@highstate/k8s 0.9.10 → 0.9.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/dist/{chunk-7R2VAXVL.js → chunk-5S4JPM4M.js} +4 -3
  2. package/dist/chunk-5S4JPM4M.js.map +1 -0
  3. package/dist/{chunk-3B5DTLGG.js → chunk-6L67WIZW.js} +3 -3
  4. package/dist/{chunk-R43VRICF.js → chunk-SARVLQZY.js} +63 -25
  5. package/dist/chunk-SARVLQZY.js.map +1 -0
  6. package/dist/{chunk-FF3GFWG3.js → chunk-VL7Z5FJQ.js} +3 -3
  7. package/dist/{chunk-OP75IMU7.js → chunk-WEKIQRCZ.js} +43 -17
  8. package/dist/chunk-WEKIQRCZ.js.map +1 -0
  9. package/dist/{chunk-HTQP2NB4.js → chunk-Y3LZSX7I.js} +4 -17
  10. package/dist/chunk-Y3LZSX7I.js.map +1 -0
  11. package/dist/deployment-QTPBNKO5.js +10 -0
  12. package/dist/highstate.manifest.json +8 -8
  13. package/dist/index.js +8 -36
  14. package/dist/index.js.map +1 -1
  15. package/dist/stateful-set-K4GV7ZTK.js +10 -0
  16. package/dist/units/cert-manager/index.js +3 -3
  17. package/dist/units/dns01-issuer/index.js +1 -1
  18. package/dist/units/gateway-api/index.js +1 -1
  19. package/package.json +9 -9
  20. package/src/container.ts +36 -1
  21. package/src/custom.ts +104 -0
  22. package/src/helm.ts +2 -1
  23. package/src/index.ts +0 -2
  24. package/src/network-policy.ts +23 -21
  25. package/src/network.ts +6 -6
  26. package/src/service.ts +8 -8
  27. package/src/shared.ts +7 -19
  28. package/src/workload.ts +50 -28
  29. package/dist/chunk-7R2VAXVL.js.map +0 -1
  30. package/dist/chunk-HTQP2NB4.js.map +0 -1
  31. package/dist/chunk-OP75IMU7.js.map +0 -1
  32. package/dist/chunk-R43VRICF.js.map +0 -1
  33. package/dist/deployment-E3ZTF2IS.js +0 -10
  34. package/dist/stateful-set-NTU7QKC7.js +0 -10
  35. /package/dist/{chunk-3B5DTLGG.js.map → chunk-6L67WIZW.js.map} +0 -0
  36. /package/dist/{chunk-FF3GFWG3.js.map → chunk-VL7Z5FJQ.js.map} +0 -0
  37. /package/dist/{deployment-E3ZTF2IS.js.map → deployment-QTPBNKO5.js.map} +0 -0
  38. /package/dist/{stateful-set-NTU7QKC7.js.map → stateful-set-K4GV7ZTK.js.map} +0 -0
package/dist/chunk-WEKIQRCZ.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/service.ts","../src/gateway/http-route.ts","../src/gateway/backend.ts","../src/network.ts","../src/network-policy.ts"],"sourcesContent":["import type { k8s, network } from \"@highstate/library\"\nimport { core, types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n normalize,\n output,\n Output,\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n} from \"@highstate/pulumi\"\nimport { omit, uniqueBy } from \"remeda\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { filterEndpoints, l4EndpointToString, parseL3Endpoint } from \"@highstate/common\"\nimport {\n commonExtraArgs,\n mapMetadata,\n resourceIdToString,\n type CommonArgs,\n type ResourceId,\n type SelectorLike,\n} from \"./shared\"\n\nexport type ServiceArgs = CommonArgs & {\n /**\n * The port to expose the service on.\n */\n port?: Input<types.input.core.v1.ServicePort>\n\n /**\n * Whether the service should be exposed by `NodePort` or `LoadBalancer`.\n *\n * The type of the service will be determined automatically based on the cluster.\n */\n external?: boolean\n} & types.input.core.v1.ServiceSpec\n\nconst serviceExtraArgs = [...commonExtraArgs, \"port\", \"ports\", \"external\"] as const\n\nexport type ServiceEndpointMetadata = {\n clusterId: string\n name: string\n namespace: string\n selector: SelectorLike\n targetPort: string | number\n}\n\n/**\n * Checks if the endpoint has service metadata.\n *\n * Alters the type of the endpoint to include the service metadata if it exists.\n *\n * @param endpoint The endpoint to check.\n * @returns True if the endpoint has service metadata, false otherwise.\n */\nexport function hasServiceMetadata(\n endpoint: network.L3Endpoint,\n): endpoint is network.L3Endpoint & { metadata: { k8sService: ServiceEndpointMetadata } } {\n return endpoint.metadata?.k8sService !== undefined\n}\n\n/**\n * Returns the service metadata of the endpoint.\n *\n * @param endpoint The endpoint to get the service metadata from.\n * @returns The service metadata of the endpoint, or undefined if it doesn't exist.\n */\nexport function getServiceMetadata(\n endpoint: network.L3Endpoint,\n): ServiceEndpointMetadata | undefined {\n return endpoint.metadata?.k8sService as ServiceEndpointMetadata\n}\n\n/**\n * Adds service metadata to the endpoint.\n *\n * @param endpoint The endpoint to add the metadata to.\n * @param metadata The metadata to add.\n * @returns The endpoint with the added metadata.\n */\nexport function withServiceMetadata<TEdnpoint extends network.L34Endpoint>(\n endpoint: TEdnpoint,\n metadata: ServiceEndpointMetadata,\n): TEdnpoint & { metadata: { k8sService: ServiceEndpointMetadata } } {\n return {\n ...endpoint,\n metadata: {\n ...endpoint.metadata,\n k8sService: metadata,\n },\n }\n}\n\n/**\n * Checks if the endpoint is from the given cluster.\n *\n * @param endpoint The endpoint to check.\n * @param cluster The cluster to check against.\n * @returns True if the endpoint is from the cluster, false otherwise.\n */\nexport function isFromCluster(\n endpoint: network.L3Endpoint,\n cluster: k8s.Cluster,\n): endpoint is network.L3Endpoint & { metadata: { k8sService: ServiceEndpointMetadata } } {\n return getServiceMetadata(endpoint)?.clusterId === cluster.id\n}\n\nexport abstract class Service extends ComponentResource {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The cluster info associated with the service.\n */\n readonly cluster: Output<k8s.Cluster>,\n\n /**\n * The metadata of the underlying Kubernetes service.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying Kubernetes service.\n */\n readonly spec: Output<types.output.core.v1.ServiceSpec>,\n\n /**\n * The status of the underlying Kubernetes service.\n */\n readonly status: Output<types.output.core.v1.ServiceStatus>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * The Highstate service entity.\n */\n get entity(): Output<k8s.Service> {\n return output({\n type: \"k8s.service\",\n clusterId: this.cluster.id,\n metadata: this.metadata,\n endpoints: this.endpoints,\n })\n }\n\n static create(name: string, args: ServiceArgs, opts: ComponentResourceOptions): Service {\n return new CreatedService(name, args, opts)\n }\n\n static wrap(\n name: string,\n service: Input<core.v1.Service>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ): Service {\n return new WrappedService(name, service, cluster, opts)\n }\n\n static get(\n name: string,\n id: ResourceId,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ): Service {\n return new ExternalService(name, id, cluster, opts)\n }\n\n static of(\n name: string,\n entity: Input<k8s.Service>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ): Service {\n return new ExternalService(\n name,\n output(entity).metadata,\n output({ cluster, entity }).apply(({ cluster, entity }) => {\n if (cluster.id !== entity.clusterId) {\n throw new Error(\n `Cluster mismatch when wrapping service \"${name}\": \"${cluster.id}\" != \"${entity.clusterId}\"`,\n )\n }\n\n return cluster\n }),\n opts,\n )\n }\n\n /**\n * Returns the endpoints of the service applying the given filter.\n *\n * If no filter is specified, the default behavior of `filterEndpoints` is used.\n *\n * @param filter If specified, the endpoints are filtered based on the given filter.\n * @returns The endpoints of the service.\n */\n filterEndpoints(filter?: network.EndpointFilter): Output<network.L4Endpoint[]> {\n return output({ endpoints: this.endpoints }).apply(({ endpoints }) => {\n return filterEndpoints(endpoints, filter)\n })\n }\n\n /**\n * Returns the endpoints of the service including both internal and external endpoints.\n */\n get endpoints(): Output<network.L4Endpoint[]> {\n return output({\n cluster: this.cluster,\n metadata: this.metadata,\n spec: this.spec,\n status: this.status,\n }).apply(({ cluster, metadata, spec, status }) => {\n const endpointMetadata = {\n k8sService: {\n clusterId: cluster.id,\n name: metadata.name,\n namespace: metadata.namespace,\n selector: spec.selector,\n targetPort: spec.ports[0].targetPort ?? spec.ports[0].port,\n } satisfies ServiceEndpointMetadata,\n }\n\n const clusterIpEndpoints = spec.clusterIPs?.map(ip => ({\n ...parseL3Endpoint(ip),\n visibility: \"internal\" as network.EndpointVisibility,\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n\n if (clusterIpEndpoints.length > 0) {\n clusterIpEndpoints.unshift({\n type: \"hostname\",\n visibility: \"internal\",\n hostname: `${metadata.name}.${metadata.namespace}.svc.cluster.local`,\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n })\n }\n\n const nodePortEndpoints =\n spec.type === \"NodePort\"\n ? cluster.endpoints.map(endpoint => ({\n ...(endpoint as network.L3Endpoint),\n port: spec.ports[0].nodePort,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n : []\n\n const loadBalancerEndpoints =\n spec.type === \"LoadBalancer\"\n ? status.loadBalancer?.ingress?.map(endpoint => ({\n ...parseL3Endpoint(endpoint.ip ?? endpoint.hostname),\n port: spec.ports[0].port,\n protocol: spec.ports[0].protocol?.toLowerCase() as network.L4Protocol,\n metadata: endpointMetadata,\n }))\n : []\n\n return uniqueBy(\n [\n ...(clusterIpEndpoints ?? []),\n ...(loadBalancerEndpoints ?? []),\n ...(nodePortEndpoints ?? []),\n ],\n endpoint => l4EndpointToString(endpoint),\n )\n })\n }\n}\n\nclass CreatedService extends Service {\n constructor(name: string, args: ServiceArgs, opts?: ComponentResourceOptions) {\n const service = output(args).apply(args => {\n return new core.v1.Service(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: deepmerge(\n {\n ports: normalize(args.port, args.ports),\n\n externalIPs: args.external\n ? (args.externalIPs ?? args.cluster.externalIps)\n : args.cluster.externalIps,\n\n type: getServiceType(args, args.cluster),\n },\n omit(args, serviceExtraArgs),\n ),\n },\n { parent: this, ...opts },\n )\n })\n\n super(\n \"highstate:k8s:Service\",\n name,\n args,\n opts,\n\n output(args.cluster),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\nclass WrappedService extends Service {\n constructor(\n name: string,\n service: Input<core.v1.Service>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ) {\n super(\n \"highstate:k8s:WrappedService\",\n name,\n { service, clusterInfo: cluster },\n opts,\n\n output(cluster),\n output(service).metadata,\n output(service).spec,\n output(service).status,\n )\n }\n}\n\nclass ExternalService extends Service {\n constructor(\n name: string,\n id: Input<ResourceId>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ) {\n const service = output(id).apply(id => {\n return core.v1.Service.get(\n //\n name,\n resourceIdToString(id),\n { ...opts, parent: this },\n )\n })\n\n super(\n \"highstate:k8s:ExternalService\",\n name,\n { id, cluster },\n opts,\n\n output(cluster),\n service.metadata,\n service.spec,\n service.status,\n )\n }\n}\n\nexport function mapContainerPortToServicePort(\n port: types.input.core.v1.ContainerPort,\n): types.input.core.v1.ServicePort {\n return {\n name: port.name,\n port: port.containerPort,\n targetPort: port.containerPort,\n protocol: port.protocol,\n }\n}\n\nexport function mapServiceToLabelSelector(\n service: core.v1.Service,\n): types.input.meta.v1.LabelSelector {\n return {\n matchLabels: service.spec.selector,\n }\n}\n\nexport function getServiceType(\n service: Pick<ServiceArgs, \"type\" | \"external\"> | undefined,\n cluster: k8s.Cluster,\n): Input<string> {\n if (service?.type) {\n return service.type\n }\n\n if (!service?.external) {\n return \"ClusterIP\"\n }\n\n return cluster.quirks?.externalServiceType === \"LoadBalancer\" ? \"LoadBalancer\" : \"NodePort\"\n}\n","import {\n ComponentResource,\n normalize,\n output,\n Output,\n type ComponentResourceOptions,\n type Input,\n type InputArray,\n} from \"@highstate/pulumi\"\nimport { gateway, types } from \"@highstate/gateway-api\"\nimport { map, pipe } from \"remeda\"\nimport { getProvider, mapMetadata, type CommonArgs } from \"../shared\"\nimport { resolveBackendRef, type BackendRef } from \"./backend\"\n\nexport type HttpRouteArgs = Omit<CommonArgs, \"namespace\"> & {\n /**\n * The gateway to associate with the route.\n */\n gateway: Input<gateway.v1.Gateway>\n\n /**\n * The alias for `hostnames: [hostname]`.\n */\n hostname?: Input<string>\n\n /**\n * The rule of the route.\n */\n rule?: Input<HttpRouteRuleArgs>\n\n /**\n * The rules of the route.\n */\n rules?: InputArray<HttpRouteRuleArgs>\n} & Omit<Partial<types.input.gateway.v1.HTTPRouteSpec>, \"rules\">\n\nexport type HttpRouteRuleArgs = Omit<\n types.input.gateway.v1.HTTPRouteSpecRules,\n \"matches\" | \"filters\" | \"backendRefs\"\n> & {\n /**\n * The conditions of the rule.\n * Can be specified as string to match on the path.\n */\n matches?: InputArray<HttpRouteRuleMatchOptions>\n\n /**\n * The condition of the rule.\n * Can be specified as string to match on the path.\n */\n match?: Input<HttpRouteRuleMatchOptions>\n\n /**\n * The filters of the rule.\n */\n filters?: InputArray<types.input.gateway.v1.HTTPRouteSpecRulesFilters>\n\n /**\n * The filter of the rule.\n */\n filter?: Input<types.input.gateway.v1.HTTPRouteSpecRulesFilters>\n\n /**\n * The service to route to.\n */\n backend?: Input<BackendRef>\n}\n\nexport type HttpRouteRuleMatchOptions = types.input.gateway.v1.HTTPRouteSpecRulesMatches | string\n\nexport class HttpRoute extends ComponentResource {\n /**\n * The underlying Kubernetes resource.\n */\n public readonly route: Output<gateway.v1.HTTPRoute>\n\n constructor(name: string, args: HttpRouteArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:HttpRoute\", name, args, opts)\n\n this.route = output({\n args,\n gatewayNamespace: output(args.gateway).metadata.namespace,\n }).apply(async ({ args, gatewayNamespace }) => {\n return new gateway.v1.HTTPRoute(\n name,\n {\n metadata: mapMetadata(\n {\n ...args,\n namespace: gatewayNamespace as string,\n },\n name,\n ),\n spec: {\n hostnames: normalize(args.hostname, args.hostnames),\n\n parentRefs: [\n {\n name: args.gateway.metadata.name as Output<string>,\n },\n ],\n\n rules: normalize(args.rule, args.rules).map(rule => ({\n timeouts: rule.timeouts,\n\n matches: pipe(\n normalize(rule.match, rule.matches),\n map(mapHttpRouteRuleMatch),\n addDefaultPathMatch,\n ),\n\n filters: normalize(rule.filter, rule.filters),\n backendRefs: rule.backend ? [resolveBackendRef(rule.backend)] : undefined,\n })),\n } satisfies types.input.gateway.v1.HTTPRouteSpec,\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n }\n}\n\nfunction addDefaultPathMatch(\n matches: types.input.gateway.v1.HTTPRouteSpecRulesMatches[],\n): types.input.gateway.v1.HTTPRouteSpecRulesMatches[] {\n return matches.length ? matches : [{ path: { type: \"PathPrefix\", value: \"/\" } }]\n}\n\nexport function mapHttpRouteRuleMatch(\n match: HttpRouteRuleMatchOptions,\n): types.input.gateway.v1.HTTPRouteSpecRulesMatches {\n if (typeof match === \"string\") {\n return { path: { type: \"PathPrefix\", value: match } }\n }\n\n return match\n}\n","import { core } from \"@pulumi/kubernetes\"\nimport { type Input, output, Output, type Unwrap } from \"@highstate/pulumi\"\nimport { Service } from \"../service\"\n\nexport interface FullBackendRef {\n /**\n * The name of the resource being referenced.\n */\n name: Input<string>\n\n /**\n * The namespace of the resource being referenced.\n * May be undefined if the resource is not in a namespace.\n */\n namespace?: Input<string | undefined>\n\n /**\n * The port of the resource being referenced.\n */\n port: Input<number>\n}\n\nexport interface ServiceBackendRef {\n /**\n * The name of the service being referenced.\n */\n service: Input<core.v1.Service>\n\n /**\n * The port of the service being referenced.\n */\n port: Input<number>\n}\n\nexport type BackendRef = FullBackendRef | ServiceBackendRef | Service\n\nexport function resolveBackendRef(ref: BackendRef): Output<Unwrap<FullBackendRef>> {\n if (Service.isInstance(ref)) {\n return output({\n name: ref.metadata.name,\n namespace: ref.metadata.namespace,\n port: ref.spec.ports[0].port,\n })\n }\n\n if (\"service\" in ref) {\n const service = output(ref.service)\n\n return output({\n name: service.metadata.name,\n namespace: service.metadata.namespace,\n port: ref.port,\n })\n }\n\n return output({\n name: ref.name,\n namespace: ref.namespace,\n port: ref.port,\n })\n}\n","import type { k8s, network } from \"@highstate/library\"\nimport { filterEndpoints } from \"@highstate/common\"\nimport { isFromCluster } from \"./service\"\n\nexport function getBestEndpoint<TEndpoint extends network.L34Endpoint>(\n endpoints: TEndpoint[],\n cluster?: k8s.Cluster,\n): TEndpoint | undefined {\n if (!endpoints.length) {\n return undefined\n }\n\n if (endpoints.length === 1) {\n return endpoints[0]\n }\n\n if (!cluster) {\n return filterEndpoints(endpoints)[0]\n }\n\n const clusterEndpoint = endpoints.find(endpoint => isFromCluster(endpoint, cluster))\n\n if (clusterEndpoint) {\n return clusterEndpoint\n }\n\n return filterEndpoints(endpoints)[0]\n}\n\nexport function requireBestEndpoint<TEndpoint extends network.L34Endpoint>(\n endpoints: TEndpoint[],\n cluster: k8s.Cluster,\n): TEndpoint {\n const endpoint = getBestEndpoint(endpoints, cluster)\n\n if (!endpoint) {\n throw new Error(`No best endpoint found for cluster \"${cluster.name}\" (${cluster.id})`)\n }\n\n return endpoint\n}\n","import { networking, types, type core } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n interpolate,\n normalize,\n output,\n type Input,\n type InputArray,\n type Output,\n type Resource,\n type ResourceOptions,\n type Unwrap,\n} from \"@highstate/pulumi\"\nimport { capitalize, flat, groupBy, merge, mergeDeep, uniqueBy } from \"remeda\"\nimport { k8s, network } from \"@highstate/library\"\nimport {\n l34EndpointToString,\n l3EndpointToCidr,\n parseL34Endpoint,\n type InputL34Endpoint,\n} from \"@highstate/common\"\nimport {\n getProvider,\n mapMetadata,\n mapNamespaceLikeToNamespaceName,\n mapNamespaceNameToSelector,\n mapSelectorLikeToSelector,\n type CommonArgs,\n type NamespaceLike,\n type SelectorLike,\n} from \"./shared\"\nimport { getServiceMetadata, isFromCluster, mapServiceToLabelSelector } from \"./service\"\nimport { requireBestEndpoint } from \"./network\"\n\nexport type NetworkPolicyPort = {\n /**\n * The protocol to match.\n *\n * If not provided, \"TCP\" will be used.\n */\n protocol?: string\n} & (\n | {\n /**\n * The single port to match.\n */\n port: number | string\n }\n | {\n /**\n * The range of ports to match.\n */\n range: [start: number, end: number]\n }\n)\n\nexport type IngressRuleArgs = {\n /**\n * Whether to allow all incoming traffic.