@highstate/k8s 0.7.1 → 0.7.3

package/dist/index.js

@@ -1,26 +1,55 @@
-import { m as mapMetadata, c as commonExtraArgs, v as verifyProvider, r as resourceIdToString, a as mapSelectorLikeToSelector, b as mapNamespaceNameToSelector, d as mapNamespaceLikeToNamespaceName, g as getAppDisplayName, e as getAppName } from './shared-Clzbl5K-.js';
-export { h as createNamespace, f as createProvider, i as getNamespace } from './shared-Clzbl5K-.js';
-import { ComponentResource, output, normalize, toPromise, apply } from '@highstate/pulumi';
-import { core, apps, networking, batch } from '@pulumi/kubernetes';
-import { omit, concat, map, uniqueBy, capitalize, mergeDeep, flat, merge, pipe } from 'remeda';
-import { deepmerge } from 'deepmerge-ts';
-import { output as output$1, ComponentResource as ComponentResource$1 } from '@pulumi/pulumi';
-import { S as Service, m as mapContainerPortToServicePort, H as HttpRoute, a as mapServiceToLabelSelector } from './helm-wPTgVV1N.js';
-export { C as Chart, R as RenderedChart, b as getChartService, g as getChartServiceOutput, r as resolveHelmChart } from './helm-wPTgVV1N.js';
-import { parseDomain, ParseResultType } from 'parse-domain';
-import '@highstate/library';
-import { DnsRecord } from '@highstate/common';
-import { gateway } from '@highstate/gateway-api';
-import { trimIndentation, text } from '@highstate/contract';
-import 'path';
-import 'node:fs/promises';
-import 'nano-spawn';
-import 'crypto-hash';
-import '@pulumi/command';
-import 'glob';
+import {
+  Chart,
+  HttpRoute,
+  RenderedChart,
+  Service,
+  getChartService,
+  getChartServiceOutput,
+  mapContainerPortToServicePort,
+  mapServiceToLabelSelector,
+  resolveHelmChart
+} from "./chunk-K4WKJ4L5.js";
+import {
+  commonExtraArgs,
+  createNamespace,
+  getAppDisplayName,
+  getAppName,
+  getNamespace,
+  getProvider,
+  mapMetadata,
+  mapNamespaceLikeToNamespaceName,
+  mapNamespaceNameToSelector,
+  mapSelectorLikeToSelector,
+  resourceIdToString,
+  verifyProvider
+} from "./chunk-T5Z2M4JE.js";
 
-const extraPersistentVolumeClaimArgs = [...commonExtraArgs, "size", "cluster"];
-class PersistentVolumeClaim extends ComponentResource {
+// src/deployment.ts
+import {
+  output as output4,
+  ComponentResource as ComponentResource3,
+  interpolate
+} from "@highstate/pulumi";
+import { apps } from "@pulumi/kubernetes";
+import { omit as omit3 } from "remeda";
+import { deepmerge as deepmerge2 } from "deepmerge-ts";
+import { trimIndentation } from "@highstate/contract";
+
+// src/container.ts
+import { core as core2 } from "@pulumi/kubernetes";
+import { normalize, output as output2 } from "@highstate/pulumi";
+import { concat, map, omit as omit2 } from "remeda";
+
+// src/pvc.ts
+import { core } from "@pulumi/kubernetes";
+import {
+  ComponentResource,
+  output
+} from "@highstate/pulumi";
+import { deepmerge } from "deepmerge-ts";
+import { omit } from "remeda";
+var extraPersistentVolumeClaimArgs = [...commonExtraArgs, "size", "cluster"];
+var PersistentVolumeClaim = class extends ComponentResource {
   constructor(type, name, args, opts, clusterInfo, metadata, spec, status) {
     super(type, name, args, opts);
     this.clusterInfo = clusterInfo;
@@ -49,8 +78,8 @@ class PersistentVolumeClaim extends ComponentResource {
       opts
     );
   }
-}
-class CreatedPersistentVolumeClaim extends PersistentVolumeClaim {
+};
+var CreatedPersistentVolumeClaim = class extends PersistentVolumeClaim {
   constructor(name, args, opts) {
     const pvc = output(args).apply((args2) => {
       return new core.v1.PersistentVolumeClaim(
@@ -83,8 +112,8 @@ class CreatedPersistentVolumeClaim extends PersistentVolumeClaim {
       pvc.status
     );
   }
-}
-class ExternalPersistentVolumeClaim extends PersistentVolumeClaim {
+};
+var ExternalPersistentVolumeClaim = class extends PersistentVolumeClaim {
   constructor(name, id, clusterInfo, opts) {
     const pvc = output(id).apply(async (id2) => {
       await verifyProvider(opts.provider, this.clusterInfo);
@@ -106,9 +135,10 @@ class ExternalPersistentVolumeClaim extends PersistentVolumeClaim {
       pvc.status
     );
   }
-}
+};
 
