAE/E,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,CAAA,YAAA,EAAe,oBAAoB,CAAA,yBAAA,EAA4B,WAAW,qBAAqB,SAAS,CAAA,CAAA;AAAA,WAC1G;AAAA,QACF;AAEA,QAAA,mBAAA,GAAsB,SAAA,CAAU,IAAA;AAAA,MAClC,CAAA,MAAO;AACL,QAAA,mBAAA,GAAsB,oBAAA;AAAA,MACxB;AAAA,IACF,CAAA,MAAO;AACL,MAAA,mBAAA,GAAsB,SAAA,CAAU,CAAC,CAAA,EAAG,IAAA;AAAA,IACtC;AAEA,IAAA,IAAI,uBAAuB,IAAA,EAAM;AAC/B,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,4CAAA,EAA+C,WAAW,CAAA,kBAAA,EAAqB,SAAS,CAAA,CAAA;AAAA,OAC1F;AAAA,IACF;AAEA,IAAA,MAAM,oBAAoB,SAAA,CAAU,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,mBAAmB,CAAA;AAE5F,IAAA,IAAI,iBAAA,CAAkB,WAAW,CAAA,EAAG;AAClC,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,uBAAA,EAA0B,mBAAmB,CAAA,oBAAA,EAAuB,WAAW,qBAAqB,SAAS,CAAA,CAAA;AAAA,OAC/G;AAAA,IACF;AAEA,IAAA,OAAO,iBAAA;AAAA,EACT;AAAA,EAEA,iBAAiB,IAAA,EAA2C;AAC1D,IAAA,OAAO,MAAA,CAAO,EAAE,IAAA,EAAM,IAAA,CAAK,MAAM,KAAA,EAAO,IAAA,CAAK,KAAA,EAAO,EAAE,KAAA,CAAM,CAAC,EAAE,IAAA,EAAM,OAAM,KAAM;AAC/E,MAAA,MAAM,YAAA,GAAe,IAAA,IAAQ,IAAA,CAAK,WAAA,IAAe,IAAA,CAAK,IAAA;AACtD,MAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,YAAY,CAAA;AAEtD,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,OAAO,eAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,qBAAA,CAAsB,KAAA,EAAO,YAAY,CAAA;AAEzD,MAAA,MAAM,iBAAiB,OAAA,CAAQ,IAAA;AAAA,QAC7B,YAAA;AAAA,QACA,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,OAAA,EAAQ;AAAA,QACrC,EAAE,GAAG,IAAA,CAAK,IAAA,EAAM,QAAQ,IAAA;AAAK,OAC/B;AAEA,MAAA,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,YAAA,EAAc,cAAc,CAAA;AAC9C,MAAA,OAAO,cAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,kBAAkB,IAAA,EAAgC;AAChD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,KAAA,CAAM,OAAM,SAAA,KAAa;AAC7C,MAAA,MAAM,qBAAqB,MAAM,SAAA;AAAA,QAC/B,SAAA,CAAU,GAAA,CAAI,CAAA,QAAA,KAAY,MAAA,CAAO,EAAE,QAAA,EAAU,IAAA,EAAM,QAAA,CAAS,QAAA,CAAS,IAAA,EAAM,CAAC;AAAA,OAC9E;AAEA,MAAA,MAAM,OAAO,kBAAA,CAAmB,IAAA,CAAK,CAAA,CAAA,KAAK,CAAA,CAAE,SAAS,IAAI,CAAA;AAEzD,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,IAAI,CAAA,kCAAA,CAAoC,CAAA;AAAA,MACjF;AAEA,MAAA,OAAO,IAAA,CAAK,QAAA;AAAA,IACd,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,oBAAoB,IAAA,EAAkC;AACpD,IAAA,OAAO,IAAA,CAAK,iBAAA,CAAkB,IAAI,CAAA,CAAE,MAAM,CAAA,QAAA,KAAY;AACpD,MAAA,IAAI,oBAAoB,UAAA,EAAY;AAClC,QAAA,OAAO,QAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,IAAI,CAAA,qBAAA,CAAuB,CAAA;AAAA,IACpE,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,qBAAqB,IAAA,EAAmC;AACtD,IAAA,OAAO,IAAA,CAAK,iBAAA,CAAkB,IAAI,CAAA,CAAE,MAAM,CAAA,QAAA,KAAY;AACpD,MAAA,IAAI,oBAAoB,WAAA,EAAa;AACnC,QAAA,OAAO,QAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,IAAI,CAAA,sBAAA,CAAwB,CAAA;AAAA,IACrE,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,WAAW,IAAA,EAAiC;AAC1C,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,gBAAA,CAAiB,IAAI,CAAC,CAAA;AAAA,EAC9C;AAAA,EAEA,YAAY,IAAA,EAAiC;AAC3C,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,iBAAA,CAAkB,IAAI,CAAC,CAAA;AAAA,EAC/C;AAAA,EAEA,cAAc,IAAA,EAAmC;AAC/C,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,mBAAA,CAAoB,IAAI,CAAC,CAAA;AAAA,EACjD;AAAA,EAEA,eAAe,IAAA,EAAoC;AACjD,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,oBAAA,CAAqB,IAAI,CAAC,CAAA;AAAA,EAClD;AACF;AAmBO,IAAM,aAAA,GAAN,cAA4B,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAInC,QAAA;AAAA;AAAA;AAAA;AAAA,EAKA,OAAA;AAAA,EAEhB,WAAA,CAAY,IAAA,EAAc,IAAA,EAAyB,IAAA,EAAiC;AAClF,IAAA,KAAA,CAAM,6BAAA,EAA+B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAErD,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO,IAAI,CAAA,CAAE,KAAA,CAAM,CAAAC,KAAAA,KAAQ;AACxC,MAAA,MAAM,MAAA,GAASA,MAAK,MAAA,GAChB,MAAA,CAAO,QAAQA,KAAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,KAAK,KAAK,CAAA,KAAM,CAAC,OAAA,EAAS,CAAA,EAAG,GAAG,KAAK,KAAK,CAAA,CAAA,CAAG,CAAC,CAAA,GACpF,EAAC;AAEL,MAAA,OAAO,IAAI,KAAA,CAAM,OAAA;AAAA,QACf,IAAA;AAAA,QACA;AAAA,UACE,QAAQ,MAAA,CAAO;AAAA,YACb,MAAA;AAAA,YACA,UAAA;AAAA,YACA,gBAAA,CAAiBA,MAAK,KAAK,CAAA;AAAA,YAE3B,GAAIA,KAAAA,CAAK,SAAA,GAAY,CAAC,aAAA,EAAe,iBAAiBA,KAAAA,CAAK,SAAS,CAAC,CAAA,GAAI,EAAC;AAAA,YAE1E,GAAG;AAAA,WACJ,CAAA,CAAE,KAAA,CAAM,aAAW,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,UAErC,OAAA,EAAS;AAAA,SACX;AAAA,QACA,EAAE,MAAA,EAAQ,IAAA,EAAM,GAAG,IAAA;AAAK,OAC1B;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,QAAA,GAAW,KAAK,OAAA,CAAQ,MAAA;AAE7B,IAAA,IAAA,CAAK,eAAA,CAAgB,EAAE,QAAA,EAAU,IAAA,CAAK,UAAU,OAAA,EAAS,IAAA,CAAK,SAAS,CAAA;AAAA,EACzE;AACF;AAeA,eAAsB,iBAAiB,QAAA,EAA0C;AAC/E,EAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,CAAI,mBAAA,EAAqB;AACpC,IAAA,MAAM,IAAI,MAAM,qDAAqD,CAAA;AAAA,EACvE;AAEA,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,qBAAqB,QAAQ,CAAA;AACnE,EAAA,MAAM,KAAA,CAAM,SAAA,EAAW,EAAE,SAAA,EAAW,MAAM,CAAA;AAE1C,EAAA,MAAM,WAAA,GAAc,CAAA,EAAG,QAAA,CAAS,IAAI,CAAA,MAAA,CAAA;AACpC,EAAA,MAAM,