npm - @highstate/k8s - Versions diffs - 0.9.9 → 0.9.11 - Mend

@highstate/k8s 0.9.9 → 0.9.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/dist/{chunk-7R2VAXVL.js → chunk-5S4JPM4M.js} +4 -3
package/dist/chunk-5S4JPM4M.js.map +1 -0
package/dist/{chunk-W72HEBHG.js → chunk-6L67WIZW.js} +3 -3
package/dist/{chunk-L6G2IHDP.js → chunk-SARVLQZY.js} +218 -45
package/dist/chunk-SARVLQZY.js.map +1 -0
package/dist/{chunk-WUJ7BFVE.js → chunk-VL7Z5FJQ.js} +3 -3
package/dist/{chunk-OP75IMU7.js → chunk-WEKIQRCZ.js} +43 -17
package/dist/chunk-WEKIQRCZ.js.map +1 -0
package/dist/{chunk-HTQP2NB4.js → chunk-Y3LZSX7I.js} +4 -17
package/dist/chunk-Y3LZSX7I.js.map +1 -0
package/dist/deployment-QTPBNKO5.js +10 -0
package/dist/highstate.manifest.json +8 -8
package/dist/index.js +29 -41
package/dist/index.js.map +1 -1
package/dist/stateful-set-K4GV7ZTK.js +10 -0
package/dist/units/cert-manager/index.js +3 -3
package/dist/units/dns01-issuer/index.js +1 -1
package/dist/units/gateway-api/index.js +1 -1
package/package.json +9 -9
package/src/config-map.ts +180 -0
package/src/container.ts +48 -2
package/src/cron-job.ts +8 -1
package/src/custom.ts +104 -0
package/src/helm.ts +2 -1
package/src/index.ts +1 -2
package/src/job.ts +8 -1
package/src/network-policy.ts +23 -21
package/src/network.ts +6 -6
package/src/scripting/bundle.ts +7 -5
package/src/secret.ts +4 -0
package/src/service.ts +8 -8
package/src/shared.ts +7 -19
package/src/workload.ts +50 -28
package/dist/chunk-7R2VAXVL.js.map +0 -1
package/dist/chunk-HTQP2NB4.js.map +0 -1
package/dist/chunk-L6G2IHDP.js.map +0 -1
package/dist/chunk-OP75IMU7.js.map +0 -1
package/dist/deployment-A26RVQ73.js +0 -10
package/dist/stateful-set-S5BHTDJY.js +0 -10
/package/dist/{chunk-W72HEBHG.js.map → chunk-6L67WIZW.js.map} +0 -0
/package/dist/{chunk-WUJ7BFVE.js.map → chunk-VL7Z5FJQ.js.map} +0 -0
/package/dist/{deployment-A26RVQ73.js.map → deployment-QTPBNKO5.js.map} +0 -0
/package/dist/{stateful-set-S5BHTDJY.js.map → stateful-set-K4GV7ZTK.js.map} +0 -0

package/src/index.ts CHANGED Viewed

@@ -4,8 +4,6 @@ export {
   mapNamespaceLikeToNamespaceName,
   mapNamespaceNameToSelector,
   mapSelectorLikeToSelector,
-  getAppName,
-  getAppDisplayName,
   type CommonArgs,
   type NamespaceLike,
   type SelectorLike,
@@ -23,6 +21,7 @@ export {
   isFromCluster,
 } from "./service"
 export { type SecretArgs, type CreateOrPatchSecretArgs, Secret } from "./secret"
+export { type ConfigMapArgs, type CreateOrPatchConfigMapArgs, ConfigMap } from "./config-map"
 export { type StatefulSetArgs, StatefulSet } from "./stateful-set"
 export {
   type NetworkPolicyArgs,

package/src/job.ts CHANGED Viewed

@@ -32,7 +32,14 @@ export class Job extends ComponentResource {
           metadata: mapMetadata(args, name),
           spec: mergeDeep(
             {
-              template: podTemplate,
+              template: mergeDeep(
+                {
+                  spec: {
+                    restartPolicy: "Never",
+                  },
+                },
+                podTemplate,
+              ),
             } satisfies types.input.batch.v1.JobSpec,
             omit(args, jobExtraArgs) as types.input.batch.v1.JobSpec,
           ),