-const containerExtraArgs = [
+// src/container.ts
+var containerExtraArgs = [
   "port",
   "volumeMount",
   "volume",
@@ -119,7 +149,7 @@ const containerExtraArgs = [
 function mapContainerToRaw(container, fallbackName) {
   const containerName = container.name ?? fallbackName;
   return {
-    ...omit(container, containerExtraArgs),
+    ...omit2(container, containerExtraArgs),
     name: containerName,
     ports: normalize(container.port, container.ports),
     volumeMounts: map(normalize(container.volumeMount, container.volumeMounts), mapVolumeMount),
@@ -176,10 +206,10 @@ function mapContainerEnvironment(environment) {
 }
 function mapVolumeMount(volumeMount) {
   if ("volume" in volumeMount) {
-    return omit(
+    return omit2(
       {
         ...volumeMount,
-        name: output(volumeMount.volume).apply(mapWorkloadVolume).apply((volume) => output(volume.name))
+        name: output2(volumeMount.volume).apply(mapWorkloadVolume).apply((volume) => output2(volume.name))
       },
       ["volume"]
     );
@@ -190,14 +220,14 @@ function mapVolumeMount(volumeMount) {
   };
 }
 function mapEnvironmentSource(envFrom) {
-  if (envFrom instanceof core.v1.ConfigMap) {
+  if (envFrom instanceof core2.v1.ConfigMap) {
     return {
       configMapRef: {
         name: envFrom.metadata.name
       }
     };
   }
-  if (envFrom instanceof core.v1.Secret) {
+  if (envFrom instanceof core2.v1.Secret) {
     return {
       secretRef: {
         name: envFrom.metadata.name
@@ -215,7 +245,7 @@ function mapWorkloadVolume(volume) {
       }
     };
   }
-  if (volume instanceof core.v1.PersistentVolumeClaim) {
+  if (volume instanceof core2.v1.PersistentVolumeClaim) {
     return {
       name: volume.metadata.name,
       persistentVolumeClaim: {
@@ -223,7 +253,7 @@ function mapWorkloadVolume(volume) {
       }
     };
   }
-  if (volume instanceof core.v1.ConfigMap) {
+  if (volume instanceof core2.v1.ConfigMap) {
     return {
       name: volume.metadata.name,
       configMap: {
@@ -231,7 +261,7 @@ function mapWorkloadVolume(volume) {
       }
     };
   }
-  if (volume instanceof core.v1.Secret) {
+  if (volume instanceof core2.v1.Secret) {
     return {
       name: volume.metadata.name,
       secret: {
@@ -242,17 +272,21 @@ function mapWorkloadVolume(volume) {
   return volume;
 }
 
-const workloadExtraArgs = [...commonExtraArgs, "container", "containers"];
-const publicWorkloadExtraArgs = [...workloadExtraArgs, "service", "httpRoute"];
+// src/workload.ts
+import { normalize as normalize2 } from "@highstate/pulumi";
+import { ComponentResource as ComponentResource2, output as output3 } from "@pulumi/pulumi";
+import { uniqueBy } from "remeda";
+var workloadExtraArgs = [...commonExtraArgs, "container", "containers"];
+var publicWorkloadExtraArgs = [...workloadExtraArgs, "service", "httpRoute"];
 function getWorkloadComponents(name, args) {
   const labels = {
     "app.kubernetes.io/name": name
   };
-  const containers = output$1(args).apply((args2) => normalize(args2.container, args2.containers));
+  const containers = output3(args).apply((args2) => normalize2(args2.container, args2.containers));
   const volumes = containers.apply((containers2) => {
-    const containerVolumes = containers2.flatMap((container) => normalize(container.volume, container.volumes)).map(mapWorkloadVolume);
+    const containerVolumes = containers2.flatMap((container) => normalize2(container.volume, container.volumes)).map(mapWorkloadVolume);
     const containerVolumeMounts = containers2.flatMap((container) => {
-      return normalize(container.volumeMount, container.volumeMounts).map((volumeMount) => {
+      return normalize2(container.volumeMount, container.volumeMounts).map((volumeMount) => {
         return "volume" in volumeMount ? volumeMount.volume : void 0;
       }).filter(Boolean);
     }).map(mapWorkloadVolume);
@@ -262,7 +296,7 @@ function getWorkloadComponents(name, args) {
 }
 function getPublicWorkloadComponents(name, args, parent, opts) {
   const { labels, containers, volumes } = getWorkloadComponents(name, args);
-  const service = output$1({ args, containers }).apply(({ args: args2, containers: containers2 }) => {
+  const service = output3({ args, containers }).apply(({ args: args2, containers: containers2 }) => {
     if (!args2.service && !args2.httpRoute) {
       return void 0;
     }
@@ -272,7 +306,7 @@ function getPublicWorkloadComponents(name, args, parent, opts) {
     if (args2.patch) {
       return void 0;
     }
-    const ports = containers2.flatMap((container) => normalize(container.port, container.ports));
+    const ports = containers2.flatMap((container) => normalize2(container.port, container.ports));
     return Service.create(
       name,
       {
@@ -288,7 +322,7 @@ function getPublicWorkloadComponents(name, args, parent, opts) {
       { parent: parent(), ...opts }
     );
   });
-  const httpRoute = output$1({
+  const httpRoute = output3({
     args,
     service
   }).apply(({ args: args2, service: service2 }) => {
@@ -312,10 +346,12 @@ function getPublicWorkloadComponents(name, args, parent, opts) {
   return { labels, containers, volumes, service, httpRoute };
 }
 