iBAAiB,CAAA,EAAG,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,SAAS,OAAO,CAAA,IAAA,CAAA;AAG3D,EAAA,MAAM,QAAQ,MAAM,IAAA,CAAK,aAAa,EAAE,GAAA,EAAK,WAAW,CAAA;AAExD,EAAA,IAAI,KAAA,CAAM,QAAA,CAAS,cAAc,CAAA,EAAG;AAClC,IAAA,OAAO,OAAA,CAAQ,WAAW,cAAc,CAAA;AAAA,EAC1C;AAGA,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,MAAA,CAAO,OAAA,CAAQ,SAAA,EAAW,IAAI,CAAC,CAAA;AAAA,EACvC;AAGA,EAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,IAAA,CAAK,UAAA,CAAW,QAAQ,CAAA;AAC/C,EAAA,MAAM,QAAA,GAAW,KAAA,GAAQ,CAAA,EAAG,QAAA,CAAS,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAC,CAAA,CAAA,EAAI,QAAA,CAAS,IAAI,KAAK,QAAA,CAAS,IAAA;AAE3F,EAAA,MAAM,QAAA,GAAW,CAAC,MAAA,EAAQ,QAAA,EAAU,aAAa,QAAA,CAAS,OAAA,EAAS,iBAAiB,SAAS,CAAA;AAE7F,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,QAAA,CAAS,IAAA,CAAK,QAAA,EAAU,QAAA,CAAS,IAAI,CAAA;AAAA,EACvC;AAEA,EAAA,MAAM,KAAA,CAAM,QAAQ,QAAQ,CAAA;AAG5B,EAAA,MAAM,UAAU,MAAM,QAAA,CAAS,OAAA,CAAQ,SAAA,EAAW,cAAc,CAAC,CAAA;AACjE,EAAA,MAAM,YAAA,GAAe,MAAM,MAAA,CAAO,OAAO,CAAA;AAEzC,EAAA,IAAI,YAAA,KAAiB,SAAS,MAAA,EAAQ;AACpC,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,QAAA,CAAS,IAAI,CAAA,CAAA,CAAG,CAAA;AAAA,EAChE;AAEA,EAAA,OAAO,OAAA,CAAQ,WAAW,cAAc,CAAA;AAC1C;AASO,SAAS,qBAAA,CAAsB,OAAsB,IAAA,EAAuC;AACjG,EAAA,MAAM,QAAA,GAAW,KAAA,CAAM,SAAA,CAAU,KAAA,CAAM,CAAA,SAAA,KAAa;AAClD,IAAA,OAAO,UACJ,MAAA,CAAO,CAAA,CAAA,KAAK,KAAK,EAAA,CAAG,OAAA,CAAQ,WAAW,CAAC,CAAC,CAAA,CACzC,GAAA,CAAI,cAAY,EAAE,IAAA,EAAM,QAAQ,QAAA,CAAS,IAAA,EAAM,SAAQ,CAAE,CAAA;AAAA,EAC9D,CAAC,CAAA;AAED,EAAA,OAAO,MAAA,CAAO,QAAQ,CAAA,CAAE,KAAA,CAAM,CAAAC,SAAAA,KAAY;AACxC,IAAA,MAAM,UAAUA,SAAAA,CAAS,IAAA,CAAK,OAAK,CAAA,CAAE,IAAA,KAAS,IAAI,CAAA,EAAG,OAAA;AAErD,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,IAAI,CAAA,kCAAA,CAAoC,CAAA;AAAA,IAChF;AAEA,IAAA,OAAO,OAAA;AAAA,EACT,CAAC,CAAA;AACH;AASO,SAAS,eAAA,CAAgB,OAAsB,IAAA,EAAwC;AAC5F,EAAA,OAAO,SAAA,CAAU,qBAAA,CAAsB,KAAA,EAAO,IAAI,CAAC,CAAA;AACrD","file":"chunk-TVKT3ZYX.js","sourcesContent":["import type { UnitTerminal } from \"@highstate/contract\"\nimport type { common } from \"@highstate/library\"\nimport type { DistributedOmit } from \"type-fest\"\nimport type { Namespace } from \"./namespace\"\nimport type { Workload, WorkloadTerminalArgs } from \"./workload\"\nimport { mkdir, readFile, unlink } from \"node:fs/promises\"\nimport { resolve } from \"node:path\"\nimport {\n AccessPointRoute,\n type AccessPointRouteArgs,\n type GatewayHttpRuleArgs,\n type GatewayRuleArgs,\n} from \"@highstate/common\"\nimport { type InputRecord, normalize, normalizeInputs, toPromise } from \"@highstate/pulumi\"\nimport { local } from \"@pulumi/command\"\nimport { apps, core, helm, type types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Output,\n output,\n} from \"@pulumi/pulumi\"\nimport { sha256 } from \"crypto-hash\"\nimport { glob } from \"glob\"\nimport spawn from \"nano-spawn\"\nimport { isNonNullish, omit } from \"remeda\"\nimport { Deployment } from \"./deployment\"\nimport { NetworkPolicy, type NetworkPolicyArgs } from \"./network-policy\"\nimport { createServiceSpec, Service, type ServiceArgs } from \"./service\"\nimport { getNamespaceName, getProvider, type NamespaceLike } from \"./shared\"\nimport { StatefulSet } from \"./stateful-set\"\n\ntype ChartRouteBaseArgs = DistributedOmit<\n AccessPointRouteArgs,\n \"accessPoint\" | \"backend\" | \"backends\" | \"rules\" | \"type\" | \"path\" | \"paths\"\n> & {\n /**\n * The name of the service to route to.\n *\n * If not specified, it will route to the main service of the chart.\n */\n serviceName?: string\n\n /**\n * The service port to route to.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * If not specified, it first falls back to the servicePort of the chart,\n * then to the first port of the matched service.\n */\n servicePort?: Input<number | string>\n\n /**\n * The access point to use for the route.\n *\n * If not specified, it will use the access point provided at the chart level, or throw an error if the chart level access point is not provided.\n */\n accessPoint?: Input<common.AccessPoint>\n\n /**\n * The protocol type for the route.\n */\n type: \"http\" | \"tcp\" | \"udp\"\n}\n\ntype ChartHttpGatewayRuleArgs = DistributedOmit<GatewayHttpRuleArgs, \"backend\" | \"backends\"> & {\n /**\n * The name of the service to route to.\n *\n * If not specified, it first falls back to the serviceName of the route, then to the main service of the chart.\n */\n serviceName?: string\n\n /**\n * The service port to route to.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * If not specified, it first falls back to the servicePort of the route,\n * then to the servicePort of the chart,\n * then to the first port of the matched service.