\n *\n * If set to `true`, all other rules will be ignored for matched traffic.\n */\n fromAll?: Input<boolean>\n\n /**\n * The allowed cidr for incoming traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n fromCidr?: Input<string>\n\n /**\n * The list of allowed cidrs for incoming traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n fromCidrs?: InputArray<string>\n\n /**\n * The list of allowed L3 or L4 endpoints for outgoing traffic.\n *\n * Just a syntactic sugar for `fromFqdn` and `fromService` for cases when the endpoint can be one of them + optional port/protocol.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n *\n * If a single endpoint also has a port/protocol/service metadata,\n * it will produce separate rule for it with them and ORed with the rest of the rules.\n */\n fromEndpoint?: Input<InputL34Endpoint>\n\n /**\n * The list of allowed L3 or L4 endpoints for incoming traffic.\n *\n * Just a syntactic sugar for `fromFqdn` and `fromService` for cases when the endpoint can be one of them + optional port/protocol.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n *\n * If a single endpoint also has a port/protocol/service metadata,\n * it will produce separate rule for it with them and ORed with the rest of the rules.\n */\n fromEndpoints?: InputArray<InputL34Endpoint>\n\n /**\n * The service to allow traffic from.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n fromService?: Input<core.v1.Service>\n\n /**\n * The list of allowed services for incoming traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n fromServices?: InputArray<core.v1.Service>\n\n /**\n * The namespace to allow traffic from.\n *\n * If provided with `fromSelector(s)`, it will be ANDed with them.\n * Otherwise, it will match all pods in the namespace.\n *\n * Will be ORed with other conditions inside the same rule (except ports and selectors).\n */\n fromNamespace?: Input<NamespaceLike>\n\n /**\n * The list of allowed namespaces for incoming traffic.\n *\n * If provided with `fromSelector(s)`, it will be ANDed with them.\n * Otherwise, it will match all pods in the namespaces.\n *\n * Will be ORed with other conditions inside the same rule (except ports and selectors).\n */\n fromNamespaces?: InputArray<NamespaceLike>\n\n /**\n * The selector for incoming traffic.\n *\n * If provided with `fromNamespace(s)`, it will be ANDed with them.\n * Otherwise, it will match pods in all namespaces.\n *\n * Will be ORed with other conditions inside the same rule (except ports and namespaces).\n */\n fromSelector?: Input<SelectorLike>\n\n /**\n * The list of selectors for incoming traffic.\n *\n * If provided with `fromNamespace(s)`, it will be ANDed with them.\n * Otherwise, it will match pods in all namespaces.\n *\n * Will be ORed with other conditions inside the same rule (except ports and namespaces).\n */\n fromSelectors?: InputArray<SelectorLike>\n\n /**\n * The port to allow incoming traffic on.\n *\n * Will be ANDed with all conditions inside the same rule.\n */\n toPort?: Input<NetworkPolicyPort>\n\n /**\n * The list of allowed ports for incoming traffic.\n *\n * Will be ANDed with all conditions inside the same rule.\n */\n toPorts?: InputArray<NetworkPolicyPort>\n}\n\nexport type EgressRuleArgs = {\n /**\n * Whether to allow all outgoing traffic.\n *\n * If set to `true`, all other rules will be ignored for matched traffic.\n */\n toAll?: Input<boolean>\n\n /**\n * The allowed cidr for outgoing traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n toCidr?: Input<string>\n\n /**\n * The list of allowed cidrs for outgoing traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n toCidrs?: InputArray<string>\n\n /**\n * The FQDN to allow outgoing traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n toFqdn?: Input<string>\n\n /**\n * The list of allowed FQDNs for outgoing traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n toFqdns?: InputArray<string>\n\n /**\n * The L3 or L4 endpoint to allow outgoing traffic.\n *\n * Just a syntactic sugar for `toFqdn`, `toCidr` and `toService` for cases when the endpoint can be one of them + optional port/protocol.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n *\n * If a single endpoint also has a port/protocol/service metadata,\n * it will produce separate rule for it with them and ORed with the rest of the rules.\n */\n toEndpoint?: Input<InputL34Endpoint>\n\n /**\n * The list of allowed L3 or L4 endpoints for outgoing traffic.\n *\n * Just a syntactic sugar for `toFqdn`, `toCidr` and `toService` for cases when the endpoint can be one of them + optional port/protocol.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n *\n * If a single endpoint also has a port/protocol/service metadata,\n * it will produce separate rule for it with them and ORed with the rest of the rules.\n */\n toEndpoints?: InputArray<InputL34Endpoint>\n\n /**\n * The service to allow traffic to.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n toService?: Input<core.v1.Service>\n\n /**\n * The list of allowed services for outgoing traffic.\n *\n * Will be ORed with other conditions inside the same rule (except ports).\n */\n toServices?: InputArray<core.v1.Service>\n\n /**\n * The namespace to allow traffic to.\n *\n * If provided with `toSelector(s)`, it will be ANDed with them.\n * Otherwise, it will match all pods in the namespace.\n *\n * Will be ORed with other conditions inside the same rule (except ports and selectors).\n */\n toNamespace?: Input<NamespaceLike>\n\n /**\n * The list of allowed namespaces for outgoing traffic.\n *\n * If provided with `toSelector(s)`, it will be ANDed with them.\n * Otherwise, it will match all pods in the namespaces.\n *\n * Will be ORed with other conditions inside the same rule (except ports and selectors).\n */\n toNamespaces?: InputArray<NamespaceLike>\n\n /**\n * The selector for outgoing traffic.\n *\n * If provided with `toNamespace(s)`, it will be ANDe with them.\n *\n * Otherwise, it will match pods only in all namespaces.\n */\n toSelector?: Input<SelectorLike>\n\n /**\n * The list of selectors for outgoing traffic.\n *\n * If provided with `toNamespace(s)`, it will be ANDed with them.\n * Otherwise, it will match pods only in all namespaces.\n */\n toSelectors?: InputArray<SelectorLike>\n\n /**\n * The port to allow outgoing traffic on.\n *\n * Will be ANDed with all conditions inside the same rule.\n */\n toPort?: Input<NetworkPolicyPort>\n\n /**\n * The list of allowed ports for outgoing traffic.\n *\n * Will be ANDed with all conditions inside the same rule.\n */\n toPorts?: InputArray<NetworkPolicyPort>\n}\n\nexport type NetworkPolicyArgs = CommonArgs & {\n /**\n * The description of this network policy.\n */\n description?: Input<string>\n\n /**\n * The pod selector for this network policy.\n * If not provided, it will select all pods in the namespace.\n */\n selector?: SelectorLike\n\n /**\n * The rule for incoming traffic.\n */\n ingressRule?: Input<IngressRuleArgs>\n\n /**\n * The rules for incoming traffic.\n */\n ingressRules?: InputArray<IngressRuleArgs>\n\n /**\n * The rule for outgoing traffic.\n */\n egressRule?: Input<EgressRuleArgs>\n\n /**\n * The rules for outgoing traffic.\n */\n egressRules?: InputArray<EgressRuleArgs>\n\n /**\n * Enable the isolation of ingress traffic, so that only matched traffic can ingress.\n */\n isolateIngress?: Input<boolean>\n\n /**\n * Enable the isolation of egress traffic, so that only matched traffic can egress.\n */\n isolateEgress?: Input<boolean>\n\n /**\n * Allow the eggress traffic to the API server of the cluster.\n *\n * By default, `false`.\n */\n allowKubeApiServer?: Input<boolean>\n\n /**\n * Allow the eggress traffic to the DNS server of the cluster.\n *\n * By default, `false`.\n */\n allowKubeDns?: Input<boolean>\n\n /**\n * The cluster to create the network policy in.\n */\n cluster: Input<k8s.Cluster>\n}\n\nexport type NormalizedRuleArgs = {\n all: boolean\n cidrs: string[]\n fqdns: string[]\n services: core.v1.Service[]\n namespaces: NamespaceLike[]\n selectors: SelectorLike[]\n ports: NetworkPolicyPort[]\n}\n\nexport type NormalizedNetworkPolicyArgs = Omit<\n Unwrap<NetworkPolicyArgs>,\n | \"podSelector\"\n | \"ingressRule\"\n | \"ingressRules\"\n | \"egressRule\"\n | \"egressRules\"\n | \"isolateIngress\"\n | \"isolateEgress\"\n | \"allowKubeApiServer\"\n | \"allowKubeDNS\"\n> & {\n podSelector: Unwrap<types.input.meta.v1.LabelSelector>\n\n isolateIngress: boolean\n isolateEgress: boolean\n\n allowKubeApiServer: boolean\n\n ingressRules: NormalizedRuleArgs[]\n egressRules: NormalizedRuleArgs[]\n}\n\n/**\n * The abstract resource for creating network policies.\n * Will use different resources depending on the environment.\n *\n * Note: In the worst case, it will create native `NetworkPolicy` resources and ignore some features like L7 rules.\n */\nexport abstract class NetworkPolicy extends ComponentResource {\n /**\n * The underlying network policy resource.\n */\n public readonly networkPolicy: Output<Resource>\n\n protected constructor(name: string, args: Unwrap<NetworkPolicyArgs>, opts?: ResourceOptions) {\n super(\"k8s:network-policy\", name, args, opts)\n\n const normalizedArgs = output(args).apply(args => {\n const ingressRules = normalize(args.ingressRule, args.ingressRules)\n const egressRules = normalize(args.egressRule, args.egressRules)\n\n const extraEgressRules: NormalizedRuleArgs[] = []\n\n if (args.allowKubeDns) {\n extraEgressRules.push({\n namespaces: [\"kube-system\"],\n selectors: [{ matchLabels: { \"k8s-app\": \"kube-dns\" } }],\n ports: [{ port: 53, protocol: \"UDP\" }],\n all: false,\n cidrs: [],\n fqdns: [],\n services: [],\n })\n }\n\n return {\n ...args,\n\n podSelector: args.selector ? mapSelectorLikeToSelector(args.selector) : {},\n\n isolateEgress: args.isolateEgress ?? false,\n isolateIngress: args.isolateIngress ?? false,\n\n allowKubeApiServer: args.allowKubeApiServer ?? false,\n\n ingressRules: ingressRules.flatMap(rule => {\n const endpoints = normalize(\n args.ingressRule?.fromEndpoint,\n args.ingressRule?.fromEndpoints,\n )\n const parsedEndpoints = endpoints.map(parseL34Endpoint)\n\n const endpointsNamespaces = groupBy(parsedEndpoints, endpoint => {\n const namespace = isFromCluster(endpoint, args.cluster)\n ? endpoint.metadata.k8sService.namespace\n : \"\"\n\n return namespace\n })\n\n const l3OnlyRule = endpointsNamespaces[\"\"]\n ? NetworkPolicy.getRuleFromEndpoint(undefined, endpointsNamespaces[\"\"], args.cluster)\n : undefined\n\n const otherRules = Object.entries(endpointsNamespaces)\n .filter(([key]) => key !== \"\")\n .map(([, endpoints]) => {\n return NetworkPolicy.getRuleFromEndpoint(undefined, endpoints, args.cluster)\n })\n\n return [\n {\n all: rule.fromAll ?? false,\n cidrs: normalize(rule.fromCidr, rule.fromCidrs).concat(l3OnlyRule?.cidrs ?? []),\n fqdns: [],\n services: normalize(rule.fromService, rule.fromServices),\n namespaces: normalize(rule.fromNamespace, rule.fromNamespaces),\n selectors: normalize(rule.fromSelector, rule.fromSelectors),\n ports: normalize(rule.toPort, rule.toPorts),\n } as NormalizedRuleArgs,\n\n ...otherRules,\n ].filter(rule => !NetworkPolicy.isEmptyRule(rule))\n }),\n\n egressRules: egressRules\n .flatMap(rule => {\n const endpoints = normalize(args.egressRule?.toEndpoint, args.egressRule?.toEndpoints)\n const parsedEndpoints = endpoints.map(parseL34Endpoint)\n\n const endpointsByPortsAnsNamespaces = groupBy(parsedEndpoints, endpoint => {\n const namespace = isFromCluster(endpoint, args.cluster)\n ? endpoint.metadata.k8sService.namespace\n : \"\"\n\n const port = isFromCluster(endpoint, args.cluster)\n ? endpoint.metadata.k8sService.targetPort\n : endpoint.port\n\n return `${port ?? \"0\"}:${namespace}`\n })\n\n const l3OnlyRule = endpointsByPortsAnsNamespaces[\"0:\"]\n ? NetworkPolicy.getRuleFromEndpoint(\n undefined,\n endpointsByPortsAnsNamespaces[\"0:\"],\n args.cluster,\n )\n : undefined\n\n const otherRules = Object.entries(endpointsByPortsAnsNamespaces)\n .filter(([key]) => key !== \"0:\")\n .map(([key, endpoints]) => {\n const [port] = key.split(\":\")\n const portNumber = parseInt(port, 10)\n const portValue = isNaN(portNumber) ? port : portNumber\n\n return NetworkPolicy.getRuleFromEndpoint(portValue, endpoints, args.cluster)\n })\n\n return [\n {\n all: rule.toAll ?? false,\n cidrs: normalize(rule.toCidr, rule.toCidrs).concat(l3OnlyRule?.cidrs ?? []),\n fqdns: normalize(rule.toFqdn, rule.toFqdns).concat(l3OnlyRule?.fqdns ?? []),\n services: normalize(rule.toService, rule.toServices),\n namespaces: normalize(rule.toNamespace, rule.toNamespaces),\n selectors: normalize(rule.toSelector, rule.toSelectors),\n ports: normalize(rule.toPort, rule.toPorts),\n } as NormalizedRuleArgs,\n\n ...otherRules,\n ].filter(rule => !NetworkPolicy.isEmptyRule(rule))\n })\n .concat(extraEgressRules),\n }\n })\n\n this.networkPolicy = output(\n normalizedArgs.apply(async args => {\n return output(\n this.create(name, args as NormalizedNetworkPolicyArgs, {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n }),\n )\n }),\n )\n }\n\n private static mapCidrFromEndpoint(\n this: void,\n result: network.L3Endpoint & { type: \"ipv4\" | \"ipv6\" },\n ): string {\n if (result.type === \"ipv4\") {\n return `${result.address}/32`\n }\n\n return `${result.address}/128`\n }\n\n private static getRuleFromEndpoint(\n port: number | string | undefined,\n endpoints: network.L34Endpoint[],\n cluster: k8s.Cluster,\n ): NormalizedRuleArgs {\n const ports: NetworkPolicyPort[] = port\n ? [{ port, protocol: endpoints[0].protocol?.toUpperCase() }]\n : []\n\n const cidrs = endpoints\n .filter(endpoint => !isFromCluster(endpoint, cluster))\n .filter(endpoint => endpoint.type === \"ipv4\" || endpoint.type === \"ipv6\")\n .map(NetworkPolicy.mapCidrFromEndpoint)\n\n const fqdns = endpoints\n .filter(endpoint => endpoint.type === \"hostname\")\n .map(endpoint => endpoint.hostname)\n\n const selectors = endpoints\n .filter(endpoint => isFromCluster(endpoint, cluster))\n .map(endpoint => endpoint.metadata.k8sService.selector)\n\n const namespace = endpoints\n .filter(endpoint => isFromCluster(endpoint, cluster))\n .map(endpoint => getServiceMetadata(endpoint)?.namespace)[0]\n\n return {\n all: false,\n cidrs,\n fqdns,\n services: [],\n namespaces: namespace ? [namespace] : [],\n selectors,\n ports,\n }\n }\n\n private static isEmptyRule(rule: NormalizedRuleArgs): boolean {\n return (\n !rule.all &&\n rule.cidrs.length === 0 &&\n rule.fqdns.length === 0 &&\n rule.services.length === 0 &&\n rule.namespaces.length === 0 &&\n rule.selectors.length === 0 &&\n rule.ports.length === 0\n )\n }\n\n protected abstract create(\n name: string,\n args: NormalizedNetworkPolicyArgs,\n opts?: ResourceOptions,\n ): Input<Resource>\n\n static create(\n name: string,\n args: NetworkPolicyArgs,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n return output(args).apply(async args => {\n const cni = args.cluster.cni\n\n if (cni === \"other\") {\n return new NativeNetworkPolicy(name, args, opts)\n }\n\n const implName = `${capitalize(cni)}NetworkPolicy`\n const implModule = (await import(`@highstate/${cni}`)) as Record<string, unknown>\n\n type NetworkPolicyFactory = new (\n name: string,\n args: Unwrap<NetworkPolicyArgs>,\n opts?: ResourceOptions,\n ) => NetworkPolicy\n\n const implClass = implModule[implName] as NetworkPolicyFactory | undefined\n if (!implClass) {\n throw new Error(`No implementation found for ${cni}`)\n }\n\n return new implClass(name, args, opts)\n })\n }\n\n static isolate(\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ) {\n return NetworkPolicy.create(\n \"isolate\",\n {\n namespace,\n cluster,\n\n description: \"By default, deny all traffic to/from the namespace.\",\n\n isolateEgress: true,\n isolateIngress: true,\n },\n opts,\n )\n }\n\n static allowInsideNamespace(\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n return NetworkPolicy.create(\n \"allow-inside-namespace\",\n {\n namespace,\n cluster,\n\n description: \"Allow all traffic inside the namespace.\",\n selector: {},\n\n ingressRule: { fromNamespace: namespace },\n egressRule: { toNamespace: namespace },\n },\n opts,\n )\n }\n\n static allowKubeApiServer(\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n return NetworkPolicy.create(\n \"allow-kube-api-server\",\n {\n namespace,\n cluster,\n\n description: \"Allow all traffic to the Kubernetes API server from the namespace.\",\n\n allowKubeApiServer: true,\n },\n opts,\n )\n }\n\n static allowKubeDns(\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n return NetworkPolicy.create(\n \"allow-kube-dns\",\n {\n namespace,\n cluster,\n\n description: \"Allow all traffic to the Kubernetes DNS server from the namespace.\",\n\n allowKubeDns: true,\n },\n opts,\n )\n }\n\n static allowAllEgress(\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n return NetworkPolicy.create(\n \"allow-all-egress\",\n {\n namespace,\n cluster,\n\n description: \"Allow all egress traffic from the namespace.\",\n\n egressRule: { toAll: true },\n },\n opts,\n )\n }\n\n static allowAllIngress(\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n return NetworkPolicy.create(\n \"allow-all-ingress\",\n {\n namespace,\n cluster,\n\n description: \"Allow all ingress traffic to the namespace.\",\n\n ingressRule: { fromAll: true },\n },\n opts,\n )\n }\n\n static allowEgressToEndpoint(\n endpoint: InputL34Endpoint,\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n const parsedEndpoint = parseL34Endpoint(endpoint)\n\n return NetworkPolicy.create(\n `allow-egress-to-${l34EndpointToString(parsedEndpoint).replace(\":\", \"-\")}`,\n {\n namespace,\n cluster,\n\n description: interpolate`Allow egress traffic to \"${l34EndpointToString(parsedEndpoint)}\" from the namespace.`,\n\n egressRule: { toEndpoint: endpoint },\n },\n opts,\n )\n }\n\n static allowEgressToBestEndpoint(\n endpoints: InputArray<InputL34Endpoint>,\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n return output({ endpoints, cluster }).apply(({ endpoints, cluster }) => {\n const bestEndpoint = requireBestEndpoint(endpoints.map(parseL34Endpoint), cluster)\n\n return NetworkPolicy.allowEgressToEndpoint(bestEndpoint, namespace, cluster, opts)\n })\n }\n\n static allowIngressFromEndpoint(\n endpoint: InputL34Endpoint,\n namespace: Input<NamespaceLike>,\n cluster: Input<k8s.Cluster>,\n opts?: ResourceOptions,\n ): Output<NetworkPolicy> {\n const parsedEndpoint = parseL34Endpoint(endpoint)\n\n return NetworkPolicy.create(\n `allow-ingress-from-${l34EndpointToString(parsedEndpoint)}`,\n {\n namespace,\n cluster,\n\n description: interpolate`Allow ingress traffic from \"${l34EndpointToString(parsedEndpoint)}\" to the namespace.