@highstate/k8s 0.19.1 → 0.21.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (107) hide show
  1. package/dist/chunk-23vn2rdc.js +11 -0
  2. package/dist/chunk-2pfx13ay.js +11 -0
  3. package/dist/chunk-46ntav0c.js +299 -0
  4. package/dist/chunk-556pc9e6.js +155 -0
  5. package/dist/chunk-7kgjgcft.js +170 -0
  6. package/dist/{chunk-LGHFSXNT.js → chunk-9hs97f1q.js} +23 -17
  7. package/dist/chunk-aame3x1b.js +11 -0
  8. package/dist/chunk-b05q6fm2.js +37 -0
  9. package/dist/chunk-bmvc9d2d.js +11 -0
  10. package/dist/chunk-de82bbp2.js +7 -0
  11. package/dist/chunk-facs31cb.js +624 -0
  12. package/dist/chunk-h1b79v66.js +1425 -0
  13. package/dist/chunk-k4w9zpn5.js +215 -0
  14. package/dist/chunk-pqc6w52f.js +352 -0
  15. package/dist/chunk-qyshvz32.js +176 -0
  16. package/dist/chunk-tpfyj6fe.js +199 -0
  17. package/dist/chunk-z6bmpnm7.js +180 -0
  18. package/dist/highstate.manifest.json +3 -2
  19. package/dist/impl/dynamic-endpoint-resolver.js +91 -0
  20. package/dist/impl/gateway-route.js +226 -166
  21. package/dist/impl/tls-certificate.js +31 -31
  22. package/dist/index.js +293 -166
  23. package/dist/units/cert-manager/index.js +19 -14
  24. package/dist/units/cluster-patch/index.js +14 -13
  25. package/dist/units/dns01-issuer/index.js +82 -42
  26. package/dist/units/existing-cluster/index.js +59 -26
  27. package/dist/units/gateway-api/index.js +15 -16
  28. package/dist/units/reduced-access-cluster/index.js +32 -36
  29. package/package.json +23 -21
  30. package/src/cluster.ts +12 -8
  31. package/src/config-map.ts +15 -5
  32. package/src/container.ts +4 -2
  33. package/src/cron-job.ts +51 -5
  34. package/src/deployment.ts +49 -18
  35. package/src/gateway/backend.ts +3 -3
  36. package/src/gateway/gateway.ts +12 -56
  37. package/src/helm.ts +354 -22
  38. package/src/impl/dynamic-endpoint-resolver.ts +109 -0
  39. package/src/impl/gateway-route.ts +231 -57
  40. package/src/impl/tls-certificate.ts +8 -3
  41. package/src/index.ts +1 -0
  42. package/src/job.ts +38 -6
  43. package/src/kubectl.ts +166 -0
  44. package/src/namespace.ts +47 -3
  45. package/src/network-policy.ts +1 -1
  46. package/src/pvc.ts +12 -2
  47. package/src/rbac.ts +28 -5
  48. package/src/scripting/bundle.ts +21 -98
  49. package/src/scripting/environment.ts +4 -10
  50. package/src/secret.ts +15 -5
  51. package/src/service.ts +28 -6
  52. package/src/shared.ts +31 -3
  53. package/src/stateful-set.ts +49 -18
  54. package/src/tls.ts +31 -5
  55. package/src/units/cluster-patch/index.ts +5 -5
  56. package/src/units/dns01-issuer/index.ts +56 -12
  57. package/src/units/existing-cluster/index.ts +36 -15
  58. package/src/units/reduced-access-cluster/index.ts +6 -3
  59. package/src/worker.ts +4 -2
  60. package/src/workload.ts +474 -217
  61. package/LICENSE +0 -21
  62. package/dist/chunk-4G6LLC2X.js +0 -240
  63. package/dist/chunk-4G6LLC2X.js.map +0 -1
  64. package/dist/chunk-BR2CLUUD.js +0 -230
  65. package/dist/chunk-BR2CLUUD.js.map +0 -1
  66. package/dist/chunk-DCUMJSO6.js +0 -427
  67. package/dist/chunk-DCUMJSO6.js.map +0 -1
  68. package/dist/chunk-FE4SHRAJ.js +0 -286
  69. package/dist/chunk-FE4SHRAJ.js.map +0 -1
  70. package/dist/chunk-HH2JJELM.js +0 -13
  71. package/dist/chunk-HH2JJELM.js.map +0 -1
  72. package/dist/chunk-KMLRI5UZ.js +0 -155
  73. package/dist/chunk-KMLRI5UZ.js.map +0 -1
  74. package/dist/chunk-LGHFSXNT.js.map +0 -1
  75. package/dist/chunk-MIC2BHGS.js +0 -301
  76. package/dist/chunk-MIC2BHGS.js.map +0 -1
  77. package/dist/chunk-OBDQONMV.js +0 -401
  78. package/dist/chunk-OBDQONMV.js.map +0 -1
