@highstate/k8s 0.19.1 → 0.21.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (107) hide show
  1. package/dist/chunk-23vn2rdc.js +11 -0
  2. package/dist/chunk-2pfx13ay.js +11 -0
  3. package/dist/chunk-46ntav0c.js +299 -0
  4. package/dist/chunk-556pc9e6.js +155 -0
  5. package/dist/chunk-7kgjgcft.js +170 -0
  6. package/dist/{chunk-LGHFSXNT.js → chunk-9hs97f1q.js} +23 -17
  7. package/dist/chunk-aame3x1b.js +11 -0
  8. package/dist/chunk-b05q6fm2.js +37 -0
  9. package/dist/chunk-bmvc9d2d.js +11 -0
  10. package/dist/chunk-de82bbp2.js +7 -0
  11. package/dist/chunk-facs31cb.js +624 -0
  12. package/dist/chunk-h1b79v66.js +1425 -0
  13. package/dist/chunk-k4w9zpn5.js +215 -0
  14. package/dist/chunk-pqc6w52f.js +352 -0
  15. package/dist/chunk-qyshvz32.js +176 -0
  16. package/dist/chunk-tpfyj6fe.js +199 -0
  17. package/dist/chunk-z6bmpnm7.js +180 -0
  18. package/dist/highstate.manifest.json +3 -2
  19. package/dist/impl/dynamic-endpoint-resolver.js +91 -0
  20. package/dist/impl/gateway-route.js +226 -166
  21. package/dist/impl/tls-certificate.js +31 -31
  22. package/dist/index.js +293 -166
  23. package/dist/units/cert-manager/index.js +19 -14
  24. package/dist/units/cluster-patch/index.js +14 -13
  25. package/dist/units/dns01-issuer/index.js +82 -42
  26. package/dist/units/existing-cluster/index.js +59 -26
  27. package/dist/units/gateway-api/index.js +15 -16
  28. package/dist/units/reduced-access-cluster/index.js +32 -36
  29. package/package.json +23 -21
  30. package/src/cluster.ts +12 -8
  31. package/src/config-map.ts +15 -5
  32. package/src/container.ts +4 -2
  33. package/src/cron-job.ts +51 -5
  34. package/src/deployment.ts +49 -18
  35. package/src/gateway/backend.ts +3 -3
  36. package/src/gateway/gateway.ts +12 -56
  37. package/src/helm.ts +354 -22
  38. package/src/impl/dynamic-endpoint-resolver.ts +109 -0
  39. package/src/impl/gateway-route.ts +231 -57
  40. package/src/impl/tls-certificate.ts +8 -3
  41. package/src/index.ts +1 -0
  42. package/src/job.ts +38 -6
  43. package/src/kubectl.ts +166 -0
  44. package/src/namespace.ts +47 -3
  45. package/src/network-policy.ts +1 -1
  46. package/src/pvc.ts +12 -2
  47. package/src/rbac.ts +28 -5
  48. package/src/scripting/bundle.ts +21 -98
  49. package/src/scripting/environment.ts +4 -10
  50. package/src/secret.ts +15 -5
  51. package/src/service.ts +28 -6
  52. package/src/shared.ts +31 -3
  53. package/src/stateful-set.ts +49 -18
  54. package/src/tls.ts +31 -5
  55. package/src/units/cluster-patch/index.ts +5 -5
  56. package/src/units/dns01-issuer/index.ts +56 -12
  57. package/src/units/existing-cluster/index.ts +36 -15
  58. package/src/units/reduced-access-cluster/index.ts +6 -3
  59. package/src/worker.ts +4 -2
  60. package/src/workload.ts +474 -217
  61. package/LICENSE +0 -21
  62. package/dist/chunk-4G6LLC2X.js +0 -240
  63. package/dist/chunk-4G6LLC2X.js.map +0 -1
  64. package/dist/chunk-BR2CLUUD.js +0 -230
  65. package/dist/chunk-BR2CLUUD.js.map +0 -1
  66. package/dist/chunk-DCUMJSO6.js +0 -427
  67. package/dist/chunk-DCUMJSO6.js.map +0 -1
  68. package/dist/chunk-FE4SHRAJ.js +0 -286
  69. package/dist/chunk-FE4SHRAJ.js.map +0 -1
  70. package/dist/chunk-HH2JJELM.js +0 -13
  71. package/dist/chunk-HH2JJELM.js.map +0 -1
  72. package/dist/chunk-KMLRI5UZ.js +0 -155
  73. package/dist/chunk-KMLRI5UZ.js.map +0 -1
  74. package/dist/chunk-LGHFSXNT.js.map +0 -1
  75. package/dist/chunk-MIC2BHGS.js +0 -301
  76. package/dist/chunk-MIC2BHGS.js.map +0 -1
  77. package/dist/chunk-OBDQONMV.js +0 -401
  78. package/dist/chunk-OBDQONMV.js.map +0 -1
  79. package/dist/chunk-P2VOUU7E.js +0 -1626
  80. package/dist/chunk-P2VOUU7E.js.map +0 -1
  81. package/dist/chunk-PZ5AY32C.js +0 -9
  82. package/dist/chunk-PZ5AY32C.js.map +0 -1
  83. package/dist/chunk-RVB4WWZZ.js +0 -267
  84. package/dist/chunk-RVB4WWZZ.js.map +0 -1
  85. package/dist/chunk-TWBMG6TD.js +0 -315
  86. package/dist/chunk-TWBMG6TD.js.map +0 -1
  87. package/dist/chunk-VCXWCZ43.js +0 -279
  88. package/dist/chunk-VCXWCZ43.js.map +0 -1
  89. package/dist/chunk-YIJUVPU2.js +0 -297
  90. package/dist/chunk-YIJUVPU2.js.map +0 -1
  91. package/dist/cron-job-NX4HD4FI.js +0 -8
  92. package/dist/cron-job-NX4HD4FI.js.map +0 -1
  93. package/dist/deployment-O2LJ5WR5.js +0 -8
  94. package/dist/deployment-O2LJ5WR5.js.map +0 -1
  95. package/dist/impl/gateway-route.js.map +0 -1
  96. package/dist/impl/tls-certificate.js.map +0 -1
  97. package/dist/index.js.map +0 -1
  98. package/dist/job-SYME6Y43.js +0 -8
  99. package/dist/job-SYME6Y43.js.map +0 -1
  100. package/dist/stateful-set-VJYKTQ72.js +0 -8
  101. package/dist/stateful-set-VJYKTQ72.js.map +0 -1
  102. package/dist/units/cert-manager/index.js.map +0 -1
  103. package/dist/units/cluster-patch/index.js.map +0 -1
  104. package/dist/units/dns01-issuer/index.js.map +0 -1
  105. package/dist/units/existing-cluster/index.js.map +0 -1
  106. package/dist/units/gateway-api/index.js.map +0 -1
  107. package/dist/units/reduced-access-cluster/index.js.map +0 -1
package/dist/deployment-O2LJ5WR5.js DELETED
@@ -1,8 +0,0 @@
1
- export { Deployment } from './chunk-VCXWCZ43.js';
2
- import './chunk-P2VOUU7E.js';
3
- import './chunk-TWBMG6TD.js';
4
- import './chunk-4G6LLC2X.js';
5
- import './chunk-OBDQONMV.js';
6
- import './chunk-PZ5AY32C.js';
7
- //# sourceMappingURL=deployment-O2LJ5WR5.js.map
8
- //# sourceMappingURL=deployment-O2LJ5WR5.js.map
package/dist/deployment-O2LJ5WR5.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"deployment-O2LJ5WR5.js"}
package/dist/impl/gateway-route.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../src/impl/gateway-route.ts"],"names":["service","match"],"mappings":";;;;;;;;;;;AAWO,IAAM,qBAAqB,oBAAA,CAAqB,SAAA;AAAA,EACrD,GAAA,CAAI,iBAAA;AAAA,EACJ,OAAO,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,IAAQ,IAAA,KAAS;AACpC,IAAA,MAAM,SAAA,GACJ,IAAA,CAAK,UAAA,YAAsB,OAAA,GACvB,MAAM,SAAA,CAAU,IAAA,CAAK,UAAA,CAAW,SAAS,IACzC,SAAA,CAAU,GAAA,CAAI,IAAA,CAAK,SAAA,EAAW,KAAK,OAAO,CAAA;AAEhD,IAAA,MAAM,aAAa,MAAM,oBAAA,CAAqB,IAAA,EAAM,SAAA,EAAW,KAAK,cAAc,CAAA;AAElF,IAAA,MAAM,iBAAiB,UAAA,GACnB;AAAA,MACE,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,EAAA;AAAA,MACP,IAAA,EAAM,WAAW,QAAA,CAAS;AAAA,KAC5B,GACA,MAAA;AAEJ,IAAA,IAAI,IAAA,CAAK,SAAS,MAAA,EAAQ;AACxB,MAAA,OAAO,MAAM,sBAAA,CAAuB;AAAA,QAClC,IAAA;AAAA,QACA,IAAA;AAAA,QACA,IAAA;AAAA,QACA,IAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACD,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,IAAA,KAAS,KAAA,GAAQ,KAAA,GAAQ,KAAA;AAE/C,IAAA,OAAO,MAAM,oBAAA,CAAqB;AAAA,MAChC,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,SAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AACF;AAoBA,eAAe,sBAAA,CAAuB;AAAA,EACpC,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,SAAA;AAAA,EACA;AACF,CAAA,EAA+B;AAC7B,EAAA,MAAM,cAAA,GACJ,IAAA,CAAK,UAAA,YAAsB,OAAA,GACvB,KAAK,UAAA,GAAA,CACJ,MAAM,0BAAA,CAA2B,IAAA,EAAM,WAAW,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,OAAA,EAAS,IAAI,CAAA,EAClF,OAAA;AAET,EAAA,MAAM,SAAA,GAAY;AAAA,IAChB;AAAA,MACE,IAAA,EAAM,OAAA;AAAA,MACN,MAAM,IAAA,CAAK,SAAA;AAAA,MACX,QAAA,EAAU,OAAA;AAAA,MACV,GAAA,EAAK;AAAA,QACH,IAAA,EAAM,WAAA;AAAA,QACN,eAAA,EAAiB,cAAA,GAAiB,CAAC,cAAc,CAAA,GAAI;AAAA;AACvD;AACF,GACF;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,UAAA;AAAA,IAC5B;AAAA,MACE,MAAM,IAAA,CAAK,SAAA;AAAA,MACX,SAAA;AAAA,MACA,kBAAkB,IAAA,CAAK,SAAA;AAAA,MACvB;AAAA,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,YAAY,IAAI,SAAA;AAAA,IACpB,IAAA;AAAA,IACA;AAAA,MACE,OAAA;AAAA,MACA,IAAA,EAAM;AAAA,QACJ,OAAA,EAAS;AAAA;AACX,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,SAAA;AAAA,IACV,SAAA,EAAW,MAAM,SAAA,CAAU,OAAA,CAAQ,SAAS;AAAA,GAC9C;AACF;AAWA,eAAe,oBAAA,CAAqB;AAAA,EAClC,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,SAAA;AAAA,EACA;AACF,CAAA,EAA6B;AAC3B,EAAA,MAAM,WAAA,GACJ,IAAA,CAAK,UAAA,YAAsB,OAAA,GACvB;AAAA,IACE,SAAS,IAAA,CAAK,UAAA;AAAA,IACd,KAAA,EAAO,MAAM,eAAA,CAAgB,IAAA,CAAK,UAAU;AAAA,GAC9C,GACA,MAAM,0BAAA,CAA2B,IAAA,EAAM,WAAW,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,OAAA,EAAS,IAAI,CAAA;AAE1F,EAAA,MAAM,cAAc,MAAM,SAAA,CAAU,WAAA,CAAY,OAAA,CAAQ,SAAS,IAAI,CAAA;AAErE,EAAA,MAAM,WAAA,GAAc,MAAM,iBAAA,CAAkB;AAAA,IAC1C,OAAO,WAAA,CAAY,KAAA;AAAA,IACnB,QAAA;AAAA,IACA,YAAY,IAAA,CAAK,UAAA;AAAA,IACjB,WAAA;AAAA,IACA,SAAA,EAAW;AAAA,GACZ,CAAA;AAED,EAAA,MAAM,YAAA,GAAe,MAAM,mBAAA,CAAoB;AAAA,IAC7C,eAAe,IAAA,CAAK,IAAA;AAAA,IACpB,WAAA;AAAA,IACA,QAAA;AAAA,IACA,SAAA,EAAW;AAAA,GACZ,CAAA;AAED,EAAA,MAAM,eAAe,CAAA,EAAG,QAAA,CAAS,WAAA,EAAa,IAAI,YAAY,CAAA,CAAA;AAE9D,EAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,UAAA;AAAA,IAC5B;AAAA,MACE,MAAM,IAAA,CAAK,SAAA;AAAA,MACX,SAAA;AAAA,MACA,kBAAkB,IAAA,CAAK,SAAA;AAAA,MACvB,SAAA,EAAW;AAAA,QACT;AAAA,UACE,IAAA,EAAM,YAAA;AAAA,UACN,IAAA,EAAM,YAAA;AAAA,UACN;AAAA;AACF;AACF,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,UAAA,GAAa,WAAA,CAAY,OAAA,CAAQ,QAAA,CAAS,MAAM,CAAA,QAAA,KAAY;AAChE,IAAA,IAAI,CAAC,UAAU,IAAA,EAAM;AACnB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,SAAA,EAAY,WAAW,CAAA,+BAAA,EAAkC,IAAI,CAAA,uBAAA;AAAA,OAC/D;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,MAAM,QAAA,CAAS,IAAA;AAAA,MACf,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,MAAM,WAAA,CAAY;AAAA,KACpB;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,SAAA,GAAY,EAAE,GAAG,IAAA,EAAM,QAAQ,OAAA,EAAQ;AAE7C,EAAA,MAAM,KAAA,GACJ,QAAA,KAAa,KAAA,GACT,IAAI,QAAA;AAAA,IACF,IAAA;AAAA,IACA;AAAA,MACE,OAAA;AAAA,MACA,YAAA;AAAA,MACA,OAAA,EAAS;AAAA,KACX;AAAA,IACA;AAAA,MAEF,IAAI,QAAA;AAAA,IACF,IAAA;AAAA,IACA;AAAA,MACE,OAAA;AAAA,MACA,YAAA;AAAA,MACA,OAAA,EAAS;AAAA,KACX;AAAA,IACA;AAAA,GACF;AAEN,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,KAAA;AAAA,IACV,SAAA,EAAW,MAAM,SAAA,CAAU,OAAA,CAAQ,SAAS;AAAA,GAC9C;AACF;AAEA,eAAe,oBAAA,CACb,KAAA,EACA,SAAA,EACA,cAAA,EAC6B;AAC7B,EAAA,MAAM,mBAAA,GAAsB,MAAM,SAAA,CAAU,cAAc,CAAA;AAC1D,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,mBAAA,CAAoB,QAAQ,CAAA;AAE7D,EAAA,IAAI,oBAAoB,WAAA,EAAa;AACnC,IAAA,MAAM,gBAAgB,MAAM,SAAA,CAAU,QAAA,CAAS,SAAA,CAAU,SAAS,IAAI,CAAA;AACtE,IAAA,MAAM,gBAAgB,MAAM,SAAA,CAAU,QAAA,CAAS,SAAA,CAAU,QAAQ,EAAE,CAAA;AAEnE,IAAA,MAAM,eAAA,GAAkB,MAAM,SAAA,CAAU,SAAA,CAAU,SAAS,IAAI,CAAA;AAC/D,IAAA,MAAM,eAAA,GAAkB,MAAM,SAAA,CAAU,SAAA,CAAU,QAAQ,EAAE,CAAA;AAE5D,IAAA,IAAI,aAAA,KAAkB,eAAA,IAAmB,aAAA,KAAkB,eAAA,EAAiB;AAC1E,MAAA,OAAO,MAAM,SAAA,CAAU,QAAA,CAAS,MAAM,CAAA;AAAA,IACxC;AAAA,EACF;AAEA,EAAA,MAAM,IAAI,KAAA;AAAA,IACR;AAAA,GACF;AACF;AASA,eAAe,0BAAA,CACb,IAAA,EACA,SAAA,EACA,cAAA,EACA,SACA,IAAA,EACyD;AACzD,EAAA,MAAM,SAAA,GAAY,MAAM,SAAA,CAAU,cAAc,CAAA;AAEhD,EAAA,IAAI,CAAC,UAAU,MAAA,EAAQ;AACrB,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,IAAI,CAAA,6BAAA,CAA+B,CAAA;AAAA,EACvE;AAEA,EAAA,MAAM,oBAAoB,SAAA,CAAU,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,UAAU,CAAA;AACnF,EAAA,MAAM,cAAc,SAAA,CAAU,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,UAAU,CAAA;AAE7E,EAAA,IAAI,iBAAA,CAAkB,SAAS,CAAA,EAAG;AAChC,IAAA,MAAM,oBAAuC,EAAC;AAC9C,IAAA,KAAA,MAAW,YAAY,iBAAA,EAAmB;AACxC,MAAA,iBAAA,CAAkB,IAAA,CAAK,6BAAA,CAA8B,QAAQ,CAAC,CAAA;AAAA,IAChE;AAEA,IAAA,MAAMA,QAAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,CAAA,WAAA,EAAc,IAAI,CAAA,CAAA,EAAI;AAAA,MACnD,SAAA;AAAA,MACA,IAAA,EAAM,cAAA;AAAA,MACN,YAAA,EAAc,iBAAA,CAAkB,CAAC,CAAA,CAAE,QAAA;AAAA,MACnC,KAAA,EAAO,iBAAA,CAAkB,GAAA,CAAI,uBAAuB;AAAA,KACrD,CAAA;AAED,IAAA,OAAO;AAAA,MACL,OAAA,EAAAA,QAAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI,WAAA,CAAY,WAAW,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,IAAI,CAAA,oCAAA,CAAsC,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,cAAiC,EAAC;AACxC,EAAA,KAAA,MAAW,YAAY,WAAA,EAAa;AAClC,IAAA,WAAA,CAAY,IAAA,CAAK,6BAAA,CAA8B,QAAQ,CAAC,CAAA;AAAA,EAC1D;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,CAAA,WAAA,EAAc,IAAI,CAAA,CAAA,EAAI;AAAA,IACnD,SAAA;AAAA,IACA,IAAA,EAAM,WAAA;AAAA,IACN,KAAA,EAAO,WAAA,CAAY,GAAA,CAAI,uBAAuB;AAAA,GAC/C,CAAA;AAED,EAAA,MAAM,aAAA,GAAgB,cAAc,IAAI,CAAA,CAAA;AAExC,EAAA,IAAI,KAAK,EAAA,CAAG,SAAA;AAAA,IACV,aAAA;AAAA,IACA;AAAA,MACE,QAAA,EAAU,WAAA,CAAY,EAAE,SAAA,IAAa,aAAa,CAAA;AAAA,MAClD,OAAA,EAAS,WAAA,CAAY,GAAA,CAAI,CAAA,QAAA,MAAa;AAAA,QACpC,WAAW,CAAC,EAAE,IAAI,QAAA,CAAS,OAAA,CAAQ,OAAO,CAAA;AAAA,QAC1C,KAAA,EAAO,CAAC,uBAAA,CAAwB,QAAQ,CAAC;AAAA,OAC3C,CAAE;AAAA,KACJ;AAAA,IACA,EAAE,GAAG,IAAA,EAAM,QAAA,EAAU,YAAY,OAAO,CAAA,EAAG,QAAQ,OAAA;AAAQ,GAC7D;AAEA,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,KAAA,EAAO;AAAA,GACT;AACF;AAEA,eAAe,gBAAgB,OAAA,EAA8C;AAC3E,EAAA,MAAM,IAAA,GAAO,MAAM,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA;AACzC,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,IAAS,EAAC;AAE7B,EAAA,MAAM,SAA4B,EAAC;AAEnC,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,QAAQ,IAAA,CAAK,IAAA;AACnB,IAAA,MAAM,QAAA,GAAA,CAAY,IAAA,CAAK,QAAA,IAAY,KAAA,EAAO,WAAA,EAAY;AAEtD,IAAA,IAAI,KAAA,KAAU,MAAA,IAAc,QAAA,KAAa,KAAA,IAAS,aAAa,KAAA,EAAQ;AACrE,MAAA;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,IAAA,CAAK;AAAA,MACV,IAAA,EAAM,KAAK,IAAA,IAAQ,MAAA;AAAA,MACnB,IAAA,EAAM,KAAA;AAAA,MACN,QAAA;AAAA,MACA,YAAY,IAAA,CAAK;AAAA,KAClB,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,MAAA;AACT;AAEA,SAAS,8BAA8B,QAAA,EAA+C;AACpF,EAAA,OAAO;AAAA,IACL,IAAA,EAAM,MAAA;AAAA,IACN,MAAM,QAAA,CAAS,IAAA;AAAA,IACf,QAAA,EAAU,QAAA,CAAS,QAAA,CAAS,WAAA,EAAY;AAAA,IACxC,YAAY,QAAA,CAAS;AAAA,GACvB;AACF;AAEA,eAAe,iBAAA,CAAkB;AAAA,EAC/B,KAAA;AAAA,EACA,QAAA;AAAA,EACA,UAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA,EAM6B;AAC3B,EAAA,MAAM,aAAa,KAAA,CAAM,MAAA,CAAO,CAAA,IAAA,KAAQ,IAAA,CAAK,aAAa,QAAQ,CAAA;AAElE,EAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,SAAA,EAAY,WAAW,CAAA,sBAAA,EAAyB,QAAQ,qCAAqC,SAAS,CAAA,EAAA;AAAA,KACxG;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAO,WAAW,CAAC,CAAA;AAAA,EACrB;AAEA,EAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,UAAU,CAAA;AAEjD,EAAA,IAAI,cAAA,KAAmB,MAAA,IAAa,cAAA,KAAmB,IAAA,EAAM;AAC3D,IAAA,OAAO,WAAW,CAAC,CAAA;AAAA,EACrB;AAEA,EAAA,IAAI,OAAO,mBAAmB,QAAA,EAAU;AACtC,IAAA,MAAMC,MAAAA,GAAQ,UAAA,CAAW,IAAA,CAAK,CAAA,SAAA,KAAa;AACzC,MAAA,IAAI,SAAA,CAAU,SAAS,cAAA,EAAgB;AACrC,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IAAI,OAAO,SAAA,CAAU,UAAA,KAAe,QAAA,EAAU;AAC5C,QAAA,OAAO,UAAU,UAAA,KAAe,cAAA;AAAA,MAClC;AAEA,MAAA,OAAO,KAAA;AAAA,IACT,CAAC,CAAA;AAED,IAAA,IAAIA,MAAAA,EAAO;AACT,MAAA,OAAOA,MAAAA;AAAA,IACT;AAEA,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,kBAAkB,SAAS,CAAA,wBAAA,EAA2B,cAAc,CAAA,eAAA,EAAkB,WAAW,4BAA4B,QAAQ,CAAA,UAAA;AAAA,KACvI;AAAA,EACF;AAEA,EAAA,MAAM,YAAA,GAAe,OAAO,cAAc,CAAA;AAE1C,EAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,IAAA,CAAK,CAAA,SAAA,KAAa;AACzC,IAAA,IAAI,SAAA,CAAU,SAAS,YAAA,EAAc;AACnC,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,OAAO,SAAA,CAAU,UAAA,KAAe,QAAA,EAAU;AAC5C,MAAA,OAAO,UAAU,UAAA,KAAe,YAAA;AAAA,IAClC;AAEA,IAAA,OAAO,KAAA;AAAA,EACT,CAAC,CAAA;AAED,EAAA,IAAI,KAAA,EAAO;AACT,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAI,KAAA;AAAA,IACR,kBAAkB,SAAS,CAAA,yBAAA,EAA4B,YAAY,CAAA,gBAAA,EAAmB,WAAW,4BAA4B,QAAQ,CAAA,UAAA;AAAA,GACvI;AACF;AAEA,eAAe,mBAAA,CAAoB;AAAA,EACjC,aAAA;AAAA,EACA,WAAA;AAAA,EACA,QAAA;AAAA,EACA;AACF,CAAA,EAKoB;AAClB,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,OAAO,WAAA,CAAY,IAAA;AAAA,EACrB;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,aAAa,CAAA;AAE9C,EAAA,IAAI,QAAA,KAAa,MAAA,IAAa,QAAA,KAAa,IAAA,EAAM;AAC/C,IAAA,OAAO,WAAA,CAAY,IAAA;AAAA,EACrB;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,SAAA,CAAU,QAAQ,CAAA,EAAG;AAC/B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,eAAA,EAAkB,SAAS,CAAA,sCAAA,EAAyC,QAAA,CAAS,aAAa,CAAA,SAAA;AAAA,KAC5F;AAAA,EACF;AAEA,EAAA,MAAM,IAAA,GAAO,OAAO,QAAQ,CAAA;AAE5B,EAAA,IAAI,IAAA,GAAO,CAAA,IAAK,IAAA,GAAO,KAAA,EAAO;AAC5B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,eAAA,EAAkB,SAAS,CAAA,0BAAA,EAA6B,IAAI,CAAA,2CAAA;AAAA,KAC9D;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT","file":"gateway-route.js","sourcesContent":["import type { Secret } from \"../secret\"\nimport { type GatewayRouteSpec, gatewayRouteMediator, type TlsCertificate } from \"@highstate/common\"\nimport { k8s, type network } from \"@highstate/library\"\nimport { type ComponentResourceOptions, type Input, toPromise } from \"@highstate/pulumi\"\nimport { core } from \"@pulumi/kubernetes\"\nimport { Gateway, HttpRoute, TcpRoute, UdpRoute } from \"../gateway\"\nimport { Namespace } from \"../namespace\"\nimport { l4EndpointToServicePort, Service } from \"../service\"\nimport { getProvider, mapMetadata } from \"../shared\"\nimport { Certificate } from \"../tls\"\n\nexport const createGatewayRoute = gatewayRouteMediator.implement(\n k8s.gatewayDataSchema,\n async ({ name, spec, opts }, data) => {\n const namespace =\n spec.nativeData instanceof Service\n ? await toPromise(spec.nativeData.namespace)\n : Namespace.for(data.namespace, data.cluster)\n\n const certSecret = await getCertificateSecret(name, namespace, spec.tlsCertificate)\n\n const certificateRef = certSecret\n ? {\n kind: \"Secret\" as const,\n group: \"\" as const,\n name: certSecret.metadata.name,\n }\n : undefined\n\n if (spec.type === \"http\") {\n return await createHttpGatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n certificateRef,\n })\n }\n\n const protocol = spec.type === \"tcp\" ? \"TCP\" : \"UDP\"\n\n return await createL4GatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n protocol,\n })\n },\n)\n\ntype HttpGatewayRouteSpec = Extract<GatewayRouteSpec, { type: \"http\" }>\ntype L4GatewayRouteSpec = Extract<GatewayRouteSpec, { type: \"tcp\" | \"udp\" }>\n\ntype CreateHttpGatewayRouteArgs = {\n name: string\n spec: HttpGatewayRouteSpec\n opts: ComponentResourceOptions | undefined\n data: k8s.GatewayData\n namespace: Namespace\n certificateRef:\n | {\n kind: \"Secret\"\n group: \"\"\n name: Input<string>\n }\n | undefined\n}\n\nasync function createHttpGatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n certificateRef,\n}: CreateHttpGatewayRouteArgs) {\n const backendService =\n spec.nativeData instanceof Service\n ? spec.nativeData\n : (await createServiceFromEndpoints(name, namespace, spec.endpoints, data.cluster, opts))\n .service\n\n const listeners = [\n {\n name: \"https\",\n port: data.httpsPort,\n protocol: \"HTTPS\",\n tls: {\n mode: \"Terminate\",\n certificateRefs: certificateRef ? [certificateRef] : undefined,\n },\n },\n ]\n\n const gateway = await Gateway.createOnce(\n {\n name: data.className,\n namespace,\n gatewayClassName: data.className,\n listeners,\n },\n opts,\n )\n\n const httpRoute = new HttpRoute(\n name,\n {\n gateway,\n rule: {\n backend: backendService,\n },\n },\n opts,\n )\n\n return {\n resource: httpRoute,\n endpoints: await toPromise(gateway.endpoints),\n }\n}\n\ntype CreateL4GatewayRouteArgs = {\n name: string\n spec: L4GatewayRouteSpec\n opts: ComponentResourceOptions | undefined\n data: k8s.GatewayData\n namespace: Namespace\n protocol: \"TCP\" | \"UDP\"\n}\n\nasync function createL4GatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n protocol,\n}: CreateL4GatewayRouteArgs) {\n const serviceData =\n spec.nativeData instanceof Service\n ? {\n service: spec.nativeData,\n ports: await getServicePorts(spec.nativeData),\n }\n : await createServiceFromEndpoints(name, namespace, spec.endpoints, data.cluster, opts)\n\n const serviceName = await toPromise(serviceData.service.metadata.name)\n\n const backendPort = await selectBackendPort({\n ports: serviceData.ports,\n protocol,\n targetPort: spec.targetPort,\n serviceName,\n routeName: name,\n })\n\n const listenerPort = await resolveListenerPort({\n requestedPort: spec.port,\n backendPort,\n protocol,\n routeName: name,\n })\n\n const listenerName = `${protocol.toLowerCase()}-${listenerPort}`\n\n const gateway = await Gateway.createOnce(\n {\n name: data.className,\n namespace,\n gatewayClassName: data.className,\n listeners: [\n {\n name: listenerName,\n port: listenerPort,\n protocol,\n },\n ],\n },\n opts,\n )\n\n const backendRef = serviceData.service.metadata.apply(metadata => {\n if (!metadata?.name) {\n throw new Error(\n `Service \"${serviceName}\" referenced by gateway route \"${name}\" does not have a name.`,\n )\n }\n\n return {\n name: metadata.name,\n namespace: metadata.namespace,\n port: backendPort.port,\n }\n })\n\n const routeOpts = { ...opts, parent: gateway }\n\n const route =\n protocol === \"TCP\"\n ? new TcpRoute(\n name,\n {\n gateway,\n listenerName,\n backend: backendRef,\n },\n routeOpts,\n )\n : new UdpRoute(\n name,\n {\n gateway,\n listenerName,\n backend: backendRef,\n },\n routeOpts,\n )\n\n return {\n resource: route,\n endpoints: await toPromise(gateway.endpoints),\n }\n}\n\nasync function getCertificateSecret(\n _name: string,\n namespace: Namespace,\n tlsCertificate: Input<TlsCertificate | undefined> | undefined,\n): Promise<Secret | undefined> {\n const resolvedCertificate = await toPromise(tlsCertificate)\n if (!resolvedCertificate) {\n return undefined\n }\n\n const resource = await toPromise(resolvedCertificate.resource)\n\n if (resource instanceof Certificate) {\n const certNamespace = await toPromise(resource.namespace.metadata.name)\n const certClusterId = await toPromise(resource.namespace.cluster.id)\n\n const targetNamespace = await toPromise(namespace.metadata.name)\n const targetClusterId = await toPromise(namespace.cluster.id)\n\n if (certNamespace === targetNamespace && certClusterId === targetClusterId) {\n return await toPromise(resource.secret)\n }\n }\n\n throw new Error(\n \"Not implemented: copying certificate secret across namespaces/clusters/different systems\",\n )\n}\n\ntype ServicePortInfo = {\n name: string | undefined\n port: number\n protocol: \"TCP\" | \"UDP\"\n targetPort?: number | string\n}\n\nasync function createServiceFromEndpoints(\n name: string,\n namespace: Namespace,\n endpointsInput: Input<network.L4Endpoint[]>,\n cluster: k8s.Cluster,\n opts: ComponentResourceOptions | undefined,\n): Promise<{ service: Service; ports: ServicePortInfo[] }> {\n const endpoints = await toPromise(endpointsInput)\n\n if (!endpoints.length) {\n throw new Error(`Gateway route \"${name}\" has no endpoints to expose.`)\n }\n\n const hostnameEndpoints = endpoints.filter(endpoint => endpoint.type === \"hostname\")\n const ipEndpoints = endpoints.filter(endpoint => endpoint.type !== \"hostname\")\n\n if (hostnameEndpoints.length > 0) {\n const hostnamePortInfos: ServicePortInfo[] = []\n for (const endpoint of hostnameEndpoints) {\n hostnamePortInfos.push(toServicePortInfoFromEndpoint(endpoint))\n }\n\n const service = Service.create(`hs-backend-${name}`, {\n namespace,\n type: \"ExternalName\",\n externalName: hostnameEndpoints[0].hostname,\n ports: hostnameEndpoints.map(l4EndpointToServicePort),\n })\n\n return {\n service,\n ports: hostnamePortInfos,\n }\n }\n\n if (ipEndpoints.length === 0) {\n throw new Error(`Gateway route \"${name}\" requires at least one IP endpoint.`)\n }\n\n const ipPortInfos: ServicePortInfo[] = []\n for (const endpoint of ipEndpoints) {\n ipPortInfos.push(toServicePortInfoFromEndpoint(endpoint))\n }\n\n const service = Service.create(`hs-backend-${name}`, {\n namespace,\n type: \"ClusterIP\",\n ports: ipEndpoints.map(l4EndpointToServicePort),\n })\n\n const endpointsName = `hs-backend-${name}`\n\n new core.v1.Endpoints(\n endpointsName,\n {\n metadata: mapMetadata({ namespace }, endpointsName),\n subsets: ipEndpoints.map(endpoint => ({\n addresses: [{ ip: endpoint.address.value }],\n ports: [l4EndpointToServicePort(endpoint)],\n })),\n },\n { ...opts, provider: getProvider(cluster), parent: service },\n )\n\n return {\n service,\n ports: ipPortInfos,\n }\n}\n\nasync function getServicePorts(service: Service): Promise<ServicePortInfo[]> {\n const spec = await toPromise(service.spec)\n const ports = spec.ports ?? []\n\n const result: ServicePortInfo[] = []\n\n for (const port of ports) {\n const value = port.port\n const protocol = (port.protocol ?? \"TCP\").toUpperCase()\n\n if (value === undefined || (protocol !== \"TCP\" && protocol !== \"UDP\")) {\n continue\n }\n\n result.push({\n name: port.name ?? undefined,\n port: value,\n protocol: protocol as \"TCP\" | \"UDP\",\n targetPort: port.targetPort as number | string | undefined,\n })\n }\n\n return result\n}\n\nfunction toServicePortInfoFromEndpoint(endpoint: network.L4Endpoint): ServicePortInfo {\n return {\n name: undefined,\n port: endpoint.port,\n protocol: endpoint.protocol.toUpperCase() as \"TCP\" | \"UDP\",\n targetPort: endpoint.port,\n }\n}\n\nasync function selectBackendPort({\n ports,\n protocol,\n targetPort,\n serviceName,\n routeName,\n}: {\n ports: ServicePortInfo[]\n protocol: \"TCP\" | \"UDP\"\n targetPort: Input<string | number | undefined> | undefined\n serviceName: string\n routeName: string\n}): Promise<ServicePortInfo> {\n const candidates = ports.filter(port => port.protocol === protocol)\n\n if (candidates.length === 0) {\n throw new Error(\n `Service \"${serviceName}\" does not expose any ${protocol} ports required by gateway route \"${routeName}\".`,\n )\n }\n\n if (!targetPort) {\n return candidates[0]\n }\n\n const resolvedTarget = await toPromise(targetPort)\n\n if (resolvedTarget === undefined || resolvedTarget === null) {\n return candidates[0]\n }\n\n if (typeof resolvedTarget === \"number\") {\n const match = candidates.find(candidate => {\n if (candidate.port === resolvedTarget) {\n return true\n }\n\n if (typeof candidate.targetPort === \"number\") {\n return candidate.targetPort === resolvedTarget\n }\n\n return false\n })\n\n if (match) {\n return match\n }\n\n throw new Error(\n `Gateway route \"${routeName}\" requested target port ${resolvedTarget}, but service \"${serviceName}\" does not expose it for ${protocol} backends.`,\n )\n }\n\n const targetString = String(resolvedTarget)\n\n const match = candidates.find(candidate => {\n if (candidate.name === targetString) {\n return true\n }\n\n if (typeof candidate.targetPort === \"string\") {\n return candidate.targetPort === targetString\n }\n\n return false\n })\n\n if (match) {\n return match\n }\n\n throw new Error(\n `Gateway route \"${routeName}\" requested target port \"${targetString}\", but service \"${serviceName}\" does not expose it for ${protocol} backends.`,\n )\n}\n\nasync function resolveListenerPort({\n requestedPort,\n backendPort,\n protocol,\n routeName,\n}: {\n requestedPort: Input<number | undefined> | undefined\n backendPort: ServicePortInfo\n protocol: \"TCP\" | \"UDP\"\n routeName: string\n}): Promise<number> {\n if (!requestedPort) {\n return backendPort.port\n }\n\n const resolved = await toPromise(requestedPort)\n\n if (resolved === undefined || resolved === null) {\n return backendPort.port\n }\n\n if (!Number.isInteger(resolved)) {\n throw new Error(\n `Gateway route \"${routeName}\" must use integer listener ports for ${protocol.toLowerCase()} traffic.`,\n )\n }\n\n const port = Number(resolved)\n\n if (port < 1 || port > 65535) {\n throw new Error(\n `Gateway route \"${routeName}\" specified listener port ${port}, which is outside the valid range 1-65535.`,\n )\n }\n\n return port\n}\n"]}