`,\n\n ingressRule: { fromEndpoint: endpoint },\n },\n opts,\n )\n }\n}\n\nexport class NativeNetworkPolicy extends NetworkPolicy {\n protected create(\n name: string,\n args: NormalizedNetworkPolicyArgs,\n opts?: ResourceOptions,\n ): Resource {\n const ingress = NativeNetworkPolicy.createIngressRules(args)\n const egress = NativeNetworkPolicy.createEgressRules(args)\n\n const policyTypes: string[] = []\n\n if (ingress.length > 0 || args.isolateIngress) {\n policyTypes.push(\"Ingress\")\n }\n\n if (egress.length > 0 || args.isolateEgress) {\n policyTypes.push(\"Egress\")\n }\n\n return new networking.v1.NetworkPolicy(\n name,\n {\n metadata: mergeDeep(mapMetadata(args, name), {\n annotations: args.description\n ? { \"kubernetes.io/description\": args.description }\n : undefined,\n }),\n spec: {\n podSelector: args.podSelector,\n ingress,\n egress,\n policyTypes,\n },\n },\n opts,\n )\n }\n\n private static fallbackIpBlock: types.input.networking.v1.IPBlock = {\n cidr: \"0.0.0.0/0\",\n except: [\"10.0.0.0/8\", \"172.16.0.0/12\", \"192.168.0.0/16\"],\n }\n\n private static fallbackDnsRule: types.input.networking.v1.NetworkPolicyEgressRule = {\n to: [\n {\n namespaceSelector: { matchLabels: { \"kubernetes.io/metadata.name\": \"kube-system\" } },\n podSelector: { matchLabels: { \"k8s-app\": \"kube-dns\" } },\n },\n ],\n ports: [{ port: 53, protocol: \"UDP\" }],\n }\n\n private static createIngressRules(\n args: NormalizedNetworkPolicyArgs,\n ): types.input.networking.v1.NetworkPolicyIngressRule[] {\n return uniqueBy(\n args.ingressRules.map(rule => ({\n from: rule.all ? [] : NativeNetworkPolicy.createRulePeers(rule),\n ports: NativeNetworkPolicy.mapPorts(rule.ports),\n })),\n rule => JSON.stringify(rule),\n )\n }\n\n private static createEgressRules(\n args: NormalizedNetworkPolicyArgs,\n ): types.input.networking.v1.NetworkPolicyEgressRule[] {\n const extraRules: types.input.networking.v1.NetworkPolicyEgressRule[] = []\n\n const needKubeDns = args.egressRules.some(rule => rule.fqdns.length > 0)\n if (needKubeDns) {\n extraRules.push(NativeNetworkPolicy.fallbackDnsRule)\n }\n\n // the native resource does not support FQDNs\n // to provide compatibility, we need to fallback to all except private CIDRs\n const needFallback = args.egressRules.some(rule =>\n rule.fqdns.some(fqdn => !fqdn.endsWith(\".cluster.local\")),\n )\n if (needFallback) {\n extraRules.push({ to: [{ ipBlock: NativeNetworkPolicy.fallbackIpBlock }] })\n }\n\n // apply fallback rules for kube-apiserver\n if (args.allowKubeApiServer) {\n const { quirks, apiEndpoints } = args.cluster\n\n if (quirks?.fallbackKubeApiAccess) {\n extraRules.push({\n to: [{ ipBlock: { cidr: `${quirks?.fallbackKubeApiAccess.serverIp}/32` } }],\n ports: [{ port: quirks?.fallbackKubeApiAccess.serverPort, protocol: \"TCP\" }],\n })\n } else {\n const rules = apiEndpoints\n .filter(endpoint => endpoint.type !== \"hostname\")\n .map(endpoint => ({\n to: [{ ipBlock: { cidr: l3EndpointToCidr(endpoint) } }],\n ports: [{ port: endpoint.port, protocol: \"TCP\" }],\n }))\n\n extraRules.push(...rules)\n }\n }\n\n return uniqueBy(\n args.egressRules\n .map(rule => {\n return {\n to: rule.all ? [] : NativeNetworkPolicy.createRulePeers(rule),\n ports: NativeNetworkPolicy.mapPorts(rule.ports),\n } as types.input.networking.v1.NetworkPolicyEgressRule\n })\n .filter(rule => rule.to !== undefined)\n .concat(extraRules),\n rule => JSON.stringify(rule),\n )\n }\n\n private static createRulePeers(\n this: void,\n args: NormalizedRuleArgs,\n ): types.input.networking.v1.NetworkPolicyPeer[] | undefined {\n const peers = uniqueBy(\n [\n ...NativeNetworkPolicy.createCidrPeers(args),\n ...NativeNetworkPolicy.createServicePeers(args),\n ...NativeNetworkPolicy.createSelectorPeers(args),\n ],\n peer => JSON.stringify(peer),\n )\n\n return peers.length > 0 ? peers : undefined\n }\n\n private static createCidrPeers(\n args: NormalizedRuleArgs,\n ): types.input.networking.v1.NetworkPolicyPeer[] {\n return args.cidrs.map(cidr => ({ ipBlock: { cidr } }))\n }\n\n private static createServicePeers(\n args: NormalizedRuleArgs,\n ): types.input.networking.v1.NetworkPolicyPeer[] {\n return args.services.map(service => {\n const selector = mapServiceToLabelSelector(service)\n\n return {\n namespaceSelector: mapNamespaceNameToSelector(service.metadata.namespace),\n podSelector: selector,\n }\n })\n }\n\n private static createSelectorPeers(\n args: NormalizedRuleArgs,\n ): types.input.networking.v1.NetworkPolicyPeer[] {\n const selectorPeers = args.selectors.map(selector => ({\n podSelector: mapSelectorLikeToSelector(selector),\n }))\n\n const namespacePeers = args.namespaces.map(NativeNetworkPolicy.createNamespacePeer)\n\n if (namespacePeers.length === 0) {\n // if there are no namespaces, we can just return selector peers\n return selectorPeers\n }\n\n if (selectorPeers.length === 0) {\n // if there are no selectors, we can just return namespace peers\n return namespacePeers\n }\n\n // if there are both, we need to create a cartesian product\n return flat(\n selectorPeers.map(selectorPeer => {\n return namespacePeers.map(namespacePeer => merge(selectorPeer, namespacePeer))\n }),\n )\n }\n\n private static createNamespacePeer(\n this: void,\n namespace: NamespaceLike,\n ): types.input.networking.v1.NetworkPolicyPeer {\n const namespaceName = mapNamespaceLikeToNamespaceName(namespace)\n const namespaceSelector = mapNamespaceNameToSelector(namespaceName)\n\n return { namespaceSelector }\n }\n\n private static mapPorts(\n ports: NetworkPolicyPort[],\n ): types.input.networking.v1.NetworkPolicyPort[] {\n return ports.map(port => {\n if (\"port\" in port) {\n return {\n port: port.port,\n protocol: port.protocol ?? \"TCP\",\n }\n }\n\n return {\n port: port.range[0],\n endPort: port.range[1],\n protocol: port.protocol ?? \"TCP\",\n }\n })\n }\n}\n"],"mappings":";;;;;;;;;;;AACA,SAAS,YAAmB;AAC5B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OAKK;AACP,SAAS,MAAM,gBAAgB;AAC/B,SAAS,iBAAiB;AAC1B,SAAS,iBAAiB,oBAAoB,uBAAuB;AAwBrE,IAAM,mBAAmB,CAAC,GAAG,iBAAiB,QAAQ,SAAS,UAAU;AAkBlE,SAAS,mBACd,UACwF;AACxF,SAAO,SAAS,UAAU,eAAe;AAC3C;AAQO,SAAS,mBACd,UACqC;AACrC,SAAO,SAAS,UAAU;AAC5B;AASO,SAAS,oBACd,UACA,UACmE;AACnE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,UAAU;AAAA,MACR,GAAG,SAAS;AAAA,MACZ,YAAY;AAAA,IACd;AAAA,EACF;AACF;AASO,SAAS,cACd,UACA,SACwF;AACxF,SAAO,mBAAmB,QAAQ,GAAG,cAAc,QAAQ;AAC7D;AAEO,IAAe,UAAf,cAA+B,kBAAkB;AAAA,EAC5C,YACR,MACA,MACA,MACA,MAKS,SAKA,UAKA,MAKA,QACT;AACA,UAAM,MAAM,MAAM,MAAM,IAAI;AAjBnB;AAKA;AAKA;AAKA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,SAA8B;AAChC,WAAO,OAAO;AAAA,MACZ,MAAM;AAAA,MACN,WAAW,KAAK,QAAQ;AAAA,MACxB,UAAU,KAAK;AAAA,MACf,WAAW,KAAK;AAAA,IAClB,CAAC;AAAA,EACH;AAAA,EAEA,OAAO,OAAO,MAAc,MAAmB,MAAyC;AACtF,WAAO,IAAI,eAAe,MAAM,MAAM,IAAI;AAAA,EAC5C;AAAA,EAEA,OAAO,KACL,MACA,SACA,SACA,MACS;AACT,WAAO,IAAI,eAAe,MAAM,SAAS,SAAS,IAAI;AAAA,EACxD;AAAA,EAEA,OAAO,IACL,MACA,IACA,SACA,MACS;AACT,WAAO,IAAI,gBAAgB,MAAM,IAAI,SAAS,IAAI;AAAA,EACpD;AAAA,EAEA,OAAO,GACL,MACA,QACA,SACA,MACS;AACT,WAAO,IAAI;AAAA,MACT;AAAA,MACA,OAAO,MAAM,EAAE;AAAA,MACf,OAAO,EAAE,SAAS,OAAO,CAAC,EAAE,MAAM,CAAC,EAAE,SAAAA,UAAS,QAAAC,QAAO,MAAM;AACzD,YAAID,SAAQ,OAAOC,QAAO,WAAW;AACnC,gBAAM,IAAI;AAAA,YACR,2CAA2C,IAAI,OAAOD,SAAQ,EAAE,SAASC,QAAO,SAAS;AAAA,UAC3F;AAAA,QACF;AAEA,eAAOD;AAAA,MACT,CAAC;AAAA,MACD;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,gBAAgB,QAA+D;AAC7E,WAAO,OAAO,EAAE,WAAW,KAAK,UAAU,CAAC,EAAE,MAAM,CAAC,EAAE,UAAU,MAAM;AACpE,aAAO,gBAAgB,WAAW,MAAM;AAAA,IAC1C,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,YAA0C;AAC5C,WAAO,OAAO;AAAA,MACZ,SAAS,KAAK;AAAA,MACd,UAAU,KAAK;AAAA,MACf,MAAM,KAAK;AAAA,MACX,QAAQ,KAAK;AAAA,IACf,CAAC,EAAE,MAAM,CAAC,EAAE,SAAS,UAAU,MAAM,OAAO,MAAM;AAChD,YAAM,mBAAmB;AAAA,QACvB,YAAY;AAAA,UACV,WAAW,QAAQ;AAAA,UACnB,MAAM,SAAS;AAAA,UACf,WAAW,SAAS;AAAA,UACpB,UAAU,KAAK;AAAA,UACf,YAAY,KAAK,MAAM,CAAC,EAAE,cAAc,KAAK,MAAM,CAAC,EAAE;AAAA,QACxD;AAAA,MACF;AAEA,YAAM,qBAAqB,KAAK,YAAY,IAAI,SAAO;AAAA,QACrD,GAAG,gBAAgB,EAAE;AAAA,QACrB,YAAY;AAAA,QACZ,MAAM,KAAK,MAAM,CAAC,EAAE;AAAA,QACpB,UAAU,KAAK,MAAM,CAAC,EAAE,UAAU,YAAY;AAAA,QAC9C,UAAU;AAAA,MACZ,EAAE;AAEF,UAAI,mBAAmB,SAAS,GAAG;AACjC,2BAAmB,QAAQ;AAAA,UACzB,MAAM;AAAA,UACN,YAAY;AAAA,UACZ,UAAU,GAAG,SAAS,IAAI,IAAI,SAAS,SAAS;AAAA,UAChD,MAAM,KAAK,MAAM,CAAC,EAAE;AAAA,UACpB,UAAU,KAAK,MAAM,CAAC,EAAE,UAAU,YAAY;AAAA,UAC9C,UAAU;AAAA,QACZ,CAAC;AAAA,MACH;AAEA,YAAM,oBACJ,KAAK,SAAS,aACV,QAAQ,UAAU,IAAI,eAAa;AAAA,QACjC,GAAI;AAAA,QACJ,MAAM,KAAK,MAAM,CAAC,EAAE;AAAA,QACpB,UAAU,KAAK,MAAM,CAAC,EAAE,UAAU,YAAY;AAAA,QAC9C,UAAU;AAAA,MACZ,EAAE,IACF,CAAC;AAEP,YAAM,wBACJ,KAAK,SAAS,iBACV,OAAO,cAAc,SAAS,IAAI,eAAa;AAAA,QAC7C,GAAG,gBAAgB,SAAS,MAAM,SAAS,QAAQ;AAAA,QACnD,MAAM,KAAK,MAAM,CAAC,EAAE;AAAA,QACpB,UAAU,KAAK,MAAM,CAAC,EAAE,UAAU,YAAY;AAAA,QAC9C,UAAU;AAAA,MACZ,EAAE,IACF,CAAC;AAEP,aAAO;AAAA,QACL;AAAA,UACE,GAAI,sBAAsB,CAAC;AAAA,UAC3B,GAAI,yBAAyB,CAAC;AAAA,UAC9B,GAAI,qBAAqB,CAAC;AAAA,QAC5B;AAAA,QACA,cAAY,mBAAmB,QAAQ;AAAA,MACzC;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAEA,IAAM,iBAAN,cAA6B,QAAQ;AAAA,EACnC,YAAY,MAAc,MAAmB,MAAiC;AAC5E,UAAM,UAAU,OAAO,IAAI,EAAE,MAAM,CAAAE,UAAQ;AACzC,aAAO,IAAI,KAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,YAAYA,OAAM,IAAI;AAAA,UAChC,MAAM;AAAA,YACJ;AAAA,cACE,OAAO,UAAUA,MAAK,MAAMA,MAAK,KAAK;AAAA,cAEtC,aAAaA,MAAK,WACbA,MAAK,eAAeA,MAAK,QAAQ,cAClCA,MAAK,QAAQ;AAAA,cAEjB,MAAM,eAAeA,OAAMA,MAAK,OAAO;AAAA,YACzC;AAAA,YACA,KAAKA,OAAM,gBAAgB;AAAA,UAC7B;AAAA,QACF;AAAA,QACA,EAAE,QAAQ,MAAM,GAAG,KAAK;AAAA,MAC1B;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MAEA,OAAO,KAAK,OAAO;AAAA,MACnB,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,QAAQ;AAAA,IACV;AAAA,EACF;AACF;AAEA,IAAM,iBAAN,cAA6B,QAAQ;AAAA,EACnC,YACE,MACA,SACA,SACA,MACA;AACA;AAAA,MACE;AAAA,MACA;AAAA,MACA,EAAE,SAAS,aAAa,QAAQ;AAAA,MAChC;AAAA,MAEA,OAAO,OAAO;AAAA,MACd,OAAO,OAAO,EAAE;AAAA,MAChB,OAAO,OAAO,EAAE;AAAA,MAChB,OAAO,OAAO,EAAE;AAAA,IAClB;AAAA,EACF;AACF;AAEA,IAAM,kBAAN,cAA8B,QAAQ;AAAA,EACpC,YACE,MACA,IACA,SACA,MACA;AACA,UAAM,UAAU,OAAO,EAAE,EAAE,MAAM,CAAAC,QAAM;AACrC,aAAO,KAAK,GAAG,QAAQ;AAAA;AAAA,QAErB;AAAA,QACA,mBAAmBA,GAAE;AAAA,QACrB,EAAE,GAAG,MAAM,QAAQ,KAAK;AAAA,MAC1B;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA,EAAE,IAAI,QAAQ;AAAA,MACd;AAAA,MAEA,OAAO,OAAO;AAAA,MACd,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,QAAQ;AAAA,IACV;AAAA,EACF;AACF;AAEO,SAAS,8BACd,MACiC;AACjC,SAAO;AAAA,IACL,MAAM,KAAK;AAAA,IACX,MAAM,KAAK;AAAA,IACX,YAAY,KAAK;AAAA,IACjB,UAAU,KAAK;AAAA,EACjB;AACF;AAEO,SAAS,0BACd,SACmC;AACnC,SAAO;AAAA,IACL,aAAa,QAAQ,KAAK;AAAA,EAC5B;AACF;AAEO,SAAS,eACd,SACA,SACe;AACf,MAAI,SAAS,MAAM;AACjB,WAAO,QAAQ;AAAA,EACjB;AAEA,MAAI,CAAC,SAAS,UAAU;AACtB,WAAO;AAAA,EACT;AAEA,SAAO,QAAQ,QAAQ,wBAAwB,iBAAiB,iBAAiB;AACnF;;;AC/YA;AAAA,EACE,qBAAAC;AAAA,EACA,aAAAC;AAAA,EACA,UAAAC;AAAA,OAKK;AACP,SAAS,eAAsB;AAC/B,SAAS,KAAK,YAAY;;;ACV1B,OAAqB;AACrB,SAAqB,UAAAC,eAAmC;AAmCjD,SAAS,kBAAkB,KAAiD;AACjF,MAAI,QAAQ,WAAW,GAAG,GAAG;AAC3B,WAAOC,QAAO;AAAA,MACZ,MAAM,IAAI,SAAS;AAAA,MACnB,WAAW,IAAI,SAAS;AAAA,MACxB,MAAM,IAAI,KAAK,MAAM,CAAC,EAAE;AAAA,IAC1B,CAAC;AAAA,EACH;AAEA,MAAI,aAAa,KAAK;AACpB,UAAM,UAAUA,QAAO,IAAI,OAAO;AAElC,WAAOA,QAAO;AAAA,MACZ,MAAM,QAAQ,SAAS;AAAA,MACvB,WAAW,QAAQ,SAAS;AAAA,MAC5B,MAAM,IAAI;AAAA,IACZ,CAAC;AAAA,EACH;AAEA,SAAOA,QAAO;AAAA,IACZ,MAAM,IAAI;AAAA,IACV,WAAW,IAAI;AAAA,IACf,MAAM,IAAI;AAAA,EACZ,CAAC;AACH;;;ADUO,IAAM,YAAN,cAAwBC,mBAAkB;AAAA;AAAA;AAAA;AAAA,EAI/B;AAAA,EAEhB,YAAY,MAAc,MAAqB,MAAiC;AAC9E,UAAM,2BAA2B,MAAM,MAAM,IAAI;AAEjD,SAAK,QAAQC,QAAO;AAAA,MAClB;AAAA,MACA,kBAAkBA,QAAO,KAAK,OAAO,EAAE,SAAS;AAAA,IAClD,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,iBAAiB,MAAM;AAC7C,aAAO,IAAI,QAAQ,GAAG;AAAA,QACpB;AAAA,QACA;AAAA,UACE,UAAU;AAAA,YACR;AAAA,cACE,GAAGA;AAAA,cACH,WAAW;AAAA,YACb;AAAA,YACA;AAAA,UACF;AAAA,UACA,MAAM;AAAA,YACJ,WAAWC,WAAUD,MAAK,UAAUA,MAAK,SAAS;AAAA,YAElD,YAAY;AAAA,cACV;AAAA,gBACE,MAAMA,MAAK,QAAQ,SAAS;AAAA,cAC9B;AAAA,YACF;AAAA,YAEA,OAAOC,WAAUD,MAAK,MAAMA,MAAK,KAAK,EAAE,IAAI,WAAS;AAAA,cACnD,UAAU,KAAK;AAAA,cAEf,SAAS;AAAA,gBACPC,WAAU,KAAK,OAAO,KAAK,OAAO;AAAA,gBAClC,IAAI,qBAAqB;AAAA,gBACzB;AAAA,cACF;AAAA,cAEA,SAASA,WAAU,KAAK,QAAQ,KAAK,OAAO;AAAA,cAC5C,aAAa,KAAK,UAAU,CAAC,kBAAkB,KAAK,OAAO,CAAC,IAAI;AAAA,YAClE,EAAE;AAAA,UACJ;AAAA,QACF;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYD,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAEA,SAAS,oBACP,SACoD;AACpD,SAAO,QAAQ,SAAS,UAAU,CAAC,EAAE,MAAM,EAAE,MAAM,cAAc,OAAO,IAAI,EAAE,CAAC;AACjF;AAEO,SAAS,sBACd,OACkD;AAClD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO,EAAE,MAAM,EAAE,MAAM,cAAc,OAAO,MAAM,EAAE;AAAA,EACtD;AAEA,SAAO;AACT;;;AE3IA,SAAS,mBAAAE,wBAAuB;AAGzB,SAAS,gBACd,WACA,SACuB;AACvB,MAAI,CAAC,UAAU,QAAQ;AACrB,WAAO;AAAA,EACT;AAEA,MAAI,UAAU,WAAW,GAAG;AAC1B,WAAO,UAAU,CAAC;AAAA,EACpB;AAEA,MAAI,CAAC,SAAS;AACZ,WAAOC,iBAAgB,SAAS,EAAE,CAAC;AAAA,EACrC;AAEA,QAAM,kBAAkB,UAAU,KAAK,cAAY,cAAc,UAAU,OAAO,CAAC;AAEnF,MAAI,iBAAiB;AACnB,WAAO;AAAA,EACT;AAEA,SAAOA,iBAAgB,SAAS,EAAE,CAAC;AACrC;AAEO,SAAS,oBACd,WACA,SACW;AACX,QAAM,WAAW,gBAAgB,WAAW,OAAO;AAEnD,MAAI,CAAC,UAAU;AACb,UAAM,IAAI,MAAM,uCAAuC,QAAQ,IAAI,MAAM,QAAQ,EAAE,GAAG;AAAA,EACxF;AAEA,SAAO;AACT;;;ACxCA,SAAS,kBAAoC;AAC7C;AAAA,EACE,qBAAAC;AAAA,EACA;AAAA,EACA,aAAAC;AAAA,EACA,UAAAC;AAAA,OAOK;AACP,SAAS,YAAY,MAAM,SAAS,OAAO,WAAW,YAAAC,iBAAgB;AACtE,OAA6B;AAC7B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OAEK;AA0XA,IAAe,gBAAf,MAAe,uBAAsBC,mBAAkB;AAAA;AAAA;AAAA;AAAA,EAI5C;AAAA,EAEN,YAAY,MAAc,MAAiC,MAAwB;AAC3F,UAAM,sBAAsB,MAAM,MAAM,IAAI;AAE5C,UAAM,iBAAiBC,QAAO,IAAI,EAAE,MAAM,CAAAC,UAAQ;AAChD,YAAM,eAAeC,WAAUD,MAAK,aAAaA,MAAK,YAAY;AAClE,YAAM,cAAcC,WAAUD,MAAK,YAAYA,MAAK,WAAW;AAE/D,YAAM,mBAAyC,CAAC;AAEhD,UAAIA,MAAK,cAAc;AACrB,yBAAiB,KAAK;AAAA,UACpB,YAAY,CAAC,aAAa;AAAA,UAC1B,WAAW,CAAC,EAAE,aAAa,EAAE,WAAW,WAAW,EAAE,CAAC;AAAA,UACtD,OAAO,CAAC,EAAE,MAAM,IAAI,UAAU,MAAM,CAAC;AAAA,UACrC,KAAK;AAAA,UACL,OAAO,CAAC;AAAA,UACR,OAAO,CAAC;AAAA,UACR,UAAU,CAAC;AAAA,QACb,CAAC;AAAA,MACH;AAEA,aAAO;AAAA,QACL,GAAGA;AAAA,QAEH,aAAaA,MAAK,WAAW,0BAA0BA,MAAK,QAAQ,IAAI,CAAC;AAAA,QAEzE,eAAeA,MAAK,iBAAiB;AAAA,QACrC,gBAAgBA,MAAK,kBAAkB;AAAA,QAEvC,oBAAoBA,MAAK,sBAAsB;AAAA,QAE/C,cAAc,aAAa,QAAQ,UAAQ;AACzC,gBAAM,YAAYC;AAAA,YAChBD,MAAK,aAAa;AAAA,YAClBA,MAAK,aAAa;AAAA,UACpB;AACA,gBAAM,kBAAkB,UAAU,IAAI,gBAAgB;AAEtD,gBAAM,sBAAsB,QAAQ,iBAAiB,cAAY;AAC/D,kBAAM,YAAY,cAAc,UAAUA,MAAK,OAAO,IAClD,SAAS,SAAS,WAAW,YAC7B;AAEJ,mBAAO;AAAA,UACT,CAAC;AAED,gBAAM,aAAa,oBAAoB,EAAE,IACrC,eAAc,oBAAoB,QAAW,oBAAoB,EAAE,GAAGA,MAAK,OAAO,IAClF;AAEJ,gBAAM,aAAa,OAAO,QAAQ,mBAAmB,EAClD,OAAO,CAAC,CAAC,GAAG,MAAM,QAAQ,EAAE,EAC5B,IAAI,CAAC,CAAC,EAAEE,UAAS,MAAM;AACtB,mBAAO,eAAc,oBAAoB,QAAWA,YAAWF,MAAK,OAAO;AAAA,UAC7E,CAAC;AAEH,iBAAO;AAAA,YACL;AAAA,cACE,KAAK,KAAK,WAAW;AAAA,cACrB,OAAOC,WAAU,KAAK,UAAU,KAAK,SAAS,EAAE,OAAO,YAAY,SAAS,CAAC,CAAC;AAAA,cAC9E,OAAO,CAAC;AAAA,cACR,UAAUA,WAAU,KAAK,aAAa,KAAK,YAAY;AAAA,cACvD,YAAYA,WAAU,KAAK,eAAe,KAAK,cAAc;AAAA,cAC7D,WAAWA,WAAU,KAAK,cAAc,KAAK,aAAa;AAAA,cAC1D,OAAOA,WAAU,KAAK,QAAQ,KAAK,OAAO;AAAA,YAC5C;AAAA,YAEA,GAAG;AAAA,UACL,EAAE,OAAO,CAAAE,UAAQ,CAAC,eAAc,YAAYA,KAAI,CAAC;AAAA,QACnD,CAAC;AAAA,QAED,aAAa,YACV,QAAQ,UAAQ;AACf,gBAAM,YAAYF,WAAUD,MAAK,YAAY,YAAYA,MAAK,YAAY,WAAW;AACrF,gBAAM,kBAAkB,UAAU,IAAI,gBAAgB;AAEtD,gBAAM,gCAAgC,QAAQ,iBAAiB,cAAY;AACzE,kBAAM,YAAY,cAAc,UAAUA,MAAK,OAAO,IAClD,SAAS,SAAS,WAAW,YAC7B;AAEJ,kBAAM,OAAO,cAAc,UAAUA,MAAK,OAAO,IAC7C,SAAS,SAAS,WAAW,aAC7B,SAAS;AAEb,mBAAO,GAAG,QAAQ,GAAG,IAAI,SAAS;AAAA,UACpC,CAAC;AAED,gBAAM,aAAa,8BAA8B,IAAI,IACjD,eAAc;AAAA,YACZ;AAAA,YACA,8BAA8B,IAAI;AAAA,YAClCA,MAAK;AAAA,UACP,IACA;AAEJ,gBAAM,aAAa,OAAO,QAAQ,6BAA6B,EAC5D,OAAO,CAAC,CAAC,GAAG,MAAM,QAAQ,IAAI,EAC9B,IAAI,CAAC,CAAC,KAAKE,UAAS,MAAM;AACzB,kBAAM,CAAC,IAAI,IAAI,IAAI,MAAM,GAAG;AAC5B,kBAAM,aAAa,SAAS,MAAM,EAAE;AACpC,kBAAM,YAAY,MAAM,UAAU,IAAI,OAAO;AAE7C,mBAAO,eAAc,oBAAoB,WAAWA,YAAWF,MAAK,OAAO;AAAA,UAC7E,CAAC;AAEH,iBAAO;AAAA,YACL;AAAA,cACE,KAAK,KAAK,SAAS;AAAA,cACnB,OAAOC,WAAU,KAAK,QAAQ,KAAK,OAAO,EAAE,OAAO,YAAY,SAAS,CAAC,CAAC;AAAA,cAC1E,OAAOA,WAAU,KAAK,QAAQ,KAAK,OAAO,EAAE,OAAO,YAAY,SAAS,CAAC,CAAC;AAAA,cAC1E,UAAUA,WAAU,KAAK,WAAW,KAAK,UAAU;AAAA,cACnD,YAAYA,WAAU,KAAK,aAAa,KAAK,YAAY;AAAA,cACzD,WAAWA,WAAU,KAAK,YAAY,KAAK,WAAW;AAAA,cACtD,OAAOA,WAAU,KAAK,QAAQ,KAAK,OAAO;AAAA,YAC5C;AAAA,YAEA,GAAG;AAAA,UACL,EAAE,OAAO,CAAAE,UAAQ,CAAC,eAAc,YAAYA,KAAI,CAAC;AAAA,QACnD,CAAC,EACA,OAAO,gBAAgB;AAAA,MAC5B;AAAA,IACF,CAAC;AAED,SAAK,gBAAgBJ;AAAA,MACnB,eAAe,MAAM,OAAMC,UAAQ;AACjC,eAAOD;AAAA,UACL,KAAK,OAAO,MAAMC,OAAqC;AAAA,YACrD,GAAG;AAAA,YACH,QAAQ;AAAA,YACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,UAC1C,CAAC;AAAA,QACH;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAAA,EAEA,OAAe,oBAEb,QACQ;AACR,QAAI,OAAO,SAAS,QAAQ;AAC1B,aAAO,GAAG,OAAO,OAAO;AAAA,IAC1B;AAEA,WAAO,GAAG,OAAO,OAAO;AAAA,EAC1B;AAAA,EAEA,OAAe,oBACb,MACA,WACA,SACoB;AACpB,UAAM,QAA6B,OAC/B,CAAC,EAAE,MAAM,UAAU,UAAU,CAAC,EAAE,UAAU,YAAY,EAAE,CAAC,IACzD,CAAC;AAEL,UAAM,QAAQ,UACX,OAAO,cAAY,CAAC,cAAc,UAAU,OAAO,CAAC,EACpD,OAAO,cAAY,SAAS,SAAS,UAAU,SAAS,SAAS,MAAM,EACvE,IAAI,eAAc,mBAAmB;AAExC,UAAM,QAAQ,UACX,OAAO,cAAY,SAAS,SAAS,UAAU,EAC/C,IAAI,cAAY,SAAS,QAAQ;AAEpC,UAAM,YAAY,UACf,OAAO,cAAY,cAAc,UAAU,OAAO,CAAC,EACnD,IAAI,cAAY,SAAS,SAAS,WAAW,QAAQ;AAExD,UAAM,YAAY,UACf,OAAO,cAAY,cAAc,UAAU,OAAO,CAAC,EACnD,IAAI,cAAY,mBAAmB,QAAQ,GAAG,SAAS,EAAE,CAAC;AAE7D,WAAO;AAAA,MACL,KAAK;AAAA,MACL;AAAA,MACA;AAAA,MACA,UAAU,CAAC;AAAA,MACX,YAAY,YAAY,CAAC,SAAS,IAAI,CAAC;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAe,YAAY,MAAmC;AAC5D,WACE,CAAC,KAAK,OACN,KAAK,MAAM,WAAW,KACtB,KAAK,MAAM,WAAW,KACtB,KAAK,SAAS,WAAW,KACzB,KAAK,WAAW,WAAW,KAC3B,KAAK,UAAU,WAAW,KAC1B,KAAK,MAAM,WAAW;AAAA,EAE1B;AAAA,EAQA,OAAO,OACL,MACA,MACA,MACuB;AACvB,WAAOD,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AACtC,YAAM,MAAMA,MAAK,QAAQ;AAEzB,UAAI,QAAQ,SAAS;AACnB,eAAO,IAAI,oBAAoB,MAAMA,OAAM,IAAI;AAAA,MACjD;AAEA,YAAM,WAAW,GAAG,WAAW,GAAG,CAAC;AACnC,YAAM,aAAc,MAAM,OAAO,cAAc,GAAG;AAQlD,YAAM,YAAY,WAAW,QAAQ;AACrC,UAAI,CAAC,WAAW;AACd,cAAM,IAAI,MAAM,+BAA+B,GAAG,EAAE;AAAA,MACtD;AAEA,aAAO,IAAI,UAAU,MAAMA,OAAM,IAAI;AAAA,IACvC,CAAC;AAAA,EACH;AAAA,EAEA,OAAO,QACL,WACA,SACA,MACA;AACA,WAAO,eAAc;AAAA,MACnB;AAAA,MACA;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa;AAAA,QAEb,eAAe;AAAA,QACf,gBAAgB;AAAA,MAClB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAO,qBACL,WACA,SACA,MACuB;AACvB,WAAO,eAAc;AAAA,MACnB;AAAA,MACA;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa;AAAA,QACb,UAAU,CAAC;AAAA,QAEX,aAAa,EAAE,eAAe,UAAU;AAAA,QACxC,YAAY,EAAE,aAAa,UAAU;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAO,mBACL,WACA,SACA,MACuB;AACvB,WAAO,eAAc;AAAA,MACnB;AAAA,MACA;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa;AAAA,QAEb,oBAAoB;AAAA,MACtB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAO,aACL,WACA,SACA,MACuB;AACvB,WAAO,eAAc;AAAA,MACnB;AAAA,MACA;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa;AAAA,QAEb,cAAc;AAAA,MAChB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAO,eACL,WACA,SACA,MACuB;AACvB,WAAO,eAAc;AAAA,MACnB;AAAA,MACA;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa;AAAA,QAEb,YAAY,EAAE,OAAO,KAAK;AAAA,MAC5B;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAO,gBACL,WACA,SACA,MACuB;AACvB,WAAO,eAAc;AAAA,MACnB;AAAA,MACA;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa;AAAA,QAEb,aAAa,EAAE,SAAS,KAAK;AAAA,MAC/B;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAO,sBACL,UACA,WACA,SACA,MACuB;AACvB,UAAM,iBAAiB,iBAAiB,QAAQ;AAEhD,WAAO,eAAc;AAAA,MACnB,mBAAmB,oBAAoB,cAAc,EAAE,QAAQ,KAAK,GAAG,CAAC;AAAA,MACxE;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa,uCAAuC,oBAAoB,cAAc,CAAC;AAAA,QAEvF,YAAY,EAAE,YAAY,SAAS;AAAA,MACrC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAO,0BACL,WACA,WACA,SACA,MACuB;AACvB,WAAOD,QAAO,EAAE,WAAW,QAAQ,CAAC,EAAE,MAAM,CAAC,EAAE,WAAAG,YAAW,SAAAE,SAAQ,MAAM;AACtE,YAAM,eAAe,oBAAoBF,WAAU,IAAI,gBAAgB,GAAGE,QAAO;AAEjF,aAAO,eAAc,sBAAsB,cAAc,WAAWA,UAAS,IAAI;AAAA,IACnF,CAAC;AAAA,EACH;AAAA,EAEA,OAAO,yBACL,UACA,WACA,SACA,MACuB;AACvB,UAAM,iBAAiB,iBAAiB,QAAQ;AAEhD,WAAO,eAAc;AAAA,MACnB,sBAAsB,oBAAoB,cAAc,CAAC;AAAA,MACzD;AAAA,QACE;AAAA,QACA;AAAA,QAEA,aAAa,0CAA0C,oBAAoB,cAAc,CAAC;AAAA,QAE1F,aAAa,EAAE,cAAc,SAAS;AAAA,MACxC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AACF;AAEO,IAAM,sBAAN,MAAM,6BAA4B,cAAc;AAAA,EAC3C,OACR,MACA,MACA,MACU;AACV,UAAM,UAAU,qBAAoB,mBAAmB,IAAI;AAC3D,UAAM,SAAS,qBAAoB,kBAAkB,IAAI;AAEzD,UAAM,cAAwB,CAAC;AAE/B,QAAI,QAAQ,SAAS,KAAK,KAAK,gBAAgB;AAC7C,kBAAY,KAAK,SAAS;AAAA,IAC5B;AAEA,QAAI,OAAO,SAAS,KAAK,KAAK,eAAe;AAC3C,kBAAY,KAAK,QAAQ;AAAA,IAC3B;AAEA,WAAO,IAAI,WAAW,GAAG;AAAA,MACvB;AAAA,MACA;AAAA,QACE,UAAU,UAAU,YAAY,MAAM,IAAI,GAAG;AAAA,UAC3C,aAAa,KAAK,cACd,EAAE,6BAA6B,KAAK,YAAY,IAChD;AAAA,QACN,CAAC;AAAA,QACD,MAAM;AAAA,UACJ,aAAa,KAAK;AAAA,UAClB;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,MACF;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,OAAe,kBAAqD;AAAA,IAClE,MAAM;AAAA,IACN,QAAQ,CAAC,cAAc,iBAAiB,gBAAgB;AAAA,EAC1D;AAAA,EAEA,OAAe,kBAAqE;AAAA,IAClF,IAAI;AAAA,MACF;AAAA,QACE,mBAAmB,EAAE,aAAa,EAAE,+BAA+B,cAAc,EAAE;AAAA,QACnF,aAAa,EAAE,aAAa,EAAE,WAAW,WAAW,EAAE;AAAA,MACxD;AAAA,IACF;AAAA,IACA,OAAO,CAAC,EAAE,MAAM,IAAI,UAAU,MAAM,CAAC;AAAA,EACvC;AAAA,EAEA,OAAe,mBACb,MACsD;AACtD,WAAOC;AAAA,MACL,KAAK,aAAa,IAAI,WAAS;AAAA,QAC7B,MAAM,KAAK,MAAM,CAAC,IAAI,qBAAoB,gBAAgB,IAAI;AAAA,QAC9D,OAAO,qBAAoB,SAAS,KAAK,KAAK;AAAA,MAChD,EAAE;AAAA,MACF,UAAQ,KAAK,UAAU,IAAI;AAAA,IAC7B;AAAA,EACF;AAAA,EAEA,OAAe,kBACb,MACqD;AACrD,UAAM,aAAkE,CAAC;AAEzE,UAAM,cAAc,KAAK,YAAY,KAAK,UAAQ,KAAK,MAAM,SAAS,CAAC;AACvE,QAAI,aAAa;AACf,iBAAW,KAAK,qBAAoB,eAAe;AAAA,IACrD;AAIA,UAAM,eAAe,KAAK,YAAY;AAAA,MAAK,UACzC,KAAK,MAAM,KAAK,UAAQ,CAAC,KAAK,SAAS,gBAAgB,CAAC;AAAA,IAC1D;AACA,QAAI,cAAc;AAChB,iBAAW,KAAK,EAAE,IAAI,CAAC,EAAE,SAAS,qBAAoB,gBAAgB,CAAC,EAAE,CAAC;AAAA,IAC5E;AAGA,QAAI,KAAK,oBAAoB;AAC3B,YAAM,EAAE,QAAQ,aAAa,IAAI,KAAK;AAEtC,UAAI,QAAQ,uBAAuB;AACjC,mBAAW,KAAK;AAAA,UACd,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,GAAG,QAAQ,sBAAsB,QAAQ,MAAM,EAAE,CAAC;AAAA,UAC1E,OAAO,CAAC,EAAE,MAAM,QAAQ,sBAAsB,YAAY,UAAU,MAAM,CAAC;AAAA,QAC7E,CAAC;AAAA,MACH,OAAO;AACL,cAAM,QAAQ,aACX,OAAO,cAAY,SAAS,SAAS,UAAU,EAC/C,IAAI,eAAa;AAAA,UAChB,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,iBAAiB,QAAQ,EAAE,EAAE,CAAC;AAAA,UACtD,OAAO,CAAC,EAAE,MAAM,SAAS,MAAM,UAAU,MAAM,CAAC;AAAA,QAClD,EAAE;AAEJ,mBAAW,KAAK,GAAG,KAAK;AAAA,MAC1B;AAAA,IACF;AAEA,WAAOA;AAAA,MACL,KAAK,YACF,IAAI,UAAQ;AACX,eAAO;AAAA,UACL,IAAI,KAAK,MAAM,CAAC,IAAI,qBAAoB,gBAAgB,IAAI;AAAA,UAC5D,OAAO,qBAAoB,SAAS,KAAK,KAAK;AAAA,QAChD;AAAA,MACF,CAAC,EACA,OAAO,UAAQ,KAAK,OAAO,MAAS,EACpC,OAAO,UAAU;AAAA,MACpB,UAAQ,KAAK,UAAU,IAAI;AAAA,IAC7B;AAAA,EACF;AAAA,EAEA,OAAe,gBAEb,MAC2D;AAC3D,UAAM,QAAQA;AAAA,MACZ;AAAA,QACE,GAAG,qBAAoB,gBAAgB,IAAI;AAAA,QAC3C,GAAG,qBAAoB,mBAAmB,IAAI;AAAA,QAC9C,GAAG,qBAAoB,oBAAoB,IAAI;AAAA,MACjD;AAAA,MACA,UAAQ,KAAK,UAAU,IAAI;AAAA,IAC7B;AAEA,WAAO,MAAM,SAAS,IAAI,QAAQ;AAAA,EACpC;AAAA,EAEA,OAAe,gBACb,MAC+C;AAC/C,WAAO,KAAK,MAAM,IAAI,WAAS,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE;AAAA,EACvD;AAAA,EAEA,OAAe,mBACb,MAC+C;AAC/C,WAAO,KAAK,SAAS,IAAI,aAAW;AAClC,YAAM,WAAW,0BAA0B,OAAO;AAElD,aAAO;AAAA,QACL,mBAAmB,2BAA2B,QAAQ,SAAS,SAAS;AAAA,QACxE,aAAa;AAAA,MACf;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,OAAe,oBACb,MAC+C;AAC/C,UAAM,gBAAgB,KAAK,UAAU,IAAI,eAAa;AAAA,MACpD,aAAa,0BAA0B,QAAQ;AAAA,IACjD,EAAE;AAEF,UAAM,iBAAiB,KAAK,WAAW,IAAI,qBAAoB,mBAAmB;AAElF,QAAI,eAAe,WAAW,GAAG;AAE/B,aAAO;AAAA,IACT;AAEA,QAAI,cAAc,WAAW,GAAG;AAE9B,aAAO;AAAA,IACT;AAGA,WAAO;AAAA,MACL,cAAc,IAAI,kBAAgB;AAChC,eAAO,eAAe,IAAI,mBAAiB,MAAM,cAAc,aAAa,CAAC;AAAA,MAC/E,CAAC;AAAA,IACH;AAAA,EACF;AAAA,EAEA,OAAe,oBAEb,WAC6C;AAC7C,UAAM,gBAAgB,gCAAgC,SAAS;AAC/D,UAAM,oBAAoB,2BAA2B,aAAa;AAElE,WAAO,EAAE,kBAAkB;AAAA,EAC7B;AAAA,EAEA,OAAe,SACb,OAC+C;AAC/C,WAAO,MAAM,IAAI,UAAQ;AACvB,UAAI,UAAU,MAAM;AAClB,eAAO;AAAA,UACL,MAAM,KAAK;AAAA,UACX,UAAU,KAAK,YAAY;AAAA,QAC7B;AAAA,MACF;AAEA,aAAO;AAAA,QACL,MAAM,KAAK,MAAM,CAAC;AAAA,QAClB,SAAS,KAAK,MAAM,CAAC;AAAA,QACrB,UAAU,KAAK,YAAY;AAAA,MAC7B;AAAA,IACF,CAAC;AAAA,EACH;AACF;","names":["cluster","entity","args","id","ComponentResource","normalize","output","output","output","ComponentResource","output","args","normalize","filterEndpoints","filterEndpoints","ComponentResource","normalize","output","uniqueBy","ComponentResource","output","args","normalize","endpoints","rule","cluster","uniqueBy"]}
package/dist/{chunk-HTQP2NB4.js → chunk-Y3LZSX7I.js} RENAMED
@@ -6,7 +6,7 @@ import {
6
6
  } from "@pulumi/pulumi";
7
7
 
8
8
  // src/shared.ts
9
- import { output, toPromise } from "@highstate/pulumi";
9
+ import { interpolate, output, toPromise } from "@highstate/pulumi";
10
10
  import { core, Provider } from "@pulumi/kubernetes";
11
11
  var providers = /* @__PURE__ */ new Map();
12
12
  function getProvider(cluster) {
@@ -57,21 +57,10 @@ function mapNamespaceNameToSelector(namespace) {
57
57
  }
58
58
  function resourceIdToString(id) {
59
59
  return output(id).apply((metadata) => {
60
- return metadata.namespace ? `${metadata.namespace}/${metadata.name}` : metadata.name;
60
+ const namespaceName = metadata.namespace ? mapNamespaceLikeToNamespaceName(metadata.namespace) : void 0;
61
+ return output(namespaceName ? interpolate`${namespaceName}/${metadata.name}` : metadata.name);
61
62
  });
62
63
  }
63
- function getAppName(resourceId) {
64
- if (resourceId.namespace !== resourceId.name) {
65
- return `${resourceId.namespace ?? "default"}-${resourceId.name}`;
66
- }
67
- return resourceId.name;
68
- }
69
- function getAppDisplayName(resourceId) {
70
- if (resourceId.namespace !== resourceId.name) {
71
- return `${resourceId.namespace ?? "default"}/${resourceId.name}`;
72
- }
73
- return resourceId.name;
74
- }
75
64
  function withPatchName(resourceType, resource, cluster) {
76
65
  return output({ resource, cluster }).apply(({ resource: resource2, cluster: cluster2 }) => {
77
66
  if (resource2.clusterId !== cluster2.id) {
@@ -260,8 +249,6 @@ export {
260
249
  mapNamespaceLikeToNamespaceName,
261
250
  mapNamespaceNameToSelector,
262
251
  resourceIdToString,
263
- getAppName,
264
- getAppDisplayName,
265
252
  withPatchName
266
253
  };
267
- //# sourceMappingURL=chunk-HTQP2NB4.js.map
254
+ //# sourceMappingURL=chunk-Y3LZSX7I.js.map
package/dist/chunk-Y3LZSX7I.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/namespace.ts","../src/shared.ts"],"sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n output,\n Output,\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n type Unwrap,\n} from \"@pulumi/pulumi\"\nimport { getProvider, mapMetadata, type CommonArgs } from \"./shared\"\n\nexport type NamespaceArgs = Omit<CommonArgs, \"namespace\"> & {\n /**\n * Whether to apply \"pod-security.kubernetes.io/enforce=privileged\" label to the namespace.\n */\n privileged?: boolean\n}\n\nexport type CreateOrPatchNamespaceArgs = NamespaceArgs & {\n /**\n * The resource to use to determine the name of the namespace.\n *\n * If not provided, the namespace will be created, otherwise it will be retrieved/patched.\n */\n resource: Input<k8s.Resource> | undefined\n}\n\nexport abstract class Namespace extends ComponentResource {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The cluster where the namespace is created.\n */\n readonly cluster: Output<k8s.Cluster>,\n\n /*\n * The metadata of the underlying Kubernetes namespace.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying Kubernetes namespace.\n */\n readonly spec: Output<types.output.core.v1.NamespaceSpec>,\n\n /**\n * The status of the underlying Kubernetes namespace.\n */\n readonly status: Output<types.output.core.v1.NamespaceStatus>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * Creates a new namespace.\n */\n static create(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions): Namespace {\n return new CreatedNamespace(name, args, opts)\n }\n\n /**\n * Creates a new namespace or patches an existing one.\n *\n * Will throw an error if the namespace does not exist when `args.resource` is provided.\n */\n static createOrPatch(\n name: string,\n args: CreateOrPatchNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Namespace {\n if (!args.resource) {\n return new CreatedNamespace(name, args, opts)\n }\n\n return new NamespacePatch(\n name,\n {\n ...args,\n name: output(args).apply(args => {\n if (args.resource!.clusterId !== args.cluster.id) {\n throw new Error(\n `Cluster mismatch when patching namespace \"${name}\": \"${args.resource!.clusterId}\" != \"${args.cluster.id}\"`,\n )\n }\n\n return args.resource!.metadata.namespace\n }),\n },\n opts,\n )\n }\n\n /**\n * Creates a new namespace or gets an existing one.\n *\n * Will throw an error if the namespace does not exist when `args.resource` is provided.\n */\n static createOrGet(\n name: string,\n args: CreateOrPatchNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Namespace {\n if (!args.resource) {\n return new CreatedNamespace(name, args, opts)\n }\n\n return new ExternalNamespace(\n name,\n output(args).apply(args => {\n if (args.resource!.clusterId !== args.cluster.id) {\n throw new Error(\n `Cluster mismatch when receiving namespace \"${name}\": \"${args.resource!.clusterId}\" != \"${args.cluster.id}\"`,\n )\n }\n\n return args.resource!.metadata.namespace\n }),\n args.cluster,\n opts,\n )\n }\n\n /**\n * Patches an existing namespace.\n *\n * Will throw an error if the namespace does not exist.\n */\n static patch(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions): Namespace {\n return new NamespacePatch(name, args, opts)\n }\n\n /**\n * Gets an existing namespace.\n *\n * Will throw an error if the namespace does not exist.\n */\n static get(\n name: string,\n id: Input<string>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ): Namespace {\n return new ExternalNamespace(name, id, cluster, opts)\n }\n}\n\nfunction mapNamespaceMetadata(\n args: Unwrap<NamespaceArgs>,\n name: string,\n): types.input.meta.v1.ObjectMeta {\n const labels: Record<string, string> = args.metadata?.labels ?? {}\n\n if (args.privileged) {\n labels[\"pod-security.kubernetes.io/enforce\"] = \"privileged\"\n }\n\n return { ...mapMetadata(args, name), labels }\n}\n\nclass CreatedNamespace extends Namespace {\n constructor(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions) {\n const namespace = output(args).apply(async args => {\n return new core.v1.Namespace(\n name,\n {\n metadata: mapNamespaceMetadata(args, name),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:Namespace\",\n name,\n args,\n opts,\n output(args.cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n\nclass NamespacePatch extends Namespace {\n constructor(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions) {\n const namespace = output(args).apply(async args => {\n return new core.v1.NamespacePatch(\n name,\n {\n metadata: mapNamespaceMetadata(args, name),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:NamespacePatch\",\n name,\n args,\n opts,\n output(args.cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n\nclass ExternalNamespace extends Namespace {\n constructor(\n name: string,\n id: Input<string>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ) {\n const namespace = output(id).apply(async realName => {\n return core.v1.Namespace.get(\n //\n name,\n realName,\n {\n ...opts,\n parent: this,\n provider: await getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:ExternalNamespace\",\n name,\n { id, cluster },\n opts,\n output(cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n","import type { PartialKeys } from \"@highstate/contract\"\nimport type { k8s } from \"@highstate/library\"\nimport { interpolate, Output, output, toPromise, type Input, type Unwrap } from \"@highstate/pulumi\"\nimport { core, Provider, types } from \"@pulumi/kubernetes\"\nimport { Namespace } from \"./namespace\"\n\nconst providers = new Map<string, Provider>()\n\nexport function getProvider(cluster: Input<k8s.Cluster>): Promise<Provider> {\n const provider = output(cluster).apply(cluster => {\n const existingProvider = providers.get(cluster.id)\n if (existingProvider) {\n return existingProvider\n }\n\n const provider = new Provider(`${cluster.name}-${cluster.id}`, {\n kubeconfig: cluster.kubeconfig,\n })\n providers.set(cluster.id, provider)\n\n return provider\n })\n\n return toPromise(provider)\n}\n\nexport type NamespaceLike = core.v1.Namespace | Namespace | string\n\nexport type CommonArgs = {\n /**\n * The name of the resource.\n */\n name?: Input<string>\n\n /**\n * The namespace to create the resource in.\n */\n namespace: Input<NamespaceLike | undefined>\n\n /**\n * The cluster to create the resource in.\n */\n cluster: Input<k8s.Cluster>\n\n /**\n * The metadata to apply to the resource.\n */\n metadata?: Input<types.input.meta.v1.ObjectMeta>\n}\n\nexport const commonExtraArgs = [\"name\", \"namespace\", \"cluster\", \"metadata\"] as const\n\nexport function mapMetadata(\n args: PartialKeys<Unwrap<CommonArgs>, \"namespace\" | \"cluster\">,\n fallbackName?: string,\n): types.input.meta.v1.ObjectMeta {\n return {\n ...args.metadata,\n name: args.name ?? args.metadata?.name ?? fallbackName,\n namespace: args.namespace ? mapNamespaceLikeToNamespaceName(args.namespace) : undefined,\n }\n}\n\nexport type SelectorLike = types.input.meta.v1.LabelSelector | Record<string, Input<string>>\n\nexport function mapSelectorLikeToSelector(\n selector: SelectorLike,\n): types.input.meta.v1.LabelSelector {\n if (\"matchLabels\" in selector || \"matchExpressions\" in selector) {\n return selector\n }\n\n return {\n matchLabels: selector as Record<string, Input<string>>,\n }\n}\n\nexport function mapNamespaceLikeToNamespaceName(namespace: NamespaceLike): Output<string> {\n if (Namespace.isInstance(namespace)) {\n return namespace.metadata.name\n }\n\n if (core.v1.Namespace.isInstance(namespace)) {\n return namespace.metadata.name\n }\n\n return output(namespace)\n}\n\nexport function mapNamespaceNameToSelector(\n namespace: Input<string>,\n): types.input.meta.v1.LabelSelector {\n return {\n matchLabels: {\n \"kubernetes.io/metadata.name\": namespace,\n },\n }\n}\n\nexport type ResourceId = {\n name: Input<string>\n namespace?: Input<NamespaceLike | undefined>\n}\n\nexport function resourceIdToString(id: Input<ResourceId>): Output<string> {\n return output(id).apply(metadata => {\n const namespaceName = metadata.namespace\n ? mapNamespaceLikeToNamespaceName(metadata.namespace)\n : undefined\n\n return output(namespaceName ? interpolate`${namespaceName}/${metadata.name}` : metadata.name)\n })\n}\n\nexport function withPatchName(\n resourceType: string,\n resource: Input<k8s.Resource>,\n cluster: Input<k8s.Cluster>,\n): Output<string> {\n return output({ resource, cluster }).apply(({ resource, cluster }) => {\n if (resource.clusterId !== cluster.id) {\n throw new Error(\n `Cluster mismatch when patching ${resourceType} \"${resource.metadata.name}\": \"${resource.clusterId}\" != \"${cluster.id}\"`,\n )\n }\n\n return resource.metadata.name\n })\n}\n"],"mappings":";AACA,SAAS,QAAAA,aAAwB;AACjC;AAAA,EACE;AAAA,EACA,UAAAC;AAAA,OAMK;;;ACRP,SAAS,aAAqB,QAAQ,iBAA0C;AAChF,SAAS,MAAM,gBAAuB;AAGtC,IAAM,YAAY,oBAAI,IAAsB;AAErC,SAAS,YAAY,SAAgD;AAC1E,QAAM,WAAW,OAAO,OAAO,EAAE,MAAM,CAAAC,aAAW;AAChD,UAAM,mBAAmB,UAAU,IAAIA,SAAQ,EAAE;AACjD,QAAI,kBAAkB;AACpB,aAAO;AAAA,IACT;AAEA,UAAMC,YAAW,IAAI,SAAS,GAAGD,SAAQ,IAAI,IAAIA,SAAQ,EAAE,IAAI;AAAA,MAC7D,YAAYA,SAAQ;AAAA,IACtB,CAAC;AACD,cAAU,IAAIA,SAAQ,IAAIC,SAAQ;AAElC,WAAOA;AAAA,EACT,CAAC;AAED,SAAO,UAAU,QAAQ;AAC3B;AA0BO,IAAM,kBAAkB,CAAC,QAAQ,aAAa,WAAW,UAAU;AAEnE,SAAS,YACd,MACA,cACgC;AAChC,SAAO;AAAA,IACL,GAAG,KAAK;AAAA,IACR,MAAM,KAAK,QAAQ,KAAK,UAAU,QAAQ;AAAA,IAC1C,WAAW,KAAK,YAAY,gCAAgC,KAAK,SAAS,IAAI;AAAA,EAChF;AACF;AAIO,SAAS,0BACd,UACmC;AACnC,MAAI,iBAAiB,YAAY,sBAAsB,UAAU;AAC/D,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL,aAAa;AAAA,EACf;AACF;AAEO,SAAS,gCAAgC,WAA0C;AACxF,MAAI,UAAU,WAAW,SAAS,GAAG;AACnC,WAAO,UAAU,SAAS;AAAA,EAC5B;AAEA,MAAI,KAAK,GAAG,UAAU,WAAW,SAAS,GAAG;AAC3C,WAAO,UAAU,SAAS;AAAA,EAC5B;AAEA,SAAO,OAAO,SAAS;AACzB;AAEO,SAAS,2BACd,WACmC;AACnC,SAAO;AAAA,IACL,aAAa;AAAA,MACX,+BAA+B;AAAA,IACjC;AAAA,EACF;AACF;AAOO,SAAS,mBAAmB,IAAuC;AACxE,SAAO,OAAO,EAAE,EAAE,MAAM,cAAY;AAClC,UAAM,gBAAgB,SAAS,YAC3B,gCAAgC,SAAS,SAAS,IAClD;AAEJ,WAAO,OAAO,gBAAgB,cAAc,aAAa,IAAI,SAAS,IAAI,KAAK,SAAS,IAAI;AAAA,EAC9F,CAAC;AACH;AAEO,SAAS,cACd,cACA,UACA,SACgB;AAChB,SAAO,OAAO,EAAE,UAAU,QAAQ,CAAC,EAAE,MAAM,CAAC,EAAE,UAAAC,WAAU,SAAAF,SAAQ,MAAM;AACpE,QAAIE,UAAS,cAAcF,SAAQ,IAAI;AACrC,YAAM,IAAI;AAAA,QACR,kCAAkC,YAAY,KAAKE,UAAS,SAAS,IAAI,OAAOA,UAAS,SAAS,SAASF,SAAQ,EAAE;AAAA,MACvH;AAAA,IACF;AAEA,WAAOE,UAAS,SAAS;AAAA,EAC3B,CAAC;AACH;;;ADnGO,IAAe,YAAf,cAAiC,kBAAkB;AAAA,EAC9C,YACR,MACA,MACA,MACA,MAKS,SAKA,UAKA,MAKA,QACT;AACA,UAAM,MAAM,MAAM,MAAM,IAAI;AAjBnB;AAKA;AAKA;AAKA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,OAAO,MAAc,MAAqB,MAA4C;AAC3F,WAAO,IAAI,iBAAiB,MAAM,MAAM,IAAI;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,cACL,MACA,MACA,MACW;AACX,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,IAAI,iBAAiB,MAAM,MAAM,IAAI;AAAA,IAC9C;AAEA,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,QACE,GAAG;AAAA,QACH,MAAMC,QAAO,IAAI,EAAE,MAAM,CAAAC,UAAQ;AAC/B,cAAIA,MAAK,SAAU,cAAcA,MAAK,QAAQ,IAAI;AAChD,kBAAM,IAAI;AAAA,cACR,6CAA6C,IAAI,OAAOA,MAAK,SAAU,SAAS,SAASA,MAAK,QAAQ,EAAE;AAAA,YAC1G;AAAA,UACF;AAEA,iBAAOA,MAAK,SAAU,SAAS;AAAA,QACjC,CAAC;AAAA,MACH;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,YACL,MACA,MACA,MACW;AACX,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,IAAI,iBAAiB,MAAM,MAAM,IAAI;AAAA,IAC9C;AAEA,WAAO,IAAI;AAAA,MACT;AAAA,MACAD,QAAO,IAAI,EAAE,MAAM,CAAAC,UAAQ;AACzB,YAAIA,MAAK,SAAU,cAAcA,MAAK,QAAQ,IAAI;AAChD,gBAAM,IAAI;AAAA,YACR,8CAA8C,IAAI,OAAOA,MAAK,SAAU,SAAS,SAASA,MAAK,QAAQ,EAAE;AAAA,UAC3G;AAAA,QACF;AAEA,eAAOA,MAAK,SAAU,SAAS;AAAA,MACjC,CAAC;AAAA,MACD,KAAK;AAAA,MACL;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,MAAM,MAAc,MAAqB,MAA4C;AAC1F,WAAO,IAAI,eAAe,MAAM,MAAM,IAAI;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,IACL,MACA,IACA,SACA,MACW;AACX,WAAO,IAAI,kBAAkB,MAAM,IAAI,SAAS,IAAI;AAAA,EACtD;AACF;AAEA,SAAS,qBACP,MACA,MACgC;AAChC,QAAM,SAAiC,KAAK,UAAU,UAAU,CAAC;AAEjE,MAAI,KAAK,YAAY;AACnB,WAAO,oCAAoC,IAAI;AAAA,EACjD;AAEA,SAAO,EAAE,GAAG,YAAY,MAAM,IAAI,GAAG,OAAO;AAC9C;AAEA,IAAM,mBAAN,cAA+B,UAAU;AAAA,EACvC,YAAY,MAAc,MAAqB,MAAiC;AAC9E,UAAM,YAAYD,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AACjD,aAAO,IAAIC,MAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,qBAAqBD,OAAM,IAAI;AAAA,QAC3C;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACAD,QAAO,KAAK,OAAO;AAAA,MACnB,UAAU;AAAA,MACV,UAAU;AAAA,MACV,UAAU;AAAA,IACZ;AAAA,EACF;AACF;AAEA,IAAM,iBAAN,cAA6B,UAAU;AAAA,EACrC,YAAY,MAAc,MAAqB,MAAiC;AAC9E,UAAM,YAAYA,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AACjD,aAAO,IAAIC,MAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,qBAAqBD,OAAM,IAAI;AAAA,QAC3C;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACAD,QAAO,KAAK,OAAO;AAAA,MACnB,UAAU;AAAA,MACV,UAAU;AAAA,MACV,UAAU;AAAA,IACZ;AAAA,EACF;AACF;AAEA,IAAM,oBAAN,cAAgC,UAAU;AAAA,EACxC,YACE,MACA,IACA,SACA,MACA;AACA,UAAM,YAAYA,QAAO,EAAE,EAAE,MAAM,OAAM,aAAY;AACnD,aAAOE,MAAK,GAAG,UAAU;AAAA;AAAA,QAEvB;AAAA,QACA;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAY,OAAO;AAAA,QACrC;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA,EAAE,IAAI,QAAQ;AAAA,MACd;AAAA,MACAF,QAAO,OAAO;AAAA,MACd,UAAU;AAAA,MACV,UAAU;AAAA,MACV,UAAU;AAAA,IACZ;AAAA,EACF;AACF;","names":["core","output","cluster","provider","resource","output","args","core"]}
