@highstate/k8s 0.20.0 → 0.21.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/dist/chunk-23vn2rdc.js +11 -0
  2. package/dist/chunk-2pfx13ay.js +11 -0
  3. package/dist/chunk-46ntav0c.js +299 -0
  4. package/dist/chunk-556pc9e6.js +155 -0
  5. package/dist/chunk-7kgjgcft.js +170 -0
  6. package/dist/{chunk-ADHZK6V2.js → chunk-9hs97f1q.js} +13 -11
  7. package/dist/chunk-aame3x1b.js +11 -0
  8. package/dist/chunk-b05q6fm2.js +37 -0
  9. package/dist/chunk-bmvc9d2d.js +11 -0
  10. package/dist/chunk-de82bbp2.js +7 -0
  11. package/dist/chunk-facs31cb.js +624 -0
  12. package/dist/chunk-h1b79v66.js +1425 -0
  13. package/dist/chunk-k4w9zpn5.js +215 -0
  14. package/dist/chunk-pqc6w52f.js +352 -0
  15. package/dist/chunk-qyshvz32.js +176 -0
  16. package/dist/chunk-tpfyj6fe.js +199 -0
  17. package/dist/chunk-z6bmpnm7.js +180 -0
  18. package/dist/highstate.manifest.json +3 -3
  19. package/dist/impl/dynamic-endpoint-resolver.js +82 -81
  20. package/dist/impl/gateway-route.js +131 -168
  21. package/dist/impl/tls-certificate.js +31 -32
  22. package/dist/index.js +245 -201
  23. package/dist/units/cert-manager/index.js +19 -13
  24. package/dist/units/cluster-patch/index.js +9 -8
  25. package/dist/units/dns01-issuer/index.js +44 -41
  26. package/dist/units/existing-cluster/index.js +25 -13
  27. package/dist/units/gateway-api/index.js +15 -16
  28. package/dist/units/reduced-access-cluster/index.js +28 -32
  29. package/package.json +21 -21
  30. package/src/cron-job.ts +26 -1
  31. package/src/deployment.ts +17 -1
  32. package/src/job.ts +15 -1
  33. package/src/scripting/bundle.ts +21 -98
  34. package/src/scripting/environment.ts +2 -9
  35. package/src/shared.ts +1 -1
  36. package/src/stateful-set.ts +17 -1
  37. package/src/workload.ts +31 -14
  38. package/LICENSE +0 -21
  39. package/dist/chunk-23X5SXQG.js +0 -301
  40. package/dist/chunk-23X5SXQG.js.map +0 -1
  41. package/dist/chunk-ADHZK6V2.js.map +0 -1
  42. package/dist/chunk-BTAEFJ5N.js +0 -291
  43. package/dist/chunk-BTAEFJ5N.js.map +0 -1
  44. package/dist/chunk-HH2JJELM.js +0 -13
  45. package/dist/chunk-HH2JJELM.js.map +0 -1
  46. package/dist/chunk-IXE3OKB4.js +0 -249
  47. package/dist/chunk-IXE3OKB4.js.map +0 -1
  48. package/dist/chunk-OG2OPX7B.js +0 -333
  49. package/dist/chunk-OG2OPX7B.js.map +0 -1
  50. package/dist/chunk-P26SQ2ZB.js +0 -393
  51. package/dist/chunk-P26SQ2ZB.js.map +0 -1
  52. package/dist/chunk-PG27ZY2H.js +0 -319
  53. package/dist/chunk-PG27ZY2H.js.map +0 -1
  54. package/dist/chunk-PZYGZSN5.js +0 -54
  55. package/dist/chunk-PZYGZSN5.js.map +0 -1
  56. package/dist/chunk-S77TE7UC.js +0 -309
  57. package/dist/chunk-S77TE7UC.js.map +0 -1
  58. package/dist/chunk-SZKOAHNX.js +0 -1804
  59. package/dist/chunk-SZKOAHNX.js.map +0 -1
  60. package/dist/chunk-TOLFVF4S.js +0 -889
  61. package/dist/chunk-TOLFVF4S.js.map +0 -1
  62. package/dist/chunk-TVKT3ZYX.js +0 -423
  63. package/dist/chunk-TVKT3ZYX.js.map +0 -1
  64. package/dist/cron-job-RKB2HYTO.js +0 -7
  65. package/dist/cron-job-RKB2HYTO.js.map +0 -1
  66. package/dist/deployment-T35TUOL2.js +0 -7
  67. package/dist/deployment-T35TUOL2.js.map +0 -1
  68. package/dist/impl/dynamic-endpoint-resolver.js.map +0 -1
  69. package/dist/impl/gateway-route.js.map +0 -1
  70. package/dist/impl/tls-certificate.js.map +0 -1
  71. package/dist/index.js.map +0 -1
  72. package/dist/job-PE4AKOHB.js +0 -7
  73. package/dist/job-PE4AKOHB.js.map +0 -1
  74. package/dist/stateful-set-LUIRHQJY.js +0 -7
  75. package/dist/stateful-set-LUIRHQJY.js.map +0 -1
  76. package/dist/units/cert-manager/index.js.map +0 -1
  77. package/dist/units/cluster-patch/index.js.map +0 -1
  78. package/dist/units/dns01-issuer/index.js.map +0 -1
  79. package/dist/units/existing-cluster/index.js.map +0 -1
  80. package/dist/units/gateway-api/index.js.map +0 -1
  81. package/dist/units/reduced-access-cluster/index.js.map +0 -1
package/dist/chunk-TVKT3ZYX.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/helm.ts"],"names":["namespace","name","args","services"],"mappings":";;;;;;;;;;;;;;;;;AAiNO,IAAM,KAAA,GAAN,cAAoB,iBAAA,CAAkB;AAAA,EAqB3C,WAAA,CACmB,IAAA,EACA,IAAA,EACA,IAAA,EACjB;AACA,IAAA,KAAA,CAAM,qBAAA,EAAuB,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAJ5B,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAIjB,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,KAAA;AAAA,MAAM,CAAAA,UAAAA,KAC7C,MAAA,CAAOA,aAAY,gBAAA,CAAiBA,UAAS,IAAI,SAAS;AAAA,KAC5D;AAEA,IAAA,IAAA,CAAK,QAAQ,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM,CAAA,OAAA,KAAW;AAC3D,MAAA,OAAO,IAAI,KAAK,EAAA,CAAG,KAAA;AAAA,QACjB,IAAA;AAAA,QACA,IAAA;AAAA,UACE;AAAA,YACE,GAAG,IAAA;AAAA,YACH,KAAA,EAAO,gBAAA,CAAiB,IAAA,CAAK,KAAK,CAAA;AAAA,YAClC;AAAA,WACF;AAAA,UACA,CAAC,SAAS,QAAQ;AAAA,SACpB;AAAA,QACA;AAAA,UACE,GAAG,IAAA;AAAA,UACH,MAAA,EAAQ,IAAA;AAAA,UACR,QAAA,EAAU,YAAY,OAAO,CAAA;AAAA,UAE7B,UAAA,EAAY;AAAA,YACV,GAAI,IAAA,EAAM,UAAA,IAAc,EAAC;AAAA,YAEzB,OAAM,YAAA,KAAgB;AACpB,cAAA,MAAMA,UAAAA,GAAY,MAAM,SAAA,CAAU,MAAA,CAAO,KAAK,SAAS,CAAA,CAAE,SAAS,IAAI,CAAA;AAEtE,cAAA,MAAM,WAAA,GAAc,KAAK,WAAA,IAAe,IAAA;AACxC,cAAA,MAAM,eAAe,CAAA,EAAG,IAAI,CAAA,CAAA,EAAIA,UAAS,IAAI,WAAW,CAAA,CAAA;AAExD,cAAA,IACE,YAAA,CAAa,IAAA,KAAS,4BAAA,IACtB,YAAA,CAAa,SAAS,YAAA,EACtB;AACA,gBAAA,MAAM,OAAO,MAAM,SAAA;AAAA,kBACjB,aAAa,KAAA,CAAM;AAAA,iBACrB;AAEA,gBAAA,MAAM,WAAA,GAAc,MAAM,SAAA,CAAU,iBAAA,CAAkB,KAAK,OAAA,IAAW,EAAC,EAAG,OAAO,CAAC,CAAA;AAElF,gBAAA,OAAO;AAAA,kBACL,KAAA,EAAO;AAAA,oBACL,GAAG,YAAA,CAAa,KAAA;AAAA,oBAChB,IAAA,EAAM;AAAA,sBACJ,GAAG,IAAA;AAAA,sBACH,GAAI,WAAA,CAAY,KAAA,EAAO,MAAA,KAAW,CAAA,GAC9B,cACA,IAAA,CAAK,WAAA,EAAa,CAAC,OAAO,CAAC;AAAA;AACjC,mBACF;AAAA,kBACA,MAAM,YAAA,CAAa;AAAA,iBACrB;AAAA,cACF;AAEA,cAAA,OAAO,MAAA;AAAA,YACT;AAAA;AACF;AACF,OACF;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,MACZ,eAAA;AAAA,QACE,IAAA,CAAK,QAAQ,EAAE,IAAA,EAAM,WAAW,KAAA,EAAO,IAAA,CAAK,OAAM,GAAI,MAAA;AAAA,QACtD,KAAK,MAAA,GACD,MAAA,CAAO,QAAQ,IAAA,CAAK,MAAM,EAAE,GAAA,CAAI,CAAC,CAACC,KAAAA,EAAM,KAAK,CAAA,MAAO,EAAE,MAAAA,KAAAA,EAAM,KAAA,GAAQ,CAAA,GACpE;AAAA;AACN,KACF,CAAE,KAAA,CAAM,OAAM,MAAA,KAAU;AACtB,MAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACvB,QAAA,OAAO,EAAC;AAAA,MACV;AAEA,MAAA,OAAO,MAAM,OAAA,CAAQ,GAAA;AAAA,QACnB,OAAO,GAAA,CAAI,OAAO,EAAE,IAAA,EAAM,SAAA,EAAW,OAAM,KAAM;AAC/C,UAAA,MAAM,EAAE,WAAA,EAAa,YAAA,EAAc,OAAO,MAAA,EAAQ,GAAG,WAAU,GAAI,KAAA;AACnE,UAAA,MAAM,WAAA,GAAc,KAAA,CAAM,WAAA,IAAe,IAAA,CAAK,WAAA;AAE9C,UAAA,IAAI,CAAC,WAAA,EAAa;AAChB,YAAA,MAAM,IAAI,KAAA;AAAA,cACR,CAAA,0CAAA,EAA6C,IAAI,CAAA,CAAA,EAAI,SAAS,CAAA,mDAAA;AAAA,aAChE;AAAA,UACF;AAEA,UAAA,MAAMD,UAAAA,GAAY,MAAM,SAAA,CAAU,IAAA,CAAK,SAAS,CAAA;AAEhD,UAAA,MAAM,UAAA,GAAc,MAAM,SAAA,CAAU,KAAA,CAAM,KAAK,CAAA;AAC/C,UAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,MAAA,CAAO,UAAA,IAAc,EAAE,CAAA;AAEtD,UAAA,MAAM,kBAAA,GAAqB,KAAA,CAAM,WAAA,IAAe,IAAA,CAAK,WAAA,IAAe,IAAA;AACpE,UAAA,MAAM,kBAAA,GAAqB,KAAA,CAAM,WAAA,IAAe,IAAA,CAAK,WAAA;AACrD,UAAA,MAAM,mBAAA,GAAsB,gBAAgB,MAAA,KAAW,CAAA;AAEvD,UAAA,MAAM,iBAAiB,mBAAA,GACnB,MAAM,IAAA,CAAK,UAAA,CAAW,kBAAkB,CAAA,GACxC,MAAA;AAEJ,UAAA,MAAM,uBAAA,GACJ,mBAAA,IAAuB,cAAA,GACnB,MAAM,IAAA,CAAK,uBAAA;AAAA,YACT,cAAA;AAAA,YACA,kBAAA;AAAA,YACA,kBAAA;AAAA,YACA,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,SAAS,CAAA;AAAA,WACtB,GACA,MAAA;AAEN,UAAA,MAAM,aAAA,GAAgB,UAAA,GAClB,MAAM,OAAA,CAAQ,GAAA;AAAA,YACZ,MAAA,CAAO,QAAQ,UAAU,CAAA,CAAE,IAAI,OAAO,CAAC,QAAA,EAAU,IAAI,CAAA,KAAM;AACzD,cAAA,MAAM,eAAA,GAAkB,KAAK,WAAA,IAAe,kBAAA;AAC5C,cAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,UAAA,CAAW,eAAe,CAAA;AACzD,cAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,WAAA,IAAe,KAAA,CAAM,eAAe,IAAA,CAAK,WAAA;AACtE,cAAA,MAAM,oBAAA,GAAuB,MAAM,IAAA,CAAK,uBAAA;AAAA,gBACtC,WAAA;AAAA,gBACA,eAAA;AAAA,gBACA,eAAA;AAAA,gBACA,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,SAAS,IAAI,QAAQ,CAAA;AAAA,eAClC;AAEA,cAAA,OAAO;AAAA,gBACL,QAAA;AAAA,gBACA;AAAA,kBACE;AAAA,oBACE,GAAG,IAAA,CAAK,IAAA,EAAM,CAAC,aAAA,EAAe,aAAa,CAAC,CAAA;AAAA,oBAC5C,OAAA,EAAS;AAAA,sBACP,SAAA,EAAW;AAAA;AACb;AACF;AACF,eACF;AAAA,YACF,CAAC;AAAA,WACH,GACA,MAAA;AAEJ,UAAA,MAAM,kBAAA,GAAqB,aAAA,GACtB,MAAA,CAAO,WAAA,CAAY,aAAa,CAAA,GACjC,MAAA;AAEJ,UAAA,OAAO,IAAI,gBAAA;AAAA,YACT,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA;AAAA,YACpB;AAAA,cACE,GAAG,SAAA;AAAA,cACH,WAAA;AAAA,cACA,GAAI,cAAA,GACA;AAAA,gBACE,OAAA,EAAS;AAAA,kBACP,SAAA,EAAW;AAAA;AACb,kBAEF,EAAC;AAAA,cACL,KAAA,EAAO,kBAAA;AAAA,cACP,QAAA,EAAU;AAAA,gBACR,GAAI,KAAA,CAAM,QAAA,IAAY,EAAC;AAAA,gBACvB,eAAA,EAAiBA;AAAA;AACnB,aACF;AAAA,YACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,IAAA;AAAK,WAC1B;AAAA,QACF,CAAC;AAAA,OACH;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,kBAAkB,MAAA,CAAO,IAAI,CAAA,CAAE,KAAA,CAAM,CAAAE,KAAAA,KAAQ;AAChD,MAAA,MAAM,QAAA,GAAW,SAAA,CAAUA,KAAAA,CAAK,aAAA,EAAeA,MAAK,eAAe,CAAA;AAEnE,MAAA,OAAO,MAAA;AAAA,QACL,QAAA,CAAS,IAAI,CAAA,MAAA,KAAU;AACrB,UAAA,OAAO,IAAI,aAAA;AAAA,YACT,IAAA;AAAA,YACA;AAAA,cACE,GAAG,MAAA;AAAA,cACH,WAAWA,KAAAA,CAAK,SAAA;AAAA,cAChB,WAAA,EAAa,kCAAkC,IAAI,CAAA,CAAA;AAAA,aACrD;AAAA,YACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,IAAA;AAAK,WAC1B;AAAA,QACF,CAAC;AAAA,OACH;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,YAAY,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,CAAE,MAAM,CAAA,KAAA,KAAS;AACjD,MAAA,OAAO,MAAA;AAAA,QACL,KAAA,CAAM,SAAA,CAAU,KAAA,CAAM,CAAA,SAAA,KAAa;AACjC,UAAA,OAAO,SAAA,CACJ,IAAI,CAAA,QAAA,KAAY;AACf,YAAA,IAAI,IAAA,CAAK,EAAA,CAAG,UAAA,CAAW,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC3C,cAAA,OAAO,QAAA,CAAS,QAAA,CAAS,IAAA,CAAK,KAAA,CAAM,CAAAD,KAAAA,KAAQ;AAC1C,gBAAA,OAAO,UAAA,CAAW,IAAA;AAAA,kBAChBA,KAAAA;AAAA,kBACA,EAAE,WAAW,IAAA,CAAK,SAAA,EAAW,YAAY,QAAA,EAAU,QAAA,EAAU,KAAK,QAAA,EAAS;AAAA,kBAC3E,IAAA,CAAK;AAAA,iBACP;AAAA,cACF,CAAC,CAAA;AAAA,YACH;AAEA,YAAA,IAAI,IAAA,CAAK,EAAA,CAAG,WAAA,CAAY,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC5C,cAAA,OAAO,QAAA,CAAS,QAAA,CAAS,IAAA,CAAK,KAAA,CAAM,CAAAA,KAAAA,KAAQ;AAC1C,gBAAA,OAAO,WAAA,CAAY,IAAA;AAAA,kBACjBA,KAAAA;AAAA,kBACA;AAAA,oBACE,WAAW,IAAA,CAAK,SAAA;AAAA,oBAChB,WAAA,EAAa,QAAA;AAAA,oBACb,OAAA,EAAS,IAAA,CAAK,gBAAA,CAAiBA,KAAI,CAAA;AAAA,oBACnC,UAAU,IAAA,CAAK;AAAA,mBACjB;AAAA,kBACA,IAAA,CAAK;AAAA,iBACP;AAAA,cACF,CAAC,CAAA;AAAA,YACH;AAEA,YAAA,OAAO,MAAA;AAAA,UACT,CAAC,CAAA,CACA,MAAA,CAAO,YAAY,CAAA;AAAA,QACxB,CAAC;AAAA,OACH;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAhPgB,KAAA;AAAA;AAAA;AAAA;AAAA,EAKA,MAAA;AAAA;AAAA;AAAA;AAAA,EAKA,eAAA;AAAA;AAAA;AAAA;AAAA,EAKA,SAAA;AAAA,EAmOhB,IAAY,QAAQ,MAAA,EAAe;AAAA,EAAC;AAAA,EAEpC,IAAY,UAAU,MAAA,EAAe;AAAA,EAAC;AAAA,EAEtC,IAAI,OAAA,GAA2B;AAC7B,IAAA,OAAO,IAAA,CAAK,iBAAiB,MAAS,CAAA;AAAA,EACxC;AAAA,EAEA,IAAI,UAAA,GAAiC;AACnC,IAAA,OAAO,IAAA,CAAK,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA;AAAA,EAC3C;AAAA,EAEA,IAAI,WAAA,GAAmC;AACrC,IAAA,OAAO,IAAA,CAAK,oBAAA,CAAqB,IAAA,CAAK,IAAI,CAAA;AAAA,EAC5C;AAAA,EAEA,IAAI,SAAA,GAAoC;AACtC,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,KAAA,CAAM,CAAA,SAAA,KAAa;AACvC,MAAA,MAAM,sBAAsB,SAAA,CAAU,GAAA;AAAA,QAAI,CAAA,QAAA,KACxC,MAAA,CAAO,EAAE,SAAA,EAAW,QAAA,CAAS,WAAW,YAAA,EAAc,QAAA,CAAS,QAAA,CAAS,IAAA,EAAM;AAAA,OAChF;AAEA,MAAA,OAAO,MAAA,CAAO,mBAAmB,CAAA,CAAE,KAAA,CAAM,CAAA,iBAAA,KAAqB;AAC5D,QAAA,MAAM,oBAAA,GAAuB,kBAAkB,MAAA,GAAS,CAAA;AAExD,QAAA,OAAO,kBAAkB,OAAA,CAAQ,CAAC,EAAE,SAAA,EAAW,cAAa,KAAM;AAChE,UAAA,IAAI,CAAC,oBAAA,EAAsB;AACzB,YAAA,OAAO,SAAA;AAAA,UACT;AAEA,UAAA,OAAO,SAAA,CAAU,IAAI,CAAA,QAAA,MAAa;AAAA,YAChC,GAAG,QAAA;AAAA,YACH,IAAA,EAAM;AAAA,cACJ,GAAG,QAAA,CAAS,IAAA;AAAA,cACZ,OAAO,CAAA,EAAG,QAAA,CAAS,IAAA,CAAK,KAAK,MAAM,YAAY,CAAA;AAAA;AACjD,WACF,CAAE,CAAA;AAAA,QACJ,CAAC,CAAA;AAAA,MACH,CAAC,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EACH;AAAA,EAEiB,QAAA,uBAAe,GAAA,EAAqB;AAAA,EAErD,MAAc,uBAAA,CACZ,OAAA,EACA,WAAA,EACA,aACA,SAAA,EACA;AACA,IAAA,MAAM,SAAA,GAAY,MAAM,SAAA,CAAU,OAAA,CAAQ,SAAS,CAAA;AACnD,IAAA,MAAM,YAAA,GAAe,MAAM,SAAA,CAAU,OAAA,CAAQ,KAAK,KAAK,CAAA;AAEvD,IAAA,IAAI,SAAA,CAAU,WAAW,CAAA,EAAG;AAC1B,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,gCAAA,EAAmC,WAAW,CAAA,kBAAA,EAAqB,SAAS,CAAA,CAAA;AAAA,OAC9E;AAAA,IACF;AAEA,IAAA,IAAI,mBAAA;AAEJ,IAAA,IAAI,eAAe,IAAA,EAAM;AACvB,MAAA,MAAM,oBAAA,GAAuB,MAAM,SAAA,CAAU,WAAW,CAAA;AAExD,MAAA,IAAI,OAAO,yBAAyB,QAAA,EAAU;AAC5C,QAAA,MAAM,YAAY,YAAA,EAAc,IAAA,CAAK,CAAA,IAAA,KAAQ,IAAA,CAAK,SAAS,oBAAoB,CAAA;AAE/E,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,CAAA,YAAA,EAAe,oBAAoB,CAAA,yBAAA,EAA4B,WAAW,qBAAqB,SAAS,CAAA,CAAA;AAAA,WAC1G;AAAA,QACF;AAEA,QAAA,mBAAA,GAAsB,SAAA,CAAU,IAAA;AAAA,MAClC,CAAA,MAAO;AACL,QAAA,mBAAA,GAAsB,oBAAA;AAAA,MACxB;AAAA,IACF,CAAA,MAAO;AACL,MAAA,mBAAA,GAAsB,SAAA,CAAU,CAAC,CAAA,EAAG,IAAA;AAAA,IACtC;AAEA,IAAA,IAAI,uBAAuB,IAAA,EAAM;AAC/B,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,4CAAA,EAA+C,WAAW,CAAA,kBAAA,EAAqB,SAAS,CAAA,CAAA;AAAA,OAC1F;AAAA,IACF;AAEA,IAAA,MAAM,oBAAoB,SAAA,CAAU,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,mBAAmB,CAAA;AAE5F,IAAA,IAAI,iBAAA,CAAkB,WAAW,CAAA,EAAG;AAClC,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,uBAAA,EAA0B,mBAAmB,CAAA,oBAAA,EAAuB,WAAW,qBAAqB,SAAS,CAAA,CAAA;AAAA,OAC/G;AAAA,IACF;AAEA,IAAA,OAAO,iBAAA;AAAA,EACT;AAAA,EAEA,iBAAiB,IAAA,EAA2C;AAC1D,IAAA,OAAO,MAAA,CAAO,EAAE,IAAA,EAAM,IAAA,CAAK,MAAM,KAAA,EAAO,IAAA,CAAK,KAAA,EAAO,EAAE,KAAA,CAAM,CAAC,EAAE,IAAA,EAAM,OAAM,KAAM;AAC/E,MAAA,MAAM,YAAA,GAAe,IAAA,IAAQ,IAAA,CAAK,WAAA,IAAe,IAAA,CAAK,IAAA;AACtD,MAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,YAAY,CAAA;AAEtD,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,OAAO,eAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,qBAAA,CAAsB,KAAA,EAAO,YAAY,CAAA;AAEzD,MAAA,MAAM,iBAAiB,OAAA,CAAQ,IAAA;AAAA,QAC7B,YAAA;AAAA,QACA,EAAE,SAAA,EAAW,IAAA,CAAK,SAAA,EAAW,OAAA,EAAQ;AAAA,QACrC,EAAE,GAAG,IAAA,CAAK,IAAA,EAAM,QAAQ,IAAA;AAAK,OAC/B;AAEA,MAAA,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,YAAA,EAAc,cAAc,CAAA;AAC9C,MAAA,OAAO,cAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,kBAAkB,IAAA,EAAgC;AAChD,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,KAAA,CAAM,OAAM,SAAA,KAAa;AAC7C,MAAA,MAAM,qBAAqB,MAAM,SAAA;AAAA,QAC/B,SAAA,CAAU,GAAA,CAAI,CAAA,QAAA,KAAY,MAAA,CAAO,EAAE,QAAA,EAAU,IAAA,EAAM,QAAA,CAAS,QAAA,CAAS,IAAA,EAAM,CAAC;AAAA,OAC9E;AAEA,MAAA,MAAM,OAAO,kBAAA,CAAmB,IAAA,CAAK,CAAA,CAAA,KAAK,CAAA,CAAE,SAAS,IAAI,CAAA;AAEzD,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,IAAI,CAAA,kCAAA,CAAoC,CAAA;AAAA,MACjF;AAEA,MAAA,OAAO,IAAA,CAAK,QAAA;AAAA,IACd,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,oBAAoB,IAAA,EAAkC;AACpD,IAAA,OAAO,IAAA,CAAK,iBAAA,CAAkB,IAAI,CAAA,CAAE,MAAM,CAAA,QAAA,KAAY;AACpD,MAAA,IAAI,oBAAoB,UAAA,EAAY;AAClC,QAAA,OAAO,QAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,IAAI,CAAA,qBAAA,CAAuB,CAAA;AAAA,IACpE,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,qBAAqB,IAAA,EAAmC;AACtD,IAAA,OAAO,IAAA,CAAK,iBAAA,CAAkB,IAAI,CAAA,CAAE,MAAM,CAAA,QAAA,KAAY;AACpD,MAAA,IAAI,oBAAoB,WAAA,EAAa;AACnC,QAAA,OAAO,QAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,IAAI,CAAA,sBAAA,CAAwB,CAAA;AAAA,IACrE,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,WAAW,IAAA,EAAiC;AAC1C,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,gBAAA,CAAiB,IAAI,CAAC,CAAA;AAAA,EAC9C;AAAA,EAEA,YAAY,IAAA,EAAiC;AAC3C,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,iBAAA,CAAkB,IAAI,CAAC,CAAA;AAAA,EAC/C;AAAA,EAEA,cAAc,IAAA,EAAmC;AAC/C,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,mBAAA,CAAoB,IAAI,CAAC,CAAA;AAAA,EACjD;AAAA,EAEA,eAAe,IAAA,EAAoC;AACjD,IAAA,OAAO,SAAA,CAAU,IAAA,CAAK,oBAAA,CAAqB,IAAI,CAAC,CAAA;AAAA,EAClD;AACF;AAmBO,IAAM,aAAA,GAAN,cAA4B,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAInC,QAAA;AAAA;AAAA;AAAA;AAAA,EAKA,OAAA;AAAA,EAEhB,WAAA,CAAY,IAAA,EAAc,IAAA,EAAyB,IAAA,EAAiC;AAClF,IAAA,KAAA,CAAM,6BAAA,EAA+B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAErD,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO,IAAI,CAAA,CAAE,KAAA,CAAM,CAAAC,KAAAA,KAAQ;AACxC,MAAA,MAAM,MAAA,GAASA,MAAK,MAAA,GAChB,MAAA,CAAO,QAAQA,KAAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,KAAK,KAAK,CAAA,KAAM,CAAC,OAAA,EAAS,CAAA,EAAG,GAAG,KAAK,KAAK,CAAA,CAAA,CAAG,CAAC,CAAA,GACpF,EAAC;AAEL,MAAA,OAAO,IAAI,KAAA,CAAM,OAAA;