\n */\n servicePort?: Input<number | string>\n}\n\ntype ChartTcpUdpGatewayRuleArgs = DistributedOmit<GatewayRuleArgs, \"backend\" | \"backends\"> & {\n /**\n * The name of the service to route to.\n *\n * If not specified, it first falls back to the serviceName of the route, then to the main service of the chart.\n */\n serviceName?: string\n\n /**\n * The service port to route to.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * If not specified, it first falls back to the servicePort of the route,\n * then to the servicePort of the chart,\n * then to the first port of the matched service.\n */\n servicePort?: Input<number | string>\n}\n\ntype ChartGatewayRuleArgs = ChartHttpGatewayRuleArgs | ChartTcpUdpGatewayRuleArgs\n\nexport type ChartRouteArgs = ChartRouteBaseArgs &\n (\n | {\n type: \"http\"\n\n /**\n * The path to match for the `default` rule of the listener.\n */\n path?: Input<string>\n\n /**\n * The paths to match for the `default` rule of the listener.\n */\n paths?: Input<string[]>\n\n /**\n * The rules of the route.\n */\n rules?: InputRecord<ChartHttpGatewayRuleArgs>\n }\n | {\n type: \"tcp\" | \"udp\"\n\n /**\n * The rules of the route.\n */\n rules?: InputRecord<ChartTcpUdpGatewayRuleArgs>\n }\n )\n\nexport type ChartArgs = Omit<\n helm.v4.ChartArgs,\n \"chart\" | \"version\" | \"repositoryOpts\" | \"namespace\"\n> & {\n /**\n * The namespace to deploy the chart into.\n */\n namespace: Input<Namespace>\n\n /**\n * The custom name of the primary service exposed by the chart.\n *\n * By default, it is the same as the chart name.\n */\n serviceName?: string\n\n /**\n * The service port to route to by default.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * Can be overridden by route.servicePort and rule.servicePort.\n */\n servicePort?: Input<number | string>\n\n /**\n * The extra args to pass to the main service of the chart.\n *\n * Will be patched via transformations.\n */\n service?: Partial<ServiceArgs>\n\n /**\n * The manifest of the chart to resolve.\n */\n chart: ChartManifest\n\n /**\n * The args for the terminal to use.\n *\n * Will be applied to all workloads created by the chart.\n */\n terminal?: Input<WorkloadTerminalArgs>\n\n /**\n * The configuration for the access point route to create.\n */\n route?: Input<ChartRouteArgs>\n\n /**\n * The configuration for the access point routes to create.\n */\n routes?: InputRecord<ChartRouteArgs>\n\n /**\n * The access point to use for the routes.\n */\n accessPoint?: Input<common.AccessPoint>\n\n /**\n * The network policy to apply to the chart.\n */\n networkPolicy?: Input<Omit<NetworkPolicyArgs, \"selector\" | \"cluster\" | \"namespace\">>\n\n /**\n * The network policies to apply to the chart.\n */\n networkPolicies?: Input<NetworkPolicyArgs[]>\n}\n\nexport class Chart extends ComponentResource {\n /**\n * The underlying Helm chart.\n */\n public readonly chart: Output<helm.v4.Chart>\n\n /**\n * The access point routes created for the chart.\n */\n public readonly routes: Output<AccessPointRoute[]>\n\n /**\n * The network policies applied to the chart.\n */\n public readonly networkPolicies: Output<NetworkPolicy[]>\n\n /**\n * All workloads created by the chart.\n */\n public readonly workloads: Output<Workload[]>\n\n constructor(\n private readonly name: string,\n private readonly args: ChartArgs,\n private readonly opts?: ComponentResourceOptions,\n ) {\n super(\"highstate:k8s:Chart\", name, args, opts)\n\n const namespace = output(args.namespace).apply(namespace =>\n output(namespace ? getNamespaceName(namespace) : \"default\"),\n )\n\n this.chart = output(args.namespace).cluster.apply(cluster => {\n return new helm.v4.Chart(\n name,\n omit(\n {\n ...args,\n chart: resolveHelmChart(args.chart),\n namespace,\n },\n [\"route\", \"routes\"],\n ),\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n\n transforms: [\n ...(opts?.transforms ?? []),\n\n async resourceArgs => {\n const namespace = await toPromise(output(args.namespace).metadata.name)\n\n const serviceName = args.serviceName ?? name\n const expectedName = `${name}:${namespace}/${serviceName}`\n\n if (\n resourceArgs.type === \"kubernetes:core/v1:Service\" &&\n resourceArgs.name === expectedName\n ) {\n const spec = await toPromise(\n resourceArgs.props.spec as types.input.core.v1.ServiceSpec,\n )\n\n const serviceSpec = await toPromise(createServiceSpec(args.service ?? {}, cluster))\n\n return {\n props: {\n ...resourceArgs.props,\n spec: {\n ...spec,\n ...(serviceSpec.ports?.length !