package/src/network-policy.ts CHANGED Viewed

@@ -30,6 +30,7 @@ import {
   type SelectorLike,
 } from "./shared"
 import { getServiceMetadata, isFromCluster, mapServiceToLabelSelector } from "./service"
+import { requireBestEndpoint } from "./network"
 export type NetworkPolicyPort = {
   /**
@@ -439,34 +440,22 @@ export abstract class NetworkPolicy extends ComponentResource {
           )
           const parsedEndpoints = endpoints.map(parseL34Endpoint)
-          const endpointsByPortsAndNamespaces = groupBy(parsedEndpoints, endpoint => {
+          const endpointsNamespaces = groupBy(parsedEndpoints, endpoint => {
             const namespace = isFromCluster(endpoint, args.cluster)
               ? endpoint.metadata.k8sService.namespace
               : ""
-            const port = isFromCluster(endpoint, args.cluster)
-              ? endpoint.metadata.k8sService.targetPort
-              : endpoint.port
-            return `${port ?? "0"}:${namespace}`
+            return namespace
           })
-          const l3OnlyRule = endpointsByPortsAndNamespaces["0:"]
-            ? NetworkPolicy.getRuleFromEndpoint(
-                undefined,
-                endpointsByPortsAndNamespaces["0:"],
-                args.cluster,
-              )
+          const l3OnlyRule = endpointsNamespaces[""]
+            ? NetworkPolicy.getRuleFromEndpoint(undefined, endpointsNamespaces[""], args.cluster)
             : undefined
-          const otherRules = Object.entries(endpointsByPortsAndNamespaces)
-            .filter(([key]) => key !== "0:")
-            .map(([key, endpoints]) => {
-              const [port] = key.split(":")
-              const portNumber = parseInt(port, 10)
-              const portValue = isNaN(portNumber) ? port : portNumber
-              return NetworkPolicy.getRuleFromEndpoint(portValue, endpoints, args.cluster)
+          const otherRules = Object.entries(endpointsNamespaces)
+            .filter(([key]) => key !== "")
+            .map(([, endpoints]) => {
+              return NetworkPolicy.getRuleFromEndpoint(undefined, endpoints, args.cluster)
             })
           return [
@@ -772,7 +761,7 @@ export abstract class NetworkPolicy extends ComponentResource {
     const parsedEndpoint = parseL34Endpoint(endpoint)
     return NetworkPolicy.create(
-      `allow-egress-to-${l34EndpointToString(parsedEndpoint)}`,
+      `allow-egress-to-${l34EndpointToString(parsedEndpoint).replace(":", "-")}`,
       {
         namespace,
         cluster,
@@ -785,6 +774,19 @@ export abstract class NetworkPolicy extends ComponentResource {
     )
   }
+  static allowEgressToBestEndpoint(
+    endpoints: InputArray<InputL34Endpoint>,
+    namespace: Input<NamespaceLike>,
+    cluster: Input<k8s.Cluster>,
+    opts?: ResourceOptions,
+  ): Output<NetworkPolicy> {
+    return output({ endpoints, cluster }).apply(({ endpoints, cluster }) => {
+      const bestEndpoint = requireBestEndpoint(endpoints.map(parseL34Endpoint), cluster)
+      return NetworkPolicy.allowEgressToEndpoint(bestEndpoint, namespace, cluster, opts)
+    })
+  }
   static allowIngressFromEndpoint(
     endpoint: InputL34Endpoint,
     namespace: Input<NamespaceLike>,

package/src/network.ts CHANGED Viewed

@@ -2,10 +2,10 @@ import type { k8s, network } from "@highstate/library"
 import { filterEndpoints } from "@highstate/common"
 import { isFromCluster } from "./service"
-export function getBestEndpoint(
-  endpoints: network.L4Endpoint[],
+export function getBestEndpoint<TEndpoint extends network.L34Endpoint>(
+  endpoints: TEndpoint[],
   cluster?: k8s.Cluster,
-): network.L4Endpoint | undefined {
+): TEndpoint | undefined {
   if (!endpoints.length) {
     return undefined
   }
@@ -27,10 +27,10 @@ export function getBestEndpoint(
   return filterEndpoints(endpoints)[0]
 }
-export function requireBestEndpoint(
-  endpoints: network.L4Endpoint[],
+export function requireBestEndpoint<TEndpoint extends network.L34Endpoint>(
+  endpoints: TEndpoint[],
   cluster: k8s.Cluster,
-): network.L4Endpoint {
+): TEndpoint {
   const endpoint = getBestEndpoint(endpoints, cluster)
   if (!endpoint) {