AAAA,QACf,IAAA;AAAA,QACA;AAAA,UACE,QAAQ,MAAA,CAAO;AAAA,YACb,MAAA;AAAA,YACA,UAAA;AAAA,YACA,gBAAA,CAAiBA,MAAK,KAAK,CAAA;AAAA,YAE3B,GAAIA,KAAAA,CAAK,SAAA,GAAY,CAAC,aAAA,EAAe,iBAAiBA,KAAAA,CAAK,SAAS,CAAC,CAAA,GAAI,EAAC;AAAA,YAE1E,GAAG;AAAA,WACJ,CAAA,CAAE,KAAA,CAAM,aAAW,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,UAErC,OAAA,EAAS;AAAA,SACX;AAAA,QACA,EAAE,MAAA,EAAQ,IAAA,EAAM,GAAG,IAAA;AAAK,OAC1B;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,QAAA,GAAW,KAAK,OAAA,CAAQ,MAAA;AAE7B,IAAA,IAAA,CAAK,eAAA,CAAgB,EAAE,QAAA,EAAU,IAAA,CAAK,UAAU,OAAA,EAAS,IAAA,CAAK,SAAS,CAAA;AAAA,EACzE;AACF;AAeA,eAAsB,iBAAiB,QAAA,EAA0C;AAC/E,EAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,CAAI,mBAAA,EAAqB;AACpC,IAAA,MAAM,IAAI,MAAM,qDAAqD,CAAA;AAAA,EACvE;AAEA,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,qBAAqB,QAAQ,CAAA;AACnE,EAAA,MAAM,KAAA,CAAM,SAAA,EAAW,EAAE,SAAA,EAAW,MAAM,CAAA;AAE1C,EAAA,MAAM,WAAA,GAAc,CAAA,EAAG,QAAA,CAAS,IAAI,CAAA,MAAA,CAAA;AACpC,EAAA,MAAM,iBAAiB,CAAA,EAAG,QAAA,CAAS,IAAI,CAAA,CAAA,EAAI,SAAS,OAAO,CAAA,IAAA,CAAA;AAG3D,EAAA,MAAM,QAAQ,MAAM,IAAA,CAAK,aAAa,EAAE,GAAA,EAAK,WAAW,CAAA;AAExD,EAAA,IAAI,KAAA,CAAM,QAAA,CAAS,cAAc,CAAA,EAAG;AAClC,IAAA,OAAO,OAAA,CAAQ,WAAW,cAAc,CAAA;AAAA,EAC1C;AAGA,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,MAAA,CAAO,OAAA,CAAQ,SAAA,EAAW,IAAI,CAAC,CAAA;AAAA,EACvC;AAGA,EAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,IAAA,CAAK,UAAA,CAAW,QAAQ,CAAA;AAC/C,EAAA,MAAM,QAAA,GAAW,KAAA,GAAQ,CAAA,EAAG,QAAA,CAAS,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAC,CAAA,CAAA,EAAI,QAAA,CAAS,IAAI,KAAK,QAAA,CAAS,IAAA;AAE3F,EAAA,MAAM,QAAA,GAAW,CAAC,MAAA,EAAQ,QAAA,EAAU,aAAa,QAAA,CAAS,OAAA,EAAS,iBAAiB,SAAS,CAAA;AAE7F,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,QAAA,CAAS,IAAA,CAAK,QAAA,EAAU,QAAA,CAAS,IAAI,CAAA;AAAA,EACvC;AAEA,EAAA,MAAM,KAAA,CAAM,QAAQ,QAAQ,CAAA;AAG5B,EAAA,MAAM,UAAU,MAAM,QAAA,CAAS,OAAA,CAAQ,SAAA,EAAW,cAAc,CAAC,CAAA;AACjE,EAAA,MAAM,YAAA,GAAe,MAAM,MAAA,CAAO,OAAO,CAAA;AAEzC,EAAA,IAAI,YAAA,KAAiB,SAAS,MAAA,EAAQ;AACpC,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,QAAA,CAAS,IAAI,CAAA,CAAA,CAAG,CAAA;AAAA,EAChE;AAEA,EAAA,OAAO,OAAA,CAAQ,WAAW,cAAc,CAAA;AAC1C;AASO,SAAS,qBAAA,CAAsB,OAAsB,IAAA,EAAuC;AACjG,EAAA,MAAM,QAAA,GAAW,KAAA,CAAM,SAAA,CAAU,KAAA,CAAM,CAAA,SAAA,KAAa;AAClD,IAAA,OAAO,UACJ,MAAA,CAAO,CAAA,CAAA,KAAK,KAAK,EAAA,CAAG,OAAA,CAAQ,WAAW,CAAC,CAAC,CAAA,CACzC,GAAA,CAAI,cAAY,EAAE,IAAA,EAAM,QAAQ,QAAA,CAAS,IAAA,EAAM,SAAQ,CAAE,CAAA;AAAA,EAC9D,CAAC,CAAA;AAED,EAAA,OAAO,MAAA,CAAO,QAAQ,CAAA,CAAE,KAAA,CAAM,CAAAC,SAAAA,KAAY;AACxC,IAAA,MAAM,UAAUA,SAAAA,CAAS,IAAA,CAAK,OAAK,CAAA,CAAE,IAAA,KAAS,IAAI,CAAA,EAAG,OAAA;AAErD,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,IAAI,CAAA,kCAAA,CAAoC,CAAA;AAAA,IAChF;AAEA,IAAA,OAAO,OAAA;AAAA,EACT,CAAC,CAAA;AACH;AASO,SAAS,eAAA,CAAgB,OAAsB,IAAA,EAAwC;AAC5F,EAAA,OAAO,SAAA,CAAU,qBAAA,CAAsB,KAAA,EAAO,IAAI,CAAC,CAAA;AACrD","file":"chunk-TVKT3ZYX.js","sourcesContent":["import type { UnitTerminal } from \"@highstate/contract\"\nimport type { common } from \"@highstate/library\"\nimport type { DistributedOmit } from \"type-fest\"\nimport type { Namespace } from \"./namespace\"\nimport type { Workload, WorkloadTerminalArgs } from \"./workload\"\nimport { mkdir, readFile, unlink } from \"node:fs/promises\"\nimport { resolve } from \"node:path\"\nimport {\n AccessPointRoute,\n type AccessPointRouteArgs,\n type GatewayHttpRuleArgs,\n type GatewayRuleArgs,\n} from \"@highstate/common\"\nimport { type InputRecord, normalize, normalizeInputs, toPromise } from \"@highstate/pulumi\"\nimport { local } from \"@pulumi/command\"\nimport { apps, core, helm, type types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Output,\n output,\n} from \"@pulumi/pulumi\"\nimport { sha256 } from \"crypto-hash\"\nimport { glob } from \"glob\"\nimport spawn from \"nano-spawn\"\nimport { isNonNullish, omit } from \"remeda\"\nimport { Deployment } from \"./deployment\"\nimport { NetworkPolicy, type NetworkPolicyArgs } from \"./network-policy\"\nimport { createServiceSpec, Service, type ServiceArgs } from \"./service\"\nimport { getNamespaceName, getProvider, type NamespaceLike } from \"./shared\"\nimport { StatefulSet } from \"./stateful-set\"\n\ntype ChartRouteBaseArgs = DistributedOmit<\n AccessPointRouteArgs,\n \"accessPoint\" | \"backend\" | \"backends\" | \"rules\" | \"type\" | \"path\" | \"paths\"\n> & {\n /**\n * The name of the service to route to.\n *\n * If not specified, it will route to the main service of the chart.\n */\n serviceName?: string\n\n /**\n * The service port to route to.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * If not specified, it first falls back to the servicePort of the chart,\n * then to the first port of the matched service.\n */\n servicePort?: Input<number | string>\n\n /**\n * The access point to use for the route.\n *\n * If not specified, it will use the access point provided at the chart level, or throw an error if the chart level access point is not provided.\n */\n accessPoint?: Input<common.AccessPoint>\n\n /**\n * The protocol type for the route.\n */\n type: \"http\" | \"tcp\" | \"udp\"\n}\n\ntype ChartHttpGatewayRuleArgs = DistributedOmit<GatewayHttpRuleArgs, \"backend\" | \"backends\"> & {\n /**\n * The name of the service to route to.\n *\n * If not specified, it first falls back to the serviceName of the route, then to the main service of the chart.\n */\n serviceName?: string\n\n /**\n * The service port to route to.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * If not specified, it first falls back to the servicePort of the route,\n * then to the servicePort of the chart,\n * then to the first port of the matched service.\n */\n servicePort?: Input<number | string>\n}\n\ntype ChartTcpUdpGatewayRuleArgs = DistributedOmit<GatewayRuleArgs, \"backend\" | \"backends\"> & {\n /**\n * The name of the service to route to.\n *\n * If not specified, it first falls back to the serviceName of the route, then to the main service of the chart.\n */\n serviceName?: string\n\n /**\n * The service port to route to.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * If not specified, it first falls back to the servicePort of the route,\n * then to the servicePort of the chart,\n * then to the first port of the matched service.\n */\n servicePort?: Input<number | string>\n}\n\ntype ChartGatewayRuleArgs = ChartHttpGatewayRuleArgs | ChartTcpUdpGatewayRuleArgs\n\nexport type ChartRouteArgs = ChartRouteBaseArgs &\n (\n | {\n type: \"http\"\n\n /**\n * The path to match for the `default` rule of the listener.\n */\n path?: Input<string>\n\n /**\n * The paths to match for the `default` rule of the listener.\n */\n paths?: Input<string[]>\n\n /**\n * The rules of the route.\n */\n rules?: InputRecord<ChartHttpGatewayRuleArgs>\n }\n | {\n type: \"tcp\" | \"udp\"\n\n /**\n * The rules of the route.\n */\n rules?: InputRecord<ChartTcpUdpGatewayRuleArgs>\n }\n )\n\nexport type ChartArgs = Omit<\n helm.v4.ChartArgs,\n \"chart\" | \"version\" | \"repositoryOpts\" | \"namespace\"\n> & {\n /**\n * The namespace to deploy the chart into.\n */\n namespace: Input<Namespace>\n\n /**\n * The custom name of the primary service exposed by the chart.\n *\n * By default, it is the same as the chart name.\n */\n serviceName?: string\n\n /**\n * The service port to route to by default.\n *\n * Can be either a numeric port or a named port from the matched service.\n *\n * Can be overridden by route.servicePort and rule.servicePort.\n */\n servicePort?: Input<number | string>\n\n /**\n * The extra args to pass to the main service of the chart.\n *\n * Will be patched via transformations.\n */\n service?: Partial<ServiceArgs>\n\n /**\n * The manifest of the chart to resolve.\n */\n chart: ChartManifest\n\n /**\n * The args for the terminal to use.\n *\n * Will be applied to all workloads created by the chart.\n */\n terminal?: Input<WorkloadTerminalArgs>\n\n /**\n * The configuration for the access point route to create.\n */\n route?: Input<ChartRouteArgs>\n\n /**\n * The configuration for the access point routes to create.\n */\n routes?: InputRecord<ChartRouteArgs>\n\n /**\n * The access point to use for the routes.\n */\n accessPoint?: Input<common.AccessPoint>\n\n /**\n * The network policy to apply to the chart.\n */\n networkPolicy?: Input<Omit<NetworkPolicyArgs, \"selector\" | \"cluster\" | \"namespace\">>\n\n /**\n * The network policies to apply to the chart.\n */\n networkPolicies?: Input<NetworkPolicyArgs[]>\n}\n\nexport class Chart extends ComponentResource {\n /**\n * The underlying Helm chart.\n */\n public readonly chart: Output<helm.v4.Chart>\n\n /**\n * The access point routes created for the chart.\n */\n public readonly routes: Output<AccessPointRoute[]>\n\n /**\n * The network policies applied to the chart.\n */\n public readonly networkPolicies: Output<NetworkPolicy[]>\n\n /**\n * All workloads created by the chart.\n */\n public readonly workloads: Output<Workload[]>\n\n constructor(\n private readonly name: string,\n private readonly args: ChartArgs,\n private readonly opts?: ComponentResourceOptions,\n ) {\n super(\"highstate:k8s:Chart\", name, args, opts)\n\n const namespace = output(args.namespace).apply(namespace =>\n output(namespace ? getNamespaceName(namespace) : \"default\"),\n )\n\n this.chart = output(args.namespace).cluster.apply(cluster => {\n return new helm.v4.Chart(\n name,\n omit(\n {\n ...args,\n chart: resolveHelmChart(args.chart),\n namespace,\n },\n [\"route\", \"routes\"],\n ),\n {\n ...opts,\n parent: this,\n provider: getProvider(cluster),\n\n transforms: [\n ...(opts?.transforms ?? []),\n\n async resourceArgs => {\n const namespace = await toPromise(output(args.namespace).metadata.name)\n\n const serviceName = args.serviceName ?? name\n const expectedName = `${name}:${namespace}/${serviceName}`\n\n if (\n resourceArgs.type === \"kubernetes:core/v1:Service\" &&\n resourceArgs.name === expectedName\n ) {\n const spec = await toPromise(\n resourceArgs.props.spec as types.input.core.v1.ServiceSpec,\n )\n\n const serviceSpec = await toPromise(createServiceSpec(args.service ?? {}, cluster))\n\n return {\n props: {\n ...resourceArgs.props,\n spec: {\n ...spec,\n ...(serviceSpec.ports?.length !== 0\n ? serviceSpec\n : omit(serviceSpec, [\"ports\"])),\n },\n },\n opts: resourceArgs.opts,\n }\n }\n\n return undefined\n },\n ],\n },\n )\n })\n\n this.routes = output(\n normalizeInputs(\n args.route ? { name: \"default\", route: args.route } : undefined,\n args.routes\n ? Object.entries(args.routes).map(([name, route]) => ({ name, route }))\n : undefined,\n ),\n ).apply(async routes => {\n if (routes.length === 0) {\n return []\n }\n\n return await Promise.all(\n routes.map(async ({ name: routeName, route }) => {\n const { serviceName: _serviceName, rules: _rules, ...baseRoute } = route\n const accessPoint = route.accessPoint ?? args.accessPoint\n\n if (!accessPoint) {\n throw new Error(\n `Access point is required for chart route \"${name}-${routeName}\". Set it on the route or on Chart args.accessPoint`,\n )\n }\n\n const namespace = await toPromise(args.namespace)\n\n const routeRules = (await toPromise(route.rules)) as Record<string, ChartGatewayRuleArgs>\n const routeRuleValues = Object.values(routeRules ?? {})\n\n const defaultServiceName = route.serviceName ?? args.serviceName ?? name\n const defaultServicePort = route.servicePort ?? args.servicePort\n const needsDefaultBackend = routeRuleValues.length === 0\n\n const defaultService = needsDefaultBackend\n ? await this.getService(defaultServiceName)\n : undefined\n\n const defaultServiceEndpoints =\n needsDefaultBackend && defaultService\n ? await this.resolveServiceEndpoints(\n defaultService,\n defaultServiceName,\n defaultServicePort,\n `${name}-${routeName}`,\n )\n : undefined\n\n const resolvedRules = routeRules\n ? await Promise.all(\n Object.entries(routeRules).map(async ([ruleName, rule]) => {\n const ruleServiceName = rule.serviceName ?? defaultServiceName\n const ruleService = await this.getService(ruleServiceName)\n const ruleServicePort = rule.servicePort ?? route.servicePort ?? args.servicePort\n const ruleServiceEndpoints = await this.resolveServiceEndpoints(\n ruleService,\n ruleServiceName,\n ruleServicePort,\n `${name}-${routeName}:${ruleName}`,\n )\n\n return [\n ruleName,\n [\n {\n ...omit(rule, [\"serviceName\", \"servicePort\"]),\n backend: {\n endpoints: ruleServiceEndpoints,\n },\n },\n ],\n ] as const\n }),\n )\n : undefined\n\n const resolvedRulesInput = resolvedRules\n ? (Object.fromEntries(resolvedRules) as unknown as InputRecord<GatewayRuleArgs[]>)\n : undefined\n\n return new AccessPointRoute(\n `${name}-${routeName}`,\n {\n ...baseRoute,\n accessPoint,\n ...(defaultService\n ? {\n backend: {\n endpoints: defaultServiceEndpoints,\n },\n }\n : {}),\n rules: resolvedRulesInput,\n metadata: {\n ...(route.metadata ?? {}),\n \"k8s.namespace\": namespace,\n },\n },\n { ...opts, parent: this },\n )\n }),\n )\n })\n\n this.networkPolicies = output(args).apply(args => {\n const policies = normalize(args.networkPolicy, args.networkPolicies)\n\n return output(\n policies.map(policy => {\n return new NetworkPolicy(\n name,\n {\n ...policy,\n namespace: args.namespace,\n description: `Network policy for Helm chart \"${name}\"`,\n },\n { ...opts, parent: this },\n )\n }),\n )\n })\n\n this.workloads = output(this.chart).apply(chart => {\n return output(\n chart.resources.apply(resources => {\n return resources\n .map(resource => {\n if (apps.v1.Deployment.isInstance(resource)) {\n return resource.metadata.name.apply(name => {\n return Deployment.wrap(\n name,\n { namespace: args.namespace, deployment: resource, terminal: args.terminal },\n this.opts,\n )\n })\n }\n\n if (apps.v1.StatefulSet.isInstance(resource)) {\n return resource.metadata.name.apply(name => {\n return StatefulSet.wrap(\n name,\n {\n namespace: args.namespace,\n statefulSet: resource,\n service: this.getServiceOutput(name),\n terminal: args.terminal,\n },\n this.opts,\n )\n })\n }\n\n return undefined\n })\n .filter(isNonNullish)\n }),\n )\n })\n }\n\n private set service(_value: never) {}\n\n private set terminals(_value: never) {}\n\n get service(): Output<Service> {\n return this.getServiceOutput(undefined)\n }\n\n get deployment(): Output<Deployment> {\n return this.getDeploymentOutput(this.name)\n }\n\n get statefulSet(): Output<StatefulSet> {\n return this.getStatefulSetOutput(this.name)\n }\n\n get terminals(): Output<UnitTerminal[]> {\n return this.workloads.apply(workloads => {\n const terminalsByWorkload = workloads.map(workload =>\n output({ terminals: workload.terminals, workloadName: workload.metadata.name }),\n )\n\n return output(terminalsByWorkload).apply(workloadTerminals => {\n const hasMultipleWorkloads = workloadTerminals.length > 1\n\n return workloadTerminals.flatMap(({ terminals, workloadName }) => {\n if (!hasMultipleWorkloads) {\n return terminals\n }\n\n return terminals.map(terminal => ({\n ...terminal,\n meta: {\n ...terminal.meta,\n title: `${terminal.meta.title} | ${workloadName}`,\n },\n }))\n })\n })\n })\n }\n\n private readonly services = new Map<string, Service>()\n\n private async resolveServiceEndpoints(\n service: Service,\n serviceName: string,\n servicePort: Input<number | string> | undefined,\n routeName: string,\n ) {\n const endpoints = await toPromise(service.endpoints)\n const servicePorts = await toPromise(service.spec.ports)\n\n if (endpoints.length === 0) {\n throw new Error(\n `No endpoints found for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n let resolvedServicePort: number | undefined\n\n if (servicePort != null) {\n const requestedServicePort = await toPromise(servicePort)\n\n if (typeof requestedServicePort === \"string\") {\n const namedPort = servicePorts?.find(port => port.name === requestedServicePort)\n\n if (!namedPort) {\n throw new Error(\n `Named port \"${requestedServicePort}\" not found