== 0\n ? serviceSpec\n : omit(serviceSpec, [\"ports\"])),\n },\n },\n opts: resourceArgs.opts,\n }\n }\n\n return undefined\n },\n ],\n },\n )\n })\n\n this.routes = output(\n normalizeInputs(\n args.route ? { name: \"default\", route: args.route } : undefined,\n args.routes\n ? Object.entries(args.routes).map(([name, route]) => ({ name, route }))\n : undefined,\n ),\n ).apply(async routes => {\n if (routes.length === 0) {\n return []\n }\n\n return await Promise.all(\n routes.map(async ({ name: routeName, route }) => {\n const { serviceName: _serviceName, rules: _rules, ...baseRoute } = route\n const accessPoint = route.accessPoint ?? args.accessPoint\n\n if (!accessPoint) {\n throw new Error(\n `Access point is required for chart route \"${name}-${routeName}\". Set it on the route or on Chart args.accessPoint`,\n )\n }\n\n const namespace = await toPromise(args.namespace)\n\n const routeRules = (await toPromise(route.rules)) as Record<string, ChartGatewayRuleArgs>\n const routeRuleValues = Object.values(routeRules ?? {})\n\n const defaultServiceName = route.serviceName ?? args.serviceName ?? name\n const defaultServicePort = route.servicePort ?? args.servicePort\n const needsDefaultBackend = routeRuleValues.length === 0\n\n const defaultService = needsDefaultBackend\n ? await this.getService(defaultServiceName)\n : undefined\n\n const defaultServiceEndpoints =\n needsDefaultBackend && defaultService\n ? await this.resolveServiceEndpoints(\n defaultService,\n defaultServiceName,\n defaultServicePort,\n `${name}-${routeName}`,\n )\n : undefined\n\n const resolvedRules = routeRules\n ? await Promise.all(\n Object.entries(routeRules).map(async ([ruleName, rule]) => {\n const ruleServiceName = rule.serviceName ?? defaultServiceName\n const ruleService = await this.getService(ruleServiceName)\n const ruleServicePort = rule.servicePort ?? route.servicePort ?? args.servicePort\n const ruleServiceEndpoints = await this.resolveServiceEndpoints(\n ruleService,\n ruleServiceName,\n ruleServicePort,\n `${name}-${routeName}:${ruleName}`,\n )\n\n return [\n ruleName,\n [\n {\n ...omit(rule, [\"serviceName\", \"servicePort\"]),\n backend: {\n endpoints: ruleServiceEndpoints,\n },\n },\n ],\n ] as const\n }),\n )\n : undefined\n\n const resolvedRulesInput = resolvedRules\n ? (Object.fromEntries(resolvedRules) as unknown as InputRecord<GatewayRuleArgs[]>)\n : undefined\n\n return new AccessPointRoute(\n `${name}-${routeName}`,\n {\n ...baseRoute,\n accessPoint,\n ...(defaultService\n ? {\n backend: {\n endpoints: defaultServiceEndpoints,\n },\n }\n : {}),\n rules: resolvedRulesInput,\n metadata: {\n ...(route.metadata ?? {}),\n \"k8s.namespace\": namespace,\n },\n },\n { ...opts, parent: this },\n )\n }),\n )\n })\n\n this.networkPolicies = output(args).apply(args => {\n const policies = normalize(args.networkPolicy, args.networkPolicies)\n\n return output(\n policies.map(policy => {\n return new NetworkPolicy(\n name,\n {\n ...policy,\n namespace: args.namespace,\n description: `Network policy for Helm chart \"${name}\"`,\n },\n { ...opts, parent: this },\n )\n }),\n )\n })\n\n this.workloads = output(this.chart).apply(chart => {\n return output(\n chart.resources.apply(resources => {\n return resources\n .map(resource => {\n if (apps.v1.Deployment.isInstance(resource)) {\n return resource.metadata.name.apply(name => {\n return Deployment.wrap(\n name,\n { namespace: args.namespace, deployment: resource, terminal: args.terminal },\n this.opts,\n )\n })\n }\n\n if (apps.v1.StatefulSet.isInstance(resource)) {\n return resource.metadata.name.apply(name => {\n return StatefulSet.wrap(\n name,\n {\n namespace: args.namespace,\n statefulSet: resource,\n service: this.getServiceOutput(name),\n terminal: args.terminal,\n },\n this.opts,\n )\n })\n }\n\n return undefined\n })\n .filter(isNonNullish)\n }),\n )\n })\n }\n\n private set service(_value: never) {}\n\n private set terminals(_value: never) {}\n\n get service(): Output<Service> {\n return this.getServiceOutput(undefined)\n }\n\n get deployment(): Output<Deployment> {\n return this.getDeploymentOutput(this.name)\n }\n\n get statefulSet(): Output<StatefulSet> {\n return this.getStatefulSetOutput(this.name)\n }\n\n get terminals(): Output<UnitTerminal[]> {\n return this.workloads.apply(workloads => {\n const terminalsByWorkload = workloads.map(workload =>\n output({ terminals: workload.terminals, workloadName: workload.metadata.name }),\n )\n\n return output(terminalsByWorkload).apply(workloadTerminals => {\n const hasMultipleWorkloads = workloadTerminals.length > 1\n\n return workloadTerminals.flatMap(({ terminals, workloadName }) => {\n if (!hasMultipleWorkloads) {\n return terminals\n }\n\n return terminals.map(terminal => ({\n ...terminal,\n meta: {\n ...terminal.meta,\n title: `${terminal.meta.title} | ${workloadName}`,\n },\n }))\n })\n })\n })\n }\n\n private readonly services = new Map<string, Service>()\n\n private async resolveServiceEndpoints(\n service: Service,\n serviceName: string,\n servicePort: Input<number | string> | undefined,\n routeName: string,\n ) {\n const endpoints = await toPromise(service.endpoints)\n