package/src/scripting/bundle.ts CHANGED Viewed

@@ -1,6 +1,5 @@
 import type { ContainerEnvironment, ContainerVolumeMount, WorkloadVolume } from "../container"
 import type { network } from "@highstate/library"
-import { core } from "@pulumi/kubernetes"
 import { apply, normalize, type InputArray } from "@highstate/pulumi"
 import {
   ComponentResource,
@@ -16,7 +15,8 @@ import { readPackageJSON } from "pkg-types"
 import { text, trimIndentation } from "@highstate/contract"
 import { parseL34Endpoint } from "@highstate/common"
 import { serializeFunction } from "@pulumi/pulumi/runtime/index.js"
-import { mapMetadata, type CommonArgs } from "../shared"
+import { type CommonArgs } from "../shared"
+import { ConfigMap } from "../config-map"
 import {
   emptyScriptEnvironment,
   functionScriptImages,
@@ -46,7 +46,7 @@ export class ScriptBundle extends ComponentResource {
   /**
    * The config map containing the scripts.
    */
-  readonly configMap: Output<core.v1.ConfigMap>
+  readonly configMap: Output<ConfigMap>
   /**
    * The volumes that should be included in the workload.
@@ -118,10 +118,12 @@ export class ScriptBundle extends ComponentResource {
     )
     this.configMap = output({ scriptEnvironment, args }).apply(({ scriptEnvironment, args }) => {
-      return new core.v1.ConfigMap(
+      return ConfigMap.create(
         name,
         {
-          metadata: mapMetadata(args, name),
+          cluster: args.cluster,
+          namespace: args.namespace,
           data: createScriptData(this.distribution, scriptEnvironment),
         },
         { ...opts, parent: this },

package/src/secret.ts CHANGED Viewed

@@ -108,6 +108,8 @@ class CreatedSecret extends Secret {
           metadata: mapMetadata(args, name),
           data: args.data,
           stringData: args.stringData,
+          type: args.type,
+          immutable: args.immutable,
         },
         {
           ...opts,
@@ -139,6 +141,8 @@ class SecretPatch extends Secret {
           metadata: mapMetadata(args, name),
           data: args.data,
           stringData: args.stringData,
+          type: args.type,
+          immutable: args.immutable,
         },
         {
           ...opts,

package/src/service.ts CHANGED Viewed

@@ -110,7 +110,7 @@ export abstract class Service extends ComponentResource {
     type: string,
     name: string,
     args: Inputs,
-    opts: ComponentResourceOptions,
+    opts: ComponentResourceOptions | undefined,
     /**
      * The cluster info associated with the service.
@@ -155,16 +155,16 @@ export abstract class Service extends ComponentResource {
     name: string,
     service: Input<core.v1.Service>,
     cluster: Input<k8s.Cluster>,
-    opts: ComponentResourceOptions,
+    opts?: ComponentResourceOptions,
   ): Service {
     return new WrappedService(name, service, cluster, opts)
   }
-  static external(
+  static get(
     name: string,
     id: ResourceId,
     cluster: Input<k8s.Cluster>,
-    opts: ComponentResourceOptions,
+    opts?: ComponentResourceOptions,
   ): Service {
     return new ExternalService(name, id, cluster, opts)
   }
@@ -173,7 +173,7 @@ export abstract class Service extends ComponentResource {
     name: string,
     entity: Input<k8s.Service>,
     cluster: Input<k8s.Cluster>,
-    opts: ComponentResourceOptions,
+    opts?: ComponentResourceOptions,
   ): Service {
     return new ExternalService(
       name,
@@ -277,7 +277,7 @@ export abstract class Service extends ComponentResource {
 }
 class CreatedService extends Service {
-  constructor(name: string, args: ServiceArgs, opts: ComponentResourceOptions) {
+  constructor(name: string, args: ServiceArgs, opts?: ComponentResourceOptions) {
     const service = output(args).apply(args => {
       return new core.v1.Service(
         name,
@@ -319,7 +319,7 @@ class WrappedService extends Service {
     name: string,
     service: Input<core.v1.Service>,
     cluster: Input<k8s.Cluster>,
-    opts: ComponentResourceOptions,
+    opts?: ComponentResourceOptions,
   ) {
     super(
       "highstate:k8s:WrappedService",
@@ -340,7 +340,7 @@ class ExternalService extends Service {
     name: string,
     id: Input<ResourceId>,
     cluster: Input<k8s.Cluster>,
-    opts: ComponentResourceOptions,
+    opts?: ComponentResourceOptions,
   ) {
     const service = output(id).apply(id => {
       return core.v1.Service.get(