  79. package/dist/chunk-P2VOUU7E.js +0 -1626
  80. package/dist/chunk-P2VOUU7E.js.map +0 -1
  81. package/dist/chunk-PZ5AY32C.js +0 -9
  82. package/dist/chunk-PZ5AY32C.js.map +0 -1
  83. package/dist/chunk-RVB4WWZZ.js +0 -267
  84. package/dist/chunk-RVB4WWZZ.js.map +0 -1
  85. package/dist/chunk-TWBMG6TD.js +0 -315
  86. package/dist/chunk-TWBMG6TD.js.map +0 -1
  87. package/dist/chunk-VCXWCZ43.js +0 -279
  88. package/dist/chunk-VCXWCZ43.js.map +0 -1
  89. package/dist/chunk-YIJUVPU2.js +0 -297
  90. package/dist/chunk-YIJUVPU2.js.map +0 -1
  91. package/dist/cron-job-NX4HD4FI.js +0 -8
  92. package/dist/cron-job-NX4HD4FI.js.map +0 -1
  93. package/dist/deployment-O2LJ5WR5.js +0 -8
  94. package/dist/deployment-O2LJ5WR5.js.map +0 -1
  95. package/dist/impl/gateway-route.js.map +0 -1
  96. package/dist/impl/tls-certificate.js.map +0 -1
  97. package/dist/index.js.map +0 -1
  98. package/dist/job-SYME6Y43.js +0 -8
  99. package/dist/job-SYME6Y43.js.map +0 -1
  100. package/dist/stateful-set-VJYKTQ72.js +0 -8
  101. package/dist/stateful-set-VJYKTQ72.js.map +0 -1
  102. package/dist/units/cert-manager/index.js.map +0 -1
  103. package/dist/units/cluster-patch/index.js.map +0 -1
  104. package/dist/units/dns01-issuer/index.js.map +0 -1
  105. package/dist/units/existing-cluster/index.js.map +0 -1
  106. package/dist/units/gateway-api/index.js.map +0 -1
  107. package/dist/units/reduced-access-cluster/index.js.map +0 -1
package/dist/impl/gateway-route.js CHANGED
@@ -1,45 +1,65 @@
1
- import { Gateway, HttpRoute, TcpRoute, UdpRoute } from '../chunk-DCUMJSO6.js';
2
- import { Certificate } from '../chunk-BR2CLUUD.js';
3
- import { Service, l4EndpointToServicePort } from '../chunk-TWBMG6TD.js';
4
- import '../chunk-4G6LLC2X.js';
5
- import { Namespace, mapMetadata, getProvider } from '../chunk-OBDQONMV.js';
6
- import '../chunk-PZ5AY32C.js';
7
- import { gatewayRouteMediator } from '@highstate/common';
8
- import { k8s } from '@highstate/library';
9
- import { toPromise } from '@highstate/pulumi';
10
- import { core } from '@pulumi/kubernetes';
1
+ // @bun
2
+ import {
3
+ Gateway,
4
+ HttpRoute,
5
+ TcpRoute,
6
+ UdpRoute
7
+ } from "../chunk-46ntav0c.js";
8
+ import {
9
+ Certificate
10
+ } from "../chunk-556pc9e6.js";
11
+ import {
12
+ Service,
13
+ isEndpointFromCluster,
14
+ l4EndpointToServicePort
15
+ } from "../chunk-k4w9zpn5.js";
16
+ import {
17
+ Namespace,
18
+ getProvider,
19
+ mapMetadata
20
+ } from "../chunk-facs31cb.js";
21
+ import"../chunk-b05q6fm2.js";
11
22
 
12
- var createGatewayRoute = gatewayRouteMediator.implement(
13
- k8s.gatewayDataSchema,
14
- async ({ name, spec, opts }, data) => {
15
- const namespace = spec.nativeData instanceof Service ? await toPromise(spec.nativeData.namespace) : Namespace.for(data.namespace, data.cluster);
16
- const certSecret = await getCertificateSecret(name, namespace, spec.tlsCertificate);
17
- const certificateRef = certSecret ? {
18
- kind: "Secret",
19
- group: "",
20
- name: certSecret.metadata.name
21
- } : void 0;
22
- if (spec.type === "http") {
23
- return await createHttpGatewayRoute({
24
- name,
25
- spec,
26
- opts,
27
- data,
28
- namespace,
29
- certificateRef
30
- });
31
- }
32
- const protocol = spec.type === "tcp" ? "TCP" : "UDP";
33
- return await createL4GatewayRoute({
23
+ // src/impl/gateway-route.ts
24
+ import { gatewayRouteMediator } from "@highstate/common";
25
+ import { k8s } from "@highstate/library";
26
+ import { toPromise } from "@highstate/pulumi";
27
+ import { core } from "@pulumi/kubernetes";
28