package/dist/deployment-QTPBNKO5.js ADDED
@@ -0,0 +1,10 @@
1
+ import {
2
+ Deployment
3
+ } from "./chunk-6L67WIZW.js";
4
+ import "./chunk-SARVLQZY.js";
5
+ import "./chunk-WEKIQRCZ.js";
6
+ import "./chunk-Y3LZSX7I.js";
7
+ export {
8
+ Deployment
9
+ };
10
+ //# sourceMappingURL=deployment-QTPBNKO5.js.map
package/dist/highstate.manifest.json CHANGED
@@ -1,12 +1,12 @@
1
1
  {
2
2
  "sourceHashes": {
3
- "./dist/index.js": "5ce1157c1f5b291c0e3629d765ca07b449164e2a4a4abd0fdd33c7d63117e8a9",
4
- "./dist/units/access-point/index.js": "052d61dd6962453d9457c4b56b4c36a136a8618f7f8504d7553be3ac2c72dc36",
5
- "./dist/units/cert-manager/index.js": "7d1aa88c42455f1f7afb7917e50f591280ade7e2f06c4f78f9e7ccf35a3bbc47",
6
- "./dist/units/cluster-patch/index.js": "464b322266b4c560bff7f07d6026f8e33e670ab8ca101220cfe87f41b6ed00f0",
7
- "./dist/units/cluster-dns/index.js": "f0ce51e46e84c3032680b472484f8146d89ac86047b5ff8bcc4fee446b0311ce",
8
- "./dist/units/dns01-issuer/index.js": "fa256605cc90bb1d831ee0661e08dd2200e2f1106a16b569bbd56fec97589a28",
9
- "./dist/units/existing-cluster/index.js": "427bcf9490554135b5c95672a1e477217ce86360512c9e280d0749524bb905ce",
10
- "./dist/units/gateway-api/index.js": "0cc0aa17f75169c866ae75afcb35c1cf404cfd6984a5a3183c83068c4cfdc87f"
3
+ "./dist/index.js": "970451f680aca1ef09581bd21c5c827e862e27005886492d1f16f10fd178aad2",
4
+ "./dist/units/access-point/index.js": "cefaf27d66fb9ea0a570c40ce32c85a78a55782f80d296d8c68783615e900509",
5
+ "./dist/units/cert-manager/index.js": "3bcc4761c02c4ab877afcdc6623a5c0fe271fb5af2646a459447a1f91e5e402f",
6
+ "./dist/units/cluster-patch/index.js": "bd4ef28700dfad9cffb3412387b33ee34b10d4a4ec5a21653884763626589d6c",
7
+ "./dist/units/cluster-dns/index.js": "fc97254083f04224ecdb8208c16104d9ab1148ca63f15971ddb681a09f28142a",
8
+ "./dist/units/dns01-issuer/index.js": "cbdb00147c3a22501633dd4ced40bdcee77ec91d5e19126ab688eb9a2442fb92",
9
+ "./dist/units/existing-cluster/index.js": "c8e44f3c4525ddc6b4cda00629560df539c81fe9c32913ac87fc78f112ac0ca3",
10
+ "./dist/units/gateway-api/index.js": "31e16cf11559bdd2fcc7275d7a82aea0d029192ee93eb4002b0c7b4aab4652a9"
11
11
  }
12
12
  }
package/dist/index.js CHANGED
@@ -1,9 +1,9 @@
1
1
  import {
2
2
  StatefulSet
3
- } from "./chunk-FF3GFWG3.js";
3
+ } from "./chunk-VL7Z5FJQ.js";
4
4
  import {
5
5
  Deployment
6
- } from "./chunk-3B5DTLGG.js";
6
+ } from "./chunk-6L67WIZW.js";
7
7
  import {
8
8
  ConfigMap,
9
9
  ExposableWorkload,
@@ -11,25 +11,27 @@ import {
11
11
  Secret,
12
12
  Workload,
13
13
  getWorkloadComponents
14
- } from "./chunk-R43VRICF.js";
14
+ } from "./chunk-SARVLQZY.js";
15
15
  import {
16
16
  Chart,
17
17
  RenderedChart,
18
18
  getChartService,
19
19
  getChartServiceOutput,
20
20
  resolveHelmChart
21
- } from "./chunk-7R2VAXVL.js";
21
+ } from "./chunk-5S4JPM4M.js";
22
22
  import {
23
23
  HttpRoute,
24
24
  NetworkPolicy,
25
25
  Service,
26
+ getBestEndpoint,
26
27
  getServiceMetadata,
27
28
  hasServiceMetadata,
28
29
  isFromCluster,
29
30
  mapContainerPortToServicePort,
30
31
  mapServiceToLabelSelector,
32
+ requireBestEndpoint,
31
33
  withServiceMetadata
32
- } from "./chunk-OP75IMU7.js";
34
+ } from "./chunk-WEKIQRCZ.js";
33
35
  import {
34
36
  createK8sTerminal,
35
37
  detectExternalIps
@@ -37,14 +39,12 @@ import {
37
39
  import {
38
40
  Namespace,
39
41
  commonExtraArgs,
40
- getAppDisplayName,
41
- getAppName,
42
42
  getProvider,
43
43
  mapMetadata,
44
44
  mapNamespaceLikeToNamespaceName,
45
45
  mapNamespaceNameToSelector,
46
46
  mapSelectorLikeToSelector
47
- } from "./chunk-HTQP2NB4.js";
47
+ } from "./chunk-Y3LZSX7I.js";
48
48
 
49
49
  // src/access-point.ts
50
50
  import { DnsRecordSet, filterEndpoints, l3EndpointToString } from "@highstate/common";
@@ -583,32 +583,6 @@ var CronJob = class extends ComponentResource3 {
583
583
  });
584
584
  }
585
585
  };
586
-
587
- // src/network.ts
588
- import { filterEndpoints as filterEndpoints2 } from "@highstate/common";
589
- function getBestEndpoint(endpoints, cluster) {
590
- if (!endpoints.length) {
591
- return void 0;
592
- }
593
- if (endpoints.length === 1) {
594
- return endpoints[0];
595
- }
596
- if (!cluster) {
597
- return filterEndpoints2(endpoints)[0];
598
- }
599
- const clusterEndpoint = endpoints.find((endpoint) => isFromCluster(endpoint, cluster));
600
- if (clusterEndpoint) {
601
- return clusterEndpoint;
602
- }
603
- return filterEndpoints2(endpoints)[0];
604
- }
605
- function requireBestEndpoint(endpoints, cluster) {
606
- const endpoint = getBestEndpoint(endpoints, cluster);
607
- if (!endpoint) {
608
- throw new Error(`No best endpoint found for cluster "${cluster.name}" (${cluster.id})`);
609
- }
610
- return endpoint;
611
- }
612
586
  export {
613
587
  Chart,
614
588
  ConfigMap,
@@ -629,8 +603,6 @@ export {
629
603
  createK8sTerminal,
630
604
  createScriptContainer,
631
605
  detectExternalIps,
632
- getAppDisplayName,
633
- getAppName,
634
606
  getBestEndpoint,
635
607
  getChartService,
636
608
  getChartServiceOutput,
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/access-point.ts","../src/scripting/bundle.ts","../src/scripting/environment.ts","../src/scripting/container.ts","../src/job.ts","../src/cron-job.ts","../src/network.ts"],"sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { Provider } from \"@pulumi/kubernetes\"\nimport type { Namespace } from \"./namespace\"\nimport { DnsRecordSet, filterEndpoints, l3EndpointToString } from \"@highstate/common\"\nimport { gateway } from \"@highstate/gateway-api\"\nimport {\n normalize,\n Output,\n output,\n toPromise,\n type Input,\n type InputArray,\n} from \"@highstate/pulumi\"\nimport { NetworkPolicy } from \"./network-policy\"\nimport { getProvider, mapNamespaceLikeToNamespaceName } from \"./shared\"\nimport { isFromCluster } from \"./service\"\n\nexport type UseAccessPointResult = {\n /**\n * The gateway instance created according to the access point.\n */\n gateway: gateway.v1.Gateway\n\n /**\n * The DNS record sets associated created according to the access point and gateway.\n */\n dnsRecordSets: DnsRecordSet[]\n\n /**\n * The network policies associated with the access point.\n */\n networkPolicies: NetworkPolicy[]\n}\n\nexport type UseAccessPointArgs = Omit<CreateGatewayArgs, \"gateway\"> & {\n accessPoint: Input<k8s.AccessPoint>\n}\n\nexport function useAccessPoint(args: UseAccessPointArgs): Promise<UseAccessPointResult> {\n const result = output({ args, namespaceName: output(args.namespace).metadata.name }).apply(\n ({ args, namespaceName }) => {\n if (args.accessPoint.clusterId !== args.cluster.id) {\n throw new Error(\n \"The provided Kubernetes cluster is different from the one where the access point is deployed.\",\n )\n }\n\n const gateway = createGateway({\n ...args,\n annotations: {\n \"cert-manager.io/cluster-issuer\": args.accessPoint.tlsIssuer.clusterIssuerName,\n },\n gateway: args.accessPoint.gateway,\n })\n\n const dnsRecordSets = normalize(args.fqdn, args.fqdns).flatMap(fqdn => {\n return DnsRecordSet.create(fqdn, {\n providers: args.accessPoint.dnsProviders,\n values: filterEndpoints(\n args.accessPoint.gateway.endpoints.filter(endpoint => endpoint.type !== \"hostname\"),\n ),\n })\n })\n\n const networkPolicies: Output<NetworkPolicy>[] = [\n NetworkPolicy.create(\n `allow-ingress-from-${l3EndpointToString(args.accessPoint.gateway.endpoints[0])}`,\n {\n namespace: args.namespace,\n cluster: args.cluster,\n\n description: `Allow ingress traffic from the gateway at \"${l3EndpointToString(args.accessPoint.gateway.endpoints[0])}\".`,\n\n ingressRule: {\n fromEndpoints: args.accessPoint.gateway.endpoints,\n },\n },\n { provider: args.provider },\n ),\n ]\n\n if (isFromCluster(args.accessPoint.gateway.endpoints[0], args.cluster)) {\n networkPolicies.push(\n NetworkPolicy.create(\n `allow-egress-to-${namespaceName}`,\n {\n namespace: args.accessPoint.gateway.endpoints[0].metadata.k8sService.namespace,\n cluster: args.cluster,\n\n selector: args.accessPoint.gateway.endpoints[0].metadata.k8sService.selector,\n\n description: `Allow egress traffic to the namespace \"${namespaceName}\".`,\n\n egressRule: {\n toNamespace: args.namespace,\n },\n },\n { provider: args.provider },\n ),\n )\n }\n\n return output({\n gateway,\n dnsRecordSets,\n networkPolicies,\n })\n },\n )\n\n return toPromise(result)\n}\n\nexport type StandardAccessPointArgs = {\n appName: string\n fqdn: string\n}\n\nexport type StandardAccessPointInputs = {\n accessPoint: Output<k8s.AccessPoint>\n k8sCluster: Output<k8s.Cluster>\n}\n\nexport async function useStandardAcessPoint(\n namespace: Namespace,\n args: StandardAccessPointArgs,\n inputs: StandardAccessPointInputs,\n): Promise<UseAccessPointResult> {\n return await useAccessPoint({\n name: args.appName,\n namespace,\n\n fqdn: args.fqdn,\n\n accessPoint: inputs.accessPoint,\n cluster: inputs.k8sCluster,\n provider: await getProvider(inputs.k8sCluster),\n })\n}\n\nexport type CreateGatewayArgs = {\n name: string\n namespace: Input<Namespace>\n annotations?: Input<Record<string, string>>\n\n fqdn?: Input<string>\n fqdns?: InputArray<string>\n\n gateway: Input<k8s.Gateway>\n cluster: Input<k8s.Cluster>\n provider: Provider\n}\n\nexport function createGateway(args: CreateGatewayArgs): Output<gateway.v1.Gateway> {\n return output(args).apply(args => {\n if (args.cluster.id !== args.gateway.clusterId) {\n throw new Error(\n \"The provided Kubernetes cluster is different from the one where the gateway controller is deployed.\",\n )\n }\n\n return new gateway.v1.Gateway(\n args.name,\n {\n metadata: {\n name: args.name,\n namespace: mapNamespaceLikeToNamespaceName(args.namespace),\n annotations: args.annotations,\n },\n spec: {\n gatewayClassName: output(args.gateway).gatewayClassName,\n listeners: normalize(args.fqdn, args.fqdns).map(fqdn => {\n const normalizedName = fqdn.replace(/\\*/g, \"wildcard\")\n\n return {\n name: `https-${normalizedName}`,\n port: output(args.gateway).httpsListenerPort,\n protocol: \"HTTPS\",\n hostname: fqdn,\n tls: {\n mode: \"Terminate\",\n certificateRefs: [{ name: normalizedName }],\n },\n }\n }),\n },\n },\n { provider: args.provider, deletedWith: args.namespace },\n )\n })\n}\n","import type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\nimport type { network } from \"@highstate/library\"\nimport { apply, normalize, type InputArray } from \"@highstate/pulumi\"\nimport {\n ComponentResource,\n output,\n type ComponentResourceOptions,\n type Input,\n type Output,\n type Unwrap,\n} from \"@pulumi/pulumi\"\nimport { mapValues, omitBy, pipe } from \"remeda\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { readPackageJSON } from \"pkg-types\"\nimport { text, trimIndentation } from \"@highstate/contract\"\nimport { parseL34Endpoint } from \"@highstate/common\"\nimport { serializeFunction } from \"@pulumi/pulumi/runtime/index.js\"\nimport { type CommonArgs } from \"../shared\"\nimport { ConfigMap } from \"../config-map\"\nimport {\n emptyScriptEnvironment,\n functionScriptImages,\n type ResolvedScriptEnvironment,\n type ScriptDistribution,\n type ScriptEnvironment,\n} from \"./environment\"\n\nexport type ScriptBundleArgs = CommonArgs & {\n /**\n * The environment to bundle the scripts from.\n */\n environment?: Input<ScriptEnvironment>\n\n /**\n * The environments to bundle the scripts from.\n */\n environments?: InputArray<ScriptEnvironment>\n\n /**\n * The distribution to use for the scripts.\n */\n distribution: ScriptDistribution\n}\n\nexport class ScriptBundle extends ComponentResource {\n /**\n * The config map containing the scripts.\n */\n readonly configMap: Output<ConfigMap>\n\n /**\n * The volumes that should be included in the workload.\n */\n readonly volumes: Output<WorkloadVolume[]>\n\n /**\n * The volume mounts that should be defined in the container.\n */\n readonly volumeMounts: Output<ContainerVolumeMount[]>\n\n /**\n * The environment variables that should be defined in the container.\n */\n readonly environment: Output<ContainerEnvironment>\n\n /**\n * The image to use for the scripts.\n */\n readonly image: Output<string>\n\n /**\n * The distribution to use for the scripts.\n */\n readonly distribution: ScriptDistribution\n\n /**\n * The list of endpoints that the script is allowed to access.\n */\n readonly allowedEndpoints: Output<network.L34Endpoint[]>\n\n constructor(name: string, args: ScriptBundleArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ScriptBundle\", name, args, opts)\n\n const scriptEnvironment = pipe(\n output(args),\n apply(args => normalize(args.environment, args.environments)),\n apply(args => deepmerge(emptyScriptEnvironment, ...args)),\n ) as Output<Unwrap<ResolvedScriptEnvironment>>\n\n const hasFunctionScripts = scriptEnvironment.apply(scriptEnvironment => {\n return Object.values(scriptEnvironment.files).some(file => typeof file === \"function\")\n })\n\n this.distribution = args.distribution\n this.environment = scriptEnvironment.environment\n\n this.image = hasFunctionScripts.apply(hasFunctionScripts =>\n output(\n hasFunctionScripts\n ? functionScriptImages[args.distribution]\n : scriptEnvironment[args.distribution].image,\n ),\n )\n\n this.allowedEndpoints = output({ scriptEnvironment, hasFunctionScripts }).apply(\n ({ scriptEnvironment, hasFunctionScripts }) => {\n const allowedEndpoints = [\n ...scriptEnvironment.allowedEndpoints,\n ...scriptEnvironment[args.distribution].allowedEndpoints,\n ]\n\n if (hasFunctionScripts) {\n allowedEndpoints.push(\"tcp://registry.npmjs.org:443\")\n }\n\n return allowedEndpoints.map(parseL34Endpoint)\n },\n )\n\n this.configMap = output({ scriptEnvironment, args }).apply(({ scriptEnvironment, args }) => {\n return ConfigMap.create(\n name,\n {\n cluster: args.cluster,\n namespace: args.namespace,\n\n data: createScriptData(this.distribution, scriptEnvironment),\n },\n { ...opts, parent: this },\n )\n })\n\n this.volumes = output({ hasFunctionScripts, volumes: scriptEnvironment.volumes }).apply(\n ({ hasFunctionScripts, volumes }) => {\n return [\n ...volumes,\n {\n name: this.configMap.metadata.name,\n\n configMap: {\n name: this.configMap.metadata.name,\n defaultMode: 0o550, // read and execute permissions\n },\n },\n ...(hasFunctionScripts ? [{ name: \"node-modules\", emptyDir: {} }] : []),\n ]\n },\n )\n\n this.volumeMounts = output({\n hasFunctionScripts,\n volumeMounts: scriptEnvironment.volumeMounts,\n }).apply(({ hasFunctionScripts, volumeMounts }) => {\n return [\n ...volumeMounts,\n {\n volume: this.configMap,\n mountPath: \"/scripts\",\n },\n ...(hasFunctionScripts\n ? [{ name: \"node-modules\", mountPath: \"/scripts/node_modules\" }]\n : []),\n ]\n })\n\n this.registerOutputs({\n configMap: this.configMap,\n volumes: this.volumes,\n volumeMounts: this.volumeMounts,\n environment: this.environment,\n distribution: this.distribution,\n allowedEndpoints: this.allowedEndpoints,\n image: this.image,\n })\n }\n}\n\nfunction stripWorkspacePrefix(value: string): string {\n if (value.startsWith(\"workspace:\")) {\n return value.replace(\"workspace:\", \"\")\n }\n\n return value\n}\n\nasync function createScriptData(\n distribution: ScriptDistribution,\n environment: Unwrap<ResolvedScriptEnvironment>,\n): Promise<Record<string, string>> {\n const scriptData: Record<string, string> = {}\n const actions: string[] = []\n\n const distributionEnvironment = environment[distribution]\n const setupScripts = { ...environment.setupScripts }\n\n let hasFunctionScripts = false\n\n for (const key in environment.files) {\n if (typeof environment.files[key] === \"function\") {\n const serialized = await serializeFunction(environment.files[key])\n\n scriptData[key] = text`\n #!/usr/local/bin/bun\n \n ${serialized.text}\n\n exports.${serialized.exportName}()\n `\n\n hasFunctionScripts = true\n } else {\n scriptData[key] = environment.files[key]\n }\n }\n\n if (hasFunctionScripts) {\n const packageJson = await readPackageJSON()\n\n packageJson.dependencies = omitBy(\n mapValues(packageJson.dependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n packageJson.devDependencies = omitBy(\n mapValues(packageJson.devDependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n scriptData[\"package.json\"] = JSON.stringify(packageJson, null, 2)\n\n setupScripts[\"resolve-dependencies.sh\"] = text`\n #!/usr/local/bin/bun\n set -e\n\n cd /scripts\n bun install --production\n `\n }\n\n if (distributionEnvironment.preInstallPackages.length > 0) {\n scriptData[\"pre-install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.preInstallPackages,\n )\n\n actions.push(`\n echo \"+ Installing pre-install packages...