package/src/shared.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import type { PartialKeys } from "@highstate/contract"
 import type { k8s } from "@highstate/library"
-import { Output, output, toPromise, type Input, type Unwrap } from "@highstate/pulumi"
+import { interpolate, Output, output, toPromise, type Input, type Unwrap } from "@highstate/pulumi"
 import { core, Provider, types } from "@pulumi/kubernetes"
 import { Namespace } from "./namespace"
@@ -99,29 +99,17 @@ export function mapNamespaceNameToSelector(
 export type ResourceId = {
   name: Input<string>
-  namespace?: Input<string | undefined>
+  namespace?: Input<NamespaceLike | undefined>
 }
 export function resourceIdToString(id: Input<ResourceId>): Output<string> {
   return output(id).apply(metadata => {
-    return metadata.namespace ? `${metadata.namespace}/${metadata.name}` : metadata.name
-  })
-}
+    const namespaceName = metadata.namespace
+      ? mapNamespaceLikeToNamespaceName(metadata.namespace)
+      : undefined
-export function getAppName(resourceId: Unwrap<ResourceId>): string {
-  if (resourceId.namespace !== resourceId.name) {
-    return `${resourceId.namespace ?? "default"}-${resourceId.name}`
-  }
-  return resourceId.name
-}
-export function getAppDisplayName(resourceId: Unwrap<ResourceId>): string {
-  if (resourceId.namespace !== resourceId.name) {
-    return `${resourceId.namespace ?? "default"}/${resourceId.name}`
-  }
-  return resourceId.name
+    return output(namespaceName ? interpolate`${namespaceName}/${metadata.name}` : metadata.name)
+  })
 }
 export function withPatchName(