+ var createGatewayRoute = gatewayRouteMediator.implement(k8s.gatewayDataSchema, async ({ name, args: spec, opts }, data) => {
29
+ const namespace = resolveRouteNamespace(spec, data);
30
+ const certSecret = await getCertificateSecret(name, namespace, spec.certificate);
31
+ const certificateRef = certSecret ? {
32
+ kind: "Secret",
33
+ group: "",
34
+ name: certSecret.metadata.name
35
+ } : undefined;
36
+ const routeProtocol = resolveRouteProtocol(spec);
37
+ if (routeProtocol === "http") {
38
+ return await createHttpGatewayRoute({
34
39
  name,
35
40
  spec,
36
41
  opts,
37
42
  data,
38
43
  namespace,
39
- protocol
44
+ certificateRef
40
45
  });
41
46
  }
42
- );
47
+ return await createL4GatewayRoute({
48
+ name,
49
+ spec,
50
+ opts,
51
+ data,
52
+ namespace,
53
+ protocol: routeProtocol === "tcp" ? "TCP" : "UDP"
54
+ });
55
+ });
56
+ function resolveRouteNamespace(spec, data) {
57
+ const metadataNamespace = spec.metadata["k8s.namespace"];
58
+ if (metadataNamespace instanceof Namespace) {
59
+ return metadataNamespace;
60
+ }
61
+ return Namespace.for(data.namespace, data.cluster);
62
+ }
43
63
  async function createHttpGatewayRoute({
44
64
  name,
45
65
  spec,
@@ -48,37 +68,60 @@ async function createHttpGatewayRoute({
48
68
  namespace,
49
69
  certificateRef
50
70
  }) {
51
- const backendService = spec.nativeData instanceof Service ? spec.nativeData : (await createServiceFromEndpoints(name, namespace, spec.endpoints, data.cluster, opts)).service;
71
+ const listenerPort = spec.port ?? (certificateRef ? data.httpsPort : data.httpPort);
72
+ const listenerProtocol = certificateRef ? "HTTPS" : "HTTP";
73
+ const listenerHostname = spec.fqdns[0];
52
74
  const listeners = [
53
75
  {
54
- name: "https",
55
- port: data.httpsPort,
56
- protocol: "HTTPS",
76
+ name: `${listenerProtocol.toLowerCase()}-${listenerPort}`,
77
+ port: listenerPort,
78
+ protocol: listenerProtocol,
79
+ hostname: listenerHostname,
57
80
  tls: {
58
81
  mode: "Terminate",
59
- certificateRefs: certificateRef ? [certificateRef] : void 0
82
+ certificateRefs: certificateRef ? [certificateRef] : undefined
60
83
  }
61
84
  }
62
85
  ];
63
- const gateway = await Gateway.createOnce(
64
- {
65
- name: data.className,
66
- namespace,
67
- gatewayClassName: data.className,
68
- listeners
69
- },
70
- opts
71
- );
72
- const httpRoute = new HttpRoute(
73
- name,
74
- {
75
- gateway,
76
- rule: {
77
- backend: backendService
78
- }
79
- },
80
- opts
81
- );
86
+ const gateway = Gateway.create(name, {
87
+ namespace,
88
+ gatewayClassName: data.className,
89
+ listeners
90
+ }, opts);
91
+ const ruleSpecs = Object.values(spec.rules);
92
+ const rules = await Promise.all(ruleSpecs.map(async (ruleSpec, ruleIndex) => {
93
+ const backendRefs = await Promise.all(ruleSpec.backends.map(async (backend, backendIndex) => {
94
+ const backendData = await resolveBackendFromEndpoints({
95
+ routeName: name,
96
+ backendName: `${ruleIndex}-${backendIndex}`,
97
+ endpoints: backend.endpoints,
98
+ namespace,
99
+ cluster: data.cluster,
100
+ opts
101
+ });
102
+ const backendPort = await selectBackendPort({
103
+ ports: backendData.ports,
104
+ protocol: "TCP",
105
+ targetPort: backendData.preferredTargetPort,
106
+ serviceName: backendData.serviceName,
107
+ routeName: name
108
+ });
109
+ return {
110
+ name: backendData.serviceName,
111
+ namespace: backendData.serviceNamespace,
112
+ port: backendPort.port
113
+ };
114
+ }));
115
+ return {
116
+ matches: ruleSpec.paths,
117
+ backends: backendRefs
118
+ };
119
+ }));
120
+ const httpRoute = new HttpRoute(name, {