\"\n /scripts/pre-install-packages.sh\n echo \"+ Pre-install packages installed successfully\"\n `)\n }\n\n if (Object.keys(distributionEnvironment.preInstallScripts).length > 0) {\n for (const key in distributionEnvironment.preInstallScripts) {\n scriptData[`pre-install-${key}`] = distributionEnvironment.preInstallScripts[key]\n\n actions.push(`\n echo \"+ Running pre-install script '${key}'...\"\n /scripts/pre-install-${key}\n echo \"+ Pre-install script '${key}'... Done\"\n `)\n }\n }\n\n if (distributionEnvironment.packages.length > 0) {\n scriptData[\"install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.packages,\n )\n\n actions.push(`\n echo \"+ Installing packages...\"\n /scripts/install-packages.sh\n echo \"+ Packages installed successfully\"\n `)\n }\n\n if (Object.keys(setupScripts).length > 0) {\n for (const key in setupScripts) {\n scriptData[`setup-${key}`] = setupScripts[key]\n\n actions.push(`\n echo \"+ Running setup script '${key}'...\"\n /scripts/setup-${key}\n echo \"+ Setup script '${key}'... Done\"\n `)\n }\n }\n\n if (Object.keys(environment.cleanupScripts).length > 0) {\n const cleanupActions: string[] = []\n\n for (const key in environment.cleanupScripts) {\n scriptData[`cleanup-${key}`] = environment.cleanupScripts[key]\n\n cleanupActions.push(`\n echo \"+ Running cleanup script '${key}'...\"\n /scripts/cleanup-${key}\n echo \"+ Cleanup script '${key}'... Done\"\n `)\n }\n\n actions.push(`\n function cleanup() {\n ${cleanupActions.map(s => s.trim()).join(\"\\n\\n\")}\n }\n\n trap cleanup EXIT\n trap cleanup SIGTERM\n `)\n }\n\n scriptData[\"entrypoint.sh\"] = trimIndentation(`\n #!/bin/sh\n set -e\n\n if [ -z \"$1\" ]; then\n echo \"Usage: entrypoint.sh <main script> [args...]\"\n exit 1\n fi\n\n ${actions.map(s => s.trim()).join(\"\\n\\n\")}\n\n echo \"+ Running main script...\"\n $@\n echo \"+ Main script completed\"\n `)\n\n return scriptData\n}\n\nfunction getInstallPackagesScript(distribution: ScriptDistribution, packages: string[]): string {\n if (distribution === \"alpine\") {\n return text`\n #!/bin/sh\n set -e\n\n apk add --no-cache ${packages.join(\" \")}\n `\n } else {\n return text`\n #!/bin/sh\n set -e\n\n apt-get update\n apt-get install -y ${packages.join(\" \")}\n `\n }\n}\n","import type { Input, InputArray, InputMap } from \"@highstate/pulumi\"\nimport type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\nimport type { InputL34Endpoint } from \"@highstate/common\"\n\nexport type ScriptDistribution = \"alpine\" | \"ubuntu\"\n\nexport type DistributionEnvironment = {\n /**\n * The image that should be used for the distribution.\n */\n image?: Input<string>\n\n /**\n * The utility packages that should be installed before running \"preInstallScripts\".\n *\n * Useful for installing tools like `curl` to install additional repositories.\n */\n preInstallPackages?: InputArray<string>\n\n /**\n * The pre-install scripts that should be run before installing packages.\n * Typically, these scripts are used to install additional repositories.\n */\n preInstallScripts?: InputMap<string>\n\n /**\n * The packages that are available in the environment.\n */\n packages?: InputArray<string>\n\n /**\n * The endpoint which the script is allowed to access scoped to the distribution.\n *\n * Typically, this is used to allow access to the package manager.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputL34Endpoint>\n}\n\nexport type ScriptProgram = () => unknown\n\nexport type ScriptEnvironment = {\n [distribution in ScriptDistribution]?: DistributionEnvironment\n} & {\n /**\n * The setup scripts that should be run before the script.\n */\n setupScripts?: InputMap<string>\n\n /**\n * The cleanup scripts that should be run after the script.\n */\n cleanupScripts?: InputMap<string>\n\n /**\n * The arbitrary files available in the environment including scripts.\n */\n files?: InputMap<string | ScriptProgram>\n\n /**\n * The volumes that should be defined in the environment.\n */\n volumes?: InputArray<WorkloadVolume>\n\n /**\n * The volume mounts that should be defined in the environment.\n */\n volumeMounts?: InputArray<ContainerVolumeMount>\n\n /**\n * The environment variables that should be defined in the environment.\n */\n environment?: Input<ContainerEnvironment>\n\n /**\n * The endpoint which the script is allowed to access.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputL34Endpoint>\n}\n\nexport type ResolvedScriptEnvironment = Omit<Required<ScriptEnvironment>, ScriptDistribution> & {\n [distribution in ScriptDistribution]: Required<DistributionEnvironment>\n}\n\nconst emptyDistributionEnvironment = {\n preInstallPackages: [],\n preInstallScripts: {},\n packages: [],\n}\n\nexport const emptyScriptEnvironment: ResolvedScriptEnvironment = {\n alpine: {\n ...emptyDistributionEnvironment,\n image: \"alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c\",\n allowedEndpoints: [\n //\n \"tcp://dl-cdn.alpinelinux.org:443\",\n \"tcp://dl-cdn.alpinelinux.org:80\",\n ],\n },\n\n ubuntu: {\n ...emptyDistributionEnvironment,\n image: \"ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782\",\n allowedEndpoints: [\n //\n \"tcp://archive.ubuntu.com:80\",\n \"tcp://archive.ubuntu.com:443\",\n \"tcp://security.ubuntu.com:80\",\n \"tcp://security.ubuntu.com:443\",\n ],\n },\n\n setupScripts: {},\n cleanupScripts: {},\n files: {},\n volumes: [],\n volumeMounts: [],\n environment: {},\n allowedEndpoints: [],\n}\n\nexport const functionScriptImages: Record<ScriptDistribution, string> = {\n alpine: \"oven/bun@sha256:6b14922b0885c3890cdb0b396090af1da486ba941df5ee94391eef64f7113c61\",\n ubuntu: \"oven/bun@sha256:66b431441dc4c36d7e8164bfc61e6348ec1d7ce2862fc3a29f5dc9856e8205e4\",\n}\n","import type { Container } from \"../container\"\nimport type { ScriptBundle } from \"./bundle\"\nimport { merge } from \"remeda\"\nimport { Output, output, type Input } from \"@pulumi/pulumi\"\n\nexport type ScriptContainer = Container & {\n /**\n * The script bundle to use.\n */\n bundle: Input<ScriptBundle>\n\n /**\n * The name of the main script to run.\n * The script must be available in the bundle.\n */\n main: Input<string>\n}\n\n/**\n * Creates a spec for a container that runs a script.\n * This spec can be used to create a complete workload or an init container.\n *\n * @param options The options to create the container spec.\n * @returns The container spec.\n */\nexport function createScriptContainer(options: ScriptContainer): Output<Container> {\n const bundle = output(options.bundle)\n\n return output({\n options,\n image: bundle.image,\n volumeMounts: bundle.volumeMounts,\n volumes: bundle.volumes,\n environment: bundle.environment,\n allowedEndpoints: bundle.allowedEndpoints,\n }).apply(({ options, image, volumeMounts, volumes, environment, allowedEndpoints }) => {\n return {\n image,\n command: [\"/scripts/entrypoint.sh\", `/scripts/${options.main}`],\n\n ...options,\n\n volumeMounts: [...volumeMounts, ...(options.volumeMounts ?? [])],\n volumes: [...volumes, ...(options.volumes ?? [])],\n environment: merge(environment, options.environment),\n allowedEndpoints: [...allowedEndpoints, ...(options.allowedEndpoints ?? [])],\n } as Container\n })\n}\n","import { batch, type types } from \"@pulumi/kubernetes\"\nimport { ComponentResource, Output, output, type ComponentResourceOptions } from \"@highstate/pulumi\"\nimport { mergeDeep, omit } from \"remeda\"\nimport { commonExtraArgs, getProvider, mapMetadata } from \"./shared\"\nimport { getWorkloadComponents, type WorkloadArgs } from \"./workload\"\n\nexport type JobArgs = WorkloadArgs &\n Omit<Partial<types.input.batch.v1.JobSpec>, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n\nconst jobExtraArgs = [...commonExtraArgs, \"container\", \"containers\"] as const\n\nexport class Job extends ComponentResource {\n /**\n * The underlying Kubernetes job.\n */\n public readonly job: Output<batch.v1.Job>\n\n constructor(name: string, args: JobArgs, opts: ComponentResourceOptions) {\n super(\"highstate:k8s:Job\", name, args, opts)\n\n const { podTemplate } = getWorkloadComponents(name, args, () => this, opts)\n\n this.job = output({ args, podTemplate }).apply(async ({ args, podTemplate }) => {\n return new batch.v1.Job(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: mergeDeep(\n {\n template: mergeDeep(\n {\n spec: {\n restartPolicy: \"Never\",\n },\n },\n podTemplate,\n ),\n } satisfies types.input.batch.v1.JobSpec,\n omit(args, jobExtraArgs) as types.input.batch.v1.JobSpec,\n ),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n }\n}\n","import type { RequiredKeys } from \"@highstate/contract\"\nimport { batch, type types } from \"@pulumi/kubernetes\"\nimport { ComponentResource, Output, output, type ComponentResourceOptions } from \"@highstate/pulumi\"\nimport { mergeDeep, omit } from \"remeda\"\nimport { commonExtraArgs, getProvider, mapMetadata } from \"./shared\"\nimport { getWorkloadComponents, type WorkloadArgs } from \"./workload\"\n\nexport type CronJobArgs = WorkloadArgs &\n Omit<RequiredKeys<Partial<types.input.batch.v1.CronJobSpec>, \"schedule\">, \"jobTemplate\"> & {\n jobTemplate?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Omit<types.input.batch.v1.JobSpec, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n }\n }\n\nconst cronJobExtraArgs = [...commonExtraArgs, \"container\", \"containers\"] as const\n\nexport class CronJob extends ComponentResource {\n /**\n * The underlying Kubernetes job.\n */\n public readonly cronJob: Output<batch.v1.CronJob>\n\n constructor(name: string, args: CronJobArgs, opts: ComponentResourceOptions) {\n super(\"highstate:k8s:CronJob\", name, args, opts)\n\n const { podTemplate } = getWorkloadComponents(name, args, () => this, opts)\n\n this.cronJob = output({ args, podTemplate }).apply(async ({ args, podTemplate }) => {\n return new batch.v1.CronJob(\n name,\n {\n metadata: mapMetadata(args, name),\n\n spec: mergeDeep(\n {\n jobTemplate: {\n spec: {\n template: mergeDeep(\n {\n spec: {\n restartPolicy: \"Never\",\n },\n },\n podTemplate,\n ),\n },\n },\n\n schedule: args.schedule,\n } satisfies types.input.batch.v1.CronJobSpec,\n omit(args, cronJobExtraArgs) as types.input.batch.v1.CronJobSpec,\n ),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n }\n}\n","import type { k8s, network } from \"@highstate/library\"\nimport { filterEndpoints } from \"@highstate/common\"\nimport { isFromCluster } from \"./service\"\n\nexport function getBestEndpoint(\n endpoints: network.L4Endpoint[],\n cluster?: k8s.Cluster,\n): network.L4Endpoint | undefined {\n if (!endpoints.length) {\n return undefined\n }\n\n if (endpoints.length === 1) {\n return endpoints[0]\n }\n\n if (!cluster) {\n return filterEndpoints(endpoints)[0]\n }\n\n const clusterEndpoint = endpoints.find(endpoint => isFromCluster(endpoint, cluster))\n\n if (clusterEndpoint) {\n return clusterEndpoint\n }\n\n return filterEndpoints(endpoints)[0]\n}\n\nexport function requireBestEndpoint(\n endpoints: network.L4Endpoint[],\n cluster: k8s.Cluster,\n): network.L4Endpoint {\n const endpoint = getBestEndpoint(endpoints, cluster)\n\n if (!endpoint) {\n throw new Error(`No best endpoint found for cluster \"${cluster.name}\" (${cluster.id})`)\n }\n\n return endpoint\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,SAAS,cAAc,iBAAiB,0BAA0B;AAClE,SAAS,eAAe;AACxB;AAAA,EACE;AAAA,EAEA;AAAA,EACA;AAAA,OAGK;AA0BA,SAAS,eAAe,MAAyD;AACtF,QAAM,SAAS,OAAO,EAAE,MAAM,eAAe,OAAO,KAAK,SAAS,EAAE,SAAS,KAAK,CAAC,EAAE;AAAA,IACnF,CAAC,EAAE,MAAAA,OAAM,cAAc,MAAM;AAC3B,UAAIA,MAAK,YAAY,cAAcA,MAAK,QAAQ,IAAI;AAClD,cAAM,IAAI;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAEA,YAAMC,WAAU,cAAc;AAAA,QAC5B,GAAGD;AAAA,QACH,aAAa;AAAA,UACX,kCAAkCA,MAAK,YAAY,UAAU;AAAA,QAC/D;AAAA,QACA,SAASA,MAAK,YAAY;AAAA,MAC5B,CAAC;AAED,YAAM,gBAAgB,UAAUA,MAAK,MAAMA,MAAK,KAAK,EAAE,QAAQ,UAAQ;AACrE,eAAO,aAAa,OAAO,MAAM;AAAA,UAC/B,WAAWA,MAAK,YAAY;AAAA,UAC5B,QAAQ;AAAA,YACNA,MAAK,YAAY,QAAQ,UAAU,OAAO,cAAY,SAAS,SAAS,UAAU;AAAA,UACpF;AAAA,QACF,CAAC;AAAA,MACH,CAAC;AAED,YAAM,kBAA2C;AAAA,QAC/C,cAAc;AAAA,UACZ,sBAAsB,mBAAmBA,MAAK,YAAY,QAAQ,UAAU,CAAC,CAAC,CAAC;AAAA,UAC/E;AAAA,YACE,WAAWA,MAAK;AAAA,YAChB,SAASA,MAAK;AAAA,YAEd,aAAa,8CAA8C,mBAAmBA,MAAK,YAAY,QAAQ,UAAU,CAAC,CAAC,CAAC;AAAA,YAEpH,aAAa;AAAA,cACX,eAAeA,MAAK,YAAY,QAAQ;AAAA,YAC1C;AAAA,UACF;AAAA,UACA,EAAE,UAAUA,MAAK,SAAS;AAAA,QAC5B;AAAA,MACF;AAEA,UAAI,cAAcA,MAAK,YAAY,QAAQ,UAAU,CAAC,GAAGA,MAAK,OAAO,GAAG;AACtE,wBAAgB;AAAA,UACd,cAAc;AAAA,YACZ,mBAAmB,aAAa;AAAA,YAChC;AAAA,cACE,WAAWA,MAAK,YAAY,QAAQ,UAAU,CAAC,EAAE,SAAS,WAAW;AAAA,cACrE,SAASA,MAAK;AAAA,cAEd,UAAUA,MAAK,YAAY,QAAQ,UAAU,CAAC,EAAE,SAAS,WAAW;AAAA,cAEpE,aAAa,0CAA0C,aAAa;AAAA,cAEpE,YAAY;AAAA,gBACV,aAAaA,MAAK;AAAA,cACpB;AAAA,YACF;AAAA,YACA,EAAE,UAAUA,MAAK,SAAS;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAEA,aAAO,OAAO;AAAA,QACZ,SAAAC;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO,UAAU,MAAM;AACzB;AAYA,eAAsB,sBACpB,WACA,MACA,QAC+B;AAC/B,SAAO,MAAM,eAAe;AAAA,IAC1B,MAAM,KAAK;AAAA,IACX;AAAA,IAEA,MAAM,KAAK;AAAA,IAEX,aAAa,OAAO;AAAA,IACpB,SAAS,OAAO;AAAA,IAChB,UAAU,MAAM,YAAY,OAAO,UAAU;AAAA,EAC/C,CAAC;AACH;AAeO,SAAS,cAAc,MAAqD;AACjF,SAAO,OAAO,IAAI,EAAE,MAAM,CAAAD,UAAQ;AAChC,QAAIA,MAAK,QAAQ,OAAOA,MAAK,QAAQ,WAAW;AAC9C,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,WAAO,IAAI,QAAQ,GAAG;AAAA,MACpBA,MAAK;AAAA,MACL;AAAA,QACE,UAAU;AAAA,UACR,MAAMA,MAAK;AAAA,UACX,WAAW,gCAAgCA,MAAK,SAAS;AAAA,UACzD,aAAaA,MAAK;AAAA,QACpB;AAAA,QACA,MAAM;AAAA,UACJ,kBAAkB,OAAOA,MAAK,OAAO,EAAE;AAAA,UACvC,WAAW,UAAUA,MAAK,MAAMA,MAAK,KAAK,EAAE,IAAI,UAAQ;AACtD,kBAAM,iBAAiB,KAAK,QAAQ,OAAO,UAAU;AAErD,mBAAO;AAAA,cACL,MAAM,SAAS,cAAc;AAAA,cAC7B,MAAM,OAAOA,MAAK,OAAO,EAAE;AAAA,cAC3B,UAAU;AAAA,cACV,UAAU;AAAA,cACV,KAAK;AAAA,gBACH,MAAM;AAAA,gBACN,iBAAiB,CAAC,EAAE,MAAM,eAAe,CAAC;AAAA,cAC5C;AAAA,YACF;AAAA,UACF,CAAC;AAAA,QACH;AAAA,MACF;AAAA,MACA,EAAE,UAAUA,MAAK,UAAU,aAAaA,MAAK,UAAU;AAAA,IACzD;AAAA,EACF,CAAC;AACH;;;AC5LA,SAAS,OAAO,aAAAE,kBAAkC;AAClD;AAAA,EACE;AAAA,EACA,UAAAC;AAAA,OAKK;AACP,SAAS,WAAW,QAAQ,YAAY;AACxC,SAAS,iBAAiB;AAC1B,SAAS,uBAAuB;AAChC,SAAS,MAAM,uBAAuB;AACtC,SAAS,wBAAwB;AACjC,SAAS,yBAAyB;;;ACuElC,IAAM,+BAA+B;AAAA,EACnC,oBAAoB,CAAC;AAAA,EACrB,mBAAmB,CAAC;AAAA,EACpB,UAAU,CAAC;AACb;AAEO,IAAM,yBAAoD;AAAA,EAC/D,QAAQ;AAAA,IACN,GAAG;AAAA,IACH,OAAO;AAAA,IACP,kBAAkB;AAAA;AAAA,MAEhB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,QAAQ;AAAA,IACN,GAAG;AAAA,IACH,OAAO;AAAA,IACP,kBAAkB;AAAA;AAAA,MAEhB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,cAAc,CAAC;AAAA,EACf,gBAAgB,CAAC;AAAA,EACjB,OAAO,CAAC;AAAA,EACR,SAAS,CAAC;AAAA,EACV,cAAc,CAAC;AAAA,EACf,aAAa,CAAC;AAAA,EACd,kBAAkB,CAAC;AACrB;AAEO,IAAM,uBAA2D;AAAA,EACtE,QAAQ;AAAA,EACR,QAAQ;AACV;;;ADpFO,IAAM,eAAN,cAA2B,kBAAkB;AAAA;AAAA;AAAA;AAAA,EAIzC;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA,EAET,YAAY,MAAc,MAAwB,MAAiC;AACjF,UAAM,8BAA8B,MAAM,MAAM,IAAI;AAEpD,UAAM,oBAAoB;AAAA,MACxBC,QAAO,IAAI;AAAA,MACX,MAAM,CAAAC,UAAQC,WAAUD,MAAK,aAAaA,MAAK,YAAY,CAAC;AAAA,MAC5D,MAAM,CAAAA,UAAQ,UAAU,wBAAwB,GAAGA,KAAI,CAAC;AAAA,IAC1D;AAEA,UAAM,qBAAqB,kBAAkB,MAAM,CAAAE,uBAAqB;AACtE,aAAO,OAAO,OAAOA,mBAAkB,KAAK,EAAE,KAAK,UAAQ,OAAO,SAAS,UAAU;AAAA,IACvF,CAAC;AAED,SAAK,eAAe,KAAK;AACzB,SAAK,cAAc,kBAAkB;AAErC,SAAK,QAAQ,mBAAmB;AAAA,MAAM,CAAAC,wBACpCJ;AAAA,QACEI,sBACI,qBAAqB,KAAK,YAAY,IACtC,kBAAkB,KAAK,YAAY,EAAE;AAAA,MAC3C;AAAA,IACF;AAEA,SAAK,mBAAmBJ,QAAO,EAAE,mBAAmB,mBAAmB,CAAC,EAAE;AAAA,MACxE,CAAC,EAAE,mBAAAG,oBAAmB,oBAAAC,oBAAmB,MAAM;AAC7C,cAAM,mBAAmB;AAAA,UACvB,GAAGD,mBAAkB;AAAA,UACrB,GAAGA,mBAAkB,KAAK,YAAY,EAAE;AAAA,QAC1C;AAEA,YAAIC,qBAAoB;AACtB,2BAAiB,KAAK,8BAA8B;AAAA,QACtD;AAEA,eAAO,iBAAiB,IAAI,gBAAgB;AAAA,MAC9C;AAAA,IACF;AAEA,SAAK,YAAYJ,QAAO,EAAE,mBAAmB,KAAK,CAAC,EAAE,MAAM,CAAC,EAAE,mBAAAG,oBAAmB,MAAAF,MAAK,MAAM;AAC1F,aAAO,UAAU;AAAA,QACf;AAAA,QACA;AAAA,UACE,SAASA,MAAK;AAAA,UACd,WAAWA,MAAK;AAAA,UAEhB,MAAM,iBAAiB,KAAK,cAAcE,kBAAiB;AAAA,QAC7D;AAAA,QACA,EAAE,GAAG,MAAM,QAAQ,KAAK;AAAA,MAC1B;AAAA,IACF,CAAC;AAED,SAAK,UAAUH,QAAO,EAAE,oBAAoB,SAAS,kBAAkB,QAAQ,CAAC,EAAE;AAAA,MAChF,CAAC,EAAE,oBAAAI,qBAAoB,QAAQ,MAAM;AACnC,eAAO;AAAA,UACL,GAAG;AAAA,UACH;AAAA,YACE,MAAM,KAAK,UAAU,SAAS;AAAA,YAE9B,WAAW;AAAA,cACT,MAAM,KAAK,UAAU,SAAS;AAAA,cAC9B,aAAa;AAAA;AAAA,YACf;AAAA,UACF;AAAA,UACA,GAAIA,sBAAqB,CAAC,EAAE,MAAM,gBAAgB,UAAU,CAAC,EAAE,CAAC,IAAI,CAAC;AAAA,QACvE;AAAA,MACF;AAAA,IACF;AAEA,SAAK,eAAeJ,QAAO;AAAA,MACzB;AAAA,MACA,cAAc,kBAAkB;AAAA,IAClC,CAAC,EAAE,MAAM,CAAC,EAAE,oBAAAI,qBAAoB,aAAa,MAAM;AACjD,aAAO;AAAA,QACL,GAAG;AAAA,QACH;AAAA,UACE,QAAQ,KAAK;AAAA,UACb,WAAW;AAAA,QACb;AAAA,QACA,GAAIA,sBACA,CAAC,EAAE,MAAM,gBAAgB,WAAW,wBAAwB,CAAC,IAC7D,CAAC;AAAA,MACP;AAAA,IACF,CAAC;AAED,SAAK,gBAAgB;AAAA,MACnB,WAAW,KAAK;AAAA,MAChB,SAAS,KAAK;AAAA,MACd,cAAc,KAAK;AAAA,MACnB,aAAa,KAAK;AAAA,MAClB,cAAc,KAAK;AAAA,MACnB,kBAAkB,KAAK;AAAA,MACvB,OAAO,KAAK;AAAA,IACd,CAAC;AAAA,EACH;AACF;AAEA,SAAS,qBAAqB,OAAuB;AACnD,MAAI,MAAM,WAAW,YAAY,GAAG;AAClC,WAAO,MAAM,QAAQ,cAAc,EAAE;AAAA,EACvC;AAEA,SAAO;AACT;AAEA,eAAe,iBACb,cACA,aACiC;AACjC,QAAM,aAAqC,CAAC;AAC5C,QAAM,UAAoB,CAAC;AAE3B,QAAM,0BAA0B,YAAY,YAAY;AACxD,QAAM,eAAe,EAAE,GAAG,YAAY,aAAa;AAEnD,MAAI,qBAAqB;AAEzB,aAAW,OAAO,YAAY,OAAO;AACnC,QAAI,OAAO,YAAY,MAAM,GAAG,MAAM,YAAY;AAChD,YAAM,aAAa,MAAM,kBAAkB,YAAY,MAAM,GAAG,CAAC;AAEjE,iBAAW,GAAG,IAAI;AAAA;AAAA;AAAA,UAGd,WAAW,IAAI;AAAA;AAAA,kBAEP,WAAW,UAAU;AAAA;AAGjC,2BAAqB;AAAA,IACvB,OAAO;AACL,iBAAW,GAAG,IAAI,YAAY,MAAM,GAAG;AAAA,IACzC;AAAA,EACF;AAEA,MAAI,oBAAoB;AACtB,UAAM,cAAc,MAAM,gBAAgB;AAE1C,gBAAY,eAAe;AAAA,MACzB,UAAU,YAAY,gBAAgB,CAAC,GAAG,oBAAoB;AAAA,MAC9D,CAAC,GAAG,QAAQ,IAAI,WAAW,aAAa;AAAA,IAC1C;AAEA,gBAAY,kBAAkB;AAAA,MAC5B,UAAU,YAAY,mBAAmB,CAAC,GAAG,oBAAoB;AAAA,MACjE,CAAC,GAAG,QAAQ,IAAI,WAAW,aAAa;AAAA,IAC1C;AAEA,eAAW,cAAc,IAAI,KAAK,UAAU,aAAa,MAAM,CAAC;AAEhE,iBAAa,yBAAyB,IAAI;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAO5C;AAEA,MAAI,wBAAwB,mBAAmB,SAAS,GAAG;AACzD,eAAW,yBAAyB,IAAI;AAAA,MACtC;AAAA,MACA,wBAAwB;AAAA,IAC1B;AAEA,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA,KAIZ;AAAA,EACH;AAEA,MAAI,OAAO,KAAK,wBAAwB,iBAAiB,EAAE,SAAS,GAAG;AACrE,eAAW,OAAO,wBAAwB,mBAAmB;AAC3D,iBAAW,eAAe,GAAG,EAAE,IAAI,wBAAwB,kBAAkB,GAAG;AAEhF,cAAQ,KAAK;AAAA,8CAC2B,GAAG;AAAA,+BAClB,GAAG;AAAA,sCACI,GAAG;AAAA,OAClC;AAAA,IACH;AAAA,EACF;AAEA,MAAI,wBAAwB,SAAS,SAAS,GAAG;AAC/C,eAAW,qBAAqB,IAAI;AAAA,MAClC;AAAA,MACA,wBAAwB;AAAA,IAC1B;AAEA,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA,KAIZ;AAAA,EACH;AAEA,MAAI,OAAO,KAAK,YAAY,EAAE,SAAS,GAAG;AACxC,eAAW,OAAO,cAAc;AAC9B,iBAAW,SAAS,GAAG,EAAE,IAAI,aAAa,GAAG;AAE7C,cAAQ,KAAK;AAAA,wCACqB,GAAG;AAAA,yBAClB,GAAG;AAAA,gCACI,GAAG;AAAA,OAC5B;AAAA,IACH;AAAA,EACF;AAEA,MAAI,OAAO,KAAK,YAAY,cAAc,EAAE,SAAS,GAAG;AACtD,UAAM,iBAA2B,CAAC;AAElC,eAAW,OAAO,YAAY,gBAAgB;AAC5C,iBAAW,WAAW,GAAG,EAAE,IAAI,YAAY,eAAe,GAAG;AAE7D,qBAAe,KAAK;AAAA,0CACgB,GAAG;AAAA,2BAClB,GAAG;AAAA,kCACI,GAAG;AAAA,OAC9B;AAAA,IACH;AAEA,YAAQ,KAAK;AAAA;AAAA,QAET,eAAe,IAAI,OAAK,EAAE,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC;AAAA;AAAA;AAAA;AAAA;AAAA,KAKjD;AAAA,EACH;AAEA,aAAW,eAAe,IAAI,gBAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAS5C,QAAQ,IAAI,OAAK,EAAE,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC;AAAA;AAAA;AAAA;AAAA;AAAA,GAKxC;AAED,SAAO;AACT;AAEA,SAAS,yBAAyB,cAAkC,UAA4B;AAC9F,MAAI,iBAAiB,UAAU;AAC7B,WAAO;AAAA;AAAA;AAAA;AAAA,2BAIgB,SAAS,KAAK,GAAG,CAAC;AAAA;AAAA,EAE3C,OAAO;AACL,WAAO;AAAA;AAAA;AAAA;AAAA;AAAA,2BAKgB,SAAS,KAAK,GAAG,CAAC;AAAA;AAAA,EAE3C;AACF;;;AE1VA,SAAS,aAAa;AACtB,SAAiB,UAAAC,eAA0B;AAsBpC,SAAS,sBAAsB,SAA6C;AACjF,QAAM,SAASA,QAAO,QAAQ,MAAM;AAEpC,SAAOA,QAAO;AAAA,IACZ;AAAA,IACA,OAAO,OAAO;AAAA,IACd,cAAc,OAAO;AAAA,IACrB,SAAS,OAAO;AAAA,IAChB,aAAa,OAAO;AAAA,IACpB,kBAAkB,OAAO;AAAA,EAC3B,CAAC,EAAE,MAAM,CAAC,EAAE,SAAAC,UAAS,OAAO,cAAc,SAAS,aAAa,iBAAiB,MAAM;AACrF,WAAO;AAAA,MACL;AAAA,MACA,SAAS,CAAC,0BAA0B,YAAYA,SAAQ,IAAI,EAAE;AAAA,MAE9D,GAAGA;AAAA,MAEH,cAAc,CAAC,GAAG,cAAc,GAAIA,SAAQ,gBAAgB,CAAC,CAAE;AAAA,MAC/D,SAAS,CAAC,GAAG,SAAS,GAAIA,SAAQ,WAAW,CAAC,CAAE;AAAA,MAChD,aAAa,MAAM,aAAaA,SAAQ,WAAW;AAAA,MACnD,kBAAkB,CAAC,GAAG,kBAAkB,GAAIA,SAAQ,oBAAoB,CAAC,CAAE;AAAA,IAC7E;AAAA,EACF,CAAC;AACH;;;AChDA,SAAS,aAAyB;AAClC,SAAS,qBAAAC,oBAA2B,UAAAC,eAA6C;AACjF,SAAS,WAAW,YAAY;AAYhC,IAAM,eAAe,CAAC,GAAG,iBAAiB,aAAa,YAAY;AAE5D,IAAM,MAAN,cAAkBC,mBAAkB;AAAA;AAAA;AAAA;AAAA,EAIzB;AAAA,EAEhB,YAAY,MAAc,MAAe,MAAgC;AACvE,UAAM,qBAAqB,MAAM,MAAM,IAAI;AAE3C,UAAM,EAAE,YAAY,IAAI,sBAAsB,MAAM,MAAM,MAAM,MAAM,IAAI;AAE1E,SAAK,MAAMC,QAAO,EAAE,MAAM,YAAY,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,aAAAC,aAAY,MAAM;AAC9E,aAAO,IAAI,MAAM,GAAG;AAAA,QAClB;AAAA,QACA;AAAA,UACE,UAAU,YAAYD,OAAM,IAAI;AAAA,UAChC,MAAM;AAAA,YACJ;AAAA,cACE,UAAU;AAAA,gBACR;AAAA,kBACE,MAAM;AAAA,oBACJ,eAAe;AAAA,kBACjB;AAAA,gBACF;AAAA,gBACAC;AAAA,cACF;AAAA,YACF;AAAA,YACA,KAAKD,OAAM,YAAY;AAAA,UACzB;AAAA,QACF;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;ACrDA,SAAS,SAAAE,cAAyB;AAClC,SAAS,qBAAAC,oBAA2B,UAAAC,eAA6C;AACjF,SAAS,aAAAC,YAAW,QAAAC,aAAY;AAiBhC,IAAM,mBAAmB,CAAC,GAAG,iBAAiB,aAAa,YAAY;AAEhE,IAAM,UAAN,cAAsBC,mBAAkB;AAAA;AAAA;AAAA;AAAA,EAI7B;AAAA,EAEhB,YAAY,MAAc,MAAmB,MAAgC;AAC3E,UAAM,yBAAyB,MAAM,MAAM,IAAI;AAE/C,UAAM,EAAE,YAAY,IAAI,sBAAsB,MAAM,MAAM,MAAM,MAAM,IAAI;AAE1E,SAAK,UAAUC,QAAO,EAAE,MAAM,YAAY,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,aAAAC,aAAY,MAAM;AAClF,aAAO,IAAIC,OAAM,GAAG;AAAA,QAClB;AAAA,QACA;AAAA,UACE,UAAU,YAAYF,OAAM,IAAI;AAAA,UAEhC,MAAMG;AAAA,YACJ;AAAA,cACE,aAAa;AAAA,gBACX,MAAM;AAAA,kBACJ,UAAUA;AAAA,oBACR;AAAA,sBACE,MAAM;AAAA,wBACJ,eAAe;AAAA,sBACjB;AAAA,oBACF;AAAA,oBACAF;AAAA,kBACF;AAAA,gBACF;AAAA,cACF;AAAA,cAEA,UAAUD,MAAK;AAAA,YACjB;AAAA,YACAI,MAAKJ,OAAM,gBAAgB;AAAA,UAC7B;AAAA,QACF;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AClEA,SAAS,mBAAAK,wBAAuB;AAGzB,SAAS,gBACd,WACA,SACgC;AAChC,MAAI,CAAC,UAAU,QAAQ;AACrB,WAAO;AAAA,EACT;AAEA,MAAI,UAAU,WAAW,GAAG;AAC1B,WAAO,UAAU,CAAC;AAAA,EACpB;AAEA,MAAI,CAAC,SAAS;AACZ,WAAOC,iBAAgB,SAAS,EAAE,CAAC;AAAA,EACrC;AAEA,QAAM,kBAAkB,UAAU,KAAK,cAAY,cAAc,UAAU,OAAO,CAAC;AAEnF,MAAI,iBAAiB;AACnB,WAAO;AAAA,EACT;AAEA,SAAOA,iBAAgB,SAAS,EAAE,CAAC;AACrC;AAEO,SAAS,oBACd,WACA,SACoB;AACpB,QAAM,WAAW,gBAAgB,WAAW,OAAO;AAEnD,MAAI,CAAC,UAAU;AACb,UAAM,IAAI,MAAM,uCAAuC,QAAQ,IAAI,MAAM,QAAQ,EAAE,GAAG;AAAA,EACxF;AAEA,SAAO;AACT;","names":["args","gateway","normalize","output","output","args","normalize","scriptEnvironment","hasFunctionScripts","output","options","ComponentResource","output","ComponentResource","output","args","podTemplate","batch","ComponentResource","output","mergeDeep","omit","ComponentResource","output","args","podTemplate","batch","mergeDeep","omit","filterEndpoints","filterEndpoints"]}
1
+ {"version":3,"sources":["../src/access-point.ts","../src/scripting/bundle.ts","../src/scripting/environment.ts","../src/scripting/container.ts","../src/job.ts","../src/cron-job.ts"],"sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport type { Provider } from \"@pulumi/kubernetes\"\nimport type { Namespace } from \"./namespace\"\nimport { DnsRecordSet, filterEndpoints, l3EndpointToString } from \"@highstate/common\"\nimport { gateway } from \"@highstate/gateway-api\"\nimport {\n normalize,\n Output,\n output,\n toPromise,\n type Input,\n type InputArray,\n} from \"@highstate/pulumi\"\nimport { NetworkPolicy } from \"./network-policy\"\nimport { getProvider, mapNamespaceLikeToNamespaceName } from \"./shared\"\nimport { isFromCluster } from \"./service\"\n\nexport type UseAccessPointResult = {\n /**\n * The gateway instance created according to the access point.\n */\n gateway: gateway.v1.Gateway\n\n /**\n * The DNS record sets associated created according to the access point and gateway.\n */\n dnsRecordSets: DnsRecordSet[]\n\n /**\n * The network policies associated with the access point.\n */\n networkPolicies: NetworkPolicy[]\n}\n\nexport type UseAccessPointArgs = Omit<CreateGatewayArgs, \"gateway\"> & {\n accessPoint: Input<k8s.AccessPoint>\n}\n\nexport function useAccessPoint(args: UseAccessPointArgs): Promise<UseAccessPointResult> {\n const result = output({ args, namespaceName: output(args.namespace).metadata.name }).apply(\n ({ args, namespaceName }) => {\n if (args.accessPoint.clusterId !== args.cluster.id) {\n throw new Error(\n \"The provided Kubernetes cluster is different from the one where the access point is deployed.\",\n )\n }\n\n const gateway = createGateway({\n ...args,\n annotations: {\n \"cert-manager.io/cluster-issuer\": args.accessPoint.tlsIssuer.clusterIssuerName,\n },\n gateway: args.accessPoint.gateway,\n })\n\n const dnsRecordSets = normalize(args.fqdn, args.fqdns).flatMap(fqdn => {\n return DnsRecordSet.create(fqdn, {\n providers: args.accessPoint.dnsProviders,\n values: filterEndpoints(\n args.accessPoint.gateway.endpoints.filter(endpoint => endpoint.type !== \"hostname\"),\n ),\n })\n })\n\n const networkPolicies: Output<NetworkPolicy>[] = [\n NetworkPolicy.create(\n `allow-ingress-from-${l3EndpointToString(args.accessPoint.gateway.endpoints[0])}`,\n {\n namespace: args.namespace,\n cluster: args.cluster,\n\n description: `Allow ingress traffic from the gateway at \"${l3EndpointToString(args.accessPoint.gateway.endpoints[0])}\".`,\n\n ingressRule: {\n fromEndpoints: args.accessPoint.gateway.endpoints,\n },\n },\n { provider: args.provider },\n ),\n ]\n\n if (isFromCluster(args.accessPoint.gateway.endpoints[0], args.cluster)) {\n networkPolicies.push(\n NetworkPolicy.create(\n `allow-egress-to-${namespaceName}`,\n {\n namespace: args.accessPoint.gateway.endpoints[0].metadata.k8sService.namespace,\n cluster: args.cluster,\n\n selector: args.accessPoint.gateway.endpoints[0].metadata.k8sService.selector,\n\n description: `Allow egress traffic to the namespace \"${namespaceName}\".`,\n\n egressRule: {\n toNamespace: args.namespace,\n },\n },\n { provider: args.provider },\n ),\n )\n }\n\n return output({\n gateway,\n dnsRecordSets,\n networkPolicies,\n })\n },\n )\n\n return toPromise(result)\n}\n\nexport type StandardAccessPointArgs = {\n appName: string\n fqdn: string\n}\n\nexport type StandardAccessPointInputs = {\n accessPoint: Output<k8s.AccessPoint>\n k8sCluster: Output<k8s.Cluster>\n}\n\nexport async function useStandardAcessPoint(\n namespace: Namespace,\n args: StandardAccessPointArgs,\n inputs: StandardAccessPointInputs,\n): Promise<UseAccessPointResult> {\n return await useAccessPoint({\n name: args.appName,\n namespace,\n\n fqdn: args.fqdn,\n\n accessPoint: inputs.accessPoint,\n cluster: inputs.k8sCluster,\n provider: await getProvider(inputs.k8sCluster),\n })\n}\n\nexport type CreateGatewayArgs = {\n name: string\n namespace: Input<Namespace>\n annotations?: Input<Record<string, string>>\n\n fqdn?: Input<string>\n fqdns?: InputArray<string>\n\n gateway: Input<k8s.Gateway>\n cluster: Input<k8s.Cluster>\n provider: Provider\n}\n\nexport function createGateway(args: CreateGatewayArgs): Output<gateway.v1.Gateway> {\n return output(args).apply(args => {\n if (args.cluster.id !== args.gateway.clusterId) {\n throw new Error(\n \"The provided Kubernetes cluster is different from the one where the gateway controller is deployed.\",\n )\n }\n\n return new gateway.v1.Gateway(\n args.name,\n {\n metadata: {\n name: args.name,\n namespace: mapNamespaceLikeToNamespaceName(args.namespace),\n annotations: args.annotations,\n },\n spec: {\n gatewayClassName: output(args.gateway).gatewayClassName,\n listeners: normalize(args.fqdn, args.fqdns).map(fqdn => {\n const normalizedName = fqdn.replace(/\\*/g, \"wildcard\")\n\n return {\n name: `https-${normalizedName}`,\n port: output(args.gateway).httpsListenerPort,\n protocol: \"HTTPS\",\n hostname: fqdn,\n tls: {\n mode: \"Terminate\",\n certificateRefs: [{ name: normalizedName }],\n },\n }\n }),\n },\n },\n { provider: args.provider, deletedWith: args.namespace },\n )\n })\n}\n","import type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\nimport type { network } from \"@highstate/library\"\nimport { apply, normalize, type InputArray } from \"@highstate/pulumi\"\nimport {\n ComponentResource,\n output,\n type ComponentResourceOptions,\n type Input,\n type Output,\n type Unwrap,\n} from \"@pulumi/pulumi\"\nimport { mapValues, omitBy, pipe } from \"remeda\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { readPackageJSON } from \"pkg-types\"\nimport { text, trimIndentation } from \"@highstate/contract\"\nimport { parseL34Endpoint } from \"@highstate/common\"\nimport { serializeFunction } from \"@pulumi/pulumi/runtime/index.js\"\nimport { type CommonArgs } from \"../shared\"\nimport { ConfigMap } from \"../config-map\"\nimport {\n emptyScriptEnvironment,\n functionScriptImages,\n type ResolvedScriptEnvironment,\n type ScriptDistribution,\n type ScriptEnvironment,\n} from \"./environment\"\n\nexport type ScriptBundleArgs = CommonArgs & {\n /**\n * The environment to bundle the scripts from.\n */\n environment?: Input<ScriptEnvironment>\n\n /**\n * The environments to bundle the scripts from.\n */\n environments?: InputArray<ScriptEnvironment>\n\n /**\n * The distribution to use for the scripts.\n */\n distribution: ScriptDistribution\n}\n\nexport class ScriptBundle extends ComponentResource {\n /**\n * The config map containing the scripts.\n */\n readonly configMap: Output<ConfigMap>\n\n /**\n * The volumes that should be included in the workload.\n */\n readonly volumes: Output<WorkloadVolume[]>\n\n /**\n * The volume mounts that should be defined in the container.\n */\n readonly volumeMounts: Output<ContainerVolumeMount[]>\n\n /**\n * The environment variables that should be defined in the container.\n */\n readonly environment: Output<ContainerEnvironment>\n\n /**\n * The image to use for the scripts.\n */\n readonly image: Output<string>\n\n /**\n * The distribution to use for the scripts.\n */\n readonly distribution: ScriptDistribution\n\n /**\n * The list of endpoints that the script is allowed to access.\n */\n readonly allowedEndpoints: Output<network.L34Endpoint[]>\n\n constructor(name: string, args: ScriptBundleArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:ScriptBundle\", name, args, opts)\n\n const scriptEnvironment = pipe(\n output(args),\n apply(args => normalize(args.environment, args.environments)),\n apply(args => deepmerge(emptyScriptEnvironment, ...args)),\n ) as Output<Unwrap<ResolvedScriptEnvironment>>\n\n const hasFunctionScripts = scriptEnvironment.apply(scriptEnvironment => {\n return Object.values(scriptEnvironment.files).some(file => typeof file === \"function\")\n })\n\n this.distribution = args.distribution\n this.environment = scriptEnvironment.environment\n\n this.image = hasFunctionScripts.apply(hasFunctionScripts =>\n output(\n hasFunctionScripts\n ? functionScriptImages[args.distribution]\n : scriptEnvironment[args.distribution].image,\n ),\n )\n\n this.allowedEndpoints = output({ scriptEnvironment, hasFunctionScripts }).apply(\n ({ scriptEnvironment, hasFunctionScripts }) => {\n const allowedEndpoints = [\n ...scriptEnvironment.allowedEndpoints,\n ...scriptEnvironment[args.distribution].allowedEndpoints,\n ]\n\n if (hasFunctionScripts) {\n allowedEndpoints.push(\"tcp://registry.npmjs.org:443\")\n }\n\n return allowedEndpoints.map(parseL34Endpoint)\n },\n )\n\n this.configMap = output({ scriptEnvironment, args }).apply(({ scriptEnvironment, args }) => {\n return ConfigMap.create(\n name,\n {\n cluster: args.cluster,\n namespace: args.namespace,\n\n data: createScriptData(this.distribution, scriptEnvironment),\n },\n { ...opts, parent: this },\n )\n })\n\n this.volumes = output({ hasFunctionScripts, volumes: scriptEnvironment.volumes }).apply(\n ({ hasFunctionScripts, volumes }) => {\n return [\n ...volumes,\n {\n name: this.configMap.metadata.name,\n\n configMap: {\n name: this.configMap.metadata.name,\n defaultMode: 0o550, // read and execute permissions\n },\n },\n ...(hasFunctionScripts ? [{ name: \"node-modules\", emptyDir: {} }] : []),\n ]\n },\n )\n\n this.volumeMounts = output({\n hasFunctionScripts,\n volumeMounts: scriptEnvironment.volumeMounts,\n }).apply(({ hasFunctionScripts, volumeMounts }) => {\n return [\n ...volumeMounts,\n {\n volume: this.configMap,\n mountPath: \"/scripts\",\n },\n ...(hasFunctionScripts\n ? [{ name: \"node-modules\", mountPath: \"/scripts/node_modules\" }]\n : []),\n ]\n })\n\n this.registerOutputs({\n configMap: this.configMap,\n volumes: this.volumes,\n volumeMounts: this.volumeMounts,\n environment: this.environment,\n distribution: this.distribution,\n allowedEndpoints: this.allowedEndpoints,\n image: this.image,\n })\n }\n}\n\nfunction stripWorkspacePrefix(value: string): string {\n if (value.startsWith(\"workspace:\")) {\n return value.replace(\"workspace:\", \"\")\n }\n\n return value\n}\n\nasync function createScriptData(\n distribution: ScriptDistribution,\n environment: Unwrap<ResolvedScriptEnvironment>,\n): Promise<Record<string, string>> {\n const scriptData: Record<string, string> = {}\n const actions: string[] = []\n\n const distributionEnvironment = environment[distribution]\n const setupScripts = { ...environment.setupScripts }\n\n let hasFunctionScripts = false\n\n for (const key in environment.files) {\n if (typeof environment.files[key] === \"function\") {\n const serialized = await serializeFunction(environment.files[key])\n\n scriptData[key] = text`\n #!/usr/local/bin/bun\n \n ${serialized.text}\n\n exports.${serialized.exportName}()\n `\n\n hasFunctionScripts = true\n } else {\n scriptData[key] = environment.files[key]\n }\n }\n\n if (hasFunctionScripts) {\n const packageJson = await readPackageJSON()\n\n packageJson.dependencies = omitBy(\n mapValues(packageJson.dependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n packageJson.devDependencies = omitBy(\n mapValues(packageJson.devDependencies ?? {}, stripWorkspacePrefix),\n (_, key) => key.startsWith(\"@highstate/\"),\n )\n\n scriptData[\"package.json\"] = JSON.stringify(packageJson, null, 2)\n\n setupScripts[\"resolve-dependencies.sh\"] = text`\n #!/usr/local/bin/bun\n set -e\n\n cd /scripts\n bun install --production\n `\n }\n\n if (distributionEnvironment.preInstallPackages.length > 0) {\n scriptData[\"pre-install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.preInstallPackages,\n )\n\n actions.push(`\n echo \"+ Installing pre-install packages...\"\n /scripts/pre-install-packages.sh\n echo \"+ Pre-install packages installed successfully\"\n `)\n }\n\n if (Object.keys(distributionEnvironment.preInstallScripts).length > 0) {\n for (const key in distributionEnvironment.preInstallScripts) {\n scriptData[`pre-install-${key}`] = distributionEnvironment.preInstallScripts[key]\n\n actions.push(`\n echo \"+ Running pre-install script '${key}'...\"\n /scripts/pre-install-${key}\n echo \"+ Pre-install script '${key}'... Done\"\n `)\n }\n }\n\n if (distributionEnvironment.packages.length > 0) {\n scriptData[\"install-packages.sh\"] = getInstallPackagesScript(\n distribution,\n distributionEnvironment.packages,\n )\n\n actions.push(`\n echo \"+ Installing packages...\"\n /scripts/install-packages.sh\n echo \"+ Packages installed successfully\"\n `)\n }\n\n if (Object.keys(setupScripts).length > 0) {\n for (const key in setupScripts) {\n scriptData[`setup-${key}`] = setupScripts[key]\n\n actions.push(`\n echo \"+ Running setup script '${key}'...\"\n /scripts/setup-${key}\n echo \"+ Setup script '${key}'... Done\"\n `)\n }\n }\n\n if (Object.keys(environment.cleanupScripts).length > 0) {\n const cleanupActions: string[] = []\n\n for (const key in environment.cleanupScripts) {\n scriptData[`cleanup-${key}`] = environment.cleanupScripts[key]\n\n cleanupActions.push(`\n echo \"+ Running cleanup script '${key}'...\"\n /scripts/cleanup-${key}\n echo \"+ Cleanup script '${key}'... Done\"\n `)\n }\n\n actions.push(`\n function cleanup() {\n ${cleanupActions.map(s => s.trim()).join(\"\\n\\n\")}\n }\n\n trap cleanup EXIT\n trap cleanup SIGTERM\n `)\n }\n\n scriptData[\"entrypoint.sh\"] = trimIndentation(`\n #!/bin/sh\n set -e\n\n if [ -z \"$1\" ]; then\n echo \"Usage: entrypoint.sh <main script> [args...]\"\n exit 1\n fi\n\n ${actions.map(s => s.trim()).join(\"\\n\\n\")}\n\n echo \"+ Running main script...\"\n $@\n echo \"+ Main script completed\"\n `)\n\n return scriptData\n}\n\nfunction getInstallPackagesScript(distribution: ScriptDistribution, packages: string[]): string {\n if (distribution === \"alpine\") {\n return text`\n #!/bin/sh\n set -e\n\n apk add --no-cache ${packages.join(\" \")}\n `\n } else {\n return text`\n #!/bin/sh\n set -e\n\n apt-get update\n apt-get install -y ${packages.join(\" \")}\n `\n }\n}\n","import type { Input, InputArray, InputMap } from \"@highstate/pulumi\"\nimport type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from \"../container\"\nimport type { InputL34Endpoint } from \"@highstate/common\"\n\nexport type ScriptDistribution = \"alpine\" | \"ubuntu\"\n\nexport type DistributionEnvironment = {\n /**\n * The image that should be used for the distribution.\n */\n image?: Input<string>\n\n /**\n * The utility packages that should be installed before running \"preInstallScripts\".\n *\n * Useful for installing tools like `curl` to install additional repositories.\n */\n preInstallPackages?: InputArray<string>\n\n /**\n * The pre-install scripts that should be run before installing packages.\n * Typically, these scripts are used to install additional repositories.\n */\n preInstallScripts?: InputMap<string>\n\n /**\n * The packages that are available in the environment.\n */\n packages?: InputArray<string>\n\n /**\n * The endpoint which the script is allowed to access scoped to the distribution.\n *\n * Typically, this is used to allow access to the package manager.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputL34Endpoint>\n}\n\nexport type ScriptProgram = () => unknown\n\nexport type ScriptEnvironment = {\n [distribution in ScriptDistribution]?: DistributionEnvironment\n} & {\n /**\n * The setup scripts that should be run before the script.