package/src/workload.ts CHANGED Viewed

@@ -16,18 +16,20 @@ import {
   type CustomResourceOptions,
   type Input,
 } from "@pulumi/pulumi"
-import { uniqueBy } from "remeda"
+import { filter, isNonNullish, unique, uniqueBy } from "remeda"
 import { deepmerge } from "deepmerge-ts"
+import { sha256 } from "crypto-hash"
 import { commonExtraArgs, getProvider, type CommonArgs } from "./shared"
 import { mapContainerPortToServicePort, Service, type ServiceArgs } from "./service"
 import { HttpRoute, type HttpRouteArgs } from "./gateway"
 import {
+  getWorkloadVolumeResourceUuid,
   mapContainerToRaw,
   mapWorkloadVolume,
   type Container,
   type WorkloadVolume,
 } from "./container"
-import { NetworkPolicy } from "./network-policy"
+import { NetworkPolicy, type NetworkPolicyArgs } from "./network-policy"
 import { podSpecDefaults } from "./pod"
 export type WorkloadArgs = CommonArgs & {
@@ -40,6 +42,11 @@ export type WorkloadArgs = CommonArgs & {
    * By default, `bash` is used.
    */
   terminalShell?: string
+  /**
+   * The network policy to apply to the deployment.
+   */
+  networkPolicy?: Input<Omit<NetworkPolicyArgs, "selector" | "cluster" | "namespace">>
 }
 export const workloadExtraArgs = [...commonExtraArgs, "container", "containers"] as const
@@ -98,24 +105,24 @@ export function getWorkloadComponents(
   const containers = output(args).apply(args => normalize(args.container, args.containers))
-  const volumes = containers.apply(containers => {
-    const containerVolumes = containers
-      .flatMap(container => normalize(container.volume, container.volumes))
-      .map(mapWorkloadVolume)
-    const containerVolumeMounts = containers
-      .flatMap(container => {
-        return normalize(container.volumeMount, container.volumeMounts)
-          .map(volumeMount => {
-            return "volume" in volumeMount ? volumeMount.volume : undefined
-          })
-          .filter(Boolean) as WorkloadVolume[]
-      })
-      .map(mapWorkloadVolume)
-    return output([...containerVolumes, ...containerVolumeMounts]).apply(
-      uniqueBy(volume => volume.name),
+  const rawVolumes = containers.apply(containers => {
+    const containerVolumes = containers.flatMap(container =>
+      normalize(container.volume, container.volumes),
     )
+    const containerVolumeMounts = containers.flatMap(container => {
+      return normalize(container.volumeMount, container.volumeMounts)
+        .map(volumeMount => {
+          return "volume" in volumeMount ? volumeMount.volume : undefined
+        })
+        .filter(Boolean) as WorkloadVolume[]
+    })
+    return output([...containerVolumes, ...containerVolumeMounts])
+  })
+  const volumes = rawVolumes.apply(rawVolumes => {
+    return output(rawVolumes.map(mapWorkloadVolume)).apply(uniqueBy(volume => volume.name))
   })
   const podSpec = output({ args, containers, volumes }).apply(({ args, containers, volumes }) => {
@@ -143,18 +150,30 @@ export function getWorkloadComponents(
     return spec
   })
-  const podTemplate = podSpec.apply(podSpec => {
+  const dependencyHash = rawVolumes.apply(rawVolumes => {
+    return output(rawVolumes.map(getWorkloadVolumeResourceUuid))
+      .apply(filter(isNonNullish))
+      .apply(unique())
+      .apply(ids => sha256(ids.join(",")))
+  })
+  const podTemplate = output({ podSpec, dependencyHash }).apply(({ podSpec, dependencyHash }) => {
     return {
-      metadata: { labels },
+      metadata: {
+        labels,
+        annotations: {
+          "highstate.io/dependency-hash": dependencyHash,
+        },
+      },
       spec: podSpec,
     } satisfies types.input.core.v1.PodTemplateSpec
   })
-  const networkPolicy = containers.apply(containers => {
+  const networkPolicy = output({ args, containers }).apply(({ args, containers }) => {
     const allowedEndpoints = containers.flatMap(container => container.allowedEndpoints ?? [])
-    if (allowedEndpoints.length === 0) {
-      return undefined
+    if (allowedEndpoints.length === 0 && !args.networkPolicy) {
+      return output(undefined)
     }
     return NetworkPolicy.create(
@@ -164,13 +183,16 @@ export function getWorkloadComponents(
         namespace: args.namespace,
         selector: labels,
-        egressRule: {
-          toEndpoints: allowedEndpoints,
-        },
+        ...args.networkPolicy,
+        egressRules: [
+          ...(args.networkPolicy?.egressRules ?? []),
+          ...(allowedEndpoints.length > 0 ? [{ toEndpoints: allowedEndpoints }] : []),
+        ],
       },
       { ...opts, parent: parent() },
     )
-  }) as Output<NetworkPolicy | undefined>
+  })
   return { labels, containers, volumes, podSpec, podTemplate, networkPolicy }
 }