-class Deployment extends ComponentResource {
-  constructor(type, name, args, opts, clusterInfo, metadata, spec, status, _service, _httpRoute, resources) {
+// src/deployment.ts
+var Deployment = class extends ComponentResource3 {
+  constructor(type, name, args, opts, cluster, metadata, spec, status, _service, _httpRoute, resources) {
     super(type, name, args, opts);
-    this.clusterInfo = clusterInfo;
+    this.args = args;
+    this.cluster = cluster;
     this.metadata = metadata;
     this.spec = spec;
     this.status = status;
@@ -327,14 +363,17 @@ class Deployment extends ComponentResource {
    * The Highstate deployment entity.
    */
   get entity() {
-    return output({
+    return output4({
       type: "k8s.deployment",
-      clusterInfo: this.clusterInfo,
+      clusterInfo: this.cluster.info,
       metadata: this.metadata,
       spec: this.spec,
       service: this._service.apply((service) => service?.entity)
     });
   }
+  get optionalService() {
+    return this._service;
+  }
   /**
    * The service associated with the deployment.
    */
@@ -357,11 +396,36 @@ class Deployment extends ComponentResource {
       return httpRoute;
     });
   }
+  /**
+   * The instance terminal to interact with the deployment.
+   */
+  get terminal() {
+    return output4({
+      name: this.metadata.name,
+      title: this.metadata.name,
+      image: "ghcr.io/exeteres/highstate/terminal-kubectl",
+      command: ["script", "-q", "-c", "/enter-container.sh", "/dev/null"],
+      files: {
+        "/kubeconfig": this.cluster.kubeconfig,
+        "/enter-container.sh": {
+          mode: 493,
+          content: interpolate`
+            #!/bin/bash
+
+            exec kubectl exec -it -n ${this.metadata.namespace} deployment/${this.metadata.name} -- ${this.args.terminalShell ?? "bash"}
+          `.apply(trimIndentation)
+        }
+      },
+      env: {
+        KUBECONFIG: "/kubeconfig"
+      }
+    });
+  }
   static create(name, args, opts) {
     return new CreatedDeployment(name, args, opts);
   }
-}
-class CreatedDeployment extends Deployment {
+};
+var CreatedDeployment = class extends Deployment {
   constructor(name, args, opts) {
     const { labels, containers, volumes, service, httpRoute } = getPublicWorkloadComponents(
       name,
@@ -369,29 +433,25 @@ class CreatedDeployment extends Deployment {
       () => this,
       opts
     );
-    const deployment = output({ args, containers, volumes }).apply(
+    const deployment = output4({ args, containers, volumes }).apply(
       async ({ args: args2, containers: containers2, volumes: volumes2 }) => {
         await verifyProvider(opts.provider, args2.cluster.info);
         return new (args2.patch ? apps.v1.DeploymentPatch : apps.v1.Deployment)(
           name,
           {
             metadata: mapMetadata(args2.patch?.metadata ?? args2, name),
-            spec: deepmerge(
+            spec: deepmerge2(
               {
                 template: {
-                  metadata: {
-                    labels
-                  },
+                  metadata: !args2.patch ? { labels } : void 0,
                   spec: {
                     containers: containers2.map((container) => mapContainerToRaw(container, name)),
                     volumes: volumes2
                   }
                 },
-                selector: {
-                  matchLabels: labels
-                }
+                selector: !args2.patch ? { matchLabels: labels } : void 0
               },
-              omit(args2, publicWorkloadExtraArgs)
+              omit3(args2, publicWorkloadExtraArgs)
             )
           },
           { parent: this, ...opts }
@@ -403,7 +463,7 @@ class CreatedDeployment extends Deployment {
       name,
       args,
       opts,
-      output(args.cluster).info,
+      output4(args.cluster),
       deployment.metadata,
       deployment.spec,
       deployment.status,
@@ -412,9 +472,17 @@ class CreatedDeployment extends Deployment {
       [deployment]
     );
   }
-}
+};
 