const servicePorts = await toPromise(service.spec.ports)\n\n if (endpoints.length === 0) {\n throw new Error(\n `No endpoints found for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n let resolvedServicePort: number | undefined\n\n if (servicePort != null) {\n const requestedServicePort = await toPromise(servicePort)\n\n if (typeof requestedServicePort === \"string\") {\n const namedPort = servicePorts?.find(port => port.name === requestedServicePort)\n\n if (!namedPort) {\n throw new Error(\n `Named port \"${requestedServicePort}\" not found for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n resolvedServicePort = namedPort.port\n } else {\n resolvedServicePort = requestedServicePort\n }\n } else {\n resolvedServicePort = endpoints[0]?.port\n }\n\n if (resolvedServicePort == null) {\n throw new Error(\n `Unable to resolve service port for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n const filteredEndpoints = endpoints.filter(endpoint => endpoint.port === resolvedServicePort)\n\n if (filteredEndpoints.length === 0) {\n throw new Error(\n `No endpoints with port ${resolvedServicePort} found for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n return filteredEndpoints\n }\n\n getServiceOutput(name: string | undefined): Output<Service> {\n return output({ args: this.args, chart: this.chart }).apply(({ args, chart }) => {\n const resolvedName = name ?? args.serviceName ?? this.name\n const existingService = this.services.get(resolvedName)\n\n if (existingService) {\n return existingService\n }\n\n const service = getChartServiceOutput(chart, resolvedName)\n\n const wrappedService = Service.wrap(\n resolvedName,\n { namespace: args.namespace, service },\n { ...this.opts, parent: this },\n )\n\n this.services.set(resolvedName, wrappedService)\n return wrappedService\n })\n }\n\n getWorkloadOutput(name: string): Output<Workload> {\n return this.workloads.apply(async workloads => {\n const workloadsWithNames = await toPromise(\n workloads.map(workload => output({ workload, name: workload.metadata.name })),\n )\n\n const item = workloadsWithNames.find(w => w.name === name)\n\n if (!item) {\n throw new Error(`Workload with name '${name}' not found in the chart workloads`)\n }\n\n return item.workload\n })\n }\n\n getDeploymentOutput(name: string): Output<Deployment> {\n return this.getWorkloadOutput(name).apply(workload => {\n if (workload instanceof Deployment) {\n return workload\n }\n\n throw new Error(`Workload with name '${name}' is not a Deployment`)\n })\n }\n\n getStatefulSetOutput(name: string): Output<StatefulSet> {\n return this.getWorkloadOutput(name).apply(workload => {\n if (workload instanceof StatefulSet) {\n return workload\n }\n\n throw new Error(`Workload with name '${name}' is not a StatefulSet`)\n })\n }\n\n getService(name?: string): Promise<Service> {\n return toPromise(this.getServiceOutput(name))\n }\n\n getWorkload(name: string): Promise<Workload> {\n return toPromise(this.getWorkloadOutput(name))\n }\n\n getDeployment(name: string): Promise<Deployment> {\n return toPromise(this.getDeploymentOutput(name))\n }\n\n getStatefulSet(name: string): Promise<StatefulSet> {\n return toPromise(this.getStatefulSetOutput(name))\n }\n}\n\nexport type RenderedChartArgs = {\n /**\n * The namespace to deploy the chart into.\n */\n namespace?: Input<NamespaceLike>\n\n /**\n * The manifest of the chart to resolve.\n */\n chart: ChartManifest\n\n /**\n * The values to pass to the chart.\n */\n values?: InputRecord<string>\n}\n\nexport class RenderedChart extends ComponentResource {\n /**\n * The rendered manifest of the Helm chart.\n */\n public readonly manifest: Output<string>\n\n /**\n * The underlying command used to render the chart.\n */\n public readonly command: Output<local.Command>\n\n constructor(name: string, args: RenderedChartArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:RenderedChart\", name, args, opts)\n\n this.command = output(args).apply(args => {\n const values = args.values\n ? Object.entries(args.values).flatMap(([key, value]) => [\"--set\", `${key}=\"${value}\"`])\n : []\n\n return new local.Command(\n name,\n {\n create: output([\n \"helm\",\n \"template\",\n resolveHelmChart(args.chart),\n\n ...(args.namespace ? [\"--namespace\", getNamespaceName(args.namespace)] : []),\n\n ...values,\n ]).apply(command => command.join(\" \")),\n\n logging: \"stderr\",\n },\n { parent: this, ...opts },\n )\n })\n\n this.manifest = this.command.stdout\n\n this.registerOutputs({ manifest: this.manifest, command: this.command })\n }\n}\n\nexport type ChartManifest = {\n repo: string\n name: string\n version: string\n sha256: string\n}\n\n/**\n * Downloads or reuses the Helm chart according to the charts.json file.\n * Returns the full path to the chart's .tgz file.