for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n resolvedServicePort = namedPort.port\n } else {\n resolvedServicePort = requestedServicePort\n }\n } else {\n resolvedServicePort = endpoints[0]?.port\n }\n\n if (resolvedServicePort == null) {\n throw new Error(\n `Unable to resolve service port for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n const filteredEndpoints = endpoints.filter(endpoint => endpoint.port === resolvedServicePort)\n\n if (filteredEndpoints.length === 0) {\n throw new Error(\n `No endpoints with port ${resolvedServicePort} found for service \"${serviceName}\" in chart route \"${routeName}\"`,\n )\n }\n\n return filteredEndpoints\n }\n\n getServiceOutput(name: string | undefined): Output<Service> {\n return output({ args: this.args, chart: this.chart }).apply(({ args, chart }) => {\n const resolvedName = name ?? args.serviceName ?? this.name\n const existingService = this.services.get(resolvedName)\n\n if (existingService) {\n return existingService\n }\n\n const service = getChartServiceOutput(chart, resolvedName)\n\n const wrappedService = Service.wrap(\n resolvedName,\n { namespace: args.namespace, service },\n { ...this.opts, parent: this },\n )\n\n this.services.set(resolvedName, wrappedService)\n return wrappedService\n })\n }\n\n getWorkloadOutput(name: string): Output<Workload> {\n return this.workloads.apply(async workloads => {\n const workloadsWithNames = await toPromise(\n workloads.map(workload => output({ workload, name: workload.metadata.name })),\n )\n\n const item = workloadsWithNames.find(w => w.name === name)\n\n if (!item) {\n throw new Error(`Workload with name '${name}' not found in the chart workloads`)\n }\n\n return item.workload\n })\n }\n\n getDeploymentOutput(name: string): Output<Deployment> {\n return this.getWorkloadOutput(name).apply(workload => {\n if (workload instanceof Deployment) {\n return workload\n }\n\n throw new Error(`Workload with name '${name}' is not a Deployment`)\n })\n }\n\n getStatefulSetOutput(name: string): Output<StatefulSet> {\n return this.getWorkloadOutput(name).apply(workload => {\n if (workload instanceof StatefulSet) {\n return workload\n }\n\n throw new Error(`Workload with name '${name}' is not a StatefulSet`)\n })\n }\n\n getService(name?: string): Promise<Service> {\n return toPromise(this.getServiceOutput(name))\n }\n\n getWorkload(name: string): Promise<Workload> {\n return toPromise(this.getWorkloadOutput(name))\n }\n\n getDeployment(name: string): Promise<Deployment> {\n return toPromise(this.getDeploymentOutput(name))\n }\n\n getStatefulSet(name: string): Promise<StatefulSet> {\n return toPromise(this.getStatefulSetOutput(name))\n }\n}\n\nexport type RenderedChartArgs = {\n /**\n * The namespace to deploy the chart into.\n */\n namespace?: Input<NamespaceLike>\n\n /**\n * The manifest of the chart to resolve.\n */\n chart: ChartManifest\n\n /**\n * The values to pass to the chart.\n */\n values?: InputRecord<string>\n}\n\nexport class RenderedChart extends ComponentResource {\n /**\n * The rendered manifest of the Helm chart.\n */\n public readonly manifest: Output<string>\n\n /**\n * The underlying command used to render the chart.\n */\n public readonly command: Output<local.Command>\n\n constructor(name: string, args: RenderedChartArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:RenderedChart\", name, args, opts)\n\n this.command = output(args).apply(args => {\n const values = args.values\n ? Object.entries(args.values).flatMap(([key, value]) => [\"--set\", `${key}=\"${value}\"`])\n : []\n\n return new local.Command(\n name,\n {\n create: output([\n \"helm\",\n \"template\",\n resolveHelmChart(args.chart),\n\n ...(args.namespace ? [\"--namespace\", getNamespaceName(args.namespace)] : []),\n\n ...values,\n ]).apply(command => command.join(\" \")),\n\n logging: \"stderr\",\n },\n { parent: this, ...opts },\n )\n })\n\n this.manifest = this.command.stdout\n\n this.registerOutputs({ manifest: this.manifest, command: this.command })\n }\n}\n\nexport type ChartManifest = {\n repo: string\n name: string\n version: string\n sha256: string\n}\n\n/**\n * Downloads or reuses the Helm chart according to the charts.json file.\n * Returns the full path to the chart's .tgz file.\n *\n * @param manifest The manifest of the Helm chart.\n */\nexport async function resolveHelmChart(manifest: ChartManifest): Promise<string> {\n if (!process.env.HIGHSTATE_CACHE_DIR) {\n throw new Error(\"Environment variable HIGHSTATE_CACHE_DIR is not set\")\n }\n\n const chartsDir = resolve(process.env.HIGHSTATE_CACHE_DIR, \"charts\")\n await mkdir(chartsDir, { recursive: true })\n\n const globPattern = `${manifest.name}-*.tgz`\n const targetFileName = `${manifest.name}-${manifest.version}.tgz`\n\n // find all matching files\n const files = await glob(globPattern, { cwd: chartsDir })\n\n if (files.includes(targetFileName)) {\n return resolve(chartsDir, targetFileName)\n }\n\n // delete old versions\n for (const file of files) {\n await unlink(resolve(chartsDir, file))\n }\n\n // download the chart\n const isOci = manifest.repo.startsWith(\"oci://\")\n const chartRef = isOci ? `${manifest.repo.replace(/\\/$/, \"\")}/${manifest.name}` : manifest.name\n\n const pullArgs = [\"pull\", chartRef, \"--version\", manifest.version, \"--destination\", chartsDir]\n\n if (!isOci) {\n pullArgs.push(\"--repo\", manifest.repo)\n }\n\n await spawn(\"helm\", pullArgs)\n\n // check the SHA256\n const content = await readFile(resolve(chartsDir, targetFileName))\n const actualSha256 = await sha256(content)\n\n if (actualSha256 !== manifest.sha256) {\n throw new Error(`SHA256 mismatch for chart '${manifest.name}'`)\n }\n\n return resolve(chartsDir, targetFileName)\n}\n\n/**\n * Extracts the service with the given name from the chart resources.\n * Throws an error if the service is not found.\n *\n * @param chart The Helm chart.\n * @param name The name of the service.\n */\nexport function getChartServiceOutput(chart: helm.v4.Chart, name: string): Output<core.v1.Service> {\n const services = chart.resources.apply(resources => {\n return resources\n .filter(r => core.v1.Service.isInstance(r))\n .map(service => ({ name: service.metadata.name, service }))\n })\n\n return output(services).apply(services => {\n const service = services.find(s => s.name === name)?.service\n\n if (!service) {\n throw new Error(`Service with name '${name}' not found in the chart resources`)\n }\n\n return service\n })\n}\n\n/**\n * Extracts the service with the given name from the chart resources.\n * Throws an error if the service is not found.\n *\n * @param chart The Helm chart.\n * @param name The name of the service.\n */\nexport function getChartService(chart: helm.v4.Chart, name: string): Promise<core.v1.Service> {\n return toPromise(getChartServiceOutput(chart, name))\n}\n"]}
package/dist/cron-job-RKB2HYTO.js DELETED
@@ -1,7 +0,0 @@
1
- export { CronJob } from './chunk-PG27ZY2H.js';
2
- import './chunk-SZKOAHNX.js';
3
- import './chunk-OG2OPX7B.js';
4
- import './chunk-TOLFVF4S.js';
5
- import './chunk-PZYGZSN5.js';
6
- //# sourceMappingURL=cron-job-RKB2HYTO.js.map
7
- //# sourceMappingURL=cron-job-RKB2HYTO.js.map
package/dist/cron-job-RKB2HYTO.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"cron-job-RKB2HYTO.js"}
package/dist/deployment-T35TUOL2.js DELETED
@@ -1,7 +0,0 @@
1
- export { Deployment } from './chunk-BTAEFJ5N.js';
2
- import './chunk-SZKOAHNX.js';
3
- import './chunk-OG2OPX7B.js';
4
- import './chunk-TOLFVF4S.js';
5
- import './chunk-PZYGZSN5.js';
6
- //# sourceMappingURL=deployment-T35TUOL2.js.map
7
- //# sourceMappingURL=deployment-T35TUOL2.js.map
package/dist/deployment-T35TUOL2.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"deployment-T35TUOL2.js"}
package/dist/impl/dynamic-endpoint-resolver.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../src/impl/dynamic-endpoint-resolver.ts"],"names":["_"],"mappings":";;;;;;;;;;AAcO,IAAM,yBAAyB,+BAAA,CAAgC,SAAA;AAAA,EACpE,EAAE,MAAA,CAAO,EAAE,SAAS,GAAA,CAAI,aAAA,CAAc,QAAQ,CAAA;AAAA,EAC9C,OAAO,EAAE,QAAA,EAAS,EAAG,EAAE,SAAQ,KAAM;AACnC,IAAA,IAAI,CAAC,qBAAA,CAAsB,QAAA,EAAU,OAAO,CAAA,EAAG;AAC7C,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,aAAa,gBAAA,CAAiB,QAAQ,CAAC,CAAA,uBAAA,EAA0B,QAAQ,EAAE,CAAA,CAAA;AAAA,OAC7E;AAAA,IACF;AAEA,IAAA,MAAM,EAAE,IAAA,EAAM,SAAA,EAAU,GAAI,QAAA,CAAS,SAAS,aAAa,CAAA;AAE3D,IAAA,MAAM,SAAA,GAAY,cAAc,CAAA,EAAG,OAAA,CAAQ,EAAE,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE,CAAA;AAEpE,IAAA,IAAI,UAAA;AAEJ,IAAA,OAAO;AAAA,MACL,UAAU,cAAA,CAAe,QAAA,EAAU,cAAc,CAAA,UAAA,EAAa,SAAS,EAAE,CAAC,CAAA;AAAA,MAE1E,OAAO,YAAY;AAMjB,QAAA,IAAA,MAAA,GAAA,EAAA;AAAA,QAAA,IAAA;AALA,UAAA,OAAA,CAAQ,GAAA;AAAA,YACN,CAAA,kDAAA,EAAqD,IAAI,CAAA,gBAAA,EAAmB,SAAS,mBAAmB,SAAS,CAAA;AAAA,WACnH;AAEA,UAAA,MAAM,MAAA,GAAS,gBAAA,CAAiB,GAAA,CAAI,OAAA,CAAQ,UAAU,CAAA;AACtD,UAAA,MAAY,CAAA,GAAI,OAAA,CAAA,MAAA,EAAA,MAAM,MAAA,CAAO,IAAA,EAAK,EAAlB,IAAA,CAAA;AAEhB,UAAA,UAAA,GAAa,MAAM,SAAA,EAAW;AAAA,YAC5B,cAAA;AAAA,YACA,MAAA,CAAO,IAAA;AAAA,YACP,cAAA;AAAA,YACA,WAAW,IAAI,CAAA,CAAA;AAAA,YACf,IAAA;AAAA,YACA,SAAA;AAAA,YACA,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,QAAA,CAAS,IAAI,CAAA;AAAA,WAC9B,CAAA;AAGD,UAAA,UAAA,CAAW,MAAM,CAAA,GAAA,KAAO;AACtB,YAAA,IAAI,GAAA,YAAe,eAAA,IAAmB,GAAA,CAAI,UAAA,KAAe,SAAA,EAAW;AAElE,cAAA;AAAA,YACF;AAEA,YAAA,MAAM,GAAA;AAAA,UACR,CAAC,CAAA;AAED,UAAA,MAAM,WAAA,GAAc,MAAM,UAAA,CAAW,gBAAA;AAErC,UAAA,MAAM,IAAI,OAAA,CAAc,CAAC,OAAA,EAAS,MAAA,KAAW;AAC3C,YAAA,WAAA,CAAY,MAAA,EAAQ,IAAA,CAAK,MAAA,EAAQ,CAAC,IAAA,KAAiB;AACjD,cAAA,MAAM,MAAA,GAAS,KAAK,QAAA,EAAS;AAE7B,cAAA,IAAI,MAAA,CAAO,QAAA,CAAS,iBAAiB,CAAA,EAAG;AACtC,gBAAA,OAAA,EAAQ;AAAA,cACV,CAAA,MAAO;AACL,gBAAA,MAAA,CAAO,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,MAAM,EAAE,CAAC,CAAA;AAAA,cAC7D;AAAA,YACF,CAAC,CAAA;AAED,YAAA,WAAA,CAAY,MAAA,EAAQ,IAAA,CAAK,MAAA,EAAQ,CAAC,IAAA,KAAiB;AACjD,cAAA,MAAA,CAAO,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,KAAK,QAAA,EAAU,EAAE,CAAC,CAAA;AAAA,YACtE,CAAC,CAAA;AAAA,UACH,CAAC,CAAA;AAED,UAAA,OAAA,CAAQ,GAAA;AAAA,YACN,CAAA,kDAAA,EAAqD,IAAI,CAAA,gBAAA,EAAmB,SAAS,mBAAmB,SAAS,CAAA;AAAA,WACnH;AAAA,QAAA,CAAA,CAAA,OA1CAA,EAAAA,EAAA;AAAA,UAAA,IAAA,MAAA,GAAAA,EAAAA,EAAA,SAAA,GAAA,IAAA;AAAA,QAAA,CAAA,SAAA;AAAA,UAAA,IAAA,QAAA,GAAA,aAAA,CAAA,MAAA,EAAA,MAAA,EAAA,SAAA,CAAA;AAAA,UAAA,QAAA,IAAA,MAAA,QAAA;AAAA,QAAA;AAAA,MA2CF,CAAA;AAAA,MAEA,SAAS,YAAY;AACnB,QAAA,OAAA,CAAQ,GAAA;AAAA,UACN,CAAA,kDAAA,EAAqD,IAAI,CAAA,gBAAA,EAAmB,SAAS,mBAAmB,SAAS,CAAA;AAAA,SACnH;AAEA,QAAA,MAAM,WAAA,GAAc,MAAM,UAAA,CAAW,gBAAA;AACrC,QAAA,WAAA,CAAY,IAAA,EAAK;AAAA,MACnB;AAAA,KACF;AAAA,EACF;AACF;AAOA,SAAS,cAAc,EAAA,EAAoB;AAEzC,EAAA,MAAM,OAAO,KAAA,CAAM,CAAA,EAAG,gBAAgB,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAE9C,EAAA,MAAM,OAAA,GAAU,GAAA;AAChB,EAAA,MAAM,OAAA,GAAU,GAAA;AAEhB,EAAA,OAAQ,IAAA,CAAK,GAAA,CAAI,IAAI,CAAA,IAAK,UAAU,OAAA,CAAA,GAAY,OAAA;AAClD","file":"dynamic-endpoint-resolver.js","sourcesContent":["import { crc32 } from \"node:zlib\"\nimport {\n dynamicEndpointResolverMediator,\n endpointToString,\n MaterializedFile,\n parseEndpoint,\n rebaseEndpoint,\n} from \"@highstate/common\"\nimport { z } from \"@highstate/contract\"\nimport { k8s } from \"@highstate/library\"\nimport { getUnitStateId } from \"@highstate/pulumi\"\nimport spawn, { type Subprocess, SubprocessError } from \"nano-spawn\"\nimport { isEndpointFromCluster } from \"../service\"\n\nexport const resolveDynamicEndpoint = dynamicEndpointResolverMediator.implement(\n z.object({ cluster: k8s.clusterEntity.schema }),\n async ({ endpoint }, { cluster }) => {\n if (!isEndpointFromCluster(endpoint, cluster)) {\n throw new Error(\n `Endpoint \"${endpointToString(endpoint)}\" is not from cluster \"${cluster.id}\"`,\n )\n }\n\n const { name, namespace } = endpoint.metadata[\"k8s.service\"]\n\n const localPort = getStablePort(`${cluster.id}:${namespace}:${name}`)\n\n let subprocess: Subprocess\n\n return {\n endpoint: rebaseEndpoint(endpoint, parseEndpoint(`localhost:${localPort}`)),\n\n setup: async () => {\n console.log(\n `[port-forward] starting port-forward for service \"${name}\" in namespace \"${namespace}\" on local port ${localPort}`,\n )\n\n const config = MaterializedFile.for(cluster.kubeconfig)\n await using _ = await config.open()\n\n subprocess = spawn(\"kubectl\", [\n \"--kubeconfig\",\n config.path,\n \"port-forward\",\n `service/${name}`,\n \"-n\",\n namespace,\n `${localPort}:${endpoint.port}`,\n ])\n\n // catch the error when the process is killed to prevent unhandled promise rejection\n subprocess.catch(err => {\n if (err instanceof SubprocessError && err.signalName === \"SIGTERM\") {\n // correct termination\n return\n }\n\n throw err\n })\n\n const nodeProcess = await subprocess.nodeChildProcess\n\n await new Promise<void>((resolve, reject) => {\n nodeProcess.stdout?.once(\"data\", (data: Buffer) => {\n const output = data.toString()\n\n if (output.includes(\"Forwarding from\")) {\n resolve()\n } else {\n reject(new Error(`Failed to start port-forward: ${output}`))\n }\n })\n\n nodeProcess.stderr?.once(\"data\", (data: Buffer) => {\n reject(new Error(`Failed to start port-forward: ${data.toString()}`))\n })\n })\n\n console.log(\n `[port-forward] port-forward is ready for service \"${name}\" in namespace \"${namespace}\" on local port ${localPort}`,\n )\n },\n\n dispose: async () => {\n console.log(\n `[port-forward] stopping port-forward for service \"${name}\" in namespace \"${namespace}\" on local port ${localPort}`,\n )\n\n const nodeProcess = await subprocess.nodeChildProcess\n nodeProcess.kill()\n },\n }\n },\n)\n\n/**\n * Return a stable port number based on the given id.\n * This is important because Pulumi stores the resolved endpoint in the state,\n * and uses it in destroy operations.\n */\nfunction getStablePort(id: string): number {\n // also add state ID to ensure different ports for the same service in different states which may run in parallel\n const hash = crc32(`${getUnitStateId()}:${id}`)\n\n const minPort = 30000\n const maxPort = 60000\n\n return (Math.abs(hash) % (maxPort - minPort)) + minPort\n}\n"]}