-class StatefulSet extends ComponentResource {
+// src/stateful-set.ts
+import {
+  output as output5,
+  ComponentResource as ComponentResource4
+} from "@highstate/pulumi";
+import { apps as apps2 } from "@pulumi/kubernetes";
+import { omit as omit4 } from "remeda";
+import { deepmerge as deepmerge3 } from "deepmerge-ts";
+var StatefulSet = class extends ComponentResource4 {
   constructor(type, name, args, opts, clusterInfo, metadata, spec, status, _service, _httpRoute) {
     super(type, name, args, opts);
     this.clusterInfo = clusterInfo;
@@ -428,13 +496,16 @@ class StatefulSet extends ComponentResource {
    * The Highstate stateful set entity.
    */
   get entity() {
-    return output({
+    return output5({
       type: "k8s.stateful-set",
       clusterInfo: this.clusterInfo,
       metadata: this.metadata,
       service: this.service.entity
     });
   }
+  get optionalService() {
+    return this._service;
+  }
   /**
    * The service associated with the stateful set.
    */
@@ -460,8 +531,8 @@ class StatefulSet extends ComponentResource {
   static create(name, args, opts) {
     return new CreatedStatefulSet(name, args, opts);
   }
-}
-class CreatedStatefulSet extends StatefulSet {
+};
+var CreatedStatefulSet = class extends StatefulSet {
   constructor(name, args, opts) {
     const { containers, volumes, labels, service, httpRoute } = getPublicWorkloadComponents(
       name,
@@ -469,14 +540,14 @@ class CreatedStatefulSet extends StatefulSet {
       () => this,
       opts
     );
-    const statefulSet = output({ args, containers, volumes, service }).apply(
+    const statefulSet = output5({ args, containers, volumes, service }).apply(
       async ({ args: args2, containers: containers2, volumes: volumes2, service: service2 }) => {
         await verifyProvider(opts.provider, args2.cluster?.info);
-        return new (args2.patch ? apps.v1.StatefulSetPatch : apps.v1.StatefulSet)(
+        return new (args2.patch ? apps2.v1.StatefulSetPatch : apps2.v1.StatefulSet)(
           name,
           {
             metadata: mapMetadata(args2.patch?.metadata ?? args2, name),
-            spec: deepmerge(
+            spec: deepmerge3(
               {
                 serviceName: service2?.metadata.name || name,
                 template: {
@@ -488,7 +559,7 @@ class CreatedStatefulSet extends StatefulSet {
                 },
                 selector: !args2.patch ? { matchLabels: labels } : void 0
               },
-              omit(args2, publicWorkloadExtraArgs)
+              omit4(args2, publicWorkloadExtraArgs)
             )
           },
           { parent: this, ...opts }
@@ -500,7 +571,7 @@ class CreatedStatefulSet extends StatefulSet {
       name,
       args,
       opts,
-      output(args.cluster).info,
+      output5(args.cluster).info,
       statefulSet.metadata,
       statefulSet.spec,
       statefulSet.status,
@@ -508,21 +579,31 @@ class CreatedStatefulSet extends StatefulSet {
       httpRoute
     );
   }
-}
+};
 