package/dist/impl/tls-certificate.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../src/impl/tls-certificate.ts"],"names":[],"mappings":";;;;;;;AAMO,IAAM,oBAAoB,sBAAA,CAAuB,SAAA;AAAA,EACtD,GAAA,CAAI,mBAAA;AAAA,EACJ,CAAC,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,IAAQ,IAAA,KAAS;AAC9B,IAAA,MAAM,QAAA,GAAW,WAAA,CAAY,IAAA,CAAK,OAAO,CAAA;AAEzC,IAAA,MAAM,SAAA,GACJ,IAAA,CAAK,UAAA,YAAsB,SAAA,GACvB,KAAK,UAAA,GACL,SAAA,CAAU,GAAA,CAAI,cAAA,EAAgB,EAAE,IAAA,EAAM,cAAA,EAAgB,OAAA,EAAS,IAAA,CAAK,SAAS,CAAA;AAEnF,IAAA,OAAO,WAAA,CAAY,MAAA;AAAA,MACjB,IAAA;AAAA,MACA;AAAA,QACE,SAAA;AAAA,QAEA,YAAY,IAAA,CAAK,UAAA;AAAA,QACjB,UAAU,IAAA,CAAK,QAAA;AAAA,QACf,SAAA,EAAW;AAAA,UACT,MAAM,IAAA,CAAK,iBAAA;AAAA,UACX,IAAA,EAAM;AAAA,SACR;AAAA,QACA,UAAA,EAAY,kBAAkB,IAAI,CAAA;AAAA,OACpC;AAAA,MACA,EAAE,GAAG,IAAA,EAAM,QAAA;AAAS,KACtB;AAAA,EACF;AACF","file":"tls-certificate.js","sourcesContent":["import { tlsCertificateMediator } from \"@highstate/common\"\nimport { k8s } from \"@highstate/library\"\nimport { Namespace } from \"../namespace\"\nimport { getProvider } from \"../shared\"\nimport { Certificate } from \"../tls\"\n\nexport const createCertificate = tlsCertificateMediator.implement(\n k8s.tlsIssuerDataSchema,\n ({ name, spec, opts }, data) => {\n const provider = getProvider(data.cluster)\n\n const namespace =\n spec.nativeData instanceof Namespace\n ? spec.nativeData\n : Namespace.get(\"cert-manager\", { name: \"cert-manager\", cluster: data.cluster })\n\n return Certificate.create(\n name,\n {\n namespace,\n\n commonName: spec.commonName,\n dnsNames: spec.dnsNames,\n issuerRef: {\n name: data.clusterIssuerName,\n kind: \"ClusterIssuer\",\n },\n secretName: `hs-certificate-${name}`,\n },\n { ...opts, provider },\n )\n },\n)\n"]}
package/dist/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/scripting/environment.ts","../src/scripting/bundle.ts","../src/scripting/container.ts","../src/worker.ts"],"names":["args","scriptEnvironment","hasFunctionScripts","output","options","resources"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuFA,IAAM,4BAAA,GAA+B;AAAA,EACnC,oBAAoB,EAAC;AAAA,EACrB,mBAAmB,EAAC;AAAA,EACpB,UAAU;AACZ,CAAA;AAEO,IAAM,sBAAA,GAAoD;AAAA,EAC/D,MAAA,EAAQ;AAAA,IACN,GAAG,4BAAA;AAAA,IACH,KAAA,EAAO,gFAAA;AAAA,IACP,gBAAA,EAAkB;AAAA;AAAA,MAEhB,kCAAA;AAAA,MACA;AAAA;AACF,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,GAAG,4BAAA;AAAA,IACH,KAAA,EAAO,gFAAA;AAAA,IACP,gBAAA,EAAkB;AAAA;AAAA,MAEhB,6BAAA;AAAA,MACA,8BAAA;AAAA,MACA,8BAAA;AAAA,MACA;AAAA;AACF,GACF;AAAA,EAEA,cAAc,EAAC;AAAA,EACf,gBAAgB,EAAC;AAAA,EACjB,OAAO,EAAC;AAAA,EACR,SAAS,EAAC;AAAA,EACV,cAAc,EAAC;AAAA,EACf,aAAa,EAAC;AAAA,EACd,kBAAkB;AACpB;AAEO,IAAM,oBAAA,GAA2D;AAAA,EACtE,MAAA,EAAQ,kFAAA;AAAA,EACR,MAAA,EAAQ;AACV;;;ACpFO,IAAM,YAAA,GAAN,cAA2B,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAIzC,SAAA;AAAA;AAAA;AAAA;AAAA,EAKA,OAAA;AAAA;AAAA;AAAA;AAAA,EAKA,YAAA;AAAA;AAAA;AAAA;AAAA,EAKA,WAAA;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA;AAAA;AAAA;AAAA;AAAA,EAKA,YAAA;AAAA;AAAA;AAAA;AAAA,EAKA,gBAAA;AAAA,EAET,WAAA,CAAY,IAAA,EAAc,IAAA,EAAwB,IAAA,EAAiC;AACjF,IAAA,KAAA,CAAM,4BAAA,EAA8B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEpD,IAAA,MAAM,iBAAA,GAAoB,OAAO,IAAI,CAAA,CAClC,MAAM,CAAAA,KAAAA,KAAQ,UAAUA,KAAAA,CAAK,WAAA,EAAaA,MAAK,YAAY,CAAC,EAC5D,KAAA,CAAM,CAAAA,UAAQ,SAAA,CAAU,sBAAA,EAAwB,GAAGA,KAAI,CAAC,CAAA;AAI3D,IAAA,MAAM,kBAAA,GAAqB,iBAAA,CAAkB,KAAA,CAAM,CAAAC,kBAAAA,KAAqB;AACtE,MAAA,OAAO,MAAA,CAAO,OAAOA,kBAAAA,CAAkB,KAAK,EAAE,IAAA,CAAK,CAAA,IAAA,KAAQ,OAAO,IAAA,KAAS,UAAU,CAAA;AAAA,IACvF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,eAAe,IAAA,CAAK,YAAA;AACzB,IAAA,IAAA,CAAK,cAAc,iBAAA,CAAkB,WAAA;AAErC,IAAA,IAAA,CAAK,QAAQ,kBAAA,CAAmB,KAAA;AAAA,MAAM,CAAAC,mBAAAA,KACpC,MAAA;AAAA,QACEA,mBAAAA,GACI,qBAAqB,IAAA,CAAK,YAAY,IACtC,iBAAA,CAAkB,IAAA,CAAK,YAAY,CAAA,CAAE;AAAA;AAC3C,KACF;AAEA,IAAA,IAAA,CAAK,mBAAmB,MAAA,CAAO,EAAE,iBAAA,EAAmB,kBAAA,EAAoB,CAAA,CAAE,KAAA;AAAA,MACxE,CAAC,EAAE,iBAAA,EAAAD,kBAAAA,EAAmB,kBAAA,EAAAC,qBAAmB,KAAM;AAC7C,QAAA,MAAM,gBAAA,GAAmB;AAAA,UACvB,GAAGD,kBAAAA,CAAkB,gBAAA;AAAA,UACrB,GAAGA,kBAAAA,CAAkB,IAAA,CAAK,YAAY,CAAA,CAAE;AAAA,SAC1C;AAEA,QAAA,IAAIC,mBAAAA,EAAoB;AACtB,UAAA,gBAAA,CAAiB,KAAK,8BAA8B,CAAA;AAAA,QACtD;AAEA,QAAA,OAAO,gBAAA,CAAiB,GAAA,CAAI,CAAA,QAAA,KAAY,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,MACjE;AAAA,KACF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAY,MAAA,CAAO,EAAE,iBAAA,EAAmB,MAAM,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,iBAAA,EAAAD,kBAAAA,EAAmB,IAAA,EAAAD,OAAK,KAAM;AAC1F,MAAA,OAAO,SAAA,CAAU,MAAA;AAAA,QACf,IAAA;AAAA,QACA;AAAA,UACE,WAAWA,KAAAA,CAAK,SAAA;AAAA,UAEhB,IAAA,EAAM,gBAAA,CAAiB,IAAA,CAAK,YAAA,EAAcC,kBAAiB;AAAA,SAC7D;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,IAAA;AAAK,OAC1B;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,OAAA,GAAU,OAAO,EAAE,kBAAA,EAAoB,SAAS,iBAAA,CAAkB,OAAA,EAAS,CAAA,CAAE,KAAA;AAAA,MAChF,CAAC,EAAE,kBAAA,EAAAC,mBAAAA,EAAoB,SAAQ,KAAM;AACnC,QAAA,OAAO;AAAA,UACL,GAAG,OAAA;AAAA,UACH;AAAA,YACE,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,IAAA;AAAA,YAE9B,SAAA,EAAW;AAAA,cACT,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,IAAA;AAAA,cAC9B,WAAA,EAAa;AAAA;AAAA;AACf,WACF;AAAA,UACA,GAAIA,mBAAAA,GAAqB,CAAC,EAAE,IAAA,EAAM,cAAA,EAAgB,QAAA,EAAU,EAAC,EAAG,CAAA,GAAI;AAAC,SACvE;AAAA,MACF;AAAA,KACF;AAEA,IAAA,IAAA,CAAK,eAAe,MAAA,CAAO;AAAA,MACzB,kBAAA;AAAA,MACA,cAAc,iBAAA,CAAkB;AAAA,KACjC,EAAE,KAAA,CAAM,CAAC,EAAE,kBAAA,EAAAA,mBAAAA,EAAoB,cAAa,KAAM;AACjD,MAAA,OAAO;AAAA,QACL,GAAG,YAAA;AAAA,QACH;AAAA,UACE,QAAQ,IAAA,CAAK,SAAA;AAAA,UACb,SAAA,EAAW;AAAA,SACb;AAAA,QACA,GAAIA,mBAAAA,GACA,CAAC,EAAE,IAAA,EAAM,gBAAgB,SAAA,EAAW,uBAAA,EAAyB,CAAA,GAC7D;AAAC,OACP;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AAEA,SAAS,qBAAqB,KAAA,EAAuB;AACnD,EAAA,IAAI,KAAA,CAAM,UAAA,CAAW,YAAY,CAAA,EAAG;AAClC,IAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,YAAA,EAAc,EAAE,CAAA;AAAA,EACvC;AAEA,EAAA,OAAO,KAAA;AACT;AAEA,eAAe,gBAAA,CACb,cACA,WAAA,EACiC;AACjC,EAAA,MAAM,aAAqC,EAAC;AAC5C,EAAA,MAAM,UAAoB,EAAC;AAE3B,EAAA,MAAM,uBAAA,GAA0B,YAAY,YAAY,CAAA;AACxD,EAAA,MAAM,YAAA,GAAe,EAAE,GAAG,WAAA,CAAY,YAAA,EAAa;AAEnD,EAAA,IAAI,kBAAA,GAAqB,KAAA;AAEzB,EAAA,KAAA,MAAW,GAAA,IAAO,YAAY,KAAA,EAAO;AACnC,IAAA,IAAI,OAAO,WAAA,CAAY,KAAA,CAAM,GAAG,MAAM,UAAA,EAAY;AAChD,MAAA,MAAM,aAAa,MAAM,iBAAA,CAAkB,WAAA,CAAY,KAAA,CAAM,GAAG,CAAC,CAAA;AAEjE,MAAA,UAAA,CAAW,GAAG,CAAA,GAAI,IAAA;AAAA;AAAA;AAAA,QAAA,EAGd,WAAW,IAAI;;AAAA,gBAAA,EAEP,WAAW,UAAU,CAAA;AAAA,MAAA,CAAA;AAGjC,MAAA,kBAAA,GAAqB,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,UAAA,CAAW,GAAG,CAAA,GAAI,WAAA,CAAY,KAAA,CAAM,GAAG,CAAA;AAAA,IACzC;AAAA,EACF;AAEA,EAAA,IAAI,kBAAA,EAAoB;AACtB,IAAA,MAAM,WAAA,GAAc,MAAM,eAAA,EAAgB;AAE1C,IAAA,WAAA,CAAY,YAAA,GAAe,MAAA;AAAA,MACzB,SAAA,CAAU,WAAA,CAAY,YAAA,IAAgB,IAAI,oBAAoB,CAAA;AAAA,MAC9D,CAAC,CAAA,EAAG,GAAA,KAAQ,GAAA,CAAI,WAAW,aAAa;AAAA,KAC1C;AAEA,IAAA,WAAA,CAAY,eAAA,GAAkB,MAAA;AAAA,MAC5B,SAAA,CAAU,WAAA,CAAY,eAAA,IAAmB,IAAI,oBAAoB,CAAA;AAAA,MACjE,CAAC,CAAA,EAAG,GAAA,KAAQ,GAAA,CAAI,WAAW,aAAa;AAAA,KAC1C;AAEA,IAAA,UAAA,CAAW,cAAc,CAAA,GAAI,IAAA,CAAK,SAAA,CAAU,WAAA,EAAa,MAAM,CAAC,CAAA;AAEhE,IAAA,YAAA,CAAa,yBAAyB,CAAA,GAAI,IAAA;AAAA;AAAA;;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,EAO5C;AAEA,EAAA,IAAI,uBAAA,CAAwB,kBAAA,CAAmB,MAAA,GAAS,CAAA,EAAG;AACzD,IAAA,UAAA,CAAW,yBAAyB,CAAA,GAAI,wBAAA;AAAA,MACtC,YAAA;AAAA,MACA,uBAAA,CAAwB;AAAA,KAC1B;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA;AAAA;AAAA;AAAA,IAAA,CAIZ,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAO,IAAA,CAAK,uBAAA,CAAwB,iBAAiB,CAAA,CAAE,SAAS,CAAA,EAAG;AACrE,IAAA,KAAA,MAAW,GAAA,IAAO,wBAAwB,iBAAA,EAAmB;AAC3D,MAAA,UAAA,CAAW,eAAe,GAAG,CAAA,CAAE,CAAA,GAAI,uBAAA,CAAwB,kBAAkB,GAAG,CAAA;AAEhF,MAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,4CAAA,EAC2B,GAAG,CAAA;AAAA,6BAAA,EAClB,GAAG;AAAA,oCAAA,EACI,GAAG,CAAA;AAAA,MAAA,CAClC,CAAA;AAAA,IACH;AAAA,EACF;AAEA,EAAA,IAAI,uBAAA,CAAwB,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG;AAC/C,IAAA,UAAA,CAAW,qBAAqB,CAAA,GAAI,wBAAA;AAAA,MAClC,YAAA;AAAA,MACA,uBAAA,CAAwB;AAAA,KAC1B;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA;AAAA;AAAA;AAAA,IAAA,CAIZ,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,EAAG;AACxC,IAAA,KAAA,MAAW,OAAO,YAAA,EAAc;AAC9B,MAAA,UAAA,CAAW,CAAA,MAAA,EAAS,GAAG,CAAA,CAAE,CAAA,GAAI,aAAa,GAAG,CAAA;AAE7C,MAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,sCAAA,EACqB,GAAG,CAAA;AAAA,uBAAA,EAClB,GAAG;AAAA,8BAAA,EACI,GAAG,CAAA;AAAA,MAAA,CAC5B,CAAA;AAAA,IACH;AAAA,EACF;AAEA,EAAA,IAAI,OAAO,IAAA,CAAK,WAAA,CAAY,cAAc,CAAA,CAAE,SAAS,CAAA,EAAG;AACtD,IAAA,MAAM,iBAA2B,EAAC;AAElC,IAAA,KAAA,MAAW,GAAA,IAAO,YAAY,cAAA,EAAgB;AAC5C,MAAA,UAAA,CAAW,WAAW,GAAG,CAAA,CAAE,CAAA,GAAI,WAAA,CAAY,eAAe,GAAG,CAAA;AAE7D,MAAA,cAAA,CAAe,IAAA,CAAK;AAAA,wCAAA,EACgB,GAAG,CAAA;AAAA,yBAAA,EAClB,GAAG;AAAA,gCAAA,EACI,GAAG,CAAA;AAAA,MAAA,CAC9B,CAAA;AAAA,IACH;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA;AAAA,MAAA,EAET,cAAA,CAAe,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,MAAM,CAAA,CAAE,IAAA,CAAK,MAAM,CAAC;AAAA;;AAAA;AAAA;AAAA,IAAA,CAKjD,CAAA;AAAA,EACH;AAEA,EAAA,UAAA,CAAW,eAAe,IAAI,eAAA,CAAgB;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;;AAAA,EAAA,EAS5C,OAAA,CAAQ,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,MAAM,CAAA,CAAE,IAAA,CAAK,MAAM,CAAC;;AAAA;AAAA;AAAA;AAAA,EAAA,CAKxC,CAAA;AAED,EAAA,OAAO,UAAA;AACT;AAEA,SAAS,wBAAA,CAAyB,cAAkC,QAAA,EAA4B;AAC9F,EAAA,IAAI,iBAAiB,QAAA,EAAU;AAC7B,IAAA,OAAO,IAAA;AAAA;AAAA;;AAAA,yBAAA,EAIgB,QAAA,CAAS,IAAA,CAAK,GAAG,CAAC;AAAA,IAAA,CAAA;AAAA,EAE3C,CAAA,MAAO;AACL,IAAA,OAAO,IAAA;AAAA;AAAA;;AAAA;AAAA,yBAAA,EAKgB,QAAA,CAAS,IAAA,CAAK,GAAG,CAAC;AAAA,IAAA,CAAA;AAAA,EAE3C;AACF;ACxTO,SAAS,sBAAsB,OAAA,EAA6C;AACjF,EAAA,MAAM,MAAA,GAASC,MAAAA,CAAO,OAAA,CAAQ,MAAM,CAAA;AAEpC,EAAA,OAAOA,MAAAA,CAAO;AAAA,IACZ,OAAA;AAAA,IACA,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,cAAc,MAAA,CAAO,YAAA;AAAA,IACrB,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,aAAa,MAAA,CAAO,WAAA;AAAA,IACpB,kBAAkB,MAAA,CAAO;AAAA,GAC1B,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAAC,QAAAA,EAAS,KAAA,EAAO,YAAA,EAAc,OAAA,EAAS,WAAA,EAAa,gBAAA,EAAiB,KAAM;AACrF,IAAA,OAAO;AAAA,MACL,KAAA;AAAA,MACA,SAAS,CAAC,wBAAA,EAA0B,CAAA,SAAA,EAAYA,QAAAA,CAAQ,IAAI,CAAA,CAAE,CAAA;AAAA,MAE9D,GAAGA,QAAAA;AAAA,MAEH,YAAA,EAAc,CAAC,GAAG,YAAA,EAAc,GAAIA,QAAAA,CAAQ,YAAA,IAAgB,EAAG,CAAA;AAAA,MAC/D,OAAA,EAAS,CAAC,GAAG,OAAA,EAAS,GAAIA,QAAAA,CAAQ,OAAA,IAAW,EAAG,CAAA;AAAA,MAChD,WAAA,EAAa,KAAA,CAAM,WAAA,EAAaA,QAAAA,CAAQ,WAAW,CAAA;AAAA,MACnD,gBAAA,EAAkB,CAAC,GAAG,gBAAA,EAAkB,GAAIA,QAAAA,CAAQ,gBAAA,IAAoB,EAAG;AAAA,KAC7E;AAAA,EACF,CAAC,CAAA;AACH;ACxCA,eAAsB,mBAAA,CACpB,WACA,SAAA,EACqC;AACrC,EAAA,MAAM,KAAA,GAAQ,IAAI,kBAAA,CAAmB,SAAA,EAAW;AAAA,IAC9C,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO,CAAC,KAAA,EAAO,MAAA,EAAQ,OAAO;AAAA,KAChC;AAAA,IAEA,SAAA;AAAA,IACA;AAAA,GACD,CAAA;AAED,EAAA,OAAOD,MAAAA,CAAO;AAAA,IACZ,IAAA,EAAM,SAAA;AAAA,IACN,KAAA,EAAO,cAAA,CAAO,oBAAoB,CAAA,CAAE,KAAA;AAAA,IAEpC,MAAA,EAAQ;AAAA,MACN,UAAA,EAAY,MAAM,OAAA,CAAQ,UAAA;AAAA,MAC1B,SAAA,EAAWA,MAAAA,CAAO,SAAS,CAAA,CAAE,KAAA,CAAM,CAAAE,UAAAA,KAAaA,UAAAA,CAAU,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,MAAM,CAAC;AAAA;AAC9E,GACD,CAAA;AACH","file":"index.js","sourcesContent":["import type { InputEndpoint } from \"@highstate/common\"\nimport type { Input, InputArray, InputRecord } from \"@highstate/pulumi\"\nimport type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\n\nexport type ScriptDistribution = \"alpine\" | \"ubuntu\"\n\nexport type DistributionEnvironment = {\n /**\n * The image that should be used for the distribution.\n */\n image?: Input<string>\n\n /**\n * The utility packages that should be installed before running \"preInstallScripts\".\n *\n * Useful for installing tools like `curl` to install additional repositories.\n */\n preInstallPackages?: InputArray<string>\n\n /**\n * The pre-install scripts that should be run before installing packages.\n * Typically, these scripts are used to install additional repositories.\n */\n preInstallScripts?: InputRecord<string>\n\n /**\n * The packages that are available in the environment.\n */\n packages?: InputArray<string>\n\n /**\n * The endpoint which the script is allowed to access scoped to the distribution.\n *\n * Typically, this is used to allow access to the package manager.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputEndpoint>\n}\n\nexport type ScriptProgram = () => unknown\n\nexport type ScriptEnvironment = {\n [distribution in ScriptDistribution]?: DistributionEnvironment\n} & {\n /**\n * The setup scripts that should be run before the script.\n */\n setupScripts?: InputRecord<string>\n\n /**\n * The cleanup scripts that should be run after the script.\n */\n cleanupScripts?: InputRecord<string>\n\n /**\n * The arbitrary files available in the environment including scripts.\n */\n files?: InputRecord<string | ScriptProgram>\n\n /**\n * The volumes that should be defined in the environment.\n */\n volumes?: InputArray<WorkloadVolume>\n\n /**\n * The volume mounts that should be defined in the environment.\n */\n volumeMounts?: InputArray<ContainerVolumeMount>\n\n /**\n * The environment variables that should be defined in the environment.\n */\n environment?: Input<ContainerEnvironment>\n\n /**\n * The endpoint which the script is allowed to access.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputEndpoint>\n}\n\nexport type ResolvedScriptEnvironment = Omit<Required<ScriptEnvironment>, ScriptDistribution> & {\n [distribution in ScriptDistribution]: Required<DistributionEnvironment>\n}\n\nconst emptyDistributionEnvironment = {\n preInstallPackages: [],\n preInstallScripts: {},\n packages: [],\n}\n\nexport const emptyScriptEnvironment: ResolvedScriptEnvironment = {\n alpine: {\n ...emptyDistributionEnvironment,\n image: \"alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c\",\n allowedEndpoints: [\n //\n \"tcp://dl-cdn.alpinelinux.org:443\",\n \"tcp://dl-cdn.alpinelinux.org:80\",\n ],\n },\n\n ubuntu: {\n ...emptyDistributionEnvironment,\n image: \"ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782\",\n allowedEndpoints: [\n //\n \"tcp://archive.ubuntu.com:80\",\n \"tcp://archive.ubuntu.com:443\",\n \"tcp://security.ubuntu.com:80\",\n \"tcp://security.ubuntu.com:443\",\n ],\n },\n\n setupScripts: {},\n cleanupScripts: {},\n files: {},\n volumes: [],\n volumeMounts: [],\n environment: {},\n allowedEndpoints: [],\n}\n\nexport const functionScriptImages: Record<ScriptDistribution, string> = {\n alpine: \"oven/bun@sha256:6b14922b0885c3890cdb0b396090af1da486ba941df5ee94391eef64f7113c61\",\n ubuntu: \"oven/bun@sha256:66b431441dc4c36d7e8164bfc61e6348ec1d7ce2862fc3a29f5dc9856e8205e4\",\n}\n","import type { network } from \"@highstate/library\"\nimport type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\nimport type { ScopedResourceArgs } from \"../shared\"\nimport { parseEndpoint } from \"@highstate/common\"\nimport { text, trimIndentation } from \"@highstate/contract\"\nimport { type InputArray, normalize } from \"@highstate/pulumi\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Output,\n output,\n type Unwrap,\n} from \"@pulumi/pulumi\"\nimport { serializeFunction } from \"@pulumi/pulumi/runtime/index.js\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { readPackageJSON } from \"pkg-types\"\nimport { mapValues, omitBy } from \"remeda\"\nimport { ConfigMap } from \"../config-map\"\nimport {\n emptyScriptEnvironment,\n functionScriptImages,\n type ResolvedScriptEnvironment,\n type ScriptDistribution,\n type ScriptEnvironment,\n} from \"./environment\"\n\nexport type ScriptBundleArgs = ScopedResourceArgs & {\n /**\n * The environment to bundle the scripts from.\n */\n environment?: Input<ScriptEnvironment>\n\n /**\n * The environments to bundle the scripts from.\n */\n environments?: InputArray<ScriptEnvironment>\n\n /**\n * The distribution to use for the scripts.\n */\n distribution: ScriptDistribution\n}\n\nexport class ScriptBundle extends ComponentResource {\n /**\n * The config map containing the scripts.\n */\n readonly configMap: Output<ConfigMap>\n\n /**\n * The volumes that should be included in the workload.\n */\n readonly volumes: Output<WorkloadVolume[]>\n\n /**\n * The volume mounts that should be defined in the container.\n */\n readonly volumeMounts: Output<ContainerVolumeMount[]>\n\n /**\n * The environment variables that should be defined in the container.\n */\n readonly environment: Output<ContainerEnvironment>\n\n /**\n * The image to use for the scripts.\n */\n readonly image: Output<string>\n\n /**\n * The distribution to use for the scripts.