package/dist/impl/gateway-route.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../src/impl/gateway-route.ts"],"names":["service","match"],"mappings":";;;;;;;;;;AAWO,IAAM,qBAAqB,oBAAA,CAAqB,SAAA;AAAA,EACrD,GAAA,CAAI,iBAAA;AAAA,EACJ,OAAO,EAAE,IAAA,EAAM,MAAM,IAAA,EAAM,IAAA,IAAQ,IAAA,KAAS;AAC1C,IAAA,MAAM,SAAA,GAAY,qBAAA,CAAsB,IAAA,EAAM,IAAI,CAAA;AAElD,IAAA,MAAM,aAAa,MAAM,oBAAA,CAAqB,IAAA,EAAM,SAAA,EAAW,KAAK,WAAW,CAAA;AAE/E,IAAA,MAAM,iBAAiB,UAAA,GACnB;AAAA,MACE,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,EAAA;AAAA,MACP,IAAA,EAAM,WAAW,QAAA,CAAS;AAAA,KAC5B,GACA,MAAA;AAEJ,IAAA,MAAM,aAAA,GAAgB,qBAAqB,IAAI,CAAA;AAE/C,IAAA,IAAI,kBAAkB,MAAA,EAAQ;AAC5B,MAAA,OAAO,MAAM,sBAAA,CAAuB;AAAA,QAClC,IAAA;AAAA,QACA,IAAA;AAAA,QACA,IAAA;AAAA,QACA,IAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACD,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,MAAM,oBAAA,CAAqB;AAAA,MAChC,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,SAAA;AAAA,MACA,QAAA,EAAU,aAAA,KAAkB,KAAA,GAAQ,KAAA,GAAQ;AAAA,KAC7C,CAAA;AAAA,EACH;AACF;AAWA,SAAS,qBAAA,CAAsB,MAAwB,IAAA,EAAkC;AACvF,EAAA,MAAM,iBAAA,GAAoB,IAAA,CAAK,QAAA,CAAS,eAAe,CAAA;AAEvD,EAAA,IAAI,6BAA6B,SAAA,EAAW;AAC1C,IAAA,OAAO,iBAAA;AAAA,EACT;AAEA,EAAA,OAAO,SAAA,CAAU,GAAA,CAAI,IAAA,CAAK,SAAA,EAAW,KAAK,OAAO,CAAA;AACnD;AA0BA,eAAe,sBAAA,CAAuB;AAAA,EACpC,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,SAAA;AAAA,EACA;AACF,CAAA,EAA+B;AAC7B,EAAA,MAAM,eAAe,IAAA,CAAK,IAAA,KAAS,cAAA,GAAiB,IAAA,CAAK,YAAY,IAAA,CAAK,QAAA,CAAA;AAC1E,EAAA,MAAM,gBAAA,GAAmB,iBAAiB,OAAA,GAAU,MAAA;AACpD,EAAA,MAAM,gBAAA,GAAmB,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA;AAErC,EAAA,MAAM,SAAA,GAAY;AAAA,IAChB;AAAA,MACE,MAAM,CAAA,EAAG,gBAAA,CAAiB,WAAA,EAAa,IAAI,YAAY,CAAA,CAAA;AAAA,MACvD,IAAA,EAAM,YAAA;AAAA,MACN,QAAA,EAAU,gBAAA;AAAA,MACV,QAAA,EAAU,gBAAA;AAAA,MACV,GAAA,EAAK;AAAA,QACH,IAAA,EAAM,WAAA;AAAA,QACN,eAAA,EAAiB,cAAA,GAAiB,CAAC,cAAc,CAAA,GAAI;AAAA;AACvD;AACF,GACF;AAEA,EAAA,MAAM,UAAU,OAAA,CAAQ,MAAA;AAAA,IACtB,IAAA;AAAA,IACA;AAAA,MACE,SAAA;AAAA,MACA,kBAAkB,IAAA,CAAK,SAAA;AAAA,MACvB;AAAA,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,SAAA,GAAY,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAE1C,EAAA,MAAM,KAAA,GAAQ,MAAM,OAAA,CAAQ,GAAA;AAAA,IAC1B,SAAA,CAAU,GAAA,CAAI,OAAO,QAAA,EAAU,SAAA,KAAc;AAC3C,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,GAAA;AAAA,QAChC,QAAA,CAAS,QAAA,CAAS,GAAA,CAAI,OAAO,SAAS,YAAA,KAAiB;AACrD,UAAA,MAAM,WAAA,GAAc,MAAM,2BAAA,CAA4B;AAAA,YACpD,SAAA,EAAW,IAAA;AAAA,YACX,WAAA,EAAa,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,YAAY,CAAA,CAAA;AAAA,YACzC,WAAW,OAAA,CAAQ,SAAA;AAAA,YACnB,SAAA;AAAA,YACA,SAAS,IAAA,CAAK,OAAA;AAAA,YACd;AAAA,WACD,CAAA;AAED,UAAA,MAAM,WAAA,GAAc,MAAM,iBAAA,CAAkB;AAAA,YAC1C,OAAO,WAAA,CAAY,KAAA;AAAA,YACnB,QAAA,EAAU,KAAA;AAAA,YACV,YAAY,WAAA,CAAY,mBAAA;AAAA,YACxB,aAAa,WAAA,CAAY,WAAA;AAAA,YACzB,SAAA,EAAW;AAAA,WACZ,CAAA;AAED,UAAA,OAAO;AAAA,YACL,MAAM,WAAA,CAAY,WAAA;AAAA,YAClB,WAAW,WAAA,CAAY,gBAAA;AAAA,YACvB,MAAM,WAAA,CAAY;AAAA,WACpB;AAAA,QACF,CAAC;AAAA,OACH;AAEA,MAAA,OAAO;AAAA,QACL,SAAS,QAAA,CAAS,KAAA;AAAA,QAClB,QAAA,EAAU;AAAA,OACZ;AAAA,IACF,CAAC;AAAA,GACH;AAEA,EAAA,MAAM,YAAY,IAAI,SAAA;AAAA,IACpB,IAAA;AAAA,IACA;AAAA,MACE,OAAA;AAAA,MACA,WAAW,IAAA,CAAK,KAAA;AAAA,MAChB;AAAA,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,SAAA;AAAA,IACV,SAAA,EAAW,MAAM,SAAA,CAAU,OAAA,CAAQ,SAAS;AAAA,GAC9C;AACF;AAWA,eAAe,oBAAA,CAAqB;AAAA,EAClC,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,IAAA;AAAA,EACA,SAAA;AAAA,EACA;AACF,CAAA,EAA6B;AAC3B,EAAA,MAAM,QAAA,GAAW,OAAO,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,CAAE,OAAA,CAAQ,CAAA,IAAA,KAAQ,IAAA,CAAK,QAAQ,CAAA;AAExE,EAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AACzB,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,IAAI,CAAA,4BAAA,CAA8B,CAAA;AAAA,EACtE;AAEA,EAAA,MAAM,YAAA,GAAe,SAAS,CAAC,CAAA;AAE/B,EAAA,MAAM,WAAA,GAAc,MAAM,2BAAA,CAA4B;AAAA,IACpD,SAAA,EAAW,IAAA;AAAA,IACX,WAAA,EAAa,GAAA;AAAA,IACb,WAAW,YAAA,CAAa,SAAA;AAAA,IACxB,SAAA;AAAA,IACA,SAAS,IAAA,CAAK,OAAA;AAAA,IACd;AAAA,GACD,CAAA;AAED,EAAA,MAAM,WAAA,GAAc,MAAM,iBAAA,CAAkB;AAAA,IAC1C,OAAO,WAAA,CAAY,KAAA;AAAA,IACnB,QAAA;AAAA,IACA,YAAY,WAAA,CAAY,mBAAA;AAAA,IACxB,aAAa,WAAA,CAAY,WAAA;AAAA,IACzB,SAAA,EAAW;AAAA,GACZ,CAAA;AAED,EAAA,MAAM,YAAA,GAAe,MAAM,mBAAA,CAAoB;AAAA,IAC7C,eAAe,IAAA,CAAK,IAAA;AAAA,IACpB,WAAA;AAAA,IACA,QAAA;AAAA,IACA,SAAA,EAAW;AAAA,GACZ,CAAA;AAED,EAAA,MAAM,eAAe,CAAA,EAAG,QAAA,CAAS,WAAA,EAAa,IAAI,YAAY,CAAA,CAAA;AAE9D,EAAA,MAAM,WAAA,GAAc,IAAA;AACpB,EAAA,MAAM,mBAAA,GAAsB,IAAA;AAE5B,EAAA,MAAM,UAAU,OAAA,CAAQ,MAAA;AAAA,IACtB,mBAAA;AAAA,IACA;AAAA,MACE,IAAA,EAAM,WAAA;AAAA,MACN,SAAA;AAAA,MACA,kBAAkB,IAAA,CAAK,SAAA;AAAA,MACvB,SAAA,EAAW;AAAA,QACT;AAAA,UACE,IAAA,EAAM,YAAA;AAAA,UACN,IAAA,EAAM,YAAA;AAAA,UACN;AAAA;AACF;AACF,KACF;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,UAAA,GAAa;AAAA,IACjB,MAAM,WAAA,CAAY,WAAA;AAAA,IAClB,WAAW,WAAA,CAAY,gBAAA;AAAA,IACvB,MAAM,WAAA,CAAY;AAAA,GACpB;AAEA,EAAA,MAAM,SAAA,GAAY,EAAE,GAAG,IAAA,EAAM,QAAQ,OAAA,EAAQ;AAE7C,EAAA,MAAM,KAAA,GACJ,QAAA,KAAa,KAAA,GACT,IAAI,QAAA;AAAA,IACF,IAAA;AAAA,IACA;AAAA,MACE,OAAA;AAAA,MACA,YAAA;AAAA,MACA,OAAA,EAAS;AAAA,KACX;AAAA,IACA;AAAA,MAEF,IAAI,QAAA;AAAA,IACF,IAAA;AAAA,IACA;AAAA,MACE,OAAA;AAAA,MACA,YAAA;AAAA,MACA,OAAA,EAAS;AAAA,KACX;AAAA,IACA;AAAA,GACF;AAEN,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,KAAA;AAAA,IACV,SAAA,EAAW,MAAM,SAAA,CAAU,OAAA,CAAQ,SAAS;AAAA,GAC9C;AACF;AAEA,eAAe,oBAAA,CACb,KAAA,EACA,SAAA,EACA,cAAA,EAC6B;AAC7B,EAAA,MAAM,mBAAA,GAAsB,MAAM,SAAA,CAAU,cAAc,CAAA;AAC1D,EAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,mBAAA,CAAoB,QAAQ,CAAA;AAE7D,EAAA,IAAI,oBAAoB,WAAA,EAAa;AACnC,IAAA,MAAM,gBAAgB,MAAM,SAAA,CAAU,QAAA,CAAS,SAAA,CAAU,SAAS,IAAI,CAAA;AACtE,IAAA,MAAM,gBAAgB,MAAM,SAAA,CAAU,QAAA,CAAS,SAAA,CAAU,QAAQ,EAAE,CAAA;AAEnE,IAAA,MAAM,eAAA,GAAkB,MAAM,SAAA,CAAU,SAAA,CAAU,SAAS,IAAI,CAAA;AAC/D,IAAA,MAAM,eAAA,GAAkB,MAAM,SAAA,CAAU,SAAA,CAAU,QAAQ,EAAE,CAAA;AAE5D,IAAA,IAAI,aAAA,KAAkB,eAAA,IAAmB,aAAA,KAAkB,eAAA,EAAiB;AAC1E,MAAA,OAAO,MAAM,SAAA,CAAU,QAAA,CAAS,MAAM,CAAA;AAAA,IACxC;AAAA,EACF;AAEA,EAAA,MAAM,IAAI,KAAA;AAAA,IACR;AAAA,GACF;AACF;AAEA,SAAS,qBAAqB,IAAA,EAAsD;AAClF,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAEtC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,MAAM,8CAA8C,CAAA;AAAA,EAChE;AAEA,EAAA,MAAM,IAAA,GAAO,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA;AAEtB,EAAA,IAAI,MAAM,IAAA,CAAK,CAAA,IAAA,KAAQ,IAAA,CAAK,IAAA,KAAS,IAAI,CAAA,EAAG;AAC1C,IAAA,MAAM,IAAI,MAAM,qDAAqD,CAAA;AAAA,EACvE;AAEA,EAAA,OAAO,IAAA;AACT;AAEA,eAAe,2BAAA,CAA4B;AAAA,EACzC,SAAA;AAAA,EACA,WAAA;AAAA,EACA,SAAA;AAAA,EACA,SAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAAA,EAYG;AACD,EAAA,MAAM,WAAA,GAAc,+BAAA,CAAgC,SAAA,EAAW,OAAO,CAAA;AAEtE,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,MAAM,aAAA,GAAmC,SAAA,CAAU,GAAA,CAAI,CAAA,QAAA,MAAa;AAAA,MAClE,MAAM,OAAO,WAAA,CAAY,UAAA,KAAe,QAAA,GAAW,YAAY,UAAA,GAAa,MAAA;AAAA,MAC5E,MAAM,QAAA,CAAS,IAAA;AAAA,MACf,QAAA,EAAU,QAAA,CAAS,QAAA,CAAS,WAAA,EAAY;AAAA,MACxC,YAAY,WAAA,CAAY;AAAA,KAC1B,CAAE,CAAA;AAEF,IAAA,OAAO;AAAA,MACL,aAAa,WAAA,CAAY,IAAA;AAAA,MACzB,kBAAkB,WAAA,CAAY,SAAA;AAAA,MAC9B,KAAA,EAAO,aAAA;AAAA,MACP,qBAAqB,WAAA,CAAY;AAAA,KACnC;AAAA,EACF;AAEA,EAAA,MAAM,mBAAmB,MAAM,0BAAA;AAAA,IAC7B,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,WAAW,CAAA,CAAA;AAAA,IAC3B,SAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,uBAAuB,MAAM,SAAA,CAAU,gBAAA,CAAiB,OAAA,CAAQ,SAAS,IAAI,CAAA;AACnF,EAAA,MAAM,4BAA4B,MAAM,SAAA,CAAU,gBAAA,CAAiB,OAAA,CAAQ,SAAS,SAAS,CAAA;AAE7F,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,2BAAA,EAA8B,oBAAoB,CAAA,qBAAA,EAAwB,SAAS,CAAA,mBAAA;AAAA,KACrF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,WAAA,EAAa,oBAAA;AAAA,IACb,gBAAA,EAAkB,yBAAA;AAAA,IAClB,OAAO,gBAAA,CAAiB;AAAA,GAC1B;AACF;AAEA,SAAS,+BAAA,CACP,WACA,OAAA,EAOY;AACZ,EAAA,MAAM,mBAAmB,SAAA,CAAU,MAAA,CAAO,cAAY,qBAAA,CAAsB,QAAA,EAAU,OAAO,CAAC,CAAA;AAE9F,EAAA,IAAI,iBAAiB,MAAA,KAAW,CAAA,IAAK,gBAAA,CAAiB,MAAA,KAAW,UAAU,MAAA,EAAQ;AACjF,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,MAAM,KAAA,GAAQ,gBAAA,CAAiB,CAAC,CAAA,CAAE,SAAS,aAAa,CAAA;AAExD,EAAA,IACE,gBAAA,CAAiB,IAAA;AAAA,IACf,CAAA,QAAA,KACE,QAAA,CAAS,QAAA,CAAS,aAAa,CAAA,CAAE,IAAA,KAAS,KAAA,CAAM,IAAA,IAChD,QAAA,CAAS,QAAA,CAAS,aAAa,CAAA,CAAE,cAAc,KAAA,CAAM;AAAA,GACzD,EACA;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,KAAA,CAAM,IAAA;AAAA,IACZ,WAAW,KAAA,CAAM,SAAA;AAAA,IACjB,YAAY,KAAA,CAAM;AAAA,GACpB;AACF;AASA,eAAe,0BAAA,CACb,IAAA,EACA,SAAA,EACA,cAAA,EACA,SACA,IAAA,EACyD;AACzD,EAAA,MAAM,SAAA,GAAY,MAAM,SAAA,CAAU,cAAc,CAAA;AAEhD,EAAA,IAAI,CAAC,UAAU,MAAA,EAAQ;AACrB,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,IAAI,CAAA,6BAAA,CAA+B,CAAA;AAAA,EACvE;AAEA,EAAA,MAAM,oBAAoB,SAAA,CAAU,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,UAAU,CAAA;AACnF,EAAA,MAAM,cAAc,SAAA,CAAU,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,UAAU,CAAA;AAE7E,EAAA,IAAI,iBAAA,CAAkB,SAAS,CAAA,EAAG;AAChC,IAAA,MAAM,oBAAuC,EAAC;AAC9C,IAAA,KAAA,MAAW,YAAY,iBAAA,EAAmB;AACxC,MAAA,iBAAA,CAAkB,IAAA,CAAK,6BAAA,CAA8B,QAAQ,CAAC,CAAA;AAAA,IAChE;AAEA,IAAA,MAAMA,QAAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,CAAA,WAAA,EAAc,IAAI,CAAA,CAAA,EAAI;AAAA,MACnD,SAAA;AAAA,MACA,IAAA,EAAM,cAAA;AAAA,MACN,YAAA,EAAc,iBAAA,CAAkB,CAAC,CAAA,CAAE,QAAA;AAAA,MACnC,KAAA,EAAO,iBAAA,CAAkB,GAAA,CAAI,uBAAuB;AAAA,KACrD,CAAA;AAED,IAAA,OAAO;AAAA,MACL,OAAA,EAAAA,QAAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI,WAAA,CAAY,WAAW,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,IAAI,CAAA,oCAAA,CAAsC,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,cAAiC,EAAC;AACxC,EAAA,KAAA,MAAW,YAAY,WAAA,EAAa;AAClC,IAAA,WAAA,CAAY,IAAA,CAAK,6BAAA,CAA8B,QAAQ,CAAC,CAAA;AAAA,EAC1D;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,CAAA,WAAA,EAAc,IAAI,CAAA,CAAA,EAAI;AAAA,IACnD,SAAA;AAAA,IACA,IAAA,EAAM,WAAA;AAAA,IACN,KAAA,EAAO,WAAA,CAAY,GAAA,CAAI,uBAAuB;AAAA,GAC/C,CAAA;AAED,EAAA,MAAM,aAAA,GAAgB,cAAc,IAAI,CAAA,CAAA;AAExC,EAAA,IAAI,KAAK,EAAA,CAAG,SAAA;AAAA,IACV,aAAA;AAAA,IACA;AAAA,MACE,QAAA,EAAU,WAAA,CAAY,EAAE,SAAA,IAAa,aAAa,CAAA;AAAA,MAClD,OAAA,EAAS,WAAA,CAAY,GAAA,CAAI,CAAA,QAAA,MAAa;AAAA,QACpC,WAAW,CAAC,EAAE,IAAI,QAAA,CAAS,OAAA,CAAQ,OAAO,CAAA;AAAA,QAC1C,KAAA,EAAO,CAAC,uBAAA,CAAwB,QAAQ,CAAC;AAAA,OAC3C,CAAE;AAAA,KACJ;AAAA,IACA,EAAE,GAAG,IAAA,EAAM,QAAA,EAAU,YAAY,OAAO,CAAA,EAAG,QAAQ,OAAA;AAAQ,GAC7D;AAEA,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,KAAA,EAAO;AAAA,GACT;AACF;AA2BA,SAAS,8BAA8B,QAAA,EAA+C;AACpF,EAAA,OAAO;AAAA,IACL,IAAA,EAAM,MAAA;AAAA,IACN,MAAM,QAAA,CAAS,IAAA;AAAA,IACf,QAAA,EAAU,QAAA,CAAS,QAAA,CAAS,WAAA,EAAY;AAAA,IACxC,YAAY,QAAA,CAAS;AAAA,GACvB;AACF;AAEA,eAAe,iBAAA,CAAkB;AAAA,EAC/B,KAAA;AAAA,EACA,QAAA;AAAA,EACA,UAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA,EAM6B;AAC3B,EAAA,MAAM,aAAa,KAAA,CAAM,MAAA,CAAO,CAAA,IAAA,KAAQ,IAAA,CAAK,aAAa,QAAQ,CAAA;AAElE,EAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,SAAA,EAAY,WAAW,CAAA,sBAAA,EAAyB,QAAQ,qCAAqC,SAAS,CAAA,EAAA;AAAA,KACxG;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAO,WAAW,CAAC,CAAA;AAAA,EACrB;AAEA,EAAA,MAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,UAAU,CAAA;AAEjD,EAAA,IAAI,cAAA,KAAmB,MAAA,IAAa,cAAA,KAAmB,IAAA,EAAM;AAC3D,IAAA,OAAO,WAAW,CAAC,CAAA;AAAA,EACrB;AAEA,EAAA,IAAI,OAAO,mBAAmB,QAAA,EAAU;AACtC,IAAA,MAAMC,MAAAA,GAAQ,UAAA,CAAW,IAAA,CAAK,CAAA,SAAA,KAAa;AACzC,MAAA,IAAI,SAAA,CAAU,SAAS,cAAA,EAAgB;AACrC,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IAAI,OAAO,SAAA,CAAU,UAAA,KAAe,QAAA,EAAU;AAC5C,QAAA,OAAO,UAAU,UAAA,KAAe,cAAA;AAAA,MAClC;AAEA,MAAA,OAAO,KAAA;AAAA,IACT,CAAC,CAAA;AAED,IAAA,IAAIA,MAAAA,EAAO;AACT,MAAA,OAAOA,MAAAA;AAAA,IACT;AAEA,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,kBAAkB,SAAS,CAAA,wBAAA,EAA2B,cAAc,CAAA,eAAA,EAAkB,WAAW,4BAA4B,QAAQ,CAAA,UAAA;AAAA,KACvI;AAAA,EACF;AAEA,EAAA,MAAM,YAAA,GAAe,OAAO,cAAc,CAAA;AAE1C,EAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,IAAA,CAAK,CAAA,SAAA,KAAa;AACzC,IAAA,IAAI,SAAA,CAAU,SAAS,YAAA,EAAc;AACnC,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,OAAO,SAAA,CAAU,UAAA,KAAe,QAAA,EAAU;AAC5C,MAAA,OAAO,UAAU,UAAA,KAAe,YAAA;AAAA,IAClC;AAEA,IAAA,OAAO,KAAA;AAAA,EACT,CAAC,CAAA;AAED,EAAA,IAAI,KAAA,EAAO;AACT,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAI,KAAA;AAAA,IACR,kBAAkB,SAAS,CAAA,yBAAA,EAA4B,YAAY,CAAA,gBAAA,EAAmB,WAAW,4BAA4B,QAAQ,CAAA,UAAA;AAAA,GACvI;AACF;AAEA,eAAe,mBAAA,CAAoB;AAAA,EACjC,aAAA;AAAA,EACA,WAAA;AAAA,EACA,QAAA;AAAA,EACA;AACF,CAAA,EAKoB;AAClB,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,OAAO,WAAA,CAAY,IAAA;AAAA,EACrB;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,aAAa,CAAA;AAE9C,EAAA,IAAI,QAAA,KAAa,MAAA,IAAa,QAAA,KAAa,IAAA,EAAM;AAC/C,IAAA,OAAO,WAAA,CAAY,IAAA;AAAA,EACrB;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,SAAA,CAAU,QAAQ,CAAA,EAAG;AAC/B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,eAAA,EAAkB,SAAS,CAAA,sCAAA,EAAyC,QAAA,CAAS,aAAa,CAAA,SAAA;AAAA,KAC5F;AAAA,EACF;AAEA,EAAA,MAAM,IAAA,GAAO,OAAO,QAAQ,CAAA;AAE5B,EAAA,IAAI,IAAA,GAAO,CAAA,IAAK,IAAA,GAAO,KAAA,EAAO;AAC5B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,eAAA,EAAkB,SAAS,CAAA,0BAAA,EAA6B,IAAI,CAAA,2CAAA;AAAA,KAC9D;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT","file":"gateway-route.js","sourcesContent":["import type { Secret } from \"../secret\"\nimport { gatewayRouteMediator, type TlsCertificate } from \"@highstate/common\"\nimport { type common, k8s, type network } from \"@highstate/library\"\nimport { type ComponentResourceOptions, type Input, toPromise } from \"@highstate/pulumi\"\nimport { core } from \"@pulumi/kubernetes\"\nimport { Gateway, HttpRoute, TcpRoute, UdpRoute } from \"../gateway\"\nimport { Namespace } from \"../namespace\"\nimport { isEndpointFromCluster, l4EndpointToServicePort, Service } from \"../service\"\nimport { getProvider, mapMetadata } from \"../shared\"\nimport { Certificate } from \"../tls\"\n\nexport const createGatewayRoute = gatewayRouteMediator.implement(\n k8s.gatewayDataSchema,\n async ({ name, args: spec, opts }, data) => {\n const namespace = resolveRouteNamespace(spec, data)\n\n const certSecret = await getCertificateSecret(name, namespace, spec.certificate)\n\n const certificateRef = certSecret\n ? {\n kind: \"Secret\" as const,\n group: \"\" as const,\n name: certSecret.metadata.name,\n }\n : undefined\n\n const routeProtocol = resolveRouteProtocol(spec)\n\n if (routeProtocol === \"http\") {\n return await createHttpGatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n certificateRef,\n })\n }\n\n return await createL4GatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n protocol: routeProtocol === \"tcp\" ? \"TCP\" : \"UDP\",\n })\n },\n)\n\ntype GatewayRouteRuleSpec = {\n type: \"http\" | \"tcp\" | \"udp\"\n paths: string[]\n backends: {\n endpoints: network.L4Endpoint[]\n weight?: number\n }[]\n}\n\nfunction resolveRouteNamespace(spec: GatewayRouteSpec, data: k8s.GatewayData): Namespace {\n const metadataNamespace = spec.metadata[\"k8s.namespace\"]\n\n if (metadataNamespace instanceof Namespace) {\n return metadataNamespace\n }\n\n return Namespace.for(data.namespace, data.cluster)\n}\n\ntype GatewayRouteSpec = {\n gateway: common.Gateway\n metadata: Record<string, unknown>\n fqdns: string[]\n certificate?: TlsCertificate\n port?: number\n rules: Record<string, GatewayRouteRuleSpec>\n}\n\ntype CreateHttpGatewayRouteArgs = {\n name: string\n spec: GatewayRouteSpec\n opts: ComponentResourceOptions | undefined\n data: k8s.GatewayData\n namespace: Namespace\n certificateRef:\n | {\n kind: \"Secret\"\n group: \"\"\n name: Input<string>\n }\n | undefined\n}\n\nasync function createHttpGatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n certificateRef,\n}: CreateHttpGatewayRouteArgs) {\n const listenerPort = spec.port ?? (certificateRef ? data.httpsPort : data.httpPort)\n const listenerProtocol = certificateRef ? \"HTTPS\" : \"HTTP\"\n const listenerHostname = spec.fqdns[0]\n\n const listeners = [\n {\n name: `${listenerProtocol.toLowerCase()}-${listenerPort}`,\n port: listenerPort,\n protocol: listenerProtocol,\n hostname: listenerHostname,\n tls: {\n mode: \"Terminate\",\n certificateRefs: certificateRef ? [certificateRef] : undefined,\n },\n },\n ]\n\n const gateway = Gateway.create(\n name,\n {\n namespace,\n gatewayClassName: data.className,\n listeners,\n },\n opts,\n )\n\n const ruleSpecs = Object.values(spec.rules)\n\n const rules = await Promise.all(\n ruleSpecs.map(async (ruleSpec, ruleIndex) => {\n const backendRefs = await Promise.all(\n ruleSpec.backends.map(async (backend, backendIndex) => {\n const backendData = await resolveBackendFromEndpoints({\n routeName: name,\n backendName: `${ruleIndex}-${backendIndex}`,\n endpoints: backend.endpoints,\n namespace,\n cluster: data.cluster,\n opts,\n })\n\n const backendPort = await selectBackendPort({\n ports: backendData.ports,\n protocol: \"TCP\",\n targetPort: backendData.preferredTargetPort,\n serviceName: backendData.serviceName,\n routeName: name,\n })\n\n return {\n name: backendData.serviceName,\n namespace: backendData.serviceNamespace,\n port: backendPort.port,\n }\n }),\n )\n\n return {\n matches: ruleSpec.paths,\n backends: backendRefs,\n }\n }),\n )\n\n const httpRoute = new HttpRoute(\n name,\n {\n gateway,\n hostnames: spec.fqdns,\n rules,\n },\n opts,\n )\n\n return {\n resource: httpRoute,\n endpoints: await toPromise(gateway.endpoints),\n }\n}\n\ntype CreateL4GatewayRouteArgs = {\n name: string\n spec: GatewayRouteSpec\n opts: ComponentResourceOptions | undefined\n data: k8s.GatewayData\n namespace: Namespace\n protocol: \"TCP\" | \"UDP\"\n}\n\nasync function createL4GatewayRoute({\n name,\n spec,\n opts,\n data,\n namespace,\n protocol,\n}: CreateL4GatewayRouteArgs) {\n const backends = Object.values(spec.rules).flatMap(rule => rule.backends)\n\n if (backends.length === 0) {\n throw new Error(`Gateway route \"${name}\" has no backends to expose.