package/dist/chunk-7R2VAXVL.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/helm.ts"],"sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport { resolve } from \"node:path\"\nimport { mkdir, readFile, unlink } from \"node:fs/promises\"\nimport { normalize, toPromise, type InputMap } from \"@highstate/pulumi\"\nimport { core, helm, types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n output,\n type ComponentResourceOptions,\n type Input,\n type Output,\n} from \"@pulumi/pulumi\"\nimport spawn from \"nano-spawn\"\nimport { sha256 } from \"crypto-hash\"\nimport { omit } from \"remeda\"\nimport { local } from \"@pulumi/command\"\nimport { glob } from \"glob\"\nimport { NetworkPolicy, type NetworkPolicyArgs } from \"./network-policy\"\nimport { HttpRoute, type HttpRouteArgs } from \"./gateway\"\nimport { getProvider, mapNamespaceLikeToNamespaceName, type NamespaceLike } from \"./shared\"\nimport { getServiceType, Service, type ServiceArgs } from \"./service\"\n\nexport type ChartArgs = Omit<\n helm.v4.ChartArgs,\n \"chart\" | \"version\" | \"repositoryOpts\" | \"namespace\"\n> & {\n /**\n * The namespace to deploy the chart into.\n */\n namespace?: Input<NamespaceLike>\n\n /**\n * The custom name of the primary service exposed by the chart.\n *\n * By default, it is the same as the chart name.\n */\n serviceName?: string\n\n /**\n * The extra args to pass to the main service of the chart.\n *\n * Will be patched via transformations.\n */\n service?: Partial<ServiceArgs>\n\n /**\n * The manifest of the chart to resolve.\n */\n chart: ChartManifest\n\n /**\n * The cluster to create the resource in.\n */\n cluster: Input<k8s.Cluster>\n\n /**\n * The http route args to bind the service to.\n */\n httpRoute?: Input<HttpRouteArgs>\n\n /**\n * The network policy to apply to the chart.\n */\n networkPolicy?: Input<Omit<NetworkPolicyArgs, \"selector\" | \"cluster\" | \"namespace\">>\n\n /**\n * The network policies to apply to the chart.\n */\n networkPolicies?: Input<NetworkPolicyArgs[]>\n}\n\nexport class Chart extends ComponentResource {\n /**\n * The underlying Helm chart.\n */\n public readonly chart: Output<helm.v4.Chart>\n\n /**\n * The HTTP route associated with the deployment.\n */\n public readonly httpRoute: Output<HttpRoute | undefined>\n\n /**\n * The network policies applied to the chart.\n */\n public readonly networkPolicies: Output<NetworkPolicy[]>\n\n constructor(\n private readonly name: string,\n private readonly args: ChartArgs,\n private readonly opts?: ComponentResourceOptions,\n ) {\n super(\"highstate:k8s:Chart\", name, args, opts)\n\n const namespace = output(args.namespace).apply(namespace =>\n output(namespace ? mapNamespaceLikeToNamespaceName(namespace) : \"default\"),\n )\n\n this.chart = output({ args, namespace }).apply(async ({ args, namespace }) => {\n return new helm.v4.Chart(\n name,\n omit(\n {\n ...args,\n chart: resolveHelmChart(args.chart),\n namespace,\n },\n [\"httpRoute\"],\n ),\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n\n transforms: [\n ...(opts?.transforms ?? []),\n\n resourceArgs => {\n const serviceName = args.serviceName ?? name\n const expectedName = `${name}:${namespace}/${serviceName}`\n\n if (\n resourceArgs.type === \"kubernetes:core/v1:Service\" &&\n resourceArgs.name === expectedName\n ) {\n const spec = resourceArgs.props.spec as types.input.core.v1.ServiceSpec\n\n return {\n props: {\n ...resourceArgs.props,\n spec: {\n ...spec,\n ...(args.service ?? {}),\n\n type: getServiceType(args.service, args.cluster),\n\n externalIPs:\n args.service?.externalIPs ?? args.cluster.externalIps ?? spec.externalIPs,\n },\n },\n opts: resourceArgs.opts,\n }\n }\n\n return undefined\n },\n ],\n },\n )\n })\n\n this.httpRoute = output(args.httpRoute).apply(httpRoute => {\n if (!httpRoute) {\n return undefined\n }\n\n return new HttpRoute(\n name,\n {\n ...httpRoute,\n rule: {\n backend: this.service,\n },\n },\n { ...opts, parent: this },\n )\n })\n\n this.networkPolicies = output(args).apply(args => {\n const policies = normalize(args.networkPolicy, args.networkPolicies)\n\n return output(\n policies.map(policy => {\n return NetworkPolicy.create(\n name,\n {\n ...policy,\n\n cluster: args.cluster,\n namespace: args.namespace,\n },\n { ...opts, parent: this },\n )\n }),\n )\n })\n }\n\n get service(): Output<Service> {\n return this.getServiceOutput(undefined)\n }\n\n private readonly services = new Map<string, Service>()\n\n getServiceOutput(name: string | undefined): Output<Service> {\n return output({ args: this.args, chart: this.chart }).apply(({ args, chart }) => {\n const resolvedName = name ?? args.serviceName ?? this.name\n const existingService = this.services.get(resolvedName)\n\n if (existingService) {\n return existingService\n }\n\n const service = getChartServiceOutput(chart, resolvedName)\n\n const wrappedService = Service.wrap(\n //\n resolvedName,\n service,\n args.cluster,\n { ...this.opts, parent: this },\n )\n\n this.services.set(resolvedName, wrappedService)\n return wrappedService\n })\n }\n\n getService(name?: string): Promise<Service> {\n return toPromise(this.getServiceOutput(name))\n }\n}\n\nexport type RenderedChartArgs = {\n /**\n * The namespace to deploy the chart into.