-class NetworkPolicy extends ComponentResource {
+// src/network-policy.ts
+import { networking } from "@pulumi/kubernetes";
+import {
+  ComponentResource as ComponentResource5,
+  normalize as normalize3,
+  output as output6
+} from "@highstate/pulumi";
+import { capitalize, flat, merge, mergeDeep } from "remeda";
+import { parseDomain, ParseResultType } from "parse-domain";
+import "@highstate/library";
+var NetworkPolicy = class _NetworkPolicy extends ComponentResource5 {
   /**
    * The underlying network policy resource.
    */
   networkPolicy;
   constructor(name, args, opts) {
     super("k8s:network-policy", name, args, opts);
-    const normalizedArgs = output(args).apply((args2) => {
-      const ingressRules = normalize(args2.ingressRule, args2.ingressRules);
-      const egressRules = normalize(args2.egressRule, args2.egressRules);
-      const endpoints = normalize(args2.egressRule?.toEndpoint, args2.egressRule?.toEndpoints);
+    const normalizedArgs = output6(args).apply((args2) => {
+      const ingressRules = normalize3(args2.ingressRule, args2.ingressRules);
+      const egressRules = normalize3(args2.egressRule, args2.egressRules);
+      const endpoints = normalize3(args2.egressRule?.toEndpoint, args2.egressRule?.toEndpoints);
       const parsedEndpoints = endpoints.map((endpoint) => parseDomain(endpoint));
-      const cidrsFromEndpoints = parsedEndpoints.filter((result) => result.type === ParseResultType.Ip).map((result) => NetworkPolicy.mapCidrFromEndpoint(result));
+      const cidrsFromEndpoints = parsedEndpoints.filter((result) => result.type === ParseResultType.Ip).map((result) => _NetworkPolicy.mapCidrFromEndpoint(result));
       const fqdnsFromEndpoints = parsedEndpoints.filter((result) => result.type !== ParseResultType.Invalid).map((result) => result.hostname);
       const extraEgressRules = [];
       if (args2.allowKubeDns) {
@@ -544,28 +625,28 @@ class NetworkPolicy extends ComponentResource {
         allowKubeApiServer: args2.allowKubeApiServer ?? false,
         ingressRules: ingressRules.map((rule) => ({
           all: rule.fromAll ?? false,
-          cidrs: normalize(rule.fromCidr, rule.fromCidrs),
+          cidrs: normalize3(rule.fromCidr, rule.fromCidrs),
           fqdns: [],
-          services: normalize(rule.fromService, rule.fromServices),
-          namespaces: normalize(rule.fromNamespace, rule.fromNamespaces),
-          selectors: normalize(rule.fromSelector, rule.fromSelectors),
-          ports: normalize(rule.toPort, rule.toPorts)
+          services: normalize3(rule.fromService, rule.fromServices),
+          namespaces: normalize3(rule.fromNamespace, rule.fromNamespaces),
+          selectors: normalize3(rule.fromSelector, rule.fromSelectors),
+          ports: normalize3(rule.toPort, rule.toPorts)
         })),
         egressRules: egressRules.map((rule) => {
           return {
             all: rule.toAll ?? false,
-            cidrs: normalize(rule.toCidr, rule.toCidrs).concat(cidrsFromEndpoints),
-            fqdns: normalize(rule.toFqdn, rule.toFqdns).concat(fqdnsFromEndpoints),
-            services: normalize(rule.toService, rule.toServices),
-            namespaces: normalize(rule.toNamespace, rule.toNamespaces),
-            selectors: normalize(rule.toSelector, rule.toSelectors),
-            ports: normalize(rule.toPort, rule.toPorts)
+            cidrs: normalize3(rule.toCidr, rule.toCidrs).concat(cidrsFromEndpoints),
+            fqdns: normalize3(rule.toFqdn, rule.toFqdns).concat(fqdnsFromEndpoints),
+            services: normalize3(rule.toService, rule.toServices),
+            namespaces: normalize3(rule.toNamespace, rule.toNamespaces),
+            selectors: normalize3(rule.toSelector, rule.toSelectors),
+            ports: normalize3(rule.toPort, rule.toPorts)
           };
         }).concat(extraEgressRules)
       };
     });
     this.networkPolicy = normalizedArgs.apply((args2) => {
-      return output(
+      return output6(
         this.create(name, args2, { ...opts, parent: this })
       );
     });
@@ -579,8 +660,8 @@ class NetworkPolicy extends ComponentResource {
   }
   static supportedCNIs = ["cilium"];
   static create(name, args, opts) {
-    return output(args).apply(async (args2) => {
-      if (!args2.cni || !NetworkPolicy.supportedCNIs.includes(args2.cni)) {
+    return output6(args).apply(async (args2) => {
+      if (!args2.cni || !_NetworkPolicy.supportedCNIs.includes(args2.cni)) {
         return new NativeNetworkPolicy(name, args2, opts);
       }
       const implName = `${capitalize(args2.cni)}NetworkPolicy`;
@@ -593,11 +674,11 @@ class NetworkPolicy extends ComponentResource {
     });
   }
   static allowInsideNamespace(namespace, k8sCluster, opts) {
-    return NetworkPolicy.create(
+    return _NetworkPolicy.create(
       "allow-inside-namespace",
       {
         namespace,
-        cni: output(k8sCluster).info.cni,
+        cni: output6(k8sCluster).info.cni,
         description: "Allow all traffic inside the namespace.",
         selector: {},
         ingressRule: { fromNamespace: namespace },
@@ -607,11 +688,11 @@ class NetworkPolicy extends ComponentResource {
     );
   }
   static allowKubeApiServer(namespace, k8sCluster, opts) {
-    return NetworkPolicy.create(
+    return _NetworkPolicy.create(
       "allow-kube-api-server",
       {
         namespace,
-        cni: output(k8sCluster).info.cni,
+        cni: output6(k8sCluster).info.cni,
         description: "Allow all traffic to the Kubernetes API server from the namespace.",
         allowKubeApiServer: true
       },
@@ -619,11 +700,11 @@ class NetworkPolicy extends ComponentResource {
     );
   }
   static allowKubeDns(namespace, k8sCluster, opts) {
-    return NetworkPolicy.create(
+    return _NetworkPolicy.create(
       "allow-kube-dns",
       {
         namespace,
-        cni: output(k8sCluster).info.cni,
+        cni: output6(k8sCluster).info.cni,
         description: "Allow all traffic to the Kubernetes DNS server from the namespace.",
         allowKubeDns: true
       },
@@ -631,22 +712,22 @@ class NetworkPolicy extends ComponentResource {
     );
   }
   static allowAllEgress(namespace, k8sCluster, opts) {
-    return NetworkPolicy.create(
+    return _NetworkPolicy.create(
       "allow-all-egress",
       {
         namespace,
-        cni: output(k8sCluster).info.cni,
+        cni: output6(k8sCluster).info.cni,
         description: "Allow all egress traffic from the namespace.",
         egressRule: { toAll: true }
       },
       opts
     );
   }
-}
-class NativeNetworkPolicy extends NetworkPolicy {
+};
+var NativeNetworkPolicy = class _NativeNetworkPolicy extends NetworkPolicy {
   create(name, args, opts) {
-    const ingress = NativeNetworkPolicy.createIngressRules(args);
-    const egress = NativeNetworkPolicy.createEgressRules(args);
+    const ingress = _NativeNetworkPolicy.createIngressRules(args);
+    const egress = _NativeNetworkPolicy.createEgressRules(args);
     const policyTypes = [];
     if (ingress.length > 0 || args.isolateIngress) {
       policyTypes.push("Ingress");
@@ -676,14 +757,14 @@ class NativeNetworkPolicy extends NetworkPolicy {
   };
   static createIngressRules(args) {
     return args.ingressRules.map((rule) => ({
-      from: rule.all ? void 0 : NativeNetworkPolicy.createRulePeers(rule),
-      ports: NativeNetworkPolicy.mapPorts(rule.ports)
+      from: rule.all ? void 0 : _NativeNetworkPolicy.createRulePeers(rule),
+      ports: _NativeNetworkPolicy.mapPorts(rule.ports)
     }));
   }
   static createEgressRules(args) {
     const needFallback = args.egressRules.some((rule) => rule.fqdns.length > 0);
     if (needFallback) {
-      return [{ to: [{ ipBlock: NativeNetworkPolicy.fallbackIpBlock }] }];
+      return [{ to: [{ ipBlock: _NativeNetworkPolicy.fallbackIpBlock }] }];
     }
     const extraRules = [];
     if (args.allowKubeApiServer) {
@@ -691,16 +772,16 @@ class NativeNetworkPolicy extends NetworkPolicy {
     }
     return args.egressRules.map((rule) => {
       return {
-        to: rule.all ? void 0 : NativeNetworkPolicy.createRulePeers(rule),
-        ports: NativeNetworkPolicy.mapPorts(rule.ports)
+        to: rule.all ? void 0 : _NativeNetworkPolicy.createRulePeers(rule),
+        ports: _NativeNetworkPolicy.mapPorts(rule.ports)
       };
     }).concat(extraRules);
   }
   static createRulePeers(args) {
     return [
-      ...NativeNetworkPolicy.createCidrPeers(args),
-      ...NativeNetworkPolicy.createServicePeers(args),
-      ...NativeNetworkPolicy.createSelectorPeers(args)
+      ..._NativeNetworkPolicy.createCidrPeers(args),
+      ..._NativeNetworkPolicy.createServicePeers(args),
+      ..._NativeNetworkPolicy.createSelectorPeers(args)
     ];
   }
   static createCidrPeers(args) {
@@ -719,7 +800,7 @@ class NativeNetworkPolicy extends NetworkPolicy {
     const selectorPeers = args.selectors.map((selector) => ({
       podSelector: mapSelectorLikeToSelector(selector)
     }));
-    const namespacePeers = args.namespaces.map(NativeNetworkPolicy.createNamespacePeer);
+    const namespacePeers = args.namespaces.map(_NativeNetworkPolicy.createNamespacePeer);
     if (namespacePeers.length === 0) {
       return selectorPeers;
     }
@@ -752,10 +833,18 @@ class NativeNetworkPolicy extends NetworkPolicy {
       };
     });
   }
-}
+};
 