`)\n }\n\n const firstBackend = backends[0]\n\n const backendData = await resolveBackendFromEndpoints({\n routeName: name,\n backendName: \"0\",\n endpoints: firstBackend.endpoints,\n namespace,\n cluster: data.cluster,\n opts,\n })\n\n const backendPort = await selectBackendPort({\n ports: backendData.ports,\n protocol,\n targetPort: backendData.preferredTargetPort,\n serviceName: backendData.serviceName,\n routeName: name,\n })\n\n const listenerPort = await resolveListenerPort({\n requestedPort: spec.port,\n backendPort,\n protocol,\n routeName: name,\n })\n\n const listenerName = `${protocol.toLowerCase()}-${listenerPort}`\n\n const gatewayName = name\n const gatewayResourceName = name\n\n const gateway = Gateway.create(\n gatewayResourceName,\n {\n name: gatewayName,\n namespace,\n gatewayClassName: data.className,\n listeners: [\n {\n name: listenerName,\n port: listenerPort,\n protocol,\n },\n ],\n },\n opts,\n )\n\n const backendRef = {\n name: backendData.serviceName,\n namespace: backendData.serviceNamespace,\n port: backendPort.port,\n }\n\n const routeOpts = { ...opts, parent: gateway }\n\n const route =\n protocol === \"TCP\"\n ? new TcpRoute(\n name,\n {\n gateway,\n listenerName,\n backend: backendRef,\n },\n routeOpts,\n )\n : new UdpRoute(\n name,\n {\n gateway,\n listenerName,\n backend: backendRef,\n },\n routeOpts,\n )\n\n return {\n resource: route,\n endpoints: await toPromise(gateway.endpoints),\n }\n}\n\nasync function getCertificateSecret(\n _name: string,\n namespace: Namespace,\n tlsCertificate: Input<TlsCertificate | undefined> | undefined,\n): Promise<Secret | undefined> {\n const resolvedCertificate = await toPromise(tlsCertificate)\n if (!resolvedCertificate) {\n return undefined\n }\n\n const resource = await toPromise(resolvedCertificate.resource)\n\n if (resource instanceof Certificate) {\n const certNamespace = await toPromise(resource.namespace.metadata.name)\n const certClusterId = await toPromise(resource.namespace.cluster.id)\n\n const targetNamespace = await toPromise(namespace.metadata.name)\n const targetClusterId = await toPromise(namespace.cluster.id)\n\n if (certNamespace === targetNamespace && certClusterId === targetClusterId) {\n return await toPromise(resource.secret)\n }\n }\n\n throw new Error(\n \"Not implemented: copying certificate secret across namespaces/clusters/different systems\",\n )\n}\n\nfunction resolveRouteProtocol(spec: GatewayRouteSpec): GatewayRouteRuleSpec[\"type\"] {\n const rules = Object.values(spec.rules)\n\n if (rules.length === 0) {\n throw new Error(\"Gateway route must contain at least one rule\")\n }\n\n const type = rules[0].type\n\n if (rules.some(rule => rule.type !== type)) {\n throw new Error(\"Gateway route rules must use the same protocol type\")\n }\n\n return type\n}\n\nasync function resolveBackendFromEndpoints({\n routeName,\n backendName,\n endpoints,\n namespace,\n cluster,\n opts,\n}: {\n routeName: string\n backendName: string\n endpoints: network.L4Endpoint[]\n namespace: Namespace\n cluster: k8s.Cluster\n opts: ComponentResourceOptions | undefined\n}): Promise<{\n serviceName: string\n serviceNamespace: string\n ports: ServicePortInfo[]\n preferredTargetPort?: number | string\n}> {\n const serviceMeta = getServiceMetadataFromEndpoints(endpoints, cluster)\n\n if (serviceMeta) {\n const metadataPorts: ServicePortInfo[] = endpoints.map(endpoint => ({\n name: typeof serviceMeta.targetPort === \"string\" ? serviceMeta.targetPort : undefined,\n port: endpoint.port,\n protocol: endpoint.protocol.toUpperCase() as \"TCP\" | \"UDP\",\n targetPort: serviceMeta.targetPort,\n }))\n\n return {\n serviceName: serviceMeta.name,\n serviceNamespace: serviceMeta.namespace,\n ports: metadataPorts,\n preferredTargetPort: serviceMeta.targetPort,\n }\n }\n\n const syntheticService = await createServiceFromEndpoints(\n `${routeName}-${backendName}`,\n namespace,\n endpoints,\n cluster,\n opts,\n )\n\n const syntheticServiceName = await toPromise(syntheticService.service.metadata.name)\n const syntheticServiceNamespace = await toPromise(syntheticService.service.metadata.namespace)\n\n if (!syntheticServiceNamespace) {\n throw new Error(\n `Synthetic backend service \"${syntheticServiceName}\" for gateway route \"${routeName}\" has no namespace.`,\n )\n }\n\n return {\n serviceName: syntheticServiceName,\n serviceNamespace: syntheticServiceNamespace,\n ports: syntheticService.ports,\n }\n}\n\nfunction getServiceMetadataFromEndpoints(\n endpoints: network.L4Endpoint[],\n cluster: k8s.Cluster,\n):\n | {\n name: string\n namespace: string\n targetPort?: number | string\n }\n | undefined {\n const serviceEndpoints = endpoints.filter(endpoint => isEndpointFromCluster(endpoint, cluster))\n\n if (serviceEndpoints.length === 0 || serviceEndpoints.length !== endpoints.length) {\n return undefined\n }\n\n const first = serviceEndpoints[0].metadata[\"k8s.service\"]\n\n if (\n serviceEndpoints.some(\n endpoint =>\n endpoint.metadata[\"k8s.service\"].name !== first.name ||\n endpoint.metadata[\"k8s.service\"].namespace !== first.namespace,\n )\n ) {\n return undefined\n }\n\n return {\n name: first.name,\n namespace: first.namespace,\n targetPort: first.targetPort,\n }\n}\n\ntype ServicePortInfo = {\n name: string | undefined\n port: number\n protocol: \"TCP\" | \"UDP\"\n targetPort?: number | string\n}\n\nasync function createServiceFromEndpoints(\n name: string,\n namespace: Namespace,\n endpointsInput: Input<network.L4Endpoint[]>,\n cluster: k8s.Cluster,\n opts: ComponentResourceOptions | undefined,\n): Promise<{ service: Service; ports: ServicePortInfo[] }> {\n const endpoints = await toPromise(endpointsInput)\n\n if (!endpoints.length) {\n throw new Error(`Gateway route \"${name}\" has no endpoints to expose.`)\n }\n\n const hostnameEndpoints = endpoints.filter(endpoint => endpoint.type === \"hostname\")\n const ipEndpoints = endpoints.filter(endpoint => endpoint.type !== \"hostname\")\n\n if (hostnameEndpoints.length > 0) {\n const hostnamePortInfos: ServicePortInfo[] = []\n for (const endpoint of hostnameEndpoints) {\n hostnamePortInfos.push(toServicePortInfoFromEndpoint(endpoint))\n }\n\n const service = Service.create(`hs-backend-${name}`, {\n namespace,\n type: \"ExternalName\",\n externalName: hostnameEndpoints[0].hostname,\n ports: hostnameEndpoints.map(l4EndpointToServicePort),\n })\n\n return {\n service,\n ports: hostnamePortInfos,\n }\n }\n\n if (ipEndpoints.length === 0) {\n throw new Error(`Gateway route \"${name}\" requires at least one IP endpoint.`)\n }\n\n const ipPortInfos: ServicePortInfo[] = []\n for (const endpoint of ipEndpoints) {\n ipPortInfos.push(toServicePortInfoFromEndpoint(endpoint))\n }\n\n const service = Service.create(`hs-backend-${name}`, {\n namespace,\n type: \"ClusterIP\",\n ports: ipEndpoints.map(l4EndpointToServicePort),\n })\n\n const endpointsName = `hs-backend-${name}`\n\n new core.v1.Endpoints(\n endpointsName,\n {\n metadata: mapMetadata({ namespace }, endpointsName),\n subsets: ipEndpoints.map(endpoint => ({\n addresses: [{ ip: endpoint.address.value }],\n ports: [l4EndpointToServicePort(endpoint)],\n })),\n },\n { ...opts, provider: getProvider(cluster), parent: service },\n )\n\n return {\n service,\n ports: ipPortInfos,\n }\n}\n\nasync function _getServicePorts(service: Service): Promise<ServicePortInfo[]> {\n const spec = await toPromise(service.spec)\n const ports = spec.ports ?? []\n\n const result: ServicePortInfo[] = []\n\n for (const port of ports) {\n const value = port.port\n const protocol = (port.protocol ?? \"TCP\").toUpperCase()\n\n if (value === undefined || (protocol !== \"TCP\" && protocol !== \"UDP\")) {\n continue\n }\n\n result.push({\n name: port.name ?? undefined,\n port: value,\n protocol: protocol as \"TCP\" | \"UDP\",\n targetPort: port.targetPort as number | string | undefined,\n })\n }\n\n return result\n}\n\nfunction toServicePortInfoFromEndpoint(endpoint: network.L4Endpoint): ServicePortInfo {\n return {\n name: undefined,\n port: endpoint.port,\n protocol: endpoint.protocol.toUpperCase() as \"TCP\" | \"UDP\",\n targetPort: endpoint.port,\n }\n}\n\nasync function selectBackendPort({\n ports,\n protocol,\n targetPort,\n serviceName,\n routeName,\n}: {\n ports: ServicePortInfo[]\n protocol: \"TCP\" | \"UDP\"\n targetPort: Input<string | number | undefined> | undefined\n serviceName: string\n routeName: string\n}): Promise<ServicePortInfo> {\n const candidates = ports.filter(port => port.protocol === protocol)\n\n if (candidates.length === 0) {\n throw new Error(\n `Service \"${serviceName}\" does not expose any ${protocol} ports required by gateway route \"${routeName}\".`,\n )\n }\n\n if (!targetPort) {\n return candidates[0]\n }\n\n const resolvedTarget = await toPromise(targetPort)\n\n if (resolvedTarget === undefined || resolvedTarget === null) {\n return candidates[0]\n }\n\n if (typeof resolvedTarget === \"number\") {\n const match = candidates.find(candidate => {\n if (candidate.port === resolvedTarget) {\n return true\n }\n\n if (typeof candidate.targetPort === \"number\") {\n return candidate.targetPort === resolvedTarget\n }\n\n return false\n })\n\n if (match) {\n return match\n }\n\n throw new Error(\n `Gateway route \"${routeName}\" requested target port ${resolvedTarget}, but service \"${serviceName}\" does not expose it for ${protocol} backends.`,\n )\n }\n\n const targetString = String(resolvedTarget)\n\n const match = candidates.find(candidate => {\n if (candidate.name === targetString) {\n return true\n }\n\n if (typeof candidate.targetPort === \"string\") {\n return candidate.targetPort === targetString\n }\n\n return false\n })\n\n if (match) {\n return match\n }\n\n throw new Error(\n `Gateway route \"${routeName}\" requested target port \"${targetString}\", but service \"${serviceName}\" does not expose it for ${protocol} backends.`,\n )\n}\n\nasync function resolveListenerPort({\n requestedPort,\n backendPort,\n protocol,\n routeName,\n}: {\n requestedPort: Input<number | undefined> | undefined\n backendPort: ServicePortInfo\n protocol: \"TCP\" | \"UDP\"\n routeName: string\n}): Promise<number> {\n if (!requestedPort) {\n return backendPort.port\n }\n\n const resolved = await toPromise(requestedPort)\n\n if (resolved === undefined || resolved === null) {\n return backendPort.port\n }\n\n if (!Number.isInteger(resolved)) {\n throw new Error(\n `Gateway route \"${routeName}\" must use integer listener ports for ${protocol.toLowerCase()} traffic.`,\n )\n }\n\n const port = Number(resolved)\n\n if (port < 1 || port > 65535) {\n throw new Error(\n `Gateway route \"${routeName}\" specified listener port ${port}, which is outside the valid range 1-65535.`,\n )\n }\n\n return port\n}\n"]}
package/dist/impl/tls-certificate.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../src/impl/tls-certificate.ts"],"names":[],"mappings":";;;;;;AAMO,IAAM,oBAAoB,sBAAA,CAAuB,SAAA;AAAA,EACtD,GAAA,CAAI,mBAAA;AAAA,EACJ,CAAC,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,IAAQ,IAAA,KAAS;AAC9B,IAAA,MAAM,QAAA,GAAW,WAAA,CAAY,IAAA,CAAK,OAAO,CAAA;AAEzC,IAAA,MAAM,WAAW,IAAA,CAAK,QAAA;AACtB,IAAA,MAAM,iBAAA,GAAoB,WAAW,eAAe,CAAA;AAEpD,IAAA,MAAM,SAAA,GACJ,6BAA6B,SAAA,GACzB,iBAAA,GACA,oBACE,SAAA,CAAU,GAAA,CAAI,mBAAoC,IAAA,CAAK,OAAO,IAC9D,SAAA,CAAU,GAAA,CAAI,gBAAgB,EAAE,IAAA,EAAM,gBAAgB,OAAA,EAAS,IAAA,CAAK,SAAS,CAAA;AAErF,IAAA,OAAO,WAAA,CAAY,MAAA;AAAA,MACjB,IAAA;AAAA,MACA;AAAA,QACE,SAAA;AAAA,QAEA,YAAY,IAAA,CAAK,UAAA;AAAA,QACjB,UAAU,IAAA,CAAK,QAAA;AAAA,QACf,SAAA,EAAW;AAAA,UACT,MAAM,IAAA,CAAK,iBAAA;AAAA,UACX,IAAA,EAAM;AAAA,SACR;AAAA,QACA,UAAA,EAAY,kBAAkB,IAAI,CAAA;AAAA,OACpC;AAAA,MACA,EAAE,GAAG,IAAA,EAAM,QAAA;AAAS,KACtB;AAAA,EACF;AACF","file":"tls-certificate.js","sourcesContent":["import { tlsCertificateMediator } from \"@highstate/common\"\nimport { k8s } from \"@highstate/library\"\nimport { Namespace } from \"../namespace\"\nimport { getProvider } from \"../shared\"\nimport { Certificate } from \"../tls\"\n\nexport const createCertificate = tlsCertificateMediator.implement(\n k8s.tlsIssuerDataSchema,\n ({ name, spec, opts }, data) => {\n const provider = getProvider(data.cluster)\n\n const metadata = spec.metadata as Record<string, unknown> | undefined\n const metadataNamespace = metadata?.[\"k8s.namespace\"]\n\n const namespace =\n metadataNamespace instanceof Namespace\n ? metadataNamespace\n : metadataNamespace\n ? Namespace.for(metadataNamespace as k8s.Namespace, data.cluster)\n : Namespace.get(\"cert-manager\", { name: \"cert-manager\", cluster: data.cluster })\n\n return Certificate.create(\n name,\n {\n namespace,\n\n commonName: spec.commonName,\n dnsNames: spec.dnsNames,\n issuerRef: {\n name: data.clusterIssuerName,\n kind: \"ClusterIssuer\",\n },\n secretName: `hs-certificate-${name}`,\n },\n { ...opts, provider },\n )\n },\n)\n"]}
package/dist/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/kubectl.ts","../src/scripting/environment.ts","../src/scripting/bundle.ts","../src/scripting/container.ts","../src/worker.ts"],"names":["command","ComponentResource","output","args","scriptEnvironment","hasFunctionScripts","options","resources"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAuDA,SAAS,cAAc,OAAA,EAAoC;AACzD,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC1B,IAAA,OAAO,OAAA,CAAQ,KAAK,GAAG,CAAA;AAAA,EACzB;AAEA,EAAA,OAAO,OAAA;AACT;AAEA,SAAS,gBAAA,CACP,SACA,SAAA,EACgB;AAChB,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,OAAO,MAAA,CAAO,CAAC,OAAA,EAAS,SAAS,CAAC,CAAA,CAAE,KAAA;AAAA,MAClC,CAAC,CAAC,GAAA,EAAK,EAAE,CAAA,KAAM,cAAc,EAAE,CAAA,CAAA,EAAI,aAAA,CAAc,GAAG,CAAC,CAAA;AAAA,KACvD;AAAA,EACF;AAEA,EAAA,OAAO,MAAA,CAAO,OAAO,CAAA,CAAE,KAAA,CAAM,SAAO,CAAA,QAAA,EAAW,aAAA,CAAc,GAAG,CAAC,CAAA,CAAE,CAAA;AACrE;AAEA,SAAS,wBAAA,CACP,SACA,QAAA,EACgB;AAChB,EAAA,OAAO,MAAA,CAAO;AAAA,IACZ,OAAA;AAAA,IACA,IAAA,EAAM,MAAA,CAAO,QAAQ,CAAA,CAAE,IAAA;AAAA,IACvB,IAAA,EAAM,MAAA,CAAO,QAAQ,CAAA,CAAE,QAAA,CAAS;AAAA,GACjC,EAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAAA,QAAAA,EAAS,IAAA,EAAM,IAAA,EAAK,KAAM;AACpC,IAAA,MAAM,IAAA,GAAO,KAAK,WAAA,EAAY;AAE9B,IAAA,OAAO,YAAY,IAAI,CAAA,CAAA,EAAI,IAAI,CAAA,IAAA,EAAO,aAAA,CAAcA,QAAO,CAAC,CAAA,CAAA;AAAA,EAC9D,CAAC,CAAA;AACH;AAEO,IAAM,WAAA,GAAN,MAAM,YAAA,SAAoB,iBAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAIxC,OAAA;AAAA;AAAA;AAAA;AAAA,EAKA,MAAA;AAAA;AAAA;AAAA;AAAA,EAKA,MAAA;AAAA,EAET,WAAA,CAAY,IAAA,EAAc,IAAA,EAAuB,IAAA,EAAiC;AAChF,IAAA,KAAA,CAAM,2BAAA,EAA6B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEnD,IAAA,IAAA,CAAK,UAAU,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAM,CAAA,OAAA,KAAW;AACnD,MAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,GAAA,CAAI,OAAA,CAAQ,UAAU,CAAA;AAE1D,MAAA,OAAO,IAAI,OAAA,CAAQ,CAAA,QAAA,EAAW,IAAI,CAAA,CAAA,EAAI;AAAA,QACpC,IAAA,EAAM,OAAA;AAAA,QACN,MAAA,EAAQ,gBAAA,CAAiB,IAAA,CAAK,MAAA,EAAQ,KAAK,SAAS,CAAA;AAAA,QACpD,MAAA,EAAQ,KAAK,MAAA,GAAS,gBAAA,CAAiB,KAAK,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,GAAI,MAAA;AAAA,QACtE,MAAA,EAAQ,KAAK,MAAA,GAAS,gBAAA,CAAiB,KAAK,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA,GAAI,MAAA;AAAA,QACtE,KAAA,EAAO,CAAC,UAAU,CAAA;AAAA,QAClB,KAAA,EAAO,cAAA,CAAO,kBAAkB,CAAA,CAAE,KAAA;AAAA,QAClC,cAAA,EAAgB,MAAA;AAAA,QAChB,WAAA,EAAa;AAAA,UACX,YAAY,UAAA,CAAW;AAAA;AACzB,OACD,CAAA;AAAA,IACH,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,MAAA,GAAS,KAAK,OAAA,CAAQ,MAAA;AAC3B,IAAA,IAAA,CAAK,MAAA,GAAS,KAAK,OAAA,CAAQ,MAAA;AAAA,EAC7B;AAAA,EAEA,OAAO,YAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,IAAI,YAAA;AAAA,MACT,IAAA;AAAA,MACA;AAAA,QACE,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,CAAE,OAAA;AAAA,QAChC,QAAQ,IAAA,CAAK,MAAA;AAAA,QACb,QAAQ,IAAA,CAAK,MAAA;AAAA,QACb,QAAQ,IAAA,CAAK,MAAA;AAAA,QACb,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,SAAS,EAAE,QAAA,CAAS;AAAA,OAC7C;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAAA,EAEA,OAAO,QAAA,CACL,IAAA,EACA,IAAA,EACA,IAAA,EACa;AACb,IAAA,OAAO,YAAA,CAAY,YAAA;AAAA,MACjB,IAAA;AAAA,MACA;AAAA,QACE,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA,CAAE,SAAA;AAAA,QACjC,MAAA,EAAQ,wBAAA,CAAyB,IAAA,CAAK,MAAA,EAAQ,KAAK,QAAQ,CAAA;AAAA,QAC3D,MAAA,EAAQ,KAAK,MAAA,GAAS,wBAAA,CAAyB,KAAK,MAAA,EAAQ,IAAA,CAAK,QAAQ,CAAA,GAAI,MAAA;AAAA,QAC7E,MAAA,EAAQ,KAAK,MAAA,GAAS,wBAAA,CAAyB,KAAK,MAAA,EAAQ,IAAA,CAAK,QAAQ,CAAA,GAAI;AAAA,OAC/E;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACF;;;AC7EA,IAAM,4BAAA,GAA+B;AAAA,EACnC,oBAAoB,EAAC;AAAA,EACrB,mBAAmB,EAAC;AAAA,EACpB,UAAU;AACZ,CAAA;AAEO,IAAM,sBAAA,GAAoD;AAAA,EAC/D,MAAA,EAAQ;AAAA,IACN,GAAG,4BAAA;AAAA,IACH,KAAA,EAAO,eAAO,MAAA,CAAO,KAAA;AAAA,IACrB,gBAAA,EAAkB;AAAA;AAAA,MAEhB,kCAAA;AAAA,MACA;AAAA;AACF,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,GAAG,4BAAA;AAAA,IACH,KAAA,EAAO,eAAO,MAAA,CAAO,KAAA;AAAA,IACrB,gBAAA,EAAkB;AAAA;AAAA,MAEhB,6BAAA;AAAA,MACA,8BAAA;AAAA,MACA,8BAAA;AAAA,MACA;AAAA;AACF,GACF;AAAA,EAEA,cAAc,EAAC;AAAA,EACf,gBAAgB,EAAC;AAAA,EACjB,OAAO,EAAC;AAAA,EACR,SAAS,EAAC;AAAA,EACV,cAAc,EAAC;AAAA,EACf,aAAa,EAAC;AAAA,EACd,kBAAkB;AACpB;AAEO,IAAM,oBAAA,GAA2D;AAAA,EACtE,MAAA,EAAQ,kFAAA;AAAA,EACR,MAAA,EAAQ;AACV;;;ACrFO,IAAM,YAAA,GAAN,cAA2BC,iBAAAA,CAAkB;AAAA;AAAA;AAAA;AAAA,EAIzC,SAAA;AAAA;AAAA;AAAA;AAAA,EAKA,OAAA;AAAA;AAAA;AAAA;AAAA,EAKA,YAAA;AAAA;AAAA;AAAA;AAAA,EAKA,WAAA;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA;AAAA;AAAA;AAAA;AAAA,EAKA,YAAA;AAAA;AAAA;AAAA;AAAA,EAKA,gBAAA;AAAA,EAET,WAAA,CAAY,IAAA,EAAc,IAAA,EAAwB,IAAA,EAAiC;AACjF,IAAA,KAAA,CAAM,4BAAA,EAA8B,IAAA,EAAM,IAAA,EAAM,IAAI,CAAA;AAEpD,IAAA,MAAM,iBAAA,GAAoBC,OAAO,IAAI,CAAA,CAClC,MAAM,CAAAC,KAAAA,KAAQ,UAAUA,KAAAA,CAAK,WAAA,EAAaA,MAAK,YAAY,CAAC,EAC5D,KAAA,CAAM,CAAAA,UAAQ,SAAA,CAAU,sBAAA,EAAwB,GAAGA,KAAI,CAAC,CAAA;AAI3D,IAAA,MAAM,kBAAA,GAAqB,iBAAA,CAAkB,KAAA,CAAM,CAAAC,kBAAAA,KAAqB;AACtE,MAAA,OAAO,MAAA,CAAO,OAAOA,kBAAAA,CAAkB,KAAK,EAAE,IAAA,CAAK,CAAA,IAAA,KAAQ,OAAO,IAAA,KAAS,UAAU,CAAA;AAAA,IACvF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,eAAe,IAAA,CAAK,YAAA;AACzB,IAAA,IAAA,CAAK,cAAc,iBAAA,CAAkB,WAAA;AAErC,IAAA,IAAA,CAAK,QAAQ,kBAAA,CAAmB,KAAA;AAAA,MAAM,CAAAC,mBAAAA,KACpCH,MAAAA;AAAA,QACEG,mBAAAA,GACI,qBAAqB,IAAA,CAAK,YAAY,IACtC,iBAAA,CAAkB,IAAA,CAAK,YAAY,CAAA,CAAE;AAAA;AAC3C,KACF;AAEA,IAAA,IAAA,CAAK,mBAAmBH,MAAAA,CAAO,EAAE,iBAAA,EAAmB,kBAAA,EAAoB,CAAA,CAAE,KAAA;AAAA,MACxE,CAAC,EAAE,iBAAA,EAAAE,kBAAAA,EAAmB,kBAAA,EAAAC,qBAAmB,KAAM;AAC7C,QAAA,MAAM,gBAAA,GAAmB;AAAA,UACvB,GAAGD,kBAAAA,CAAkB,gBAAA;AAAA,UACrB,GAAGA,kBAAAA,CAAkB,IAAA,CAAK,YAAY,CAAA,CAAE;AAAA,SAC1C;AAEA,QAAA,IAAIC,mBAAAA,EAAoB;AACtB,UAAA,gBAAA,CAAiB,KAAK,8BAA8B,CAAA;AAAA,QACtD;AAEA,QAAA,OAAO,gBAAA,CAAiB,GAAA,CAAI,CAAA,QAAA,KAAY,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,MACjE;AAAA,KACF;AAEA,IAAA,IAAA,CAAK,SAAA,GAAYH,MAAAA,CAAO,EAAE,iBAAA,EAAmB,MAAM,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,iBAAA,EAAAE,kBAAAA,EAAmB,IAAA,EAAAD,OAAK,KAAM;AAC1F,MAAA,OAAO,SAAA,CAAU,MAAA;AAAA,QACf,IAAA;AAAA,QACA;AAAA,UACE,WAAWA,KAAAA,CAAK,SAAA;AAAA,UAEhB,IAAA,EAAM,gBAAA,CAAiB,IAAA,CAAK,YAAA,EAAcC,kBAAiB;AAAA,SAC7D;AAAA,QACA,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,IAAA;AAAK,OAC1B;AAAA,IACF,CAAC,CAAA;AAED,IAAA,IAAA,CAAK,OAAA,GAAUF,OAAO,EAAE,kBAAA,EAAoB,SAAS,iBAAA,CAAkB,OAAA,EAAS,CAAA,CAAE,KAAA;AAAA,MAChF,CAAC,EAAE,kBAAA,EAAAG,mBAAAA,EAAoB,SAAQ,KAAM;AACnC,QAAA,OAAO;AAAA,UACL,GAAG,OAAA;AAAA,UACH;AAAA,YACE,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,IAAA;AAAA,YAE9B,SAAA,EAAW;AAAA,cACT,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,IAAA;AAAA,cAC9B,WAAA,EAAa;AAAA;AAAA;AACf,WACF;AAAA,UACA,GAAIA,mBAAAA,GAAqB,CAAC,EAAE,IAAA,EAAM,cAAA,EAAgB,QAAA,EAAU,EAAC,EAAG,CAAA,GAAI;AAAC,SACvE;AAAA,MACF;AAAA,KACF;AAEA,IAAA,IAAA,CAAK,eAAeH,MAAAA,CAAO;AAAA,MACzB,kBAAA;AAAA,MACA,cAAc,iBAAA,CAAkB;AAAA,KACjC,EAAE,KAAA,CAAM,CAAC,EAAE,kBAAA,EAAAG,mBAAAA,EAAoB,cAAa,KAAM;AACjD,MAAA,OAAO;AAAA,QACL,GAAG,YAAA;AAAA,QACH;AAAA,UACE,QAAQ,IAAA,CAAK,SAAA;AAAA,UACb,SAAA,EAAW;AAAA,SACb;AAAA,QACA,GAAIA,mBAAAA,GACA,CAAC,EAAE,IAAA,EAAM,gBAAgB,SAAA,EAAW,uBAAA,EAAyB,CAAA,GAC7D;AAAC,OACP;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF;AAEA,SAAS,qBAAqB,KAAA,EAAuB;AACnD,EAAA,IAAI,KAAA,CAAM,UAAA,CAAW,YAAY,CAAA,EAAG;AAClC,IAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,YAAA,EAAc,EAAE,CAAA;AAAA,EACvC;AAEA,EAAA,OAAO,KAAA;AACT;AAEA,eAAe,gBAAA,CACb,cACA,WAAA,EACiC;AACjC,EAAA,MAAM,aAAqC,EAAC;AAC5C,EAAA,MAAM,UAAoB,EAAC;AAE3B,EAAA,MAAM,uBAAA,GAA0B,YAAY,YAAY,CAAA;AACxD,EAAA,MAAM,YAAA,GAAe,EAAE,GAAG,WAAA,CAAY,YAAA,EAAa;AAEnD,EAAA,IAAI,kBAAA,GAAqB,KAAA;AAEzB,EAAA,KAAA,MAAW,GAAA,IAAO,YAAY,KAAA,EAAO;AACnC,IAAA,IAAI,OAAO,WAAA,CAAY,KAAA,CAAM,GAAG,MAAM,UAAA,EAAY;AAChD,MAAA,MAAM,aAAa,MAAM,iBAAA,CAAkB,WAAA,CAAY,KAAA,CAAM,GAAG,CAAC,CAAA;AAEjE,MAAA,UAAA,CAAW,GAAG,CAAA,GAAI,IAAA;AAAA;AAAA;AAAA,QAAA,EAGd,WAAW,IAAI;;AAAA,gBAAA,EAEP,WAAW,UAAU,CAAA;AAAA,MAAA,CAAA;AAGjC,MAAA,kBAAA,GAAqB,IAAA;AAAA,IACvB,CAAA,MAAO;AACL,MAAA,UAAA,CAAW,GAAG,CAAA,GAAI,WAAA,CAAY,KAAA,CAAM,GAAG,CAAA;AAAA,IACzC;AAAA,EACF;AAEA,EAAA,IAAI,kBAAA,EAAoB;AACtB,IAAA,MAAM,WAAA,GAAc,MAAM,eAAA,EAAgB;AAE1C,IAAA,WAAA,CAAY,YAAA,GAAe,MAAA;AAAA,MACzB,SAAA,CAAU,WAAA,CAAY,YAAA,IAAgB,IAAI,oBAAoB,CAAA;AAAA,MAC9D,CAAC,CAAA,EAAG,GAAA,KAAQ,GAAA,CAAI,WAAW,aAAa;AAAA,KAC1C;AAEA,IAAA,WAAA,CAAY,eAAA,GAAkB,MAAA;AAAA,MAC5B,SAAA,CAAU,WAAA,CAAY,eAAA,IAAmB,IAAI,oBAAoB,CAAA;AAAA,MACjE,CAAC,CAAA,EAAG,GAAA,KAAQ,GAAA,CAAI,WAAW,aAAa;AAAA,KAC1C;AAEA,IAAA,UAAA,CAAW,cAAc,CAAA,GAAI,IAAA,CAAK,SAAA,CAAU,WAAA,EAAa,MAAM,CAAC,CAAA;AAEhE,IAAA,YAAA,CAAa,yBAAyB,CAAA,GAAI,IAAA;AAAA;AAAA;;AAAA;AAAA;AAAA,IAAA,CAAA;AAAA,EAO5C;AAEA,EAAA,IAAI,uBAAA,CAAwB,kBAAA,CAAmB,MAAA,GAAS,CAAA,EAAG;AACzD,IAAA,UAAA,CAAW,yBAAyB,CAAA,GAAI,wBAAA;AAAA,MACtC,YAAA;AAAA,MACA,uBAAA,CAAwB;AAAA,KAC1B;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA;AAAA;AAAA;AAAA,IAAA,CAIZ,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAO,IAAA,CAAK,uBAAA,CAAwB,iBAAiB,CAAA,CAAE,SAAS,CAAA,EAAG;AACrE,IAAA,KAAA,MAAW,GAAA,IAAO,wBAAwB,iBAAA,EAAmB;AAC3D,MAAA,UAAA,CAAW,eAAe,GAAG,CAAA,CAAE,CAAA,GAAI,uBAAA,CAAwB,kBAAkB,GAAG,CAAA;AAEhF,MAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,4CAAA,EAC2B,GAAG,CAAA;AAAA,6BAAA,EAClB,GAAG;AAAA,oCAAA,EACI,GAAG,CAAA;AAAA,MAAA,CAClC,CAAA;AAAA,IACH;AAAA,EACF;AAEA,EAAA,IAAI,uBAAA,CAAwB,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG;AAC/C,IAAA,UAAA,CAAW,qBAAqB,CAAA,GAAI,wBAAA;AAAA,MAClC,YAAA;AAAA,MACA,uBAAA,CAAwB;AAAA,KAC1B;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA;AAAA;AAAA;AAAA,IAAA,CAIZ,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,EAAG;AACxC,IAAA,KAAA,MAAW,OAAO,YAAA,EAAc;AAC9B,MAAA,UAAA,CAAW,CAAA,MAAA,EAAS,GAAG,CAAA,CAAE,CAAA,GAAI,aAAa,GAAG,CAAA;AAE7C,MAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,sCAAA,EACqB,GAAG,CAAA;AAAA,uBAAA,EAClB,GAAG;AAAA,8BAAA,EACI,GAAG,CAAA;AAAA,MAAA,CAC5B,CAAA;AAAA,IACH;AAAA,EACF;AAEA,EAAA,IAAI,OAAO,IAAA,CAAK,WAAA,CAAY,cAAc,CAAA,CAAE,SAAS,CAAA,EAAG;AACtD,IAAA,MAAM,iBAA2B,EAAC;AAElC,IAAA,KAAA,MAAW,GAAA,IAAO,YAAY,cAAA,EAAgB;AAC5C,MAAA,UAAA,CAAW,WAAW,GAAG,CAAA,CAAE,CAAA,GAAI,WAAA,CAAY,eAAe,GAAG,CAAA;AAE7D,MAAA,cAAA,CAAe,IAAA,CAAK;AAAA,wCAAA,EACgB,GAAG,CAAA;AAAA,yBAAA,EAClB,GAAG;AAAA,gCAAA,EACI,GAAG,CAAA;AAAA,MAAA,CAC9B,CAAA;AAAA,IACH;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK;AAAA;AAAA,MAAA,EAET,cAAA,CAAe,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,MAAM,CAAA,CAAE,IAAA,CAAK,MAAM,CAAC;AAAA;;AAAA;AAAA;AAAA,IAAA,CAKjD,CAAA;AAAA,EACH;AAEA,EAAA,UAAA,CAAW,eAAe,IAAI,eAAA,CAAgB;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;;AAAA,EAAA,EAS5C,OAAA,CAAQ,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,MAAM,CAAA,CAAE,IAAA,CAAK,MAAM,CAAC;;AAAA;AAAA;AAAA;AAAA,EAAA,CAKxC,CAAA;AAED,EAAA,OAAO,UAAA;AACT;AAEA,SAAS,wBAAA,CAAyB,cAAkC,QAAA,EAA4B;AAC9F,EAAA,IAAI,iBAAiB,QAAA,EAAU;AAC7B,IAAA,OAAO,IAAA;AAAA;AAAA;;AAAA,yBAAA,EAIgB,QAAA,CAAS,IAAA,CAAK,GAAG,CAAC;AAAA,IAAA,CAAA;AAAA,EAE3C,CAAA,MAAO;AACL,IAAA,OAAO,IAAA;AAAA;AAAA;;AAAA;AAAA,yBAAA,EAKgB,QAAA,CAAS,IAAA,CAAK,GAAG,CAAC;AAAA,IAAA,CAAA;AAAA,EAE3C;AACF;ACxTO,SAAS,sBAAsB,OAAA,EAA6C;AACjF,EAAA,MAAM,MAAA,GAASH,MAAAA,CAAO,OAAA,CAAQ,MAAM,CAAA;AAEpC,EAAA,OAAOA,MAAAA,CAAO;AAAA,IACZ,OAAA;AAAA,IACA,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,cAAc,MAAA,CAAO,YAAA;AAAA,IACrB,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,aAAa,MAAA,CAAO,WAAA;AAAA,IACpB,kBAAkB,MAAA,CAAO;AAAA,GAC1B,CAAA,CAAE,KAAA,CAAM,CAAC,EAAE,OAAA,EAAAI,QAAAA,EAAS,KAAA,EAAO,YAAA,EAAc,OAAA,EAAS,WAAA,EAAa,gBAAA,EAAiB,KAAM;AACrF,IAAA,OAAO;AAAA,MACL,KAAA;AAAA,MACA,SAAS,CAAC,wBAAA,EAA0B,CAAA,SAAA,EAAYA,QAAAA,CAAQ,IAAI,CAAA,CAAE,CAAA;AAAA,MAE9D,GAAGA,QAAAA;AAAA,MAEH,YAAA,EAAc,CAAC,GAAG,YAAA,EAAc,GAAIA,QAAAA,CAAQ,YAAA,IAAgB,EAAG,CAAA;AAAA,MAC/D,OAAA,EAAS,CAAC,GAAG,OAAA,EAAS,GAAIA,QAAAA,CAAQ,OAAA,IAAW,EAAG,CAAA;AAAA,MAChD,WAAA,EAAa,KAAA,CAAM,WAAA,EAAaA,QAAAA,CAAQ,WAAW,CAAA;AAAA,MACnD,gBAAA,EAAkB,CAAC,GAAG,gBAAA,EAAkB,GAAIA,QAAAA,CAAQ,gBAAA,IAAoB,EAAG;AAAA,KAC7E;AAAA,EACF,CAAC,CAAA;AACH;ACxCA,eAAsB,mBAAA,CACpB,WACA,SAAA,EACqC;AACrC,EAAA,MAAM,KAAA,GAAQ,IAAI,kBAAA,CAAmB,SAAA,EAAW;AAAA,IAC9C,IAAA,EAAM;AAAA,MACJ,SAAA,EAAW,CAAC,EAAA,EAAI,MAAM,CAAA;AAAA,MACtB,SAAA,EAAW,CAAC,aAAA,EAAe,cAAA,EAAgB,YAAY,MAAM,CAAA;AAAA,MAC7D,KAAA,EAAO,CAAC,KAAA,EAAO,MAAA,EAAQ,OAAO;AAAA,KAChC;AAAA,IAEA,SAAA;AAAA,IACA;AAAA,GACD,CAAA;AAED,EAAA,OAAOJ,MAAAA,CAAO;AAAA,IACZ,IAAA,EAAM,SAAA;AAAA,IACN,KAAA,EAAO,cAAA,CAAO,oBAAoB,CAAA,CAAE,KAAA;AAAA,IAEpC,MAAA,EAAQ;AAAA,MACN,UAAA,EAAY,2BAAA,CAA4B,KAAA,CAAM,OAAO,CAAA;AAAA,MACrD,SAAA,EAAWA,MAAAA,CAAO,SAAS,CAAA,CAAE,KAAA,CAAM,CAAAK,UAAAA,KAAaA,UAAAA,CAAU,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,MAAM,CAAC;AAAA;AAC9E,GACD,CAAA;AACH","file":"index.js","sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { InputOrArray } from \"@highstate/pulumi\"\nimport type { Namespace } from \"./namespace\"\nimport type { Workload } from \"./workload\"\nimport { Command, MaterializedFile } from \"@highstate/common\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Output,\n output,\n} from \"@pulumi/pulumi\"\nimport { images } from \"./shared\"\n\nexport type KubeCommandArgs = {\n /**\n * The kubernetes cluster to run the command against.\n */\n cluster: Input<k8s.Cluster>\n\n /**\n * The namespace to run the command in, if any.\n */\n namespace?: Input<string>\n\n /**\n * The create command to run.\n */\n create: InputOrArray<string>\n\n /**\n * The update command to run.\n */\n update?: InputOrArray<string>\n\n /**\n * The delete command to run.\n */\n delete?: InputOrArray<string>\n}\n\nexport type NamespaceKubeCommandArgs = Omit<KubeCommandArgs, \"cluster\" | \"namespace\"> & {\n /**\n * The namespace to run the command in.\n */\n namespace: Input<Namespace>\n}\n\nexport type ExecKubeCommandArgs = Omit<KubeCommandArgs, \"cluster\" | \"namespace\"> & {\n /**\n * The workload to exec into.\n */\n workload: Input<Workload>\n}\n\nfunction createCommand(command: string | string[]): string {\n if (Array.isArray(command)) {\n return command.join(\" \")\n }\n\n return command\n}\n\nfunction buildKubeCommand(\n command: InputOrArray<string>,\n namespace?: Input<string>,\n): Output<string> {\n if (namespace) {\n return output([command, namespace]).apply(\n ([cmd, ns]) => `kubectl -n ${ns} ${createCommand(cmd)}`,\n )\n }\n\n return output(command).apply(cmd => `kubectl ${createCommand(cmd)}`)\n}\n\nfunction buildWorkloadExecCommand(\n command: InputOrArray<string>,\n workload: Input<Workload>,\n): Output<string> {\n return output({\n command,\n kind: output(workload).kind,\n name: output(workload).metadata.name,\n }).apply(({ command, kind, name }) => {\n const type = kind.toLowerCase()\n\n return `exec -it ${type}/${name} -- ${createCommand(command)}`\n })\n}\n\nexport class KubeCommand extends ComponentResource {\n /**\n * The underlying command that will be executed when this unit is invoked.\n */\n readonly command: Output<Command>\n\n /**\n * The standard output of the command.\n */\n readonly stdout: Output<string>\n\n /**\n * The standard error of the command.\n */\n readonly stderr: Output<string>\n\n constructor(name: string, args: KubeCommandArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:KubeCommand\", name, args, opts)\n\n this.command = output(args.cluster).apply(cluster => {\n const kubeconfig = MaterializedFile.for(cluster.kubeconfig)\n\n return new Command(`kubectl-${name}`, {\n host: \"local\",\n create: buildKubeCommand(args.create, args.namespace),\n update: args.update ? buildKubeCommand(args.update, args.namespace) : undefined,\n delete: args.delete ? buildKubeCommand(args.delete, args.namespace) : undefined,\n files: [kubeconfig],\n image: images[\"terminal-kubectl\"].image,\n containerShell: \"bash\",\n environment: {\n KUBECONFIG: kubeconfig.path,\n },\n })\n })\n\n this.stdout = this.command.stdout\n this.stderr = this.command.stderr\n }\n\n static forNamespace(\n name: string,\n args: NamespaceKubeCommandArgs,\n opts?: ComponentResourceOptions,\n ): KubeCommand {\n return new KubeCommand(\n name,\n {\n cluster: output(args.namespace).cluster,\n create: args.create,\n update: args.update,\n delete: args.delete,\n namespace: output(args.namespace).metadata.name,\n },\n opts,\n )\n }\n\n static execInto(\n name: string,\n args: ExecKubeCommandArgs,\n opts?: ComponentResourceOptions,\n ): KubeCommand {\n return KubeCommand.forNamespace(\n name,\n {\n namespace: output(args.workload).namespace,\n create: buildWorkloadExecCommand(args.create, args.workload),\n update: args.update ? buildWorkloadExecCommand(args.update, args.workload) : undefined,\n delete: args.delete ? buildWorkloadExecCommand(args.delete, args.workload) : undefined,\n },\n opts,\n )\n }\n}\n","import type { InputEndpoint } from \"@highstate/common\"\nimport type { Input, InputArray, InputRecord } from \"@highstate/pulumi\"\nimport type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\nimport { images } from \"..\"\n\nexport type ScriptDistribution = \"alpine\" | \"ubuntu\"\n\nexport type DistributionEnvironment = {\n /**\n * The image that should be used for the distribution.\n */\n image?: Input<string>\n\n /**\n * The utility packages that should be installed before running \"preInstallScripts\".\n *\n * Useful for installing tools like `curl` to install additional repositories.\n */\n preInstallPackages?: InputArray<string>\n\n /**\n * The pre-install scripts that should be run before installing packages.\n * Typically, these scripts are used to install additional repositories.\n */\n preInstallScripts?: InputRecord<string>\n\n /**\n * The packages that are available in the environment.\n */\n packages?: InputArray<string>\n\n /**\n * The endpoint which the script is allowed to access scoped to the distribution.\n *\n * Typically, this is used to allow access to the package manager.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputEndpoint>\n}\n\nexport type ScriptProgram = () => unknown\n\nexport type ScriptEnvironment = {\n [distribution in ScriptDistribution]?: DistributionEnvironment\n} & {\n /**\n * The setup scripts that should be run before the script.\n */\n setupScripts?: InputRecord<string>\n\n /**\n * The cleanup scripts that should be run after the script.\n */\n cleanupScripts?: InputRecord<string>\n\n /**\n * The arbitrary files available in the environment including scripts.\n */\n files?: InputRecord<string | ScriptProgram>\n\n /**\n * The volumes that should be defined in the environment.\n */\n volumes?: InputArray<WorkloadVolume>\n\n /**\n * The volume mounts that should be defined in the environment.\n */\n volumeMounts?: InputArray<ContainerVolumeMount>\n\n /**\n * The environment variables that should be defined in the environment.\n */\n environment?: Input<ContainerEnvironment>\n\n /**\n * The endpoint which the script is allowed to access.