121
+ gateway,
122
+ hostnames: spec.fqdns,
123
+ rules
124
+ }, opts);
82
125
  return {
83
126
  resource: httpRoute,
84
127
  endpoints: await toPromise(gateway.endpoints)
@@ -92,16 +135,24 @@ async function createL4GatewayRoute({
92
135
  namespace,
93
136
  protocol
94
137
  }) {
95
- const serviceData = spec.nativeData instanceof Service ? {
96
- service: spec.nativeData,
97
- ports: await getServicePorts(spec.nativeData)
98
- } : await createServiceFromEndpoints(name, namespace, spec.endpoints, data.cluster, opts);
99
- const serviceName = await toPromise(serviceData.service.metadata.name);
138
+ const backends = Object.values(spec.rules).flatMap((rule) => rule.backends);
139
+ if (backends.length === 0) {
140
+ throw new Error(`Gateway route "${name}" has no backends to expose.`);
141
+ }
142
+ const firstBackend = backends[0];
143
+ const backendData = await resolveBackendFromEndpoints({
144
+ routeName: name,
145
+ backendName: "0",
146
+ endpoints: firstBackend.endpoints,
147
+ namespace,
148
+ cluster: data.cluster,
149
+ opts
150
+ });
100
151
  const backendPort = await selectBackendPort({
101
- ports: serviceData.ports,
152
+ ports: backendData.ports,
102
153
  protocol,
103
- targetPort: spec.targetPort,
104
- serviceName,
154
+ targetPort: backendData.preferredTargetPort,
155
+ serviceName: backendData.serviceName,
105
156
  routeName: name
106
157
  });
107
158
  const listenerPort = await resolveListenerPort({
@@ -111,51 +162,35 @@ async function createL4GatewayRoute({
111
162
  routeName: name
112
163
  });
113
164
  const listenerName = `${protocol.toLowerCase()}-${listenerPort}`;
114
- const gateway = await Gateway.createOnce(
115
- {
116
- name: data.className,
117
- namespace,
118
- gatewayClassName: data.className,
119
- listeners: [
120
- {
121
- name: listenerName,
122
- port: listenerPort,
123
- protocol
124
- }
125
- ]
126
- },
127
- opts
128
- );
129
- const backendRef = serviceData.service.metadata.apply((metadata) => {
130
- if (!metadata?.name) {
131
- throw new Error(
132
- `Service "${serviceName}" referenced by gateway route "${name}" does not have a name.`
133
- );
134
- }
135
- return {
136
- name: metadata.name,
137
- namespace: metadata.namespace,
138
- port: backendPort.port
139
- };
140
- });
165
+ const gatewayName = name;
166
+ const gatewayResourceName = name;
167
+ const gateway = Gateway.create(gatewayResourceName, {
168
+ name: gatewayName,
169
+ namespace,
170
+ gatewayClassName: data.className,
171
+ listeners: [
172
+ {
173
+ name: listenerName,
174
+ port: listenerPort,
175
+ protocol
176
+ }
177
+ ]
178
+ }, opts);
179
+ const backendRef = {
180
+ name: backendData.serviceName,
181
+ namespace: backendData.serviceNamespace,
182
+ port: backendPort.port
183
+ };
141
184
  const routeOpts = { ...opts, parent: gateway };
142
- const route = protocol === "TCP" ? new TcpRoute(
143
- name,
144
- {
145
- gateway,
146
- listenerName,
147
- backend: backendRef
148
- },
149
- routeOpts
150
- ) : new UdpRoute(
151
- name,
152
- {
153
- gateway,
154
- listenerName,
155
- backend: backendRef
156
- },
157
- routeOpts
158
- );
185
+ const route = protocol === "TCP" ? new TcpRoute(name, {
186
+ gateway,
187
+ listenerName,
188
+ backend: backendRef
189
+ }, routeOpts) : new UdpRoute(name, {
190
+ gateway,
191
+ listenerName,
192
+ backend: backendRef
193
+ }, routeOpts);
159
194
  return {
160
195
  resource: route,
161
196
  endpoints: await toPromise(gateway.endpoints)
@@ -164,7 +199,7 @@ async function createL4GatewayRoute({
164
199
  async function getCertificateSecret(_name, namespace, tlsCertificate) {