\n */\n readonly distribution: ScriptDistribution\n\n /**\n * The list of endpoints that the script is allowed to access.\n */\n readonly allowedEndpoints: Output<network.L3Endpoint[]>\n\n constructor(name: string, args: ScriptBundleArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ScriptBundle\", name, args, opts)\n\n const scriptEnvironment = output(args)\n .apply(args => normalize(args.environment, args.environments))\n .apply(args => deepmerge(emptyScriptEnvironment, ...args)) as Output<\n Unwrap<ResolvedScriptEnvironment>\n >\n\n const hasFunctionScripts = scriptEnvironment.apply(scriptEnvironment => {\n return Object.values(scriptEnvironment.files).some(file => typeof file === \"function\")\n })\n\n this.distribution = args.distribution\n this.environment = scriptEnvironment.environment\n\n this.image = hasFunctionScripts.apply(hasFunctionScripts =>\n output(\n hasFunctionScripts\n ? functionScriptImages[args.distribution]\n : scriptEnvironment[args.distribution].image,\n ),\n )\n\n this.allowedEndpoints = output({ scriptEnvironment, hasFunctionScripts }).apply(\n ({ scriptEnvironment, hasFunctionScripts }) => {\n const allowedEndpoints = [\n ...scriptEnvironment.allowedEndpoints,\n ...scriptEnvironment[args.distribution].allowedEndpoints,\n ]\n\n if (hasFunctionScripts) {\n allowedEndpoints.push(\"tcp://registry.npmjs.org:443\")\n }\n\n return allowedEndpoints.map(endpoint => parseEndpoint(endpoint))\n },\n )\n\n this.configMap = output({ scriptEnvironment, args }).apply(({ scriptEnvironment, args }) => {\n return ConfigMap.create(\n name,\n {\n namespace: args.namespace,\n\n data: createScriptData(this.distribution, scriptEnvironment),\n },\n { ...opts, parent: this },\n )\n })\n\n this.volumes = output({ hasFunctionScripts, volumes: scriptEnvironment.volumes }).apply(\n ({ hasFunctionScripts, volumes }) => {\n return [\n ...volumes,\n {\n name: this.configMap.metadata.name,\n\n configMap: {\n name: this.configMap.metadata.name,\n defaultMode: 0o550, // read and execute permissions\n },\n },\n ...(hasFunctionScripts ? [{ name: \"node-modules\", emptyDir: {} }] : []),\n ]\n },\n )\n\n this.volumeMounts = output({\n hasFunctionScripts,\n volumeMounts: scriptEnvironment.volumeMounts,\n }).apply(({ hasFunctionScripts, volumeMounts }) => {\n return [\n ...volumeMounts,\n {\n volume: this.configMap,\n mountPath: \"/scripts\",\n },\n ...(hasFunctionScripts\n ? [{ name: \"node-modules\", mountPath: \"/scripts/node_modules\" }]\n : []),\n ]\n })\n }\n}\n\nfunction stripWorkspacePrefix(value: string): string {\n if (value.startsWith(\"workspace:\")) {\n return value.replace(\"workspace:\", \"\")\n }\n\n return value\n}\n\nasync function createScriptData(\n distribution: ScriptDistribution,\n environment: Unwrap<ResolvedScriptEnvironment>,\n): Promise<Record<string, string>> {\n const scriptData: Record<string, string> = {}\n const actions: string[] = []\n\n const distributionEnvironment = environment[distribution]\n const setupScripts = { ...environment.setupScripts }\n\n let hasFunctionScripts = false\n\n for (const key in environment.files) {\n if (typeof environment.files[key] === \"function\") {\n const serialized = await serializeFunction(environment.files[key])\n\n scriptData[key] = text`\n #!/usr/local/bin/bun\n \n ${serialized.text}\n\n exports.${serialized.exportName}()\n `\n\n hasFunctionScripts = true\n } else {\n scriptData[key] = environment.files[key]\n }\n }\n\n if (hasFunctionScripts) {\n const packageJson = await readPackageJSON()\n\n packageJson.dependencies = omitBy(\n mapValues(packageJson.dependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n packageJson.devDependencies = omitBy(\n mapValues(packageJson.devDependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n scriptData[\"package.json\"] = JSON.stringify(packageJson, null, 2)\n\n setupScripts[\"resolve-dependencies.sh\"] = text`\n #!/usr/local/bin/bun\n set -e\n\n cd /scripts\n bun install --production\n `\n }\n\n if (distributionEnvironment.preInstallPackages.length > 0) {\n scriptData[\"pre-install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.preInstallPackages,\n )\n\n actions.push(`\n echo \"+ Installing pre-install packages...\"\n /scripts/pre-install-packages.sh\n echo \"+ Pre-install packages installed successfully\"\n `)\n }\n\n if (Object.keys(distributionEnvironment.preInstallScripts).length > 0) {\n for (const key in distributionEnvironment.preInstallScripts) {\n scriptData[`pre-install-${key}`] = distributionEnvironment.preInstallScripts[key]\n\n actions.push(`\n echo \"+ Running pre-install script '${key}'...\"\n /scripts/pre-install-${key}\n echo \"+ Pre-install script '${key}'... Done\"\n `)\n }\n }\n\n if (distributionEnvironment.packages.length > 0) {\n scriptData[\"install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.packages,\n )\n\n actions.push(`\n echo \"+ Installing packages...\"\n /scripts/install-packages.sh\n echo \"+ Packages installed successfully\"\n `)\n }\n\n if (Object.keys(setupScripts).length > 0) {\n for (const key in setupScripts) {\n scriptData[`setup-${key}`] = setupScripts[key]\n\n actions.push(`\n echo \"+ Running setup script '${key}'...\"\n /scripts/setup-${key}\n echo \"+ Setup script '${key}'... Done\"\n `)\n }\n }\n\n if (Object.keys(environment.cleanupScripts).length > 0) {\n const cleanupActions: string[] = []\n\n for (const key in environment.cleanupScripts) {\n scriptData[`cleanup-${key}`] = environment.cleanupScripts[key]\n\n cleanupActions.push(`\n echo \"+ Running cleanup script '${key}'...\"\n /scripts/cleanup-${key}\n echo \"+ Cleanup script '${key}'... Done\"\n `)\n }\n\n actions.push(`\n function cleanup() {\n ${cleanupActions.map(s => s.trim()).join(\"\\n\\n\")}\n }\n\n trap cleanup EXIT\n trap cleanup SIGTERM\n `)\n }\n\n scriptData[\"entrypoint.sh\"] = trimIndentation(`\n #!/bin/sh\n set -e\n\n if [ -z \"$1\" ]; then\n echo \"Usage: entrypoint.sh <main script> [args...]\"\n exit 1\n fi\n\n ${actions.map(s => s.trim()).join(\"\\n\\n\")}\n\n echo \"+ Running main script...\"\n $@\n echo \"+ Main script completed\"\n `)\n\n return scriptData\n}\n\nfunction getInstallPackagesScript(distribution: ScriptDistribution, packages: string[]): string {\n if (distribution === \"alpine\") {\n return text`\n #!/bin/sh\n set -e\n\n apk add --no-cache ${packages.join(\" \")}\n `\n } else {\n return text`\n #!/bin/sh\n set -e\n\n apt-get update\n apt-get install -y ${packages.join(\" \")}\n `\n }\n}\n","import type { Container } from \"../container\"\nimport type { ScriptBundle } from \"./bundle\"\nimport { type Input, type Output, output } from \"@pulumi/pulumi\"\nimport { merge } from \"remeda\"\n\nexport type ScriptContainer = Container & {\n /**\n * The script bundle to use.\n */\n bundle: Input<ScriptBundle>\n\n /**\n * The name of the main script to run.\n * The script must be available in the bundle.\n */\n main: Input<string>\n}\n\n/**\n * Creates a spec for a container that runs a script.\n * This spec can be used to create a complete workload or an init container.\n *\n * @param options The options to create the container spec.\n * @returns The container spec.\n */\nexport function createScriptContainer(options: ScriptContainer): Output<Container> {\n const bundle = output(options.bundle)\n\n return output({\n options,\n image: bundle.image,\n volumeMounts: bundle.volumeMounts,\n volumes: bundle.volumes,\n environment: bundle.environment,\n allowedEndpoints: bundle.allowedEndpoints,\n }).apply(({ options, image, volumeMounts, volumes, environment, allowedEndpoints }) => {\n return {\n image,\n command: [\"/scripts/entrypoint.sh\", `/scripts/${options.main}`],\n\n ...options,\n\n volumeMounts: [...volumeMounts, ...(options.volumeMounts ?? [])],\n volumes: [...volumes, ...(options.volumes ?? [])],\n environment: merge(environment, options.environment),\n allowedEndpoints: [...allowedEndpoints, ...(options.allowedEndpoints ?? [])],\n } as Container\n })\n}\n","import type { UnitWorker } from \"@highstate/contract\"\nimport type { k8s } from \"@highstate/library\"\nimport type { DeepInput, Input, InputArray, Unwrap } from \"@highstate/pulumi\"\nimport type { Namespace } from \"./namespace\"\nimport { type Output, output } from \"@pulumi/pulumi\"\nimport { ClusterAccessScope } from \"./rbac\"\nimport { images, type NamespacedResource } from \"./shared\"\n\nexport async function createMonitorWorker(\n namespace: Input<Namespace>,\n resources: InputArray<NamespacedResource>,\n): Promise<Output<Unwrap<UnitWorker>>> {\n const scope = new ClusterAccessScope(\"monitor\", {\n rule: {\n verbs: [\"get\", \"list\", \"watch\"],\n },\n\n namespace,\n resources,\n })\n\n return output({\n name: \"monitor\",\n image: images[\"worker.k8s-monitor\"].image,\n\n params: {\n kubeconfig: scope.cluster.kubeconfig,\n resources: output(resources).apply(resources => resources.map(r => r.entity)),\n } satisfies DeepInput<k8s.MonitorWorkerParams>,\n })\n}\n"]}