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputEndpoint>\n}\n\nexport type ResolvedScriptEnvironment = Omit<Required<ScriptEnvironment>, ScriptDistribution> & {\n [distribution in ScriptDistribution]: Required<DistributionEnvironment>\n}\n\nconst emptyDistributionEnvironment = {\n preInstallPackages: [],\n preInstallScripts: {},\n packages: [],\n}\n\nexport const emptyScriptEnvironment: ResolvedScriptEnvironment = {\n alpine: {\n ...emptyDistributionEnvironment,\n image: images.alpine.image,\n allowedEndpoints: [\n //\n \"tcp://dl-cdn.alpinelinux.org:443\",\n \"tcp://dl-cdn.alpinelinux.org:80\",\n ],\n },\n\n ubuntu: {\n ...emptyDistributionEnvironment,\n image: images.ubuntu.image,\n allowedEndpoints: [\n //\n \"tcp://archive.ubuntu.com:80\",\n \"tcp://archive.ubuntu.com:443\",\n \"tcp://security.ubuntu.com:80\",\n \"tcp://security.ubuntu.com:443\",\n ],\n },\n\n setupScripts: {},\n cleanupScripts: {},\n files: {},\n volumes: [],\n volumeMounts: [],\n environment: {},\n allowedEndpoints: [],\n}\n\nexport const functionScriptImages: Record<ScriptDistribution, string> = {\n alpine: \"oven/bun@sha256:6b14922b0885c3890cdb0b396090af1da486ba941df5ee94391eef64f7113c61\",\n ubuntu: \"oven/bun@sha256:66b431441dc4c36d7e8164bfc61e6348ec1d7ce2862fc3a29f5dc9856e8205e4\",\n}\n","import type { network } from \"@highstate/library\"\nimport type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\nimport type { ScopedResourceArgs } from \"../shared\"\nimport { parseEndpoint } from \"@highstate/common\"\nimport { text, trimIndentation } from \"@highstate/contract\"\nimport { type InputArray, normalize } from \"@highstate/pulumi\"\nimport {\n ComponentResource,\n type ComponentResourceOptions,\n type Input,\n type Output,\n output,\n type Unwrap,\n} from \"@pulumi/pulumi\"\nimport { serializeFunction } from \"@pulumi/pulumi/runtime/index.js\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { readPackageJSON } from \"pkg-types\"\nimport { mapValues, omitBy } from \"remeda\"\nimport { ConfigMap } from \"../config-map\"\nimport {\n emptyScriptEnvironment,\n functionScriptImages,\n type ResolvedScriptEnvironment,\n type ScriptDistribution,\n type ScriptEnvironment,\n} from \"./environment\"\n\nexport type ScriptBundleArgs = ScopedResourceArgs & {\n /**\n * The environment to bundle the scripts from.\n */\n environment?: Input<ScriptEnvironment>\n\n /**\n * The environments to bundle the scripts from.\n */\n environments?: InputArray<ScriptEnvironment>\n\n /**\n * The distribution to use for the scripts.\n */\n distribution: ScriptDistribution\n}\n\nexport class ScriptBundle extends ComponentResource {\n /**\n * The config map containing the scripts.\n */\n readonly configMap: Output<ConfigMap>\n\n /**\n * The volumes that should be included in the workload.\n */\n readonly volumes: Output<WorkloadVolume[]>\n\n /**\n * The volume mounts that should be defined in the container.\n */\n readonly volumeMounts: Output<ContainerVolumeMount[]>\n\n /**\n * The environment variables that should be defined in the container.\n */\n readonly environment: Output<ContainerEnvironment>\n\n /**\n * The image to use for the scripts.\n */\n readonly image: Output<string>\n\n /**\n * The distribution to use for the scripts.\n */\n readonly distribution: ScriptDistribution\n\n /**\n * The list of endpoints that the script is allowed to access.\n */\n readonly allowedEndpoints: Output<network.L3Endpoint[]>\n\n constructor(name: string, args: ScriptBundleArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ScriptBundle\", name, args, opts)\n\n const scriptEnvironment = output(args)\n .apply(args => normalize(args.environment, args.environments))\n .apply(args => deepmerge(emptyScriptEnvironment, ...args)) as Output<\n Unwrap<ResolvedScriptEnvironment>\n >\n\n const hasFunctionScripts = scriptEnvironment.apply(scriptEnvironment => {\n return Object.values(scriptEnvironment.files).some(file => typeof file === \"function\")\n })\n\n this.distribution = args.distribution\n this.environment = scriptEnvironment.environment\n\n this.image = hasFunctionScripts.apply(hasFunctionScripts =>\n output(\n hasFunctionScripts\n ? functionScriptImages[args.distribution]\n : scriptEnvironment[args.distribution].image,\n ),\n )\n\n this.allowedEndpoints = output({ scriptEnvironment, hasFunctionScripts }).apply(\n ({ scriptEnvironment, hasFunctionScripts }) => {\n const allowedEndpoints = [\n ...scriptEnvironment.allowedEndpoints,\n ...scriptEnvironment[args.distribution].allowedEndpoints,\n ]\n\n if (hasFunctionScripts) {\n allowedEndpoints.push(\"tcp://registry.npmjs.org:443\")\n }\n\n return allowedEndpoints.map(endpoint => parseEndpoint(endpoint))\n },\n )\n\n this.configMap = output({ scriptEnvironment, args }).apply(({ scriptEnvironment, args }) => {\n return ConfigMap.create(\n name,\n {\n namespace: args.namespace,\n\n data: createScriptData(this.distribution, scriptEnvironment),\n },\n { ...opts, parent: this },\n )\n })\n\n this.volumes = output({ hasFunctionScripts, volumes: scriptEnvironment.volumes }).apply(\n ({ hasFunctionScripts, volumes }) => {\n return [\n ...volumes,\n {\n name: this.configMap.metadata.name,\n\n configMap: {\n name: this.configMap.metadata.name,\n defaultMode: 0o550, // read and execute permissions\n },\n },\n ...(hasFunctionScripts ? [{ name: \"node-modules\", emptyDir: {} }] : []),\n ]\n },\n )\n\n this.volumeMounts = output({\n hasFunctionScripts,\n volumeMounts: scriptEnvironment.volumeMounts,\n }).apply(({ hasFunctionScripts, volumeMounts }) => {\n return [\n ...volumeMounts,\n {\n volume: this.configMap,\n mountPath: \"/scripts\",\n },\n ...(hasFunctionScripts\n ? [{ name: \"node-modules\", mountPath: \"/scripts/node_modules\" }]\n : []),\n ]\n })\n }\n}\n\nfunction stripWorkspacePrefix(value: string): string {\n if (value.startsWith(\"workspace:\")) {\n return value.replace(\"workspace:\", \"\")\n }\n\n return value\n}\n\nasync function createScriptData(\n distribution: ScriptDistribution,\n environment: Unwrap<ResolvedScriptEnvironment>,\n): Promise<Record<string, string>> {\n const scriptData: Record<string, string> = {}\n const actions: string[] = []\n\n const distributionEnvironment = environment[distribution]\n const setupScripts = { ...environment.setupScripts }\n\n let hasFunctionScripts = false\n\n for (const key in environment.files) {\n if (typeof environment.files[key] === \"function\") {\n const serialized = await serializeFunction(environment.files[key])\n\n scriptData[key] = text`\n #!/usr/local/bin/bun\n \n ${serialized.text}\n\n exports.${serialized.exportName}()\n `\n\n hasFunctionScripts = true\n } else {\n scriptData[key] = environment.files[key]\n }\n }\n\n if (hasFunctionScripts) {\n const packageJson = await readPackageJSON()\n\n packageJson.dependencies = omitBy(\n mapValues(packageJson.dependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n packageJson.devDependencies = omitBy(\n mapValues(packageJson.devDependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n scriptData[\"package.json\"] = JSON.stringify(packageJson, null, 2)\n\n setupScripts[\"resolve-dependencies.sh\"] = text`\n #!/usr/local/bin/bun\n set -e\n\n cd /scripts\n bun install --production\n `\n }\n\n if (distributionEnvironment.preInstallPackages.length > 0) {\n scriptData[\"pre-install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.preInstallPackages,\n )\n\n actions.push(`\n echo \"+ Installing pre-install packages...\"\n /scripts/pre-install-packages.sh\n echo \"+ Pre-install packages installed successfully\"\n `)\n }\n\n if (Object.keys(distributionEnvironment.preInstallScripts).length > 0) {\n for (const key in distributionEnvironment.preInstallScripts) {\n scriptData[`pre-install-${key}`] = distributionEnvironment.preInstallScripts[key]\n\n actions.push(`\n echo \"+ Running pre-install script '${key}'...\"\n /scripts/pre-install-${key}\n echo \"+ Pre-install script '${key}'... Done\"\n `)\n }\n }\n\n if (distributionEnvironment.packages.length > 0) {\n scriptData[\"install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.packages,\n )\n\n actions.push(`\n echo \"+ Installing packages...\"\n /scripts/install-packages.sh\n echo \"+ Packages installed successfully\"\n `)\n }\n\n if (Object.keys(setupScripts).length > 0) {\n for (const key in setupScripts) {\n scriptData[`setup-${key}`] = setupScripts[key]\n\n actions.push(`\n echo \"+ Running setup script '${key}'...\"\n /scripts/setup-${key}\n echo \"+ Setup script '${key}'... Done\"\n `)\n }\n }\n\n if (Object.keys(environment.cleanupScripts).length > 0) {\n const cleanupActions: string[] = []\n\n for (const key in environment.cleanupScripts) {\n scriptData[`cleanup-${key}`] = environment.cleanupScripts[key]\n\n cleanupActions.push(`\n echo \"+ Running cleanup script '${key}'...\"\n /scripts/cleanup-${key}\n echo \"+ Cleanup script '${key}'... Done\"\n `)\n }\n\n actions.push(`\n function cleanup() {\n ${cleanupActions.map(s => s.trim()).join(\"\\n\\n\")}\n }\n\n trap cleanup EXIT\n trap cleanup SIGTERM\n `)\n }\n\n scriptData[\"entrypoint.sh\"] = trimIndentation(`\n #!/bin/sh\n set -e\n\n if [ -z \"$1\" ]; then\n echo \"Usage: entrypoint.sh <main script> [args...]\"\n exit 1\n fi\n\n ${actions.map(s => s.trim()).join(\"\\n\\n\")}\n\n echo \"+ Running main script...\"\n $@\n echo \"+ Main script completed\"\n `)\n\n return scriptData\n}\n\nfunction getInstallPackagesScript(distribution: ScriptDistribution, packages: string[]): string {\n if (distribution === \"alpine\") {\n return text`\n #!/bin/sh\n set -e\n\n apk add --no-cache ${packages.join(\" \")}\n `\n } else {\n return text`\n #!/bin/sh\n set -e\n\n apt-get update\n apt-get install -y ${packages.join(\" \")}\n `\n }\n}\n","import type { Container } from \"../container\"\nimport type { ScriptBundle } from \"./bundle\"\nimport { type Input, type Output, output } from \"@pulumi/pulumi\"\nimport { merge } from \"remeda\"\n\nexport type ScriptContainer = Container & {\n /**\n * The script bundle to use.\n */\n bundle: Input<ScriptBundle>\n\n /**\n * The name of the main script to run.\n * The script must be available in the bundle.\n */\n main: Input<string>\n}\n\n/**\n * Creates a spec for a container that runs a script.\n * This spec can be used to create a complete workload or an init container.\n *\n * @param options The options to create the container spec.\n * @returns The container spec.\n */\nexport function createScriptContainer(options: ScriptContainer): Output<Container> {\n const bundle = output(options.bundle)\n\n return output({\n options,\n image: bundle.image,\n volumeMounts: bundle.volumeMounts,\n volumes: bundle.volumes,\n environment: bundle.environment,\n allowedEndpoints: bundle.allowedEndpoints,\n }).apply(({ options, image, volumeMounts, volumes, environment, allowedEndpoints }) => {\n return {\n image,\n command: [\"/scripts/entrypoint.sh\", `/scripts/${options.main}`],\n\n ...options,\n\n volumeMounts: [...volumeMounts, ...(options.volumeMounts ?? [])],\n volumes: [...volumes, ...(options.volumes ?? [])],\n environment: merge(environment, options.environment),\n allowedEndpoints: [...allowedEndpoints, ...(options.allowedEndpoints ?? [])],\n } as Container\n })\n}\n","import type { UnitWorker } from \"@highstate/contract\"\nimport type { k8s } from \"@highstate/library\"\nimport type { DeepInput, Input, InputArray, Unwrap } from \"@highstate/pulumi\"\nimport type { Namespace } from \"./namespace\"\nimport { type Output, output } from \"@pulumi/pulumi\"\nimport { ClusterAccessScope } from \"./rbac\"\nimport { getClusterKubeconfigContent, images, type NamespacedResource } from \"./shared\"\n\nexport async function createMonitorWorker(\n namespace: Input<Namespace>,\n resources: InputArray<NamespacedResource>,\n): Promise<Output<Unwrap<UnitWorker>>> {\n const scope = new ClusterAccessScope(\"monitor\", {\n rule: {\n apiGroups: [\"\", \"apps\"],\n resources: [\"deployments\", \"statefulsets\", \"services\", \"pods\"],\n verbs: [\"get\", \"list\", \"watch\"],\n },\n\n namespace,\n resources,\n })\n\n return output({\n name: \"monitor\",\n image: images[\"worker.k8s-monitor\"].image,\n\n params: {\n kubeconfig: getClusterKubeconfigContent(scope.cluster),\n resources: output(resources).apply(resources => resources.map(r => r.entity)),\n } satisfies DeepInput<k8s.MonitorWorkerParams>,\n })\n}\n"]}
package/dist/job-PE4AKOHB.js DELETED
@@ -1,7 +0,0 @@
1
- export { Job } from './chunk-23X5SXQG.js';
2
- import './chunk-SZKOAHNX.js';
3
- import './chunk-OG2OPX7B.js';
4
- import './chunk-TOLFVF4S.js';
5
- import './chunk-PZYGZSN5.js';
6
- //# sourceMappingURL=job-PE4AKOHB.js.map
7
- //# sourceMappingURL=job-PE4AKOHB.js.map
package/dist/job-PE4AKOHB.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"job-PE4AKOHB.js"}
package/dist/stateful-set-LUIRHQJY.js DELETED
@@ -1,7 +0,0 @@
1
- export { StatefulSet } from './chunk-S77TE7UC.js';
2
- import './chunk-SZKOAHNX.js';
3
- import './chunk-OG2OPX7B.js';
4
- import './chunk-TOLFVF4S.js';
5
- import './chunk-PZYGZSN5.js';
6
- //# sourceMappingURL=stateful-set-LUIRHQJY.js.map
7
- //# sourceMappingURL=stateful-set-LUIRHQJY.js.map
package/dist/stateful-set-LUIRHQJY.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"stateful-set-LUIRHQJY.js"}
package/dist/units/cert-manager/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../assets/charts.json","../../../src/units/cert-manager/index.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,IAAA,cAAA,GAAA;AAAA,EACE,cAAA,EAAgB;AAAA,IACd,IAAA,EAAQ,4BAAA;AAAA,IACR,IAAA,EAAQ,cAAA;AAAA,IACR,OAAA,EAAW,SAAA;AAAA,IACX,MAAA,EAAU;AAAA;AAEd,CAAA;;;ACDA,IAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,IAAI,WAAW,CAAA;AAEzD,IAAM,SAAA,GAAY,UAAU,MAAA,CAAO,cAAA,EAAgB,EAAE,OAAA,EAAS,MAAA,CAAO,YAAY,CAAA;AAEjF,IAAI,MAAM,cAAA,EAAgB;AAAA,EACxB,SAAA;AAAA,EAEA,KAAA,EAAO,eAAO,cAAc,CAAA;AAAA,EAE5B,MAAA,EAAQ;AAAA,IACN,IAAA,EAAM;AAAA,MACJ,OAAA,EAAS;AAAA,KACX;AAAA,IAEA,MAAA,EAAQ;AAAA,MACN,UAAA,EAAY,4CAAA;AAAA,MACZ,IAAA,EAAM,yBAAA;AAAA,MACN,kBAAkB,IAAA,CAAK;AAAA;AACzB;AAEJ,CAAC,CAAA;AAED,IAAO,uBAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,MAAA,CAAO;AACrB,CAAC","file":"index.js","sourcesContent":["{\n \"cert-manager\": {\n \"repo\": \"https://charts.jetstack.io\",\n \"name\": \"cert-manager\",\n \"version\": \"v1.18.2\",\n \"sha256\": \"daddf7af7b1f0eaaa10edd790aefa0bd8c2b07830febf659460d843217f5b3c5\"\n }\n}\n","import { k8s } from \"@highstate/library\"\nimport { forUnit } from \"@highstate/pulumi\"\nimport charts from \"../../../assets/charts.json\"\nimport { Chart } from \"../../helm\"\nimport { Namespace } from \"../../namespace\"\n\nconst { args, inputs, outputs } = forUnit(k8s.certManager)\n\nconst namespace = Namespace.create(\"cert-manager\", { cluster: inputs.k8sCluster })\n\nnew Chart(\"cert-manager\", {\n namespace,\n\n chart: charts[\"cert-manager\"],\n\n values: {\n crds: {\n enabled: true,\n },\n\n config: {\n apiVersion: \"controller.config.cert-manager.io/v1alpha1\",\n kind: \"ControllerConfiguration\",\n enableGatewayAPI: args.enableGatewayApi,\n },\n },\n})\n\nexport default outputs({\n k8sCluster: inputs.k8sCluster,\n})\n"]}
package/dist/units/cluster-patch/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/cluster-patch/index.ts"],"names":[],"mappings":";;;;;AAIA,IAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,IAAI,YAAY,CAAA;AAE1D,IAAM,OAAA,GAAU,MAAM,SAAA,CAAU,MAAA,CAAO,UAAU,CAAA;AACjD,IAAM,SAAA,GAAY,cAAA,CAAe,CAAC,GAAG,IAAA,CAAK,WAAW,GAAG,MAAA,CAAO,SAAS,CAAA,EAAG,CAAC,CAAA;AAC5E,IAAM,YAAA,GAAe,cAAA,CAAe,CAAC,GAAG,IAAA,CAAK,cAAc,GAAG,MAAA,CAAO,YAAY,CAAA,EAAG,CAAC,CAAA;AAErF,IAAM,YAAA,GAAe,SAAA,CAAU,MAAA,GAAS,CAAA,GAAI,YAAY,OAAA,CAAQ,SAAA;AAChE,IAAM,eAAA,GAAkB,YAAA,CAAa,MAAA,GAAS,CAAA,GAAI,eAAe,OAAA,CAAQ,YAAA;AAEzE,IAAO,wBAAQ,OAAA,CAAQ;AAAA,EACrB,UAAA,EAAY;AAAA,IACV,GAAG,MAAA,CAAO,UAAA;AAAA,IACV,SAAA,EAAW,YAAA;AAAA,IACX,YAAA,EAAc;AAAA,GAChB;AAAA,EAEA,aAAA,EAAe;AAAA,IACb,SAAA,EAAW,SAAA,CAAU,GAAA,CAAI,kBAAkB,CAAA;AAAA,IAC3C,YAAA,EAAc,YAAA,CAAa,GAAA,CAAI,kBAAkB;AAAA;AAErD,CAAC","file":"index.js","sourcesContent":["import { l3EndpointToString, l4EndpointToString, parseEndpoints } from \"@highstate/common\"\nimport { k8s } from \"@highstate/library\"\nimport { forUnit, toPromise } from \"@highstate/pulumi\"\n\nconst { args, inputs, outputs } = forUnit(k8s.clusterPatch)\n\nconst cluster = await toPromise(inputs.k8sCluster)\nconst endpoints = parseEndpoints([...args.endpoints, ...inputs.endpoints], 3)\nconst apiEndpoints = parseEndpoints([...args.apiEndpoints, ...inputs.apiEndpoints], 4)\n\nconst newEndpoints = endpoints.length > 0 ? endpoints : cluster.endpoints\nconst newApiEndpoints = apiEndpoints.length > 0 ? apiEndpoints : cluster.apiEndpoints\n\nexport default outputs({\n k8sCluster: {\n ...inputs.k8sCluster,\n endpoints: newEndpoints,\n apiEndpoints: newApiEndpoints,\n },\n\n $statusFields: {\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"]}