\n *\n * @param manifest The manifest of the Helm chart.\n */\nexport async function resolveHelmChart(manifest: ChartManifest): Promise<string> {\n if (!process.env.HIGHSTATE_CACHE_DIR) {\n throw new Error(\"Environment variable HIGHSTATE_CACHE_DIR is not set\")\n }\n\n const chartsDir = resolve(process.env.HIGHSTATE_CACHE_DIR, \"charts\")\n await mkdir(chartsDir, { recursive: true })\n\n const globPattern = `${manifest.name}-*.tgz`\n const targetFileName = `${manifest.name}-${manifest.version}.tgz`\n\n // find all matching files\n const files = await glob(globPattern, { cwd: chartsDir })\n\n if (files.includes(targetFileName)) {\n return resolve(chartsDir, targetFileName)\n }\n\n // delete old versions\n for (const file of files) {\n await unlink(resolve(chartsDir, file))\n }\n\n // download the chart\n const isOci = manifest.repo.startsWith(\"oci://\")\n const chartRef = isOci ? `${manifest.repo.replace(/\\/$/, \"\")}/${manifest.name}` : manifest.name\n\n const pullArgs = [\"pull\", chartRef, \"--version\", manifest.version, \"--destination\", chartsDir]\n\n if (!isOci) {\n pullArgs.push(\"--repo\", manifest.repo)\n }\n\n await spawn(\"helm\", pullArgs)\n\n // check the SHA256\n const content = await readFile(resolve(chartsDir, targetFileName))\n const actualSha256 = await sha256(content)\n\n if (actualSha256 !== manifest.sha256) {\n throw new Error(`SHA256 mismatch for chart '${manifest.name}'`)\n }\n\n return resolve(chartsDir, targetFileName)\n}\n\n/**\n * Extracts the service with the given name from the chart resources.\n * Throws an error if the service is not found.\n *\n * @param chart The Helm chart.\n * @param name The name of the service.\n */\nexport function getChartServiceOutput(chart: helm.v4.Chart, name: string): Output<core.v1.Service> {\n const services = chart.resources.apply(resources => {\n return resources\n .filter(r => core.v1.Service.isInstance(r))\n .map(service => ({ name: service.metadata.name, service }))\n })\n\n return output(services).apply(services => {\n const service = services.find(s => s.name === name)?.service\n\n if (!service) {\n throw new Error(`Service with name '${name}' not found in the chart resources`)\n }\n\n return service\n })\n}\n\n/**\n * Extracts the service with the given name from the chart resources.\n * Throws an error if the service is not found.\n *\n * @param chart The Helm chart.\n * @param name The name of the service.\n */\nexport function getChartService(chart: helm.v4.Chart, name: string): Promise<core.v1.Service> {\n return toPromise(getChartServiceOutput(chart, name))\n}\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export { CronJob } from './chunk-PG27ZY2H.js';
|
|
2
|
+
import './chunk-SZKOAHNX.js';
|
|
3
|
+
import './chunk-OG2OPX7B.js';
|
|
4
|
+
import './chunk-TOLFVF4S.js';
|
|
5
|
+
import './chunk-PZYGZSN5.js';
|
|
6
|
+
//# sourceMappingURL=cron-job-RKB2HYTO.js.map
|
|
7
|
+
//# sourceMappingURL=cron-job-RKB2HYTO.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":[],"names":[],"mappings":"","file":"cron-job-
|
|
1
|
+
{"version":3,"sources":[],"names":[],"mappings":"","file":"cron-job-RKB2HYTO.js"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export { Deployment } from './chunk-BTAEFJ5N.js';
|
|
2
|
+
import './chunk-SZKOAHNX.js';
|
|
3
|
+
import './chunk-OG2OPX7B.js';
|
|
4
|
+
import './chunk-TOLFVF4S.js';
|
|
5
|
+
import './chunk-PZYGZSN5.js';
|
|
6
|
+
//# sourceMappingURL=deployment-T35TUOL2.js.map
|
|
7
|
+
//# sourceMappingURL=deployment-T35TUOL2.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":[],"names":[],"mappings":"","file":"deployment-
|
|
1
|
+
{"version":3,"sources":[],"names":[],"mappings":"","file":"deployment-T35TUOL2.js"}
|
|
@@ -7,7 +7,8 @@
|
|
|
7
7
|
"./dist/units/existing-cluster/index.js": 2212294583,
|
|
8
8
|
"./dist/units/gateway-api/index.js": 2212294583,
|
|
9
9
|
"./dist/units/reduced-access-cluster/index.js": 2212294583,
|
|
10
|
-
"./dist/impl/
|
|
11
|
-
"./dist/impl/
|
|
10
|
+
"./dist/impl/dynamic-endpoint-resolver.js": 1003129543,
|
|
11
|
+
"./dist/impl/gateway-route.js": 411996386,
|
|
12
|
+
"./dist/impl/tls-certificate.js": 4278425047
|
|
12
13
|
}
|
|
13
14
|
}
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
import { isEndpointFromCluster } from '../chunk-OG2OPX7B.js';
|
|
2
|
+
import '../chunk-TOLFVF4S.js';
|
|
3
|
+
import { __using, __callDispose } from '../chunk-PZYGZSN5.js';
|
|
4
|
+
import { crc32 } from 'node:zlib';
|
|
5
|
+
import { dynamicEndpointResolverMediator, endpointToString, MaterializedFile, rebaseEndpoint, parseEndpoint } from '@highstate/common';
|
|
6
|
+
import { z } from '@highstate/contract';
|
|
7
|
+
import { k8s } from '@highstate/library';
|
|
8
|
+
import { getUnitStateId } from '@highstate/pulumi';
|