165
200
  const resolvedCertificate = await toPromise(tlsCertificate);
166
201
  if (!resolvedCertificate) {
167
- return void 0;
202
+ return;
168
203
  }
169
204
  const resource = await toPromise(resolvedCertificate.resource);
170
205
  if (resource instanceof Certificate) {
@@ -176,9 +211,68 @@ async function getCertificateSecret(_name, namespace, tlsCertificate) {
176
211
  return await toPromise(resource.secret);
177
212
  }
178
213
  }
179
- throw new Error(
180
- "Not implemented: copying certificate secret across namespaces/clusters/different systems"
181
- );
214
+ throw new Error("Not implemented: copying certificate secret across namespaces/clusters/different systems");
215
+ }
216
+ function resolveRouteProtocol(spec) {
217
+ const rules = Object.values(spec.rules);
218
+ if (rules.length === 0) {
219
+ throw new Error("Gateway route must contain at least one rule");
220
+ }
221
+ const type = rules[0].type;
222
+ if (rules.some((rule) => rule.type !== type)) {
223
+ throw new Error("Gateway route rules must use the same protocol type");
224
+ }
225
+ return type;
226
+ }
227
+ async function resolveBackendFromEndpoints({
228
+ routeName,
229
+ backendName,
230
+ endpoints,
231
+ namespace,
232
+ cluster,
233
+ opts
234
+ }) {
235
+ const serviceMeta = getServiceMetadataFromEndpoints(endpoints, cluster);
236
+ if (serviceMeta) {
237
+ const metadataPorts = endpoints.map((endpoint) => ({
238
+ name: typeof serviceMeta.targetPort === "string" ? serviceMeta.targetPort : undefined,
239
+ port: endpoint.port,
240
+ protocol: endpoint.protocol.toUpperCase(),
241
+ targetPort: serviceMeta.targetPort
242
+ }));
243
+ return {
244
+ serviceName: serviceMeta.name,
245
+ serviceNamespace: serviceMeta.namespace,
246
+ ports: metadataPorts,
247
+ preferredTargetPort: serviceMeta.targetPort
248
+ };
249
+ }
250
+ const syntheticService = await createServiceFromEndpoints(`${routeName}-${backendName}`, namespace, endpoints, cluster, opts);
251
+ const syntheticServiceName = await toPromise(syntheticService.service.metadata.name);
252
+ const syntheticServiceNamespace = await toPromise(syntheticService.service.metadata.namespace);
253
+ if (!syntheticServiceNamespace) {
254
+ throw new Error(`Synthetic backend service "${syntheticServiceName}" for gateway route "${routeName}" has no namespace.`);
255
+ }
256
+ return {
257
+ serviceName: syntheticServiceName,
258
+ serviceNamespace: syntheticServiceNamespace,
259
+ ports: syntheticService.ports
260
+ };
261
+ }
262
+ function getServiceMetadataFromEndpoints(endpoints, cluster) {
263
+ const serviceEndpoints = endpoints.filter((endpoint) => isEndpointFromCluster(endpoint, cluster));
264
+ if (serviceEndpoints.length === 0 || serviceEndpoints.length !== endpoints.length) {
265
+ return;
266
+ }
267
+ const first = serviceEndpoints[0].metadata["k8s.service"];
268
+ if (serviceEndpoints.some((endpoint) => endpoint.metadata["k8s.service"].name !== first.name || endpoint.metadata["k8s.service"].namespace !== first.namespace)) {
269
+ return;
270
+ }
271
+ return {
272
+ name: first.name,
273
+ namespace: first.namespace,
274
+ targetPort: first.targetPort
275
+ };
182
276
  }
183
277
  async function createServiceFromEndpoints(name, namespace, endpointsInput, cluster, opts) {
184
278
  const endpoints = await toPromise(endpointsInput);
@@ -216,44 +310,21 @@ async function createServiceFromEndpoints(name, namespace, endpointsInput, clust
216
310
  ports: ipEndpoints.map(l4EndpointToServicePort)
217
311
  });
218
312
  const endpointsName = `hs-backend-${name}`;