+// src/access-point.ts
+import { DnsRecord } from "@highstate/common";
+import { gateway } from "@highstate/gateway-api";
+import {
+  normalize as normalize4,
+  output as output7,
+  toPromise
+} from "@highstate/pulumi";
 function useAccessPoint(args) {
-  const result = output({ args, namespaceName: output(args.namespace).metadata.name }).apply(
+  const result = output7({ args, namespaceName: output7(args.namespace).metadata.name }).apply(
     ({ args: args2, namespaceName }) => {
       const gateway2 = createGateway({
         ...args2,
@@ -764,7 +853,7 @@ function useAccessPoint(args) {
         },
         gateway: args2.accessPoint.gateway
       });
-      const dnsRecords = normalize(args2.fqdn, args2.fqdns).map((fqdn) => {
+      const dnsRecords = normalize4(args2.fqdn, args2.fqdns).map((fqdn) => {
         return DnsRecord.create(fqdn, {
           provider: args2.accessPoint.dnsProvider,
           type: "A",
@@ -803,7 +892,7 @@ function useAccessPoint(args) {
           )
         );
       }
-      return output({
+      return output7({
         gateway: gateway2,
         dnsRecords,
         networkPolicies
@@ -823,7 +912,7 @@ function useStandardAcessPoint(appName, namespace, args, inputs, provider) {
   });
 }
 function createGateway(args) {
-  return output(args).apply((args2) => {
+  return output7(args).apply((args2) => {
     if (args2.clusterInfo.id !== args2.gateway.clusterInfo.id) {
       throw new Error(
         "The provided Kubernetes cluster is different from the one where the gateway controller is deployed."
@@ -838,12 +927,12 @@ function createGateway(args) {
           annotations: args2.annotations
         },
         spec: {
-          gatewayClassName: output(args2.gateway).gatewayClassName,
-          listeners: normalize(args2.fqdn, args2.fqdns).map((fqdn) => {
+          gatewayClassName: output7(args2.gateway).gatewayClassName,
+          listeners: normalize4(args2.fqdn, args2.fqdns).map((fqdn) => {
             const normalizedName = fqdn.replace(/\*/g, "wildcard");
             return {
               name: `https-${normalizedName}`,
-              port: output(args2.gateway).httpsListenerPort,
+              port: output7(args2.gateway).httpsListenerPort,
               protocol: "HTTPS",
               hostname: fqdn,
               tls: {
@@ -859,12 +948,24 @@ function createGateway(args) {
   });
 }
 