package/dist/job-SYME6Y43.js DELETED
@@ -1,8 +0,0 @@
1
- export { Job } from './chunk-FE4SHRAJ.js';
2
- import './chunk-P2VOUU7E.js';
3
- import './chunk-TWBMG6TD.js';
4
- import './chunk-4G6LLC2X.js';
5
- import './chunk-OBDQONMV.js';
6
- import './chunk-PZ5AY32C.js';
7
- //# sourceMappingURL=job-SYME6Y43.js.map
8
- //# sourceMappingURL=job-SYME6Y43.js.map
package/dist/job-SYME6Y43.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"job-SYME6Y43.js"}
package/dist/stateful-set-VJYKTQ72.js DELETED
@@ -1,8 +0,0 @@
1
- export { StatefulSet } from './chunk-YIJUVPU2.js';
2
- import './chunk-P2VOUU7E.js';
3
- import './chunk-TWBMG6TD.js';
4
- import './chunk-4G6LLC2X.js';
5
- import './chunk-OBDQONMV.js';
6
- import './chunk-PZ5AY32C.js';
7
- //# sourceMappingURL=stateful-set-VJYKTQ72.js.map
8
- //# sourceMappingURL=stateful-set-VJYKTQ72.js.map
package/dist/stateful-set-VJYKTQ72.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"stateful-set-VJYKTQ72.js"}
package/dist/units/cert-manager/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../assets/charts.json","../../../src/units/cert-manager/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,IAAA,cAAA,GAAA;AAAA,EACE,cAAA,EAAgB;AAAA,IACd,IAAA,EAAQ,4BAAA;AAAA,IACR,IAAA,EAAQ,cAAA;AAAA,IACR,OAAA,EAAW,SAAA;AAAA,IACX,MAAA,EAAU;AAAA;AAEd,CAAA;;;ACDA,IAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,IAAI,WAAW,CAAA;AAEzD,IAAM,SAAA,GAAY,UAAU,MAAA,CAAO,cAAA,EAAgB,EAAE,OAAA,EAAS,MAAA,CAAO,YAAY,CAAA;AAEjF,IAAI,MAAM,cAAA,EAAgB;AAAA,EACxB,SAAA;AAAA,EAEA,KAAA,EAAO,eAAO,cAAc,CAAA;AAAA,EAE5B,MAAA,EAAQ;AAAA,IACN,IAAA,EAAM;AAAA,MACJ,OAAA,EAAS;AAAA,KACX;AAAA,IAEA,MAAA,EAAQ;AAAA,MACN,UAAA,EAAY,4CAAA;AAAA,MACZ,IAAA,EAAM,yBAAA;AAAA,MACN,kBAAkB,IAAA,CAAK;AAAA;AACzB;AAEJ,CAAC,CAAA;AAED,IAAO,uBAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,MAAA,CAAO;AACrB,CAAC","file":"index.js","sourcesContent":["{\n \"cert-manager\": {\n \"repo\": \"https://charts.jetstack.io\",\n \"name\": \"cert-manager\",\n \"version\": \"v1.18.2\",\n \"sha256\": \"daddf7af7b1f0eaaa10edd790aefa0bd8c2b07830febf659460d843217f5b3c5\"\n }\n}\n","import { k8s } from \"@highstate/library\"\nimport { forUnit } from \"@highstate/pulumi\"\nimport charts from \"../../../assets/charts.json\"\nimport { Chart } from \"../../helm\"\nimport { Namespace } from \"../../namespace\"\n\nconst { args, inputs, outputs } = forUnit(k8s.certManager)\n\nconst namespace = Namespace.create(\"cert-manager\", { cluster: inputs.k8sCluster })\n\nnew Chart(\"cert-manager\", {\n namespace,\n\n chart: charts[\"cert-manager\"],\n\n values: {\n crds: {\n enabled: true,\n },\n\n config: {\n apiVersion: \"controller.config.cert-manager.io/v1alpha1\",\n kind: \"ControllerConfiguration\",\n enableGatewayAPI: args.enableGatewayApi,\n },\n },\n})\n\nexport default outputs({\n k8sCluster: inputs.k8sCluster,\n})\n"]}
package/dist/units/cluster-patch/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/cluster-patch/index.ts"],"names":[],"mappings":";;;;;AAIA,IAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,IAAI,YAAY,CAAA;AAE1D,IAAM,OAAA,GAAU,MAAM,SAAA,CAAU,MAAA,CAAO,UAAU,CAAA;AACjD,IAAM,YAAY,MAAM,cAAA,CAAe,KAAK,SAAA,EAAW,MAAA,CAAO,WAAW,CAAC,CAAA;AAC1E,IAAM,eAAe,MAAM,cAAA,CAAe,KAAK,YAAA,EAAc,MAAA,CAAO,cAAc,CAAC,CAAA;AAEnF,IAAM,YAAA,GAAe,SAAA,CAAU,MAAA,GAAS,CAAA,GAAI,YAAY,OAAA,CAAQ,SAAA;AAChE,IAAM,eAAA,GAAkB,YAAA,CAAa,MAAA,GAAS,CAAA,GAAI,eAAe,OAAA,CAAQ,YAAA;AAEzE,IAAO,wBAAQ,OAAA,CAAQ;AAAA,EACrB,UAAA,EAAY,MAAA,CAAO,UAAA,CAAW,KAAA,CAAM,CAAA,UAAA,MAAe;AAAA,IACjD,GAAG,UAAA;AAAA,IACH,SAAA,EAAW,YAAA;AAAA,IACX,YAAA,EAAc;AAAA,GAChB,CAAE,CAAA;AAAA,EAEF,aAAA,EAAe;AAAA,IACb,SAAA,EAAW,SAAA,CAAU,GAAA,CAAI,kBAAkB,CAAA;AAAA,IAC3C,YAAA,EAAc,YAAA,CAAa,GAAA,CAAI,kBAAkB;AAAA;AAErD,CAAC","file":"index.js","sourcesContent":["import { l3EndpointToString, l4EndpointToString, parseEndpoints } from \"@highstate/common\"\nimport { k8s } from \"@highstate/library\"\nimport { forUnit, toPromise } from \"@highstate/pulumi\"\n\nconst { args, inputs, outputs } = forUnit(k8s.clusterPatch)\n\nconst cluster = await toPromise(inputs.k8sCluster)\nconst endpoints = await parseEndpoints(args.endpoints, inputs.endpoints, 3)\nconst apiEndpoints = await parseEndpoints(args.apiEndpoints, inputs.apiEndpoints, 4)\n\nconst newEndpoints = endpoints.length > 0 ? endpoints : cluster.endpoints\nconst newApiEndpoints = apiEndpoints.length > 0 ? apiEndpoints : cluster.apiEndpoints\n\nexport default outputs({\n k8sCluster: inputs.k8sCluster.apply(k8sCluster => ({\n ...k8sCluster,\n endpoints: newEndpoints,\n apiEndpoints: newApiEndpoints,\n })),\n\n $statusFields: {\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"]}
package/dist/units/dns01-issuer/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/dns01-issuer/index.ts"],"names":[],"mappings":";;;;;;;AAOA,IAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,IAAI,cAAc,CAAA;AAE5D,IAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,MAAA,CAAO,UAAU,CAAA;AAEzD,IAAM,aAAA,GAAgB,SAAA,CAAU,GAAA,CAAI,cAAA,EAAgB;AAAA,EAClD,IAAA,EAAM,cAAA;AAAA,EACN,SAAS,MAAA,CAAO;AAClB,CAAC,CAAA;AAED,IAAI,aAAa,EAAA,CAAG,aAAA;AAAA,EAClB,IAAA;AAAA,EACA;AAAA,IACE,QAAA,EAAU;AAAA,MACR;AAAA,KACF;AAAA,IACA,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM;AAAA,QACJ,MAAA,EAAQ,gDAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP;AAAA,YACE,KAAA,EAAO,mBAAA,CAAoB,UAAA,CAAW,MAAA,CAAO,YAAY,OAAA,EAAS;AAAA,cAChE,SAAA,EAAW;AAAA,aACZ,CAAA;AAAA,YACD,QAAA,EAAU,EAAE,QAAA,EAAU,MAAA,CAAO,YAAY,KAAA;AAAM;AACjD,SACF;AAAA,QACA,mBAAA,EAAqB;AAAA,UACnB;AAAA;AACF;AACF;AACF,GACF;AAAA,EACA,EAAE,QAAA;AACJ,CAAA;AAEA,IAAO,uBAAQ,OAAA,CAAQ;AAAA,EACrB,SAAA,EAAW;AAAA,IACT,KAAA,EAAO,OAAO,WAAA,CAAY,KAAA;AAAA,IAC1B,OAAA,EAAS;AAAA,MACP,OAAA,EAAS,gBAAA;AAAA,MACT,IAAA,EAAM;AAAA,QACJ,iBAAA,EAAmB,IAAA;AAAA,QACnB,SAAS,MAAA,CAAO;AAAA;AAClB;AACF,GACF;AAAA,EAEA,aAAA,EAAe;AAAA,IACb,KAAA,EAAO,OAAO,WAAA,CAAY;AAAA;AAE9B,CAAC","file":"index.js","sourcesContent":["import { cert_manager } from \"@highstate/cert-manager\"\nimport { k8s } from \"@highstate/library\"\nimport { forUnit } from \"@highstate/pulumi\"\nimport { dns01SolverMediator } from \"../../dns01-solver\"\nimport { Namespace } from \"../../namespace\"\nimport { getProviderAsync } from \"../../shared\"\n\nconst { name, inputs, outputs } = forUnit(k8s.dns01TlsIssuer)\n\nconst provider = await getProviderAsync(inputs.k8sCluster)\n\nconst certManagerNs = Namespace.get(\"cert-manager\", {\n name: \"cert-manager\",\n cluster: inputs.k8sCluster,\n})\n\nnew cert_manager.v1.ClusterIssuer(\n name,\n {\n metadata: {\n name,\n },\n spec: {\n acme: {\n server: \"https://acme-v02.api.letsencrypt.org/directory\",\n solvers: [\n {\n dns01: dns01SolverMediator.callOutput(inputs.dnsProvider.implRef, {\n namespace: certManagerNs,\n }),\n selector: { dnsZones: inputs.dnsProvider.zones },\n },\n ],\n privateKeySecretRef: {\n name,\n },\n },\n },\n },\n { provider },\n)\n\nexport default outputs({\n tlsIssuer: {\n zones: inputs.dnsProvider.zones,\n implRef: {\n package: \"@highstate/k8s\",\n data: {\n clusterIssuerName: name,\n cluster: inputs.k8sCluster,\n },\n },\n },\n\n $statusFields: {\n zones: inputs.dnsProvider.zones,\n },\n})\n"]}