219
- new core.v1.Endpoints(
220
- endpointsName,
221
- {
222
- metadata: mapMetadata({ namespace }, endpointsName),
223
- subsets: ipEndpoints.map((endpoint) => ({
224
- addresses: [{ ip: endpoint.address.value }],
225
- ports: [l4EndpointToServicePort(endpoint)]
226
- }))
227
- },
228
- { ...opts, provider: getProvider(cluster), parent: service }
229
- );
313
+ new core.v1.Endpoints(endpointsName, {
314
+ metadata: mapMetadata({ namespace }, endpointsName),
315
+ subsets: ipEndpoints.map((endpoint) => ({
316
+ addresses: [{ ip: endpoint.address.value }],
317
+ ports: [l4EndpointToServicePort(endpoint)]
318
+ }))
319
+ }, { ...opts, provider: getProvider(cluster), parent: service });
230
320
  return {
231
321
  service,
232
322
  ports: ipPortInfos
233
323
  };
234
324
  }
235
- async function getServicePorts(service) {
236
- const spec = await toPromise(service.spec);
237
- const ports = spec.ports ?? [];
238
- const result = [];
239
- for (const port of ports) {
240
- const value = port.port;
241
- const protocol = (port.protocol ?? "TCP").toUpperCase();
242
- if (value === void 0 || protocol !== "TCP" && protocol !== "UDP") {
243
- continue;
244
- }
245
- result.push({
246
- name: port.name ?? void 0,
247
- port: value,
248
- protocol,
249
- targetPort: port.targetPort
250
- });
251
- }
252
- return result;
253
- }
254
325
  function toServicePortInfoFromEndpoint(endpoint) {
255
326
  return {
256
- name: void 0,
327
+ name: undefined,
257
328
  port: endpoint.port,
258
329
  protocol: endpoint.protocol.toUpperCase(),
259
330
  targetPort: endpoint.port
@@ -268,15 +339,13 @@ async function selectBackendPort({
268
339
  }) {
269
340
  const candidates = ports.filter((port) => port.protocol === protocol);
270
341
  if (candidates.length === 0) {
271
- throw new Error(
272
- `Service "${serviceName}" does not expose any ${protocol} ports required by gateway route "${routeName}".`
273
- );
342
+ throw new Error(`Service "${serviceName}" does not expose any ${protocol} ports required by gateway route "${routeName}".`);
274
343
  }
275
344
  if (!targetPort) {
276
345
  return candidates[0];
277
346
  }
278
347
  const resolvedTarget = await toPromise(targetPort);
279
- if (resolvedTarget === void 0 || resolvedTarget === null) {
348
+ if (resolvedTarget === undefined || resolvedTarget === null) {
280
349
  return candidates[0];
281
350
  }
282
351
  if (typeof resolvedTarget === "number") {
@@ -292,9 +361,7 @@ async function selectBackendPort({
292
361
  if (match2) {
293
362
  return match2;
294
363
  }
295
- throw new Error(
296
- `Gateway route "${routeName}" requested target port ${resolvedTarget}, but service "${serviceName}" does not expose it for ${protocol} backends.`
297
- );
364
+ throw new Error(`Gateway route "${routeName}" requested target port ${resolvedTarget}, but service "${serviceName}" does not expose it for ${protocol} backends.`);
298
365
  }
299
366
  const targetString = String(resolvedTarget);
300
367
  const match = candidates.find((candidate) => {
@@ -309,9 +376,7 @@ async function selectBackendPort({
309
376
  if (match) {
310
377
  return match;
311
378
  }
312
- throw new Error(
313
- `Gateway route "${routeName}" requested target port "${targetString}", but service "${serviceName}" does not expose it for ${protocol} backends.`
314
- );
379
+ throw new Error(`Gateway route "${routeName}" requested target port "${targetString}", but service "${serviceName}" does not expose it for ${protocol} backends.`);
315
380
  }
316
381
  async function resolveListenerPort({
317
382
  requestedPort,