-const emptyDistributionEnvironment = {
+// src/scripting/bundle.ts
+import { core as core3 } from "@pulumi/kubernetes";
+import { apply, normalize as normalize5 } from "@highstate/pulumi";
+import {
+  ComponentResource as ComponentResource6,
+  output as output8
+} from "@pulumi/pulumi";
+import { pipe } from "remeda";
+import { deepmerge as deepmerge4 } from "deepmerge-ts";
+import { text, trimIndentation as trimIndentation2 } from "@highstate/contract";
+
+// src/scripting/environment.ts
+var emptyDistributionEnvironment = {
   preInstallPackages: [],
   preInstallScripts: {},
   packages: []
 };
-const emptyScriptEnvironment = {
+var emptyScriptEnvironment = {
   alpine: emptyDistributionEnvironment,
   ubuntu: emptyDistributionEnvironment,
   setupScripts: {},
@@ -875,7 +976,8 @@ const emptyScriptEnvironment = {
   environment: {}
 };
 
-class ScriptBundle extends ComponentResource$1 {
+// src/scripting/bundle.ts
+var ScriptBundle = class extends ComponentResource6 {
   /**
    * The config map containing the scripts.
    */
@@ -899,14 +1001,14 @@ class ScriptBundle extends ComponentResource$1 {
   constructor(name, args, opts) {
     super("highstate:k8s:ScriptBundle", name, args, opts);
     const scriptEnvironment = pipe(
-      output$1(args),
-      apply((args2) => normalize(args2.environment, args2.environments)),
-      apply((args2) => deepmerge(emptyScriptEnvironment, ...args2))
+      output8(args),
+      apply((args2) => normalize5(args2.environment, args2.environments)),
+      apply((args2) => deepmerge4(emptyScriptEnvironment, ...args2))
     );
     this.distribution = args.distribution;
     this.environment = scriptEnvironment.environment;
-    this.configMap = output$1({ scriptEnvironment, args }).apply(({ scriptEnvironment: scriptEnvironment2, args: args2 }) => {
-      return new core.v1.ConfigMap(
+    this.configMap = output8({ scriptEnvironment, args }).apply(({ scriptEnvironment: scriptEnvironment2, args: args2 }) => {
+      return new core3.v1.ConfigMap(
         name,
         {
           metadata: mapMetadata(args2, name),
@@ -944,7 +1046,7 @@ class ScriptBundle extends ComponentResource$1 {
       environment: this.environment
     });
   }
-}
+};
 function createScriptData(distribution, environment) {
   const scriptData = {};
   const actions = [];
@@ -1013,7 +1115,7 @@ function createScriptData(distribution, environment) {
   for (const key in environment.scripts) {
     scriptData[key] = environment.scripts[key];
   }
-  scriptData["entrypoint.sh"] = trimIndentation(`
+  scriptData["entrypoint.sh"] = trimIndentation2(`
     #!/bin/sh
     set -e
 
@@ -1049,45 +1151,56 @@ function getInstallPackagesScript(distribution, packages) {
   }
 }
 
+// src/scripting/container.ts
+import { output as output9 } from "@pulumi/pulumi";
+import { merge as merge2 } from "remeda";
 function createScriptContainer(options) {
-  return output$1(options).apply((options2) => {
+  return output9(options).apply((options2) => {
     const image = options2.bundle.distribution === "alpine" ? "alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c" : "ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782";
     return {
       image,
       command: ["/scripts/entrypoint.sh", `/scripts/${options2.main}`],
       ...options2,
-      volumeMounts: merge(options2.bundle.volumeMounts, options2.volumeMounts),
-      volumes: merge(options2.bundle.volumes, options2.volumes),
-      environment: merge(options2.bundle.environment, options2.environment)
+      volumeMounts: merge2(options2.bundle.volumeMounts, options2.volumeMounts),
+      volumes: merge2(options2.bundle.volumes, options2.volumes),
+      environment: merge2(options2.bundle.environment, options2.environment)
     };
   });
 }
 