package/dist/units/existing-cluster/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/existing-cluster/index.ts"],"names":[],"mappings":";;;;;;;;;AAeA,IAAM,EAAE,MAAM,IAAA,EAAM,MAAA,EAAQ,SAAS,OAAA,EAAQ,GAAI,OAAA,CAAQ,GAAA,CAAI,eAAe,CAAA;AAE5E,IAAM,iBAAA,GAAoB,MAAM,SAAA,CAAU,OAAA,CAAQ,WAAW,KAAA,CAAM,IAAA,CAAK,SAAS,CAAC,CAAA;AAElF,IAAM,WAAW,IAAI,QAAA,CAAS,MAAM,EAAE,UAAA,EAAY,mBAAmB,CAAA;AAErE,IAAI,oBAAA;AAEJ,IAAM,UAAA,GAAa,IAAI,UAAA,EAAW;AAClC,UAAA,CAAW,eAAe,iBAAiB,CAAA;AAE3C,IAAM,OAAA,GAAU,UAAA,CAAW,aAAA,CAAc,SAAS,CAAA;AAElD,IAAM,YAAY,MAAM,OAAA,CACrB,uBAAA,CAAwB,EAAE,MAAM,QAAA,EAAU,SAAA,EAAW,aAAA,EAAe,EACpE,IAAA,CAAK,MAAM,IAAI,CAAA,CACf,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,IAAI,SAAA,EAAW;AACb,EAAA,oBAAA,GAAuB;AAAA,IACrB,OAAA,EAAS,mBAAA;AAAA,IACT,MAAM;AAAC,GACT;AACF;AAGA,IAAI,WAAA,GAAc,IAAA,CAAK,WAAA,CAAY,GAAA,CAAI,YAAY,CAAA;AAEnD,IAAI,KAAK,qBAAA,EAAuB;AAC9B,EAAA,MAAM,WAAA,GAAc,MAAM,iBAAA,CAAkB,UAAA,EAAY,KAAK,iBAAiB,CAAA;AAC9E,EAAA,WAAA,GAAc,eAAe,CAAC,GAAG,WAAA,EAAa,GAAG,WAAW,CAAC,CAAA;AAC/D;AAGA,IAAI,YAAY,MAAM,cAAA,CAAe,IAAA,CAAK,SAAA,EAAW,OAAO,SAAS,CAAA;AAErE,IAAI,KAAK,yBAAA,EAA2B;AAClC,EAAA,MAAM,cAAc,WAAA,CAAY,GAAA,CAAI,CAAA,EAAA,KAAM,aAAA,CAAc,EAAE,CAAC,CAAA;AAC3D,EAAA,SAAA,GAAY,eAAe,CAAC,GAAG,SAAA,EAAW,GAAG,WAAW,CAAC,CAAA;AAC3D;AAGA,IAAI,eAAe,MAAM,cAAA,CAAe,KAAK,YAAA,EAAc,MAAA,CAAO,WAAW,CAAC,CAAA;AAE9E,IAAI,KAAK,wBAAA,EAA0B;AACjC,EAAA,MAAM,cAAA,GAAiB,aAAA,CAAc,UAAA,CAAW,QAAA,CAAS,CAAC,CAAA,CAAE,MAAA,CAAO,OAAA,CAAQ,UAAA,EAAY,EAAE,CAAA,EAAG,CAAC,CAAA;AAC7F,EAAA,YAAA,GAAe,cAAA,CAAe,CAAC,cAAA,EAAgB,GAAG,YAAY,CAAC,CAAA;AACjE;AAEA,IAAM,UAAA,GAAa,KAAK,EAAA,CAAG,SAAA,CAAU,IAAI,aAAA,EAAe,aAAA,EAAe,EAAE,QAAA,EAAU,CAAA;AAEnF,IAAO,2BAAQ,OAAA,CAAQ;AAAA,EACrB,UAAA,EAAY;AAAA,IACV,EAAA,EAAI,WAAW,QAAA,CAAS,GAAA;AAAA,IACxB,YAAA,EAAc,WAAW,QAAA,CAAS,GAAA;AAAA,IAClC,IAAA;AAAA,IACA,oBAAA;AAAA,IACA,WAAA;AAAA,IACA,SAAA;AAAA,IACA,YAAA;AAAA,IACA,QAAQ,IAAA,CAAK,MAAA;AAAA,IACb,UAAA,EAAY,OAAO,iBAAiB;AAAA,GACtC;AAAA,EAEA,UAAA,EAAY,CAAC,iBAAA,CAAkB,iBAAiB,CAAC,CAAA;AAAA,EAEjD,aAAA,EAAe;AAAA,IACb,SAAA,EAAW,WAAW,QAAA,CAAS,GAAA;AAAA,IAC/B,SAAA,EAAW,SAAA,CAAU,GAAA,CAAI,kBAAkB,CAAA;AAAA,IAC3C,YAAA,EAAc,YAAA,CAAa,GAAA,CAAI,kBAAkB;AAAA;AAErD,CAAC","file":"index.js","sourcesContent":["import {\n l3EndpointToString,\n l4EndpointToString,\n mergeAddresses,\n mergeEndpoints,\n parseAddress,\n parseEndpoint,\n parseEndpoints,\n} from \"@highstate/common\"\nimport { type ImplementationReference, k8s } from \"@highstate/library\"\nimport { forUnit, secret, toPromise } from \"@highstate/pulumi\"\nimport { AppsV1Api, KubeConfig } from \"@kubernetes/client-node\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\nimport { createK8sTerminal, detectExternalIps } from \"../../cluster\"\n\nconst { name, args, inputs, secrets, outputs } = forUnit(k8s.existingCluster)\n\nconst kubeconfigContent = await toPromise(secrets.kubeconfig.apply(JSON.stringify))\n\nconst provider = new Provider(name, { kubeconfig: kubeconfigContent })\n\nlet networkPolicyImplRef: ImplementationReference | undefined\n\nconst kubeConfig = new KubeConfig()\nkubeConfig.loadFromString(kubeconfigContent)\n\nconst appsApi = kubeConfig.makeApiClient(AppsV1Api)\n\nconst hasCilium = await appsApi\n .readNamespacedDaemonSet({ name: \"cilium\", namespace: \"kube-system\" })\n .then(() => true)\n .catch(() => false)\n\nif (hasCilium) {\n networkPolicyImplRef = {\n package: \"@highstate/cilium\",\n data: {},\n }\n}\n\n// calculate external IPs\nlet externalIps = args.externalIps.map(parseAddress)\n\nif (args.autoDetectExternalIps) {\n const detectedIps = await detectExternalIps(kubeConfig, args.internalIpsPolicy)\n externalIps = mergeAddresses([...externalIps, ...detectedIps])\n}\n\n// calculate endpoints\nlet endpoints = await parseEndpoints(args.endpoints, inputs.endpoints)\n\nif (args.useExternalIpsAsEndpoints) {\n const ipEndpoints = externalIps.map(ip => parseEndpoint(ip))\n endpoints = mergeEndpoints([...endpoints, ...ipEndpoints])\n}\n\n// calculate api endpoints\nlet apiEndpoints = await parseEndpoints(args.apiEndpoints, inputs.endpoints, 4)\n\nif (args.useKubeconfigApiEndpoint) {\n const configEndpoint = parseEndpoint(kubeConfig.clusters[0].server.replace(\"https://\", \"\"), 4)\n apiEndpoints = mergeEndpoints([configEndpoint, ...apiEndpoints])\n}\n\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nexport default outputs({\n k8sCluster: {\n id: kubeSystem.metadata.uid,\n connectionId: kubeSystem.metadata.uid,\n name,\n networkPolicyImplRef,\n externalIps,\n endpoints,\n apiEndpoints,\n quirks: args.quirks,\n kubeconfig: secret(kubeconfigContent),\n },\n\n $terminals: [createK8sTerminal(kubeconfigContent)],\n\n $statusFields: {\n clusterId: kubeSystem.metadata.uid,\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"]}
package/dist/units/gateway-api/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/gateway-api/index.ts"],"names":[],"mappings":";;;;;;AAKA,IAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,OAAA,CAAQ,IAAI,UAAU,CAAA;AAElD,IAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,MAAA,CAAO,UAAU,CAAA;AAEzD,IAAI,KAAK,EAAA,CAAG,UAAA;AAAA,EACV,aAAA;AAAA,EACA;AAAA,IACE,IAAA,EAAM;AAAA,GACR;AAAA,EACA,EAAE,QAAA;AACJ,CAAA;AAEA,IAAO,sBAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,MAAA,CAAO;AACrB,CAAC","file":"index.js","sourcesContent":["import { k8s } from \"@highstate/library\"\nimport { forUnit } from \"@highstate/pulumi\"\nimport { yaml } from \"@pulumi/kubernetes\"\nimport { getProviderAsync } from \"../../shared\"\n\nconst { inputs, outputs } = forUnit(k8s.gatewayApi)\n\nconst provider = await getProviderAsync(inputs.k8sCluster)\n\nnew yaml.v2.ConfigFile(\n \"gateway-api\",\n {\n file: \"https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.4.0/experimental-install.yaml\",\n },\n { provider },\n)\n\nexport default outputs({\n k8sCluster: inputs.k8sCluster,\n})\n"]}
package/dist/units/reduced-access-cluster/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/reduced-access-cluster/index.ts"],"names":[],"mappings":";;;;;;;;;;AAQA,IAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,IAAI,oBAAoB,CAAA;AAElE,IAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAE7C,IAAM,cAAc,IAAI,kBAAA;AAAA,EACtB,OAAA;AAAA,EACA;AAAA,IACE,WAAW,SAAA,CAAU,GAAA,CAAI,cAAA,CAAe,SAAA,EAAW,OAAO,UAAU,CAAA;AAAA,IACpE,eAAA,EAAiB,cAAA,CAAe,eAAA,CAAgB,GAAA,CAAI,CAAA,EAAA,KAAM,UAAU,GAAA,CAAI,EAAA,EAAI,MAAA,CAAO,UAAU,CAAC,CAAA;AAAA,IAC9F,OAAO,IAAA,CAAK,KAAA;AAAA,IACZ,WAAW,cAAA,CAAe;AAAA,GAC5B;AAAA,EACA;AACF,CAAA;AAEA,IAAM,gBAAgB,MAAM,SAAA;AAAA,EAC1B,MAAA;AAAA,IACE,eAAe,SAAA,CAAU,GAAA;AAAA,MAAI,CAAA,CAAA,KAC3B,EAAE,YAAA,GACE,WAAA,CAAA,EAAA,EAAgB,EAAE,IAAI,CAAA,EAAA,EAAK,EAAE,QAAA,CAAS,SAAS,IAAI,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,CAAA,CAAA,GAClE,WAAA,CAAA,EAAA,EAAgB,EAAE,IAAI,CAAA,EAAA,EAAK,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,CAAA;AAAA;AAChD,GACF,CAAE,KAAA,CAAM,IAAA,CAAK,IAAI,CAAC;AACpB,CAAA;AAEA,IAAO,iCAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,WAAA,CAAY,OAAA;AAAA,EAExB,YAAY,CAAC,iBAAA,CAAkB,WAAA,CAAY,OAAA,CAAQ,UAAU,CAAC,CAAA;AAAA,EAE9D,MAAA,EAAQ;AAAA,IACN,KAAA,EAAO;AAAA,MACL,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO;AAAA,OACT;AAAA,MACA,OAAA,EAAS;AAAA,QACP;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS,IAAA;AAAA;AAAA;AAAA,YAAA,EAGL,aAAa;AAAA,UAAA;AAAA,SAEnB;AAAA,QACA;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS,IAAA;AAAA;AAAA,UAAA;AAAA,SAGX;AAAA,QACA;AAAA,UACE,IAAA,EAAM,MAAA;AAAA,UACN,IAAA,EAAM,cAAA,CAAe,YAAA,EAAc,WAAA,CAAY,QAAQ,UAAA,EAAY;AAAA,YACjE,WAAA,EAAa,WAAA;AAAA,YACb,QAAA,EAAU;AAAA,WACX;AAAA,SACH;AAAA,QACA;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS,MAAA;AAAA,YACP,WAAA;AAAA;;AAAA;AAAA,cAAA,EAII,WAAA,CAAY,QAAQ,UAAU;AAAA;AAAA,YAAA,CAAA,CAEhC,MAAM,eAAe;AAAA;AACzB,SACF;AAAA,QACA;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS;AAAA;AACX;AACF;AACF;AAEJ,CAAC","file":"index.js","sourcesContent":["import { text, trimIndentation } from \"@highstate/contract\"\nimport { k8s } from \"@highstate/library\"\nimport { fileFromString, forUnit, interpolate, output, secret, toPromise } from \"@highstate/pulumi\"\nimport { join } from \"remeda\"\nimport { createK8sTerminal } from \"../../cluster\"\nimport { Namespace } from \"../../namespace\"\nimport { ClusterAccessScope } from \"../../rbac\"\n\nconst { args, inputs, outputs } = forUnit(k8s.reducedAccessCluster)\n\nconst resolvedInputs = await toPromise(inputs)\n\nconst accessScope = new ClusterAccessScope(\n \"scope\",\n {\n namespace: Namespace.for(resolvedInputs.namespace, inputs.k8sCluster),\n extraNamespaces: resolvedInputs.extraNamespaces.map(ns => Namespace.for(ns, inputs.k8sCluster)),\n rules: args.rules,\n resources: resolvedInputs.resources,\n },\n {},\n)\n\nconst resourceLines = await toPromise(\n output(\n resolvedInputs.resources.map(r =>\n r.isNamespaced\n ? interpolate`- ${r.kind} \"${r.metadata.namespace}/${r.metadata.name}\"`\n : interpolate`- ${r.kind} \"${r.metadata.name}\"`,\n ),\n ).apply(join(\"\\n\")),\n)\n\nexport default outputs({\n k8sCluster: accessScope.cluster,\n\n $terminals: [createK8sTerminal(accessScope.cluster.kubeconfig)],\n\n $pages: {\n index: {\n meta: {\n title: \"Reduced Access Cluster\",\n },\n content: [\n {\n type: \"markdown\",\n content: text`\n The access to this cluster was reduced to the following resources:\n \n ${resourceLines}\n `,\n },\n {\n type: \"markdown\",\n content: text`\n You can access these resources using the following kubeconfig:\n `,\n },\n {\n type: \"file\",\n file: fileFromString(\"kubeconfig\", accessScope.cluster.kubeconfig, {\n contentType: \"text/yaml\",\n isSecret: true,\n }),\n },\n {\n type: \"markdown\",\n content: secret(\n interpolate`\n You can also copy the following content of the kubeconfig file:\n\n \\`\\`\\`yaml\n ${accessScope.cluster.kubeconfig}\n \\`\\`\\`\n `.apply(trimIndentation),\n ),\n },\n {\n type: \"markdown\",\n content: \"You can also use terminal to verify the access to the resources.\",\n },\n ],\n },\n },\n})\n"]}