|
9
|
+
import spawn, { SubprocessError } from 'nano-spawn';
|
|
10
|
+
|
|
11
|
+
var resolveDynamicEndpoint = dynamicEndpointResolverMediator.implement(
|
|
12
|
+
z.object({ cluster: k8s.clusterEntity.schema }),
|
|
13
|
+
async ({ endpoint }, { cluster }) => {
|
|
14
|
+
if (!isEndpointFromCluster(endpoint, cluster)) {
|
|
15
|
+
throw new Error(
|
|
16
|
+
`Endpoint "${endpointToString(endpoint)}" is not from cluster "${cluster.id}"`
|
|
17
|
+
);
|
|
18
|
+
}
|
|
19
|
+
const { name, namespace } = endpoint.metadata["k8s.service"];
|
|
20
|
+
const localPort = getStablePort(`${cluster.id}:${namespace}:${name}`);
|
|
21
|
+
let subprocess;
|
|
22
|
+
return {
|
|
23
|
+
endpoint: rebaseEndpoint(endpoint, parseEndpoint(`localhost:${localPort}`)),
|
|
24
|
+
setup: async () => {
|
|
25
|
+
var _stack = [];
|
|
26
|
+
try {
|
|
27
|
+
console.log(
|
|
28
|
+
`[port-forward] starting port-forward for service "${name}" in namespace "${namespace}" on local port ${localPort}`
|
|
29
|
+
);
|
|
30
|
+
const config = MaterializedFile.for(cluster.kubeconfig);
|
|
31
|
+
const _ = __using(_stack, await config.open(), true);
|
|
32
|
+
subprocess = spawn("kubectl", [
|
|
33
|
+
"--kubeconfig",
|
|
34
|
+
config.path,
|
|
35
|
+
"port-forward",
|
|
36
|
+
`service/${name}`,
|
|
37
|
+
"-n",
|
|
38
|
+
namespace,
|
|
39
|
+
`${localPort}:${endpoint.port}`
|
|
40
|
+
]);
|
|
41
|
+
subprocess.catch((err) => {
|
|
42
|
+
if (err instanceof SubprocessError && err.signalName === "SIGTERM") {
|
|
43
|
+
return;
|
|
44
|
+
}
|
|
45
|
+
throw err;
|
|
46
|
+
});
|
|
47
|
+
const nodeProcess = await subprocess.nodeChildProcess;
|
|
48
|
+
await new Promise((resolve, reject) => {
|
|
49
|
+
nodeProcess.stdout?.once("data", (data) => {
|
|
50
|
+
const output = data.toString();
|
|
51
|
+
if (output.includes("Forwarding from")) {
|
|
52
|
+
resolve();
|
|
53
|
+
} else {
|
|
54
|
+
reject(new Error(`Failed to start port-forward: ${output}`));
|
|
55
|
+
}
|
|
56
|
+
});
|
|
57
|
+
nodeProcess.stderr?.once("data", (data) => {
|
|
58
|
+
reject(new Error(`Failed to start port-forward: ${data.toString()}`));
|
|
59
|
+
});
|
|
60
|
+
});
|
|
61
|
+
console.log(
|
|
62
|
+
`[port-forward] port-forward is ready for service "${name}" in namespace "${namespace}" on local port ${localPort}`
|
|
63
|
+
);
|
|
64
|
+
} catch (_2) {
|
|
65
|
+
var _error = _2, _hasError = true;
|
|
66
|
+
} finally {
|
|
67
|
+
var _promise = __callDispose(_stack, _error, _hasError);
|
|
68
|
+
_promise && await _promise;
|
|
69
|
+
}
|
|
70
|
+
},
|
|
71
|
+
dispose: async () => {
|
|
72
|
+
console.log(
|
|
73
|
+
`[port-forward] stopping port-forward for service "${name}" in namespace "${namespace}" on local port ${localPort}`
|
|
74
|
+
);
|
|
75
|
+
const nodeProcess = await subprocess.nodeChildProcess;
|
|
76
|
+
nodeProcess.kill();
|
|
77
|
+
}
|
|
78
|
+
};
|
|
79
|
+
}
|
|
80
|
+
);
|
|
81
|
+
function getStablePort(id) {
|
|
82
|
+
const hash = crc32(`${getUnitStateId()}:${id}`);
|
|
83
|
+
const minPort = 3e4;
|
|
84
|
+
const maxPort = 6e4;
|
|
85
|
+
return Math.abs(hash) % (maxPort - minPort) + minPort;
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
export { resolveDynamicEndpoint };
|
|
89
|
+
//# sourceMappingURL=dynamic-endpoint-resolver.js.map
|
|
90
|
+
//# sourceMappingURL=dynamic-endpoint-resolver.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/impl/dynamic-endpoint-resolver.ts"],"names":["_"],"mappings":";;;;;;;;;;AAcO,IAAM,yBAAyB,+BAAA,CAAgC,SAAA;AAAA,EACpE,EAAE,MAAA,CAAO,EAAE,SAAS,GAAA,CAAI,aAAA,CAAc,QAAQ,CAAA;AAAA,EAC9C,OAAO,EAAE,QAAA,EAAS,EAAG,EAAE,SAAQ,KAAM;AACnC,IAAA,IAAI,CAAC,qBAAA,CAAsB,QAAA,EAAU,OAAO,CAAA,EAAG;AAC7C,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,aAAa,gBAAA,CAAiB,QAAQ,CAAC,CAAA,uBAAA,EAA0B,QAAQ,EAAE,CAAA,CAAA;AAAA,OAC7E;AAAA,IACF;AAEA,IAAA,MAAM,EAAE,IAAA,EAAM,SAAA,EAAU,GAAI,QAAA,CAAS,SAAS,aAAa,CAAA;AAE3D,IAAA,MAAM,SAAA,GAAY,cAAc,CAAA,EAAG,OAAA,CAAQ,EAAE,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE,CAAA;AAEpE,IAAA,IAAI,UAAA;AAEJ,IAAA,OAAO;AAAA,MACL,UAAU,cAAA,CAAe,QAAA,EAAU,cAAc,CAAA,UAAA,EAAa,SAAS,EAAE,CAAC,CAAA;AAAA,MAE1E,OAAO,YAAY;AAMjB,QAAA,IAAA,MAAA,GAAA,EAAA;AAAA,QAAA,IAAA;AALA,UAAA,OAAA,CAAQ,GAAA;AAAA,YACN,CAAA,kDAAA,EAAqD,IAAI,CAAA,gBAAA,EAAmB,SAAS,mBAAmB,SAAS,CAAA;AAAA,WACnH;AAEA,UAAA,MAAM,MAAA,GAAS,gBAAA,CAAiB,GAAA,CAAI,OAAA,CAAQ,UAAU,CAAA;AACtD,UAAA,MAAY,CAAA,GAAI,OAAA,CAAA,MAAA,EAAA,MAAM,MAAA,CAAO,IAAA,EAAK,EAAlB,IAAA,CAAA;AAEhB,UAAA,UAAA,GAAa,MAAM,SAAA,EAAW;AAAA,YAC5B,cAAA;AAAA,YACA,MAAA,CAAO,IAAA;AAAA,YACP,cAAA;AAAA,YACA,WAAW,IAAI,CAAA,CAAA;AAAA,YACf,IAAA;AAAA,YACA,SAAA;AAAA,YACA,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,QAAA,CAAS,IAAI,CAAA;AAAA,WAC9B,CAAA;AAGD,UAAA,UAAA,CAAW,MAAM,CAAA,GAAA,KAAO;AACtB,YAAA,IAAI,GAAA,YAAe,eAAA,IAAmB,GAAA,CAAI,UAAA,KAAe,SAAA,EAAW;AAElE,cAAA;AAAA,YACF;AAEA,YAAA,MAAM,GAAA;AAAA,UACR,CAAC,CAAA;AAED,UAAA,MAAM,WAAA,GAAc,MAAM,UAAA,CAAW,gBAAA;AAErC,UAAA,MAAM,IAAI,OAAA,CAAc,CAAC,OAAA,EAAS,MAAA,KAAW;AAC3C,YAAA,WAAA,CAAY,MAAA,EAAQ,IAAA,CAAK,MAAA,EAAQ,CAAC,IAAA,KAAiB;AACjD,cAAA,MAAM,MAAA,GAAS,KAAK,QAAA,EAAS;AAE7B,cAAA,IAAI,MAAA,CAAO,QAAA,CAAS,iBAAiB,CAAA,EAAG;AACtC,gBAAA,OAAA,EAAQ;AAAA,cACV,CAAA,MAAO;AACL,gBAAA,MAAA,CAAO,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,MAAM,EAAE,CAAC,CAAA;AAAA,cAC7D;AAAA,YACF,CAAC,CAAA;AAED,YAAA,WAAA,CAAY,MAAA,EAAQ,IAAA,CAAK,MAAA,EAAQ,CAAC,IAAA,KAAiB;AACjD,cAAA,MAAA,CAAO,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,QAAA,EAAU,EAAE,CAAC,CAAA;AAAA,YACtE,CAAC,CAAA;AAAA,UACH,CAAC,CAAA;AAED,UAAA,OAAA,CAAQ,GAAA;AAAA,YACN,CAAA,kDAAA,EAAqD,IAAI,CAAA,gBAAA,EAAmB,SAAS,mBAAmB,SAAS,CAAA;AAAA,WACnH;AAAA,QAAA,CAAA,CAAA,OA1CAA,EAAAA,EAAA;AAAA,UAAA,IAAA,MAAA,GAAAA,EAAAA,EAAA,SAAA,GAAA,IAAA;AAAA,QAAA,CAAA,SAAA;AAAA,UAAA,IAAA,QAAA,GAAA,aAAA,CAAA,MAAA,EAAA,MAAA,EAAA,SAAA,CAAA;AAAA,UAAA,QAAA,IAAA,MAAA,QAAA;AAAA,QAAA;AAAA,MA2CF,CAAA;AAAA,MAEA,SAAS,YAAY;AACnB,QAAA,OAAA,CAAQ,GAAA;AAAA,UACN,CAAA,kDAAA,EAAqD,IAAI,CAAA,gBAAA,EAAmB,SAAS,mBAAmB,SAAS,CAAA;AAAA,SACnH;AAEA,QAAA,MAAM,WAAA,GAAc,MAAM,UAAA,CAAW,gBAAA;AACrC,QAAA,WAAA,CAAY,IAAA,EAAK;AAAA,MACnB;AAAA,KACF;AAAA,EACF;AACF;AAOA,SAAS,cAAc,EAAA,EAAoB;AAEzC,EAAA,MAAM,OAAO,KAAA,CAAM,CAAA,EAAG,gBAAgB,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAE9C,EAAA,MAAM,OAAA,GAAU,GAAA;AAChB,EAAA,MAAM,OAAA,GAAU,GAAA;AAEhB,EAAA,OAAQ,IAAA,CAAK,GAAA,CAAI,IAAI,CAAA,IAAK,UAAU,OAAA,CAAA,GAAY,OAAA;AAClD","file":"dynamic-endpoint-resolver.js","sourcesContent":["import { crc32 } from \"node:zlib\"\nimport {\n dynamicEndpointResolverMediator,\n endpointToString,\n MaterializedFile,\n parseEndpoint,\n rebaseEndpoint,\n} from \"@highstate/common\"\nimport { z } from \"@highstate/contract\"\nimport { k8s } from \"@highstate/library\"\nimport { getUnitStateId } from \"@highstate/pulumi\"\nimport spawn, { type Subprocess, SubprocessError } from \"nano-spawn\"\nimport { isEndpointFromCluster } from \"../service\"\n\nexport const resolveDynamicEndpoint = dynamicEndpointResolverMediator.implement(\n z.object({ cluster: k8s.clusterEntity.schema }),\n async ({ endpoint }, { cluster }) => {\n if (!isEndpointFromCluster(endpoint, cluster)) {\n throw new Error(\n `Endpoint \"${endpointToString(endpoint)}\" is not from cluster \"${cluster.id}\"`,\n )\n }\n\n const { name, namespace } = endpoint.metadata[\"k8s.service\"]\n\n const localPort = getStablePort(`${cluster.id}:${namespace}:${name}`)\n\n let subprocess: Subprocess\n\n return {\n endpoint: rebaseEndpoint(endpoint, parseEndpoint(`localhost:${localPort}`)),\n\n setup: async () => {\n console.log(\n `[port-forward] starting port-forward for service \"${name}\" in namespace \"${namespace}\" on local port ${localPort}`,\n )\n\n const config = MaterializedFile.for(cluster.kubeconfig)\n await using _ = await config.open()\n\n subprocess = spawn(\"kubectl\", [\n \"--kubeconfig\",\n config.path,\n \"port-forward\",\n `service/${name}`,\n \"-n\",\n namespace,\n `${localPort}:${endpoint.port}`,\n ])\n\n // catch the error when the process is killed to prevent unhandled promise rejection\n subprocess.catch(err => {\n if (err instanceof SubprocessError && err.signalName === \"SIGTERM\") {\n // correct termination\n return\n }\n\n throw err\n })\n\n const nodeProcess = await subprocess.nodeChildProcess\n\n await new Promise<void>((resolve, reject) => {\n nodeProcess.stdout?.once(\"data\", (data: Buffer) => {\n const output = data.toString()\n\n if (output.includes(\"Forwarding from\")) {\n resolve()\n } else {\n reject(new Error(`Failed to start port-forward: ${output}`))\n }\n })\n\n nodeProcess.stderr?.once(\"data\", (data: Buffer) => {\n reject(new Error(`Failed to start port-forward: ${data.toString()}`))\n })\n })\n\n console.log(\n `[port-forward] port-forward is ready for service \"${name}\" in namespace \"${namespace}\" on local port ${localPort}`,\n )\n },\n\n dispose: async () => {\n console.log(\n `[port-forward] stopping port-forward for service \"${name}\" in namespace \"${namespace}\" on local port ${localPort}`,\n )\n\n const nodeProcess = await subprocess.nodeChildProcess\n nodeProcess.kill()\n },\n }\n },\n)\n\n/**\n * Return a stable port number based on the given id.\n * This is important because Pulumi stores the resolved endpoint in the state,\n * and uses it in destroy operations.\n */\nfunction getStablePort(id: string): number {\n // also add state ID to ensure different ports for the same service in different states which may run in parallel\n const hash = crc32(`${getUnitStateId()}:${id}`)\n\n const minPort = 30000\n const maxPort = 60000\n\n return (Math.abs(hash) % (maxPort - minPort)) + minPort\n}\n"]}
|