@@ -323,23 +388,18 @@ async function resolveListenerPort({
323
388
  return backendPort.port;
324
389
  }
325
390
  const resolved = await toPromise(requestedPort);
326
- if (resolved === void 0 || resolved === null) {
391
+ if (resolved === undefined || resolved === null) {
327
392
  return backendPort.port;
328
393
  }
329
394
  if (!Number.isInteger(resolved)) {
330
- throw new Error(
331
- `Gateway route "${routeName}" must use integer listener ports for ${protocol.toLowerCase()} traffic.`
332
- );
395
+ throw new Error(`Gateway route "${routeName}" must use integer listener ports for ${protocol.toLowerCase()} traffic.`);
333
396
  }
334
397
  const port = Number(resolved);
335
398
  if (port < 1 || port > 65535) {
336
- throw new Error(
337
- `Gateway route "${routeName}" specified listener port ${port}, which is outside the valid range 1-65535.`
338
- );
399
+ throw new Error(`Gateway route "${routeName}" specified listener port ${port}, which is outside the valid range 1-65535.`);
339
400
  }
340
401
  return port;
341
402
  }
342
-
343
- export { createGatewayRoute };
344
- //# sourceMappingURL=gateway-route.js.map
345
- //# sourceMappingURL=gateway-route.js.map
403
+ export {
404
+ createGatewayRoute
405
+ };
package/dist/impl/tls-certificate.js CHANGED
@@ -1,32 +1,32 @@
1
- import { Certificate } from '../chunk-BR2CLUUD.js';
2
- import '../chunk-4G6LLC2X.js';
3
- import { getProvider, Namespace } from '../chunk-OBDQONMV.js';
4
- import '../chunk-PZ5AY32C.js';
5
- import { tlsCertificateMediator } from '@highstate/common';
6
- import { k8s } from '@highstate/library';
1
+ // @bun
2
+ import {
3
+ Certificate
4
+ } from "../chunk-556pc9e6.js";
5
+ import {
6
+ Namespace,
7
+ getProvider
8
+ } from "../chunk-facs31cb.js";
9
+ import"../chunk-b05q6fm2.js";
7
10
 
8
- var createCertificate = tlsCertificateMediator.implement(
9
- k8s.tlsIssuerDataSchema,
10
- ({ name, spec, opts }, data) => {
11
- const provider = getProvider(data.cluster);
12
- const namespace = spec.nativeData instanceof Namespace ? spec.nativeData : Namespace.get("cert-manager", { name: "cert-manager", cluster: data.cluster });
13
- return Certificate.create(
14
- name,
15
- {
16
- namespace,
17
- commonName: spec.commonName,
18
- dnsNames: spec.dnsNames,
19
- issuerRef: {
20
- name: data.clusterIssuerName,
21
- kind: "ClusterIssuer"
22
- },
23
- secretName: `hs-certificate-${name}`
24
- },
25
- { ...opts, provider }
26
- );
27
- }
28
- );
29
-
30
- export { createCertificate };
31
- //# sourceMappingURL=tls-certificate.js.map
32
- //# sourceMappingURL=tls-certificate.js.map
11
+ // src/impl/tls-certificate.ts
12
+ import { tlsCertificateMediator } from "@highstate/common";
13
+ import { k8s } from "@highstate/library";
14
+ var createCertificate = tlsCertificateMediator.implement(k8s.tlsIssuerDataSchema, ({ name, spec, opts }, data) => {
15
+ const provider = getProvider(data.cluster);
16
+ const metadata = spec.metadata;
17
+ const metadataNamespace = metadata?.["k8s.namespace"];
18
+ const namespace = metadataNamespace instanceof Namespace ? metadataNamespace : metadataNamespace ? Namespace.for(metadataNamespace, data.cluster) : Namespace.get("cert-manager", { name: "cert-manager", cluster: data.cluster });
19
+ return Certificate.create(name, {
20
+ namespace,
21
+ commonName: spec.commonName,
22
+ dnsNames: spec.dnsNames,
23
+ issuerRef: {
24
+ name: data.clusterIssuerName,
25
+ kind: "ClusterIssuer"
26
+ },
27
+ secretName: `hs-certificate-${name}`
28
+ }, { ...opts, provider });
29
+ });
30
+ export {
31
+ createCertificate
32
+ };