package/dist/units/dns01-issuer/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/dns01-issuer/index.ts"],"names":[],"mappings":";;;;;;;AAQA,IAAM,EAAE,MAAM,IAAA,EAAM,OAAA,EAAS,QAAQ,OAAA,EAAQ,GAAI,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA;AAE3E,IAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,MAAA,CAAO,UAAU,CAAA;AAEzD,IAAM,aAAA,GAAgB,SAAA,CAAU,GAAA,CAAI,cAAA,EAAgB;AAAA,EAClD,IAAA,EAAM,cAAA;AAAA,EACN,SAAS,MAAA,CAAO;AAClB,CAAC,CAAA;AAED,IAAI,SAAA;AAEJ,IAAI,IAAA,CAAK,UAAA,CAAW,IAAA,KAAS,SAAA,EAAW;AACtC,EAAA,IAAI,CAAC,OAAA,CAAQ,QAAA,IAAY,CAAC,QAAQ,YAAA,EAAc;AAC9C,IAAA,MAAM,IAAI,MAAM,4DAA4D,CAAA;AAAA,EAC9E;AAEA,EAAA,SAAA,GAAY,MAAA,CAAO,MAAA,CAAO,CAAA,EAAG,IAAI,CAAA,IAAA,CAAA,EAAQ;AAAA,IACvC,SAAA,EAAW,aAAA;AAAA,IACX,UAAA,EAAY;AAAA,MACV,OAAO,OAAA,CAAQ,QAAA;AAAA,MACf,WAAW,OAAA,CAAQ;AAAA;AACrB,GACD,CAAA;AACH;AAEA,IAAM,gBAAgB,MAAM;AAC1B,EAAA,QAAQ,IAAA,CAAK,WAAW,IAAA;AAAM,IAC5B,KAAK,SAAA;AACH,MAAA,OAAO,kCAAA;AAAA,IACT,KAAK,aAAA;AACH,MAAA,OAAO,gDAAA;AAAA,IACT,KAAK,QAAA;AACH,MAAA,OAAO,KAAK,UAAA,CAAW,GAAA;AAAA;AAE7B,CAAA;AAEA,IAAI,aAAa,EAAA,CAAG,aAAA;AAAA,EAClB,IAAA;AAAA,EACA;AAAA,IACE,QAAA,EAAU;AAAA,MACR;AAAA,KACF;AAAA,IACA,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM;AAAA,QACJ,QAAQ,aAAA,EAAc;AAAA,QACtB,OAAA,EAAS;AAAA,UACP;AAAA,YACE,KAAA,EAAO,mBAAA,CAAoB,UAAA,CAAW,MAAA,CAAO,YAAY,OAAA,EAAS;AAAA,cAChE,SAAA,EAAW;AAAA,aACZ,CAAA;AAAA,YACD,QAAA,EAAU,EAAE,QAAA,EAAU,MAAA,CAAO,YAAY,KAAA;AAAM;AACjD,SACF;AAAA,QACA,mBAAA,EAAqB;AAAA,UACnB;AAAA,SACF;AAAA,QACA,wBAAwB,SAAA,GACpB;AAAA,UACE,KAAA,EAAO,UAAU,UAAA,CAAW,KAAA;AAAA,UAC5B,YAAA,EAAc;AAAA,YACZ,IAAA,EAAM,UAAU,QAAA,CAAS,IAAA;AAAA,YACzB,GAAA,EAAK;AAAA;AACP,SACF,GACA;AAAA;AACN;AACF,GACF;AAAA,EACA,EAAE,QAAA;AACJ,CAAA;AAEA,IAAO,uBAAQ,OAAA,CAAQ;AAAA,EACrB,WAAW,gBAAA,CAAiB;AAAA,IAC1B,QAAQ,MAAA,CAAO,eAAA;AAAA,IACf,QAAA,EAAU,GAAG,IAAI,CAAA,WAAA,CAAA;AAAA,IACjB,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO;AAAA,KACT;AAAA,IACA,KAAA,EAAO;AAAA,MACL,KAAA,EAAO,OAAO,WAAA,CAAY,KAAA;AAAA,MAC1B,OAAA,EAAS;AAAA,QACP,OAAA,EAAS,gBAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,iBAAA,EAAmB,IAAA;AAAA,UACnB,SAAS,MAAA,CAAO;AAAA;AAClB;AACF;AACF,GACD,CAAA;AAAA,EAED,aAAA,EAAe;AAAA,IACb,KAAA,EAAO,OAAO,WAAA,CAAY;AAAA;AAE9B,CAAC","file":"index.js","sourcesContent":["import { cert_manager } from \"@highstate/cert-manager\"\nimport { common, k8s } from \"@highstate/library\"\nimport { forUnit, makeEntityOutput } from \"@highstate/pulumi\"\nimport { dns01SolverMediator } from \"../../dns01-solver\"\nimport { Namespace } from \"../../namespace\"\nimport { Secret } from \"../../secret\"\nimport { getProviderAsync } from \"../../shared\"\n\nconst { name, args, secrets, inputs, outputs } = forUnit(k8s.dns01TlsIssuer)\n\nconst provider = await getProviderAsync(inputs.k8sCluster)\n\nconst certManagerNs = Namespace.get(\"cert-manager\", {\n name: \"cert-manager\",\n cluster: inputs.k8sCluster,\n})\n\nlet eabSecret: Secret | undefined\n\nif (args.acmeServer.type === \"zerossl\") {\n if (!secrets.eabKeyId || !secrets.eabKeySecret) {\n throw new Error(\"EAB key ID and secret are required for ZeroSSL ACME server\")\n }\n\n eabSecret = Secret.create(`${name}-eab`, {\n namespace: certManagerNs,\n stringData: {\n keyId: secrets.eabKeyId,\n keySecret: secrets.eabKeySecret,\n },\n })\n}\n\nconst getAcmeServer = () => {\n switch (args.acmeServer.type) {\n case \"zerossl\":\n return \"https://acme.zerossl.com/v2/DV90\"\n case \"letsencrypt\":\n return \"https://acme-v02.api.letsencrypt.org/directory\"\n case \"custom\":\n return args.acmeServer.url\n }\n}\n\nnew cert_manager.v1.ClusterIssuer(\n name,\n {\n metadata: {\n name,\n },\n spec: {\n acme: {\n server: getAcmeServer(),\n solvers: [\n {\n dns01: dns01SolverMediator.callOutput(inputs.dnsProvider.implRef, {\n namespace: certManagerNs,\n }),\n selector: { dnsZones: inputs.dnsProvider.zones },\n },\n ],\n privateKeySecretRef: {\n name,\n },\n externalAccountBinding: eabSecret\n ? {\n keyID: eabSecret.stringData.keyId,\n keySecretRef: {\n name: eabSecret.metadata.name,\n key: \"keySecret\",\n },\n }\n : undefined,\n },\n },\n },\n { provider },\n)\n\nexport default outputs({\n tlsIssuer: makeEntityOutput({\n entity: common.tlsIssuerEntity,\n identity: `${name}:tls-issuer`,\n meta: {\n title: name,\n },\n value: {\n zones: inputs.dnsProvider.zones,\n implRef: {\n package: \"@highstate/k8s\",\n data: {\n clusterIssuerName: name,\n cluster: inputs.k8sCluster,\n },\n },\n },\n }),\n\n $statusFields: {\n zones: inputs.dnsProvider.zones,\n },\n})\n"]}
package/dist/units/existing-cluster/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/existing-cluster/index.ts"],"names":[],"mappings":";;;;;;;;;AAeA,IAAM,EAAE,MAAM,IAAA,EAAM,MAAA,EAAQ,SAAS,OAAA,EAAQ,GAAI,OAAA,CAAQ,GAAA,CAAI,eAAe,CAAA;AAE5E,IAAM,iBAAA,GAAoB,MAAM,SAAA,CAAU,OAAA,CAAQ,WAAW,KAAA,CAAM,IAAA,CAAK,SAAS,CAAC,CAAA;AAElF,IAAM,WAAW,IAAI,QAAA,CAAS,MAAM,EAAE,UAAA,EAAY,mBAAmB,CAAA;AAErE,IAAI,oBAAA;AAEJ,IAAM,UAAA,GAAa,IAAI,UAAA,EAAW;AAClC,UAAA,CAAW,eAAe,iBAAiB,CAAA;AAE3C,IAAM,OAAA,GAAU,UAAA,CAAW,aAAA,CAAc,SAAS,CAAA;AAElD,IAAM,YAAY,MAAM,OAAA,CACrB,uBAAA,CAAwB,EAAE,MAAM,QAAA,EAAU,SAAA,EAAW,aAAA,EAAe,EACpE,IAAA,CAAK,MAAM,IAAI,CAAA,CACf,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,IAAI,SAAA,EAAW;AACb,EAAA,oBAAA,GAAuB;AAAA,IACrB,OAAA,EAAS,mBAAA;AAAA,IACT,MAAM;AAAC,GACT;AACF;AAGA,IAAI,WAAA,GAAc,IAAA,CAAK,WAAA,CAAY,GAAA,CAAI,YAAY,CAAA;AAEnD,IAAI,KAAK,qBAAA,EAAuB;AAC9B,EAAA,MAAM,WAAA,GAAc,MAAM,iBAAA,CAAkB,UAAA,EAAY,KAAK,iBAAiB,CAAA;AAC9E,EAAA,WAAA,GAAc,eAAe,CAAC,GAAG,WAAA,EAAa,GAAG,WAAW,CAAC,CAAA;AAC/D;AAGA,IAAI,SAAA,GAAY,eAAe,CAAC,GAAG,KAAK,SAAA,EAAW,GAAG,MAAA,CAAO,SAAS,CAAC,CAAA;AAEvE,IAAI,KAAK,yBAAA,EAA2B;AAClC,EAAA,MAAM,cAAc,WAAA,CAAY,GAAA,CAAI,CAAA,EAAA,KAAM,aAAA,CAAc,EAAE,CAAC,CAAA;AAC3D,EAAA,SAAA,GAAY,eAAe,CAAC,GAAG,SAAA,EAAW,GAAG,WAAW,CAAC,CAAA;AAC3D;AAGA,IAAI,YAAA,GAAe,cAAA,CAAe,CAAC,GAAG,IAAA,CAAK,cAAc,GAAG,MAAA,CAAO,SAAS,CAAA,EAAG,CAAC,CAAA;AAEhF,IAAI,KAAK,wBAAA,EAA0B;AACjC,EAAA,MAAM,cAAA,GAAiB,aAAA,CAAc,UAAA,CAAW,QAAA,CAAS,CAAC,CAAA,CAAE,MAAA,CAAO,OAAA,CAAQ,UAAA,EAAY,EAAE,CAAA,EAAG,CAAC,CAAA;AAC7F,EAAA,YAAA,GAAe,cAAA,CAAe,CAAC,cAAA,EAAgB,GAAG,YAAY,CAAC,CAAA;AACjE;AAEA,IAAM,UAAA,GAAa,KAAK,EAAA,CAAG,SAAA,CAAU,IAAI,aAAA,EAAe,aAAA,EAAe,EAAE,QAAA,EAAU,CAAA;AAEnF,IAAO,2BAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,gBAAA,CAAiB;AAAA,IAC3B,QAAQ,GAAA,CAAI,aAAA;AAAA,IACZ,QAAA,EAAU,WAAW,QAAA,CAAS,GAAA;AAAA,IAC9B,KAAA,EAAO;AAAA,MACL,EAAA,EAAI,WAAW,QAAA,CAAS,GAAA;AAAA,MACxB,YAAA,EAAc,WAAW,QAAA,CAAS,GAAA;AAAA,MAClC,IAAA;AAAA,MACA,oBAAA;AAAA,MACA,WAAA;AAAA,MACA,SAAA;AAAA,MACA,YAAA;AAAA,MACA,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,YAAY,gBAAA,CAAiB;AAAA,QAC3B,QAAQ,MAAA,CAAO,UAAA;AAAA,QACf,QAAA,EAAU,GAAG,IAAI,CAAA,WAAA,CAAA;AAAA,QACjB,IAAA,EAAM;AAAA,UACJ,KAAA,EAAO;AAAA,SACT;AAAA,QACA,KAAA,EAAO;AAAA,UACL,OAAA,EAAS;AAAA,YACP,IAAA,EAAM,iBAAA;AAAA,YACN,KAAA,EAAO;AAAA,WACT;AAAA,UACA,IAAA,EAAM;AAAA,YACJ,IAAA,EAAM,YAAA;AAAA,YACN,WAAA,EAAa,WAAA;AAAA,YACb,IAAA,EAAM;AAAA;AACR;AACF,OACD;AAAA;AACH,GACD,CAAA;AAAA,EAED,UAAA,EAAY,CAAC,iBAAA,CAAkB,iBAAiB,CAAC,CAAA;AAAA,EAEjD,aAAA,EAAe;AAAA,IACb,SAAA,EAAW,WAAW,QAAA,CAAS,GAAA;AAAA,IAC/B,SAAA,EAAW,SAAA,CAAU,GAAA,CAAI,kBAAkB,CAAA;AAAA,IAC3C,YAAA,EAAc,YAAA,CAAa,GAAA,CAAI,kBAAkB;AAAA;AAErD,CAAC","file":"index.js","sourcesContent":["import {\n l3EndpointToString,\n l4EndpointToString,\n mergeAddresses,\n mergeEndpoints,\n parseAddress,\n parseEndpoint,\n parseEndpoints,\n} from \"@highstate/common\"\nimport { common, type ImplementationReference, k8s } from \"@highstate/library\"\nimport { forUnit, makeEntityOutput, toPromise } from \"@highstate/pulumi\"\nimport { AppsV1Api, KubeConfig } from \"@kubernetes/client-node\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\nimport { createK8sTerminal, detectExternalIps } from \"../../cluster\"\n\nconst { name, args, inputs, secrets, outputs } = forUnit(k8s.existingCluster)\n\nconst kubeconfigContent = await toPromise(secrets.kubeconfig.apply(JSON.stringify))\n\nconst provider = new Provider(name, { kubeconfig: kubeconfigContent })\n\nlet networkPolicyImplRef: ImplementationReference | undefined\n\nconst kubeConfig = new KubeConfig()\nkubeConfig.loadFromString(kubeconfigContent)\n\nconst appsApi = kubeConfig.makeApiClient(AppsV1Api)\n\nconst hasCilium = await appsApi\n .readNamespacedDaemonSet({ name: \"cilium\", namespace: \"kube-system\" })\n .then(() => true)\n .catch(() => false)\n\nif (hasCilium) {\n networkPolicyImplRef = {\n package: \"@highstate/cilium\",\n data: {},\n }\n}\n\n// calculate external IPs\nlet externalIps = args.externalIps.map(parseAddress)\n\nif (args.autoDetectExternalIps) {\n const detectedIps = await detectExternalIps(kubeConfig, args.internalIpsPolicy)\n externalIps = mergeAddresses([...externalIps, ...detectedIps])\n}\n\n// calculate endpoints\nlet endpoints = parseEndpoints([...args.endpoints, ...inputs.endpoints])\n\nif (args.useExternalIpsAsEndpoints) {\n const ipEndpoints = externalIps.map(ip => parseEndpoint(ip))\n endpoints = mergeEndpoints([...endpoints, ...ipEndpoints])\n}\n\n// calculate api endpoints\nlet apiEndpoints = parseEndpoints([...args.apiEndpoints, ...inputs.endpoints], 4)\n\nif (args.useKubeconfigApiEndpoint) {\n const configEndpoint = parseEndpoint(kubeConfig.clusters[0].server.replace(\"https://\", \"\"), 4)\n apiEndpoints = mergeEndpoints([configEndpoint, ...apiEndpoints])\n}\n\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nexport default outputs({\n k8sCluster: makeEntityOutput({\n entity: k8s.clusterEntity,\n identity: kubeSystem.metadata.uid,\n value: {\n id: kubeSystem.metadata.uid,\n connectionId: kubeSystem.metadata.uid,\n name,\n networkPolicyImplRef,\n externalIps,\n endpoints,\n apiEndpoints,\n quirks: args.quirks,\n kubeconfig: makeEntityOutput({\n entity: common.fileEntity,\n identity: `${name}:kubeconfig`,\n meta: {\n title: \"Kubeconfig\",\n },\n value: {\n content: {\n type: \"embedded-secret\",\n value: kubeconfigContent,\n },\n meta: {\n name: \"kubeconfig\",\n contentType: \"text/yaml\",\n mode: 0o600,\n },\n },\n }),\n },\n }),\n\n $terminals: [createK8sTerminal(kubeconfigContent)],\n\n $statusFields: {\n clusterId: kubeSystem.metadata.uid,\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"]}
package/dist/units/gateway-api/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/gateway-api/index.ts"],"names":[],"mappings":";;;;;;AAKA,IAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,OAAA,CAAQ,IAAI,UAAU,CAAA;AAElD,IAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,MAAA,CAAO,UAAU,CAAA;AAEzD,IAAI,KAAK,EAAA,CAAG,UAAA;AAAA,EACV,aAAA;AAAA,EACA;AAAA,IACE,IAAA,EAAM;AAAA,GACR;AAAA,EACA,EAAE,QAAA;AACJ,CAAA;AAEA,IAAO,sBAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,MAAA,CAAO;AACrB,CAAC","file":"index.js","sourcesContent":["import { k8s } from \"@highstate/library\"\nimport { forUnit } from \"@highstate/pulumi\"\nimport { yaml } from \"@pulumi/kubernetes\"\nimport { getProviderAsync } from \"../../shared\"\n\nconst { inputs, outputs } = forUnit(k8s.gatewayApi)\n\nconst provider = await getProviderAsync(inputs.k8sCluster)\n\nnew yaml.v2.ConfigFile(\n \"gateway-api\",\n {\n file: \"https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.4.0/experimental-install.yaml\",\n },\n { provider },\n)\n\nexport default outputs({\n k8sCluster: inputs.k8sCluster,\n})\n"]}
package/dist/units/reduced-access-cluster/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../../src/units/reduced-access-cluster/index.ts"],"names":[],"mappings":";;;;;;;;AASA,IAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,IAAI,oBAAoB,CAAA;AAElE,IAAM,cAAA,GAAiB,MAAM,SAAA,CAAU,MAAM,CAAA;AAE7C,IAAM,cAAc,IAAI,kBAAA;AAAA,EACtB,OAAA;AAAA,EACA;AAAA,IACE,WAAW,SAAA,CAAU,GAAA,CAAI,cAAA,CAAe,SAAA,EAAW,OAAO,UAAU,CAAA;AAAA,IACpE,eAAA,EAAiB,cAAA,CAAe,eAAA,CAAgB,GAAA,CAAI,CAAA,EAAA,KAAM,UAAU,GAAA,CAAI,EAAA,EAAI,MAAA,CAAO,UAAU,CAAC,CAAA;AAAA,IAC9F,OAAO,IAAA,CAAK,KAAA;AAAA,IACZ,WAAW,cAAA,CAAe;AAAA,GAC5B;AAAA,EACA;AACF,CAAA;AAEA,IAAM,gBAAgB,MAAM,SAAA;AAAA,EAC1B,MAAA;AAAA,IACE,eAAe,SAAA,CAAU,GAAA;AAAA,MAAI,CAAA,CAAA,KAC3B,EAAE,YAAA,GACE,WAAA,CAAA,EAAA,EAAgB,EAAE,IAAI,CAAA,EAAA,EAAK,EAAE,QAAA,CAAS,SAAS,IAAI,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,CAAA,CAAA,GAClE,WAAA,CAAA,EAAA,EAAgB,EAAE,IAAI,CAAA,EAAA,EAAK,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,CAAA;AAAA;AAChD,GACF,CAAE,KAAA,CAAM,IAAA,CAAK,IAAI,CAAC;AACpB,CAAA;AAEA,IAAO,iCAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,WAAA,CAAY,OAAA;AAAA,EAExB,UAAA,EAAY,CAAC,iBAAA,CAAkB,MAAA,CAAO,4BAA4B,WAAA,CAAY,OAAO,CAAC,CAAC,CAAC,CAAA;AAAA,EAExF,MAAA,EAAQ;AAAA,IACN,KAAA,EAAO;AAAA,MACL,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO;AAAA,OACT;AAAA,MACA,OAAA,EAAS;AAAA,QACP;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS,IAAA;AAAA;AAAA;AAAA,YAAA,EAGL,aAAa;AAAA,UAAA;AAAA,SAEnB;AAAA,QACA;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS,IAAA;AAAA;AAAA,UAAA;AAAA,SAGX;AAAA,QACA;AAAA,UACE,IAAA,EAAM,MAAA;AAAA,UACN,MAAM,cAAA,CAAe;AAAA,YACnB,IAAA,EAAM,YAAA;AAAA,YACN,OAAA,EAAS,MAAA,CAAO,2BAAA,CAA4B,WAAA,CAAY,OAAO,CAAC,CAAA;AAAA,YAChE,WAAA,EAAa,WAAA;AAAA,YACb,QAAA,EAAU;AAAA,WACX;AAAA,SACH;AAAA,QACA;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS,MAAA;AAAA,YACP,WAAA;AAAA;;AAAA;AAAA,cAAA,EAII,WAAA,CAAY,QAAQ,UAAU;AAAA;AAAA,YAAA,CAAA,CAEhC,MAAM,eAAe;AAAA;AACzB,SACF;AAAA,QACA;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,OAAA,EAAS;AAAA;AACX;AACF;AACF;AAEJ,CAAC","file":"index.js","sourcesContent":["import { text, trimIndentation } from \"@highstate/contract\"\nimport { k8s } from \"@highstate/library\"\nimport { forUnit, interpolate, makeFileOutput, output, secret, toPromise } from \"@highstate/pulumi\"\nimport { join } from \"remeda\"\nimport { createK8sTerminal } from \"../../cluster\"\nimport { Namespace } from \"../../namespace\"\nimport { ClusterAccessScope } from \"../../rbac\"\nimport { getClusterKubeconfigContent } from \"../../shared\"\n\nconst { args, inputs, outputs } = forUnit(k8s.reducedAccessCluster)\n\nconst resolvedInputs = await toPromise(inputs)\n\nconst accessScope = new ClusterAccessScope(\n \"scope\",\n {\n namespace: Namespace.for(resolvedInputs.namespace, inputs.k8sCluster),\n extraNamespaces: resolvedInputs.extraNamespaces.map(ns => Namespace.for(ns, inputs.k8sCluster)),\n rules: args.rules,\n resources: resolvedInputs.resources,\n },\n {},\n)\n\nconst resourceLines = await toPromise(\n output(\n resolvedInputs.resources.map(r =>\n r.isNamespaced\n ? interpolate`- ${r.kind} \"${r.metadata.namespace}/${r.metadata.name}\"`\n : interpolate`- ${r.kind} \"${r.metadata.name}\"`,\n ),\n ).apply(join(\"\\n\")),\n)\n\nexport default outputs({\n k8sCluster: accessScope.cluster,\n\n $terminals: [createK8sTerminal(secret(getClusterKubeconfigContent(accessScope.cluster)))],\n\n $pages: {\n index: {\n meta: {\n title: \"Reduced Access Cluster\",\n },\n content: [\n {\n type: \"markdown\",\n content: text`\n The access to this cluster was reduced to the following resources:\n \n ${resourceLines}\n `,\n },\n {\n type: \"markdown\",\n content: text`\n You can access these resources using the following kubeconfig:\n `,\n },\n {\n type: \"file\",\n file: makeFileOutput({\n name: \"kubeconfig\",\n content: secret(getClusterKubeconfigContent(accessScope.cluster)),\n contentType: \"text/yaml\",\n isSecret: true,\n }),\n },\n {\n type: \"markdown\",\n content: secret(\n interpolate`\n You can also copy the following content of the kubeconfig file:\n\n \\`\\`\\`yaml\n ${accessScope.cluster.kubeconfig}\n \\`\\`\\`\n `.apply(trimIndentation),\n ),\n },\n {\n type: \"markdown\",\n content: \"You can also use terminal to verify the access to the resources.\",\n },\n ],\n },\n },\n})\n"]}