-const jobExtraArgs = [...commonExtraArgs, "container", "containers"];
-class Job extends ComponentResource {
+// src/job.ts
+import { batch } from "@pulumi/kubernetes";
+import {
+  ComponentResource as ComponentResource7,
+  normalize as normalize6,
+  output as output10
+} from "@highstate/pulumi";
+import { mergeDeep as mergeDeep2, omit as omit5 } from "remeda";
+var jobExtraArgs = [...commonExtraArgs, "container", "containers"];
+var Job = class extends ComponentResource7 {
   /**
    * The underlying Kubernetes job.
    */
   job;
   constructor(name, args, opts) {
     super("highstate:k8s:Job", name, args, opts);
-    this.job = output(args).apply((args2) => {
-      const containers = normalize(args2.container, args2.containers);
+    this.job = output10(args).apply((args2) => {
+      const containers = normalize6(args2.container, args2.containers);
       return new batch.v1.Job(
         name,
         {
           metadata: mapMetadata(args2, name),
-          spec: mergeDeep(
+          spec: mergeDeep2(
             {
               template: {
                 spec: {
                   containers: containers.map((container) => mapContainerToRaw(container, name)),
-                  volumes: containers.flatMap((container) => normalize(container.volume, container.volumes)).map(mapWorkloadVolume),
+                  volumes: containers.flatMap((container) => normalize6(container.volume, container.volumes)).map(mapWorkloadVolume),
                   restartPolicy: "Never"
                 }
               }
             },
-            omit(args2, jobExtraArgs)
+            omit5(args2, jobExtraArgs)
           )
         },
         { parent: this, ...opts }
@@ -1095,37 +1208,45 @@ class Job extends ComponentResource {
     });
     this.registerOutputs({ job: this.job });
   }
-}
+};
 
-const cronJobExtraArgs = [...commonExtraArgs, "container", "containers"];
-class CronJob extends ComponentResource {
+// src/cron-job.ts
+import { batch as batch2 } from "@pulumi/kubernetes";
+import {
+  ComponentResource as ComponentResource8,
+  normalize as normalize7,
+  output as output11
+} from "@highstate/pulumi";
+import { mergeDeep as mergeDeep3, omit as omit6 } from "remeda";
+var cronJobExtraArgs = [...commonExtraArgs, "container", "containers"];
+var CronJob = class extends ComponentResource8 {
   /**
    * The underlying Kubernetes job.
    */
   cronJob;
   constructor(name, args, opts) {
     super("highstate:k8s:CronJob", name, args, opts);
-    this.cronJob = output(args).apply((args2) => {
-      const containers = normalize(args2.container, args2.containers);
-      return new batch.v1.CronJob(
+    this.cronJob = output11(args).apply((args2) => {
+      const containers = normalize7(args2.container, args2.containers);
+      return new batch2.v1.CronJob(
         name,
         {
           metadata: mapMetadata(args2, name),
-          spec: mergeDeep(
+          spec: mergeDeep3(
             {
               jobTemplate: {
                 spec: {
                   template: {
                     spec: {
                       containers: containers.map((container) => mapContainerToRaw(container, name)),
-                      volumes: containers.flatMap((container) => normalize(container.volume, container.volumes)).map(mapWorkloadVolume)
+                      volumes: containers.flatMap((container) => normalize7(container.volume, container.volumes)).map(mapWorkloadVolume)
                     }
                   }
                 }
               },
               schedule: args2.schedule
             },
-            omit(args2, cronJobExtraArgs)
+            omit6(args2, cronJobExtraArgs)
           )
         },
         { parent: this, ...opts }
@@ -1133,6 +1254,35 @@ class CronJob extends ComponentResource {
     });
     this.registerOutputs({ cronJob: this.cronJob });
   }
-}
-
-export { CronJob, Deployment, HttpRoute, Job, NetworkPolicy, PersistentVolumeClaim, ScriptBundle, Service, StatefulSet, createScriptContainer, getAppDisplayName, getAppName, mapContainerPortToServicePort, mapMetadata, mapNamespaceLikeToNamespaceName, mapNamespaceNameToSelector, mapSelectorLikeToSelector, mapServiceToLabelSelector, useAccessPoint, useStandardAcessPoint };
+};
+export {
+  Chart,
+  CronJob,
+  Deployment,
+  HttpRoute,
+  Job,
+  NetworkPolicy,
+  PersistentVolumeClaim,
+  RenderedChart,
+  ScriptBundle,
+  Service,
+  StatefulSet,
+  createNamespace,
+  getProvider as createProvider,
+  createScriptContainer,
+  getAppDisplayName,
+  getAppName,
+  getChartService,
+  getChartServiceOutput,
+  getNamespace,
+  mapContainerPortToServicePort,
+  mapMetadata,
+  mapNamespaceLikeToNamespaceName,
+  mapNamespaceNameToSelector,
+  mapSelectorLikeToSelector,
+  mapServiceToLabelSelector,
+  resolveHelmChart,
+  useAccessPoint,
+  useStandardAcessPoint
+};
+//# sourceMappingURL=index.js.map