\n */\n setupScripts?: InputMap<string>\n\n /**\n * The cleanup scripts that should be run after the script.\n */\n cleanupScripts?: InputMap<string>\n\n /**\n * The arbitrary files available in the environment including scripts.\n */\n files?: InputMap<string | ScriptProgram>\n\n /**\n * The volumes that should be defined in the environment.\n */\n volumes?: InputArray<WorkloadVolume>\n\n /**\n * The volume mounts that should be defined in the environment.\n */\n volumeMounts?: InputArray<ContainerVolumeMount>\n\n /**\n * The environment variables that should be defined in the environment.\n */\n environment?: Input<ContainerEnvironment>\n\n /**\n * The endpoint which the script is allowed to access.\n *\n * Will be used to generate a network policy.\n */\n allowedEndpoints?: InputArray<InputL34Endpoint>\n}\n\nexport type ResolvedScriptEnvironment = Omit<Required<ScriptEnvironment>, ScriptDistribution> & {\n [distribution in ScriptDistribution]: Required<DistributionEnvironment>\n}\n\nconst emptyDistributionEnvironment = {\n preInstallPackages: [],\n preInstallScripts: {},\n packages: [],\n}\n\nexport const emptyScriptEnvironment: ResolvedScriptEnvironment = {\n alpine: {\n ...emptyDistributionEnvironment,\n image: \"alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c\",\n allowedEndpoints: [\n //\n \"tcp://dl-cdn.alpinelinux.org:443\",\n \"tcp://dl-cdn.alpinelinux.org:80\",\n ],\n },\n\n ubuntu: {\n ...emptyDistributionEnvironment,\n image: \"ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782\",\n allowedEndpoints: [\n //\n \"tcp://archive.ubuntu.com:80\",\n \"tcp://archive.ubuntu.com:443\",\n \"tcp://security.ubuntu.com:80\",\n \"tcp://security.ubuntu.com:443\",\n ],\n },\n\n setupScripts: {},\n cleanupScripts: {},\n files: {},\n volumes: [],\n volumeMounts: [],\n environment: {},\n allowedEndpoints: [],\n}\n\nexport const functionScriptImages: Record<ScriptDistribution, string> = {\n alpine: \"oven/bun@sha256:6b14922b0885c3890cdb0b396090af1da486ba941df5ee94391eef64f7113c61\",\n ubuntu: \"oven/bun@sha256:66b431441dc4c36d7e8164bfc61e6348ec1d7ce2862fc3a29f5dc9856e8205e4\",\n}\n","import type { Container } from \"../container\"\nimport type { ScriptBundle } from \"./bundle\"\nimport { merge } from \"remeda\"\nimport { Output, output, type Input } from \"@pulumi/pulumi\"\n\nexport type ScriptContainer = Container & {\n /**\n * The script bundle to use.\n */\n bundle: Input<ScriptBundle>\n\n /**\n * The name of the main script to run.\n * The script must be available in the bundle.\n */\n main: Input<string>\n}\n\n/**\n * Creates a spec for a container that runs a script.\n * This spec can be used to create a complete workload or an init container.\n *\n * @param options The options to create the container spec.\n * @returns The container spec.\n */\nexport function createScriptContainer(options: ScriptContainer): Output<Container> {\n const bundle = output(options.bundle)\n\n return output({\n options,\n image: bundle.image,\n volumeMounts: bundle.volumeMounts,\n volumes: bundle.volumes,\n environment: bundle.environment,\n allowedEndpoints: bundle.allowedEndpoints,\n }).apply(({ options, image, volumeMounts, volumes, environment, allowedEndpoints }) => {\n return {\n image,\n command: [\"/scripts/entrypoint.sh\", `/scripts/${options.main}`],\n\n ...options,\n\n volumeMounts: [...volumeMounts, ...(options.volumeMounts ?? [])],\n volumes: [...volumes, ...(options.volumes ?? [])],\n environment: merge(environment, options.environment),\n allowedEndpoints: [...allowedEndpoints, ...(options.allowedEndpoints ?? [])],\n } as Container\n })\n}\n","import { batch, type types } from \"@pulumi/kubernetes\"\nimport { ComponentResource, Output, output, type ComponentResourceOptions } from \"@highstate/pulumi\"\nimport { mergeDeep, omit } from \"remeda\"\nimport { commonExtraArgs, getProvider, mapMetadata } from \"./shared\"\nimport { getWorkloadComponents, type WorkloadArgs } from \"./workload\"\n\nexport type JobArgs = WorkloadArgs &\n Omit<Partial<types.input.batch.v1.JobSpec>, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n\nconst jobExtraArgs = [...commonExtraArgs, \"container\", \"containers\"] as const\n\nexport class Job extends ComponentResource {\n /**\n * The underlying Kubernetes job.\n */\n public readonly job: Output<batch.v1.Job>\n\n constructor(name: string, args: JobArgs, opts: ComponentResourceOptions) {\n super(\"highstate:k8s:Job\", name, args, opts)\n\n const { podTemplate } = getWorkloadComponents(name, args, () => this, opts)\n\n this.job = output({ args, podTemplate }).apply(async ({ args, podTemplate }) => {\n return new batch.v1.Job(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: mergeDeep(\n {\n template: mergeDeep(\n {\n spec: {\n restartPolicy: \"Never\",\n },\n },\n podTemplate,\n ),\n } satisfies types.input.batch.v1.JobSpec,\n omit(args, jobExtraArgs) as types.input.batch.v1.JobSpec,\n ),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n }\n}\n","import type { RequiredKeys } from \"@highstate/contract\"\nimport { batch, type types } from \"@pulumi/kubernetes\"\nimport { ComponentResource, Output, output, type ComponentResourceOptions } from \"@highstate/pulumi\"\nimport { mergeDeep, omit } from \"remeda\"\nimport { commonExtraArgs, getProvider, mapMetadata } from \"./shared\"\nimport { getWorkloadComponents, type WorkloadArgs } from \"./workload\"\n\nexport type CronJobArgs = WorkloadArgs &\n Omit<RequiredKeys<Partial<types.input.batch.v1.CronJobSpec>, \"schedule\">, \"jobTemplate\"> & {\n jobTemplate?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Omit<types.input.batch.v1.JobSpec, \"template\"> & {\n template?: {\n metadata?: types.input.meta.v1.ObjectMeta\n spec?: Partial<types.input.core.v1.PodSpec>\n }\n }\n }\n }\n\nconst cronJobExtraArgs = [...commonExtraArgs, \"container\", \"containers\"] as const\n\nexport class CronJob extends ComponentResource {\n /**\n * The underlying Kubernetes job.\n */\n public readonly cronJob: Output<batch.v1.CronJob>\n\n constructor(name: string, args: CronJobArgs, opts: ComponentResourceOptions) {\n super(\"highstate:k8s:CronJob\", name, args, opts)\n\n const { podTemplate } = getWorkloadComponents(name, args, () => this, opts)\n\n this.cronJob = output({ args, podTemplate }).apply(async ({ args, podTemplate }) => {\n return new batch.v1.CronJob(\n name,\n {\n metadata: mapMetadata(args, name),\n\n spec: mergeDeep(\n {\n jobTemplate: {\n spec: {\n template: mergeDeep(\n {\n spec: {\n restartPolicy: \"Never\",\n },\n },\n podTemplate,\n ),\n },\n },\n\n schedule: args.schedule,\n } satisfies types.input.batch.v1.CronJobSpec,\n omit(args, cronJobExtraArgs) as types.input.batch.v1.CronJobSpec,\n ),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,SAAS,cAAc,iBAAiB,0BAA0B;AAClE,SAAS,eAAe;AACxB;AAAA,EACE;AAAA,EAEA;AAAA,EACA;AAAA,OAGK;AA0BA,SAAS,eAAe,MAAyD;AACtF,QAAM,SAAS,OAAO,EAAE,MAAM,eAAe,OAAO,KAAK,SAAS,EAAE,SAAS,KAAK,CAAC,EAAE;AAAA,IACnF,CAAC,EAAE,MAAAA,OAAM,cAAc,MAAM;AAC3B,UAAIA,MAAK,YAAY,cAAcA,MAAK,QAAQ,IAAI;AAClD,cAAM,IAAI;AAAA,UACR;AAAA,QACF;AAAA,MACF;AAEA,YAAMC,WAAU,cAAc;AAAA,QAC5B,GAAGD;AAAA,QACH,aAAa;AAAA,UACX,kCAAkCA,MAAK,YAAY,UAAU;AAAA,QAC/D;AAAA,QACA,SAASA,MAAK,YAAY;AAAA,MAC5B,CAAC;AAED,YAAM,gBAAgB,UAAUA,MAAK,MAAMA,MAAK,KAAK,EAAE,QAAQ,UAAQ;AACrE,eAAO,aAAa,OAAO,MAAM;AAAA,UAC/B,WAAWA,MAAK,YAAY;AAAA,UAC5B,QAAQ;AAAA,YACNA,MAAK,YAAY,QAAQ,UAAU,OAAO,cAAY,SAAS,SAAS,UAAU;AAAA,UACpF;AAAA,QACF,CAAC;AAAA,MACH,CAAC;AAED,YAAM,kBAA2C;AAAA,QAC/C,cAAc;AAAA,UACZ,sBAAsB,mBAAmBA,MAAK,YAAY,QAAQ,UAAU,CAAC,CAAC,CAAC;AAAA,UAC/E;AAAA,YACE,WAAWA,MAAK;AAAA,YAChB,SAASA,MAAK;AAAA,YAEd,aAAa,8CAA8C,mBAAmBA,MAAK,YAAY,QAAQ,UAAU,CAAC,CAAC,CAAC;AAAA,YAEpH,aAAa;AAAA,cACX,eAAeA,MAAK,YAAY,QAAQ;AAAA,YAC1C;AAAA,UACF;AAAA,UACA,EAAE,UAAUA,MAAK,SAAS;AAAA,QAC5B;AAAA,MACF;AAEA,UAAI,cAAcA,MAAK,YAAY,QAAQ,UAAU,CAAC,GAAGA,MAAK,OAAO,GAAG;AACtE,wBAAgB;AAAA,UACd,cAAc;AAAA,YACZ,mBAAmB,aAAa;AAAA,YAChC;AAAA,cACE,WAAWA,MAAK,YAAY,QAAQ,UAAU,CAAC,EAAE,SAAS,WAAW;AAAA,cACrE,SAASA,MAAK;AAAA,cAEd,UAAUA,MAAK,YAAY,QAAQ,UAAU,CAAC,EAAE,SAAS,WAAW;AAAA,cAEpE,aAAa,0CAA0C,aAAa;AAAA,cAEpE,YAAY;AAAA,gBACV,aAAaA,MAAK;AAAA,cACpB;AAAA,YACF;AAAA,YACA,EAAE,UAAUA,MAAK,SAAS;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAEA,aAAO,OAAO;AAAA,QACZ,SAAAC;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO,UAAU,MAAM;AACzB;AAYA,eAAsB,sBACpB,WACA,MACA,QAC+B;AAC/B,SAAO,MAAM,eAAe;AAAA,IAC1B,MAAM,KAAK;AAAA,IACX;AAAA,IAEA,MAAM,KAAK;AAAA,IAEX,aAAa,OAAO;AAAA,IACpB,SAAS,OAAO;AAAA,IAChB,UAAU,MAAM,YAAY,OAAO,UAAU;AAAA,EAC/C,CAAC;AACH;AAeO,SAAS,cAAc,MAAqD;AACjF,SAAO,OAAO,IAAI,EAAE,MAAM,CAAAD,UAAQ;AAChC,QAAIA,MAAK,QAAQ,OAAOA,MAAK,QAAQ,WAAW;AAC9C,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,WAAO,IAAI,QAAQ,GAAG;AAAA,MACpBA,MAAK;AAAA,MACL;AAAA,QACE,UAAU;AAAA,UACR,MAAMA,MAAK;AAAA,UACX,WAAW,gCAAgCA,MAAK,SAAS;AAAA,UACzD,aAAaA,MAAK;AAAA,QACpB;AAAA,QACA,MAAM;AAAA,UACJ,kBAAkB,OAAOA,MAAK,OAAO,EAAE;AAAA,UACvC,WAAW,UAAUA,MAAK,MAAMA,MAAK,KAAK,EAAE,IAAI,UAAQ;AACtD,kBAAM,iBAAiB,KAAK,QAAQ,OAAO,UAAU;AAErD,mBAAO;AAAA,cACL,MAAM,SAAS,cAAc;AAAA,cAC7B,MAAM,OAAOA,MAAK,OAAO,EAAE;AAAA,cAC3B,UAAU;AAAA,cACV,UAAU;AAAA,cACV,KAAK;AAAA,gBACH,MAAM;AAAA,gBACN,iBAAiB,CAAC,EAAE,MAAM,eAAe,CAAC;AAAA,cAC5C;AAAA,YACF;AAAA,UACF,CAAC;AAAA,QACH;AAAA,MACF;AAAA,MACA,EAAE,UAAUA,MAAK,UAAU,aAAaA,MAAK,UAAU;AAAA,IACzD;AAAA,EACF,CAAC;AACH;;;AC5LA,SAAS,OAAO,aAAAE,kBAAkC;AAClD;AAAA,EACE;AAAA,EACA,UAAAC;AAAA,OAKK;AACP,SAAS,WAAW,QAAQ,YAAY;AACxC,SAAS,iBAAiB;AAC1B,SAAS,uBAAuB;AAChC,SAAS,MAAM,uBAAuB;AACtC,SAAS,wBAAwB;AACjC,SAAS,yBAAyB;;;ACuElC,IAAM,+BAA+B;AAAA,EACnC,oBAAoB,CAAC;AAAA,EACrB,mBAAmB,CAAC;AAAA,EACpB,UAAU,CAAC;AACb;AAEO,IAAM,yBAAoD;AAAA,EAC/D,QAAQ;AAAA,IACN,GAAG;AAAA,IACH,OAAO;AAAA,IACP,kBAAkB;AAAA;AAAA,MAEhB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,QAAQ;AAAA,IACN,GAAG;AAAA,IACH,OAAO;AAAA,IACP,kBAAkB;AAAA;AAAA,MAEhB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,cAAc,CAAC;AAAA,EACf,gBAAgB,CAAC;AAAA,EACjB,OAAO,CAAC;AAAA,EACR,SAAS,CAAC;AAAA,EACV,cAAc,CAAC;AAAA,EACf,aAAa,CAAC;AAAA,EACd,kBAAkB,CAAC;AACrB;AAEO,IAAM,uBAA2D;AAAA,EACtE,QAAQ;AAAA,EACR,QAAQ;AACV;;;ADpFO,IAAM,eAAN,cAA2B,kBAAkB;AAAA;AAAA;AAAA;AAAA,EAIzC;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA,EAET,YAAY,MAAc,MAAwB,MAAiC;AACjF,UAAM,8BAA8B,MAAM,MAAM,IAAI;AAEpD,UAAM,oBAAoB;AAAA,MACxBC,QAAO,IAAI;AAAA,MACX,MAAM,CAAAC,UAAQC,WAAUD,MAAK,aAAaA,MAAK,YAAY,CAAC;AAAA,MAC5D,MAAM,CAAAA,UAAQ,UAAU,wBAAwB,GAAGA,KAAI,CAAC;AAAA,IAC1D;AAEA,UAAM,qBAAqB,kBAAkB,MAAM,CAAAE,uBAAqB;AACtE,aAAO,OAAO,OAAOA,mBAAkB,KAAK,EAAE,KAAK,UAAQ,OAAO,SAAS,UAAU;AAAA,IACvF,CAAC;AAED,SAAK,eAAe,KAAK;AACzB,SAAK,cAAc,kBAAkB;AAErC,SAAK,QAAQ,mBAAmB;AAAA,MAAM,CAAAC,wBACpCJ;AAAA,QACEI,sBACI,qBAAqB,KAAK,YAAY,IACtC,kBAAkB,KAAK,YAAY,EAAE;AAAA,MAC3C;AAAA,IACF;AAEA,SAAK,mBAAmBJ,QAAO,EAAE,mBAAmB,mBAAmB,CAAC,EAAE;AAAA,MACxE,CAAC,EAAE,mBAAAG,oBAAmB,oBAAAC,oBAAmB,MAAM;AAC7C,cAAM,mBAAmB;AAAA,UACvB,GAAGD,mBAAkB;AAAA,UACrB,GAAGA,mBAAkB,KAAK,YAAY,EAAE;AAAA,QAC1C;AAEA,YAAIC,qBAAoB;AACtB,2BAAiB,KAAK,8BAA8B;AAAA,QACtD;AAEA,eAAO,iBAAiB,IAAI,gBAAgB;AAAA,MAC9C;AAAA,IACF;AAEA,SAAK,YAAYJ,QAAO,EAAE,mBAAmB,KAAK,CAAC,EAAE,MAAM,CAAC,EAAE,mBAAAG,oBAAmB,MAAAF,MAAK,MAAM;AAC1F,aAAO,UAAU;AAAA,QACf;AAAA,QACA;AAAA,UACE,SAASA,MAAK;AAAA,UACd,WAAWA,MAAK;AAAA,UAEhB,MAAM,iBAAiB,KAAK,cAAcE,kBAAiB;AAAA,QAC7D;AAAA,QACA,EAAE,GAAG,MAAM,QAAQ,KAAK;AAAA,MAC1B;AAAA,IACF,CAAC;AAED,SAAK,UAAUH,QAAO,EAAE,oBAAoB,SAAS,kBAAkB,QAAQ,CAAC,EAAE;AAAA,MAChF,CAAC,EAAE,oBAAAI,qBAAoB,QAAQ,MAAM;AACnC,eAAO;AAAA,UACL,GAAG;AAAA,UACH;AAAA,YACE,MAAM,KAAK,UAAU,SAAS;AAAA,YAE9B,WAAW;AAAA,cACT,MAAM,KAAK,UAAU,SAAS;AAAA,cAC9B,aAAa;AAAA;AAAA,YACf;AAAA,UACF;AAAA,UACA,GAAIA,sBAAqB,CAAC,EAAE,MAAM,gBAAgB,UAAU,CAAC,EAAE,CAAC,IAAI,CAAC;AAAA,QACvE;AAAA,MACF;AAAA,IACF;AAEA,SAAK,eAAeJ,QAAO;AAAA,MACzB;AAAA,MACA,cAAc,kBAAkB;AAAA,IAClC,CAAC,EAAE,MAAM,CAAC,EAAE,oBAAAI,qBAAoB,aAAa,MAAM;AACjD,aAAO;AAAA,QACL,GAAG;AAAA,QACH;AAAA,UACE,QAAQ,KAAK;AAAA,UACb,WAAW;AAAA,QACb;AAAA,QACA,GAAIA,sBACA,CAAC,EAAE,MAAM,gBAAgB,WAAW,wBAAwB,CAAC,IAC7D,CAAC;AAAA,MACP;AAAA,IACF,CAAC;AAED,SAAK,gBAAgB;AAAA,MACnB,WAAW,KAAK;AAAA,MAChB,SAAS,KAAK;AAAA,MACd,cAAc,KAAK;AAAA,MACnB,aAAa,KAAK;AAAA,MAClB,cAAc,KAAK;AAAA,MACnB,kBAAkB,KAAK;AAAA,MACvB,OAAO,KAAK;AAAA,IACd,CAAC;AAAA,EACH;AACF;AAEA,SAAS,qBAAqB,OAAuB;AACnD,MAAI,MAAM,WAAW,YAAY,GAAG;AAClC,WAAO,MAAM,QAAQ,cAAc,EAAE;AAAA,EACvC;AAEA,SAAO;AACT;AAEA,eAAe,iBACb,cACA,aACiC;AACjC,QAAM,aAAqC,CAAC;AAC5C,QAAM,UAAoB,CAAC;AAE3B,QAAM,0BAA0B,YAAY,YAAY;AACxD,QAAM,eAAe,EAAE,GAAG,YAAY,aAAa;AAEnD,MAAI,qBAAqB;AAEzB,aAAW,OAAO,YAAY,OAAO;AACnC,QAAI,OAAO,YAAY,MAAM,GAAG,MAAM,YAAY;AAChD,YAAM,aAAa,MAAM,kBAAkB,YAAY,MAAM,GAAG,CAAC;AAEjE,iBAAW,GAAG,IAAI;AAAA;AAAA;AAAA,UAGd,WAAW,IAAI;AAAA;AAAA,kBAEP,WAAW,UAAU;AAAA;AAGjC,2BAAqB;AAAA,IACvB,OAAO;AACL,iBAAW,GAAG,IAAI,YAAY,MAAM,GAAG;AAAA,IACzC;AAAA,EACF;AAEA,MAAI,oBAAoB;AACtB,UAAM,cAAc,MAAM,gBAAgB;AAE1C,gBAAY,eAAe;AAAA,MACzB,UAAU,YAAY,gBAAgB,CAAC,GAAG,oBAAoB;AAAA,MAC9D,CAAC,GAAG,QAAQ,IAAI,WAAW,aAAa;AAAA,IAC1C;AAEA,gBAAY,kBAAkB;AAAA,MAC5B,UAAU,YAAY,mBAAmB,CAAC,GAAG,oBAAoB;AAAA,MACjE,CAAC,GAAG,QAAQ,IAAI,WAAW,aAAa;AAAA,IAC1C;AAEA,eAAW,cAAc,IAAI,KAAK,UAAU,aAAa,MAAM,CAAC;AAEhE,iBAAa,yBAAyB,IAAI;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAO5C;AAEA,MAAI,wBAAwB,mBAAmB,SAAS,GAAG;AACzD,eAAW,yBAAyB,IAAI;AAAA,MACtC;AAAA,MACA,wBAAwB;AAAA,IAC1B;AAEA,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA,KAIZ;AAAA,EACH;AAEA,MAAI,OAAO,KAAK,wBAAwB,iBAAiB,EAAE,SAAS,GAAG;AACrE,eAAW,OAAO,wBAAwB,mBAAmB;AAC3D,iBAAW,eAAe,GAAG,EAAE,IAAI,wBAAwB,kBAAkB,GAAG;AAEhF,cAAQ,KAAK;AAAA,8CAC2B,GAAG;AAAA,+BAClB,GAAG;AAAA,sCACI,GAAG;AAAA,OAClC;AAAA,IACH;AAAA,EACF;AAEA,MAAI,wBAAwB,SAAS,SAAS,GAAG;AAC/C,eAAW,qBAAqB,IAAI;AAAA,MAClC;AAAA,MACA,wBAAwB;AAAA,IAC1B;AAEA,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA,KAIZ;AAAA,EACH;AAEA,MAAI,OAAO,KAAK,YAAY,EAAE,SAAS,GAAG;AACxC,eAAW,OAAO,cAAc;AAC9B,iBAAW,SAAS,GAAG,EAAE,IAAI,aAAa,GAAG;AAE7C,cAAQ,KAAK;AAAA,wCACqB,GAAG;AAAA,yBAClB,GAAG;AAAA,gCACI,GAAG;AAAA,OAC5B;AAAA,IACH;AAAA,EACF;AAEA,MAAI,OAAO,KAAK,YAAY,cAAc,EAAE,SAAS,GAAG;AACtD,UAAM,iBAA2B,CAAC;AAElC,eAAW,OAAO,YAAY,gBAAgB;AAC5C,iBAAW,WAAW,GAAG,EAAE,IAAI,YAAY,eAAe,GAAG;AAE7D,qBAAe,KAAK;AAAA,0CACgB,GAAG;AAAA,2BAClB,GAAG;AAAA,kCACI,GAAG;AAAA,OAC9B;AAAA,IACH;AAEA,YAAQ,KAAK;AAAA;AAAA,QAET,eAAe,IAAI,OAAK,EAAE,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC;AAAA;AAAA;AAAA;AAAA;AAAA,KAKjD;AAAA,EACH;AAEA,aAAW,eAAe,IAAI,gBAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAS5C,QAAQ,IAAI,OAAK,EAAE,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC;AAAA;AAAA;AAAA;AAAA;AAAA,GAKxC;AAED,SAAO;AACT;AAEA,SAAS,yBAAyB,cAAkC,UAA4B;AAC9F,MAAI,iBAAiB,UAAU;AAC7B,WAAO;AAAA;AAAA;AAAA;AAAA,2BAIgB,SAAS,KAAK,GAAG,CAAC;AAAA;AAAA,EAE3C,OAAO;AACL,WAAO;AAAA;AAAA;AAAA;AAAA;AAAA,2BAKgB,SAAS,KAAK,GAAG,CAAC;AAAA;AAAA,EAE3C;AACF;;;AE1VA,SAAS,aAAa;AACtB,SAAiB,UAAAC,eAA0B;AAsBpC,SAAS,sBAAsB,SAA6C;AACjF,QAAM,SAASA,QAAO,QAAQ,MAAM;AAEpC,SAAOA,QAAO;AAAA,IACZ;AAAA,IACA,OAAO,OAAO;AAAA,IACd,cAAc,OAAO;AAAA,IACrB,SAAS,OAAO;AAAA,IAChB,aAAa,OAAO;AAAA,IACpB,kBAAkB,OAAO;AAAA,EAC3B,CAAC,EAAE,MAAM,CAAC,EAAE,SAAAC,UAAS,OAAO,cAAc,SAAS,aAAa,iBAAiB,MAAM;AACrF,WAAO;AAAA,MACL;AAAA,MACA,SAAS,CAAC,0BAA0B,YAAYA,SAAQ,IAAI,EAAE;AAAA,MAE9D,GAAGA;AAAA,MAEH,cAAc,CAAC,GAAG,cAAc,GAAIA,SAAQ,gBAAgB,CAAC,CAAE;AAAA,MAC/D,SAAS,CAAC,GAAG,SAAS,GAAIA,SAAQ,WAAW,CAAC,CAAE;AAAA,MAChD,aAAa,MAAM,aAAaA,SAAQ,WAAW;AAAA,MACnD,kBAAkB,CAAC,GAAG,kBAAkB,GAAIA,SAAQ,oBAAoB,CAAC,CAAE;AAAA,IAC7E;AAAA,EACF,CAAC;AACH;;;AChDA,SAAS,aAAyB;AAClC,SAAS,qBAAAC,oBAA2B,UAAAC,eAA6C;AACjF,SAAS,WAAW,YAAY;AAYhC,IAAM,eAAe,CAAC,GAAG,iBAAiB,aAAa,YAAY;AAE5D,IAAM,MAAN,cAAkBC,mBAAkB;AAAA;AAAA;AAAA;AAAA,EAIzB;AAAA,EAEhB,YAAY,MAAc,MAAe,MAAgC;AACvE,UAAM,qBAAqB,MAAM,MAAM,IAAI;AAE3C,UAAM,EAAE,YAAY,IAAI,sBAAsB,MAAM,MAAM,MAAM,MAAM,IAAI;AAE1E,SAAK,MAAMC,QAAO,EAAE,MAAM,YAAY,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,aAAAC,aAAY,MAAM;AAC9E,aAAO,IAAI,MAAM,GAAG;AAAA,QAClB;AAAA,QACA;AAAA,UACE,UAAU,YAAYD,OAAM,IAAI;AAAA,UAChC,MAAM;AAAA,YACJ;AAAA,cACE,UAAU;AAAA,gBACR;AAAA,kBACE,MAAM;AAAA,oBACJ,eAAe;AAAA,kBACjB;AAAA,gBACF;AAAA,gBACAC;AAAA,cACF;AAAA,YACF;AAAA,YACA,KAAKD,OAAM,YAAY;AAAA,UACzB;AAAA,QACF;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;ACrDA,SAAS,SAAAE,cAAyB;AAClC,SAAS,qBAAAC,oBAA2B,UAAAC,eAA6C;AACjF,SAAS,aAAAC,YAAW,QAAAC,aAAY;AAiBhC,IAAM,mBAAmB,CAAC,GAAG,iBAAiB,aAAa,YAAY;AAEhE,IAAM,UAAN,cAAsBC,mBAAkB;AAAA;AAAA;AAAA;AAAA,EAI7B;AAAA,EAEhB,YAAY,MAAc,MAAmB,MAAgC;AAC3E,UAAM,yBAAyB,MAAM,MAAM,IAAI;AAE/C,UAAM,EAAE,YAAY,IAAI,sBAAsB,MAAM,MAAM,MAAM,MAAM,IAAI;AAE1E,SAAK,UAAUC,QAAO,EAAE,MAAM,YAAY,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,aAAAC,aAAY,MAAM;AAClF,aAAO,IAAIC,OAAM,GAAG;AAAA,QAClB;AAAA,QACA;AAAA,UACE,UAAU,YAAYF,OAAM,IAAI;AAAA,UAEhC,MAAMG;AAAA,YACJ;AAAA,cACE,aAAa;AAAA,gBACX,MAAM;AAAA,kBACJ,UAAUA;AAAA,oBACR;AAAA,sBACE,MAAM;AAAA,wBACJ,eAAe;AAAA,sBACjB;AAAA,oBACF;AAAA,oBACAF;AAAA,kBACF;AAAA,gBACF;AAAA,cACF;AAAA,cAEA,UAAUD,MAAK;AAAA,YACjB;AAAA,YACAI,MAAKJ,OAAM,gBAAgB;AAAA,UAC7B;AAAA,QACF;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AACF;","names":["args","gateway","normalize","output","output","args","normalize","scriptEnvironment","hasFunctionScripts","output","options","ComponentResource","output","ComponentResource","output","args","podTemplate","batch","ComponentResource","output","mergeDeep","omit","ComponentResource","output","args","podTemplate","batch","mergeDeep","omit"]}
package/dist/stateful-set-K4GV7ZTK.js ADDED
@@ -0,0 +1,10 @@
1
+ import {
2
+ StatefulSet
3
+ } from "./chunk-VL7Z5FJQ.js";
4
+ import "./chunk-SARVLQZY.js";
5
+ import "./chunk-WEKIQRCZ.js";
6
+ import "./chunk-Y3LZSX7I.js";
7
+ export {
8
+ StatefulSet
9
+ };
10
+ //# sourceMappingURL=stateful-set-K4GV7ZTK.js.map
package/dist/units/cert-manager/index.js CHANGED
@@ -1,10 +1,10 @@
1
1
  import {
2
2
  Chart
3
- } from "../../chunk-7R2VAXVL.js";
4
- import "../../chunk-OP75IMU7.js";
3
+ } from "../../chunk-5S4JPM4M.js";
4
+ import "../../chunk-WEKIQRCZ.js";
5
5
  import {
6
6
  Namespace
7
- } from "../../chunk-HTQP2NB4.js";
7
+ } from "../../chunk-Y3LZSX7I.js";
8
8
 
9
9
  // src/units/cert-manager/index.ts
10
10
  import { k8s } from "@highstate/library";
package/dist/units/dns01-issuer/index.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import {
2
2
  getProvider
3
- } from "../../chunk-HTQP2NB4.js";
3
+ } from "../../chunk-Y3LZSX7I.js";
4
4
 
5
5
  // src/units/dns01-issuer/index.ts
6
6
  import { k8s } from "@highstate/library";
package/dist/units/gateway-api/index.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import {
2
2
  getProvider
3
- } from "../../chunk-HTQP2NB4.js";
3
+ } from "../../chunk-Y3LZSX7I.js";
4
4
 
5
5
  // src/units/gateway-api/index.ts
6
6
  import { k8s } from "@highstate/library";