\n */\n namespace?: Input<NamespaceLike>\n\n /**\n * The manifest of the chart to resolve.\n */\n chart: ChartManifest\n\n /**\n * The values to pass to the chart.\n */\n values?: InputMap<string>\n}\n\nexport class RenderedChart extends ComponentResource {\n /**\n * The rendered manifest of the Helm chart.\n */\n public readonly manifest: Output<string>\n\n /**\n * The underlying command used to render the chart.\n */\n public readonly command: Output<local.Command>\n\n constructor(name: string, args: RenderedChartArgs, opts?: ComponentResourceOptions) {\n super(\"highstate:k8s:RenderedChart\", name, args, opts)\n\n this.command = output(args).apply(args => {\n const values = args.values\n ? Object.entries(args.values).flatMap(([key, value]) => [\"--set\", `${key}=\"${value}\"`])\n : []\n\n return new local.Command(\n name,\n {\n create: output([\n \"helm\",\n \"template\",\n resolveHelmChart(args.chart),\n\n ...(args.namespace\n ? [\"--namespace\", mapNamespaceLikeToNamespaceName(args.namespace)]\n : []),\n\n ...values,\n ]).apply(command => command.join(\" \")),\n\n logging: \"stderr\",\n },\n { parent: this, ...opts },\n )\n })\n\n this.manifest = this.command.stdout\n\n this.registerOutputs({ manifest: this.manifest, command: this.command })\n }\n}\n\nexport type ChartManifest = {\n repo: string\n name: string\n version: string\n sha256: string\n}\n\n/**\n * Downloads or reuses the Helm chart according to the charts.json file.\n * Returns the full path to the chart's .tgz file.\n *\n * @param manifest The manifest of the Helm chart.\n */\nexport async function resolveHelmChart(manifest: ChartManifest): Promise<string> {\n if (!process.env.HIGHSTATE_CACHE_DIR) {\n throw new Error(\"Environment variable HIGHSTATE_CACHE_DIR is not set\")\n }\n\n const chartsDir = resolve(process.env.HIGHSTATE_CACHE_DIR, \"charts\")\n await mkdir(chartsDir, { recursive: true })\n\n const globPattern = `${manifest.name}-*.tgz`\n const targetFileName = `${manifest.name}-${manifest.version}.tgz`\n\n // find all matching files\n const files = await glob(globPattern, { cwd: chartsDir })\n\n if (files.includes(targetFileName)) {\n return resolve(chartsDir, targetFileName)\n }\n\n // delete old versions\n for (const file of files) {\n await unlink(resolve(chartsDir, file))\n }\n\n // download the chart\n await spawn(\"helm\", [\n \"pull\",\n manifest.name,\n \"--version\",\n manifest.version,\n \"--repo\",\n manifest.repo,\n \"--destination\",\n chartsDir,\n ])\n\n // check the SHA256\n const content = await readFile(resolve(chartsDir, targetFileName))\n const actualSha256 = await sha256(content)\n\n if (actualSha256 !== manifest.sha256) {\n throw new Error(`SHA256 mismatch for chart '${manifest.name}'`)\n }\n\n return resolve(chartsDir, targetFileName)\n}\n\n/**\n * Extracts the service with the given name from the chart resources.\n * Throws an error if the service is not found.\n *\n * @param chart The Helm chart.\n * @param name The name of the service.\n */\nexport function getChartServiceOutput(chart: helm.v4.Chart, name: string): Output<core.v1.Service> {\n const services = chart.resources.apply(resources => {\n return resources\n .filter(r => core.v1.Service.isInstance(r))\n .map(service => ({ name: service.metadata.name, service }))\n })\n\n return output(services).apply(services => {\n const service = services.find(s => s.name === name)?.service\n\n if (!service) {\n throw new Error(`Service with name '${name}' not found in the chart resources`)\n }\n\n return service\n })\n}\n\n/**\n * Extracts the service with the given name from the chart resources.\n * Throws an error if the service is not found.\n *\n * @param chart The Helm chart.\n * @param name The name of the service.\n */\nexport function getChartService(chart: helm.v4.Chart, name: string): Promise<core.v1.Service> {\n return toPromise(getChartServiceOutput(chart, name))\n}\n"],"mappings":";;;;;;;;;;;;AACA,SAAS,eAAe;AACxB,SAAS,OAAO,UAAU,cAAc;AACxC,SAAS,WAAW,iBAAgC;AACpD,SAAS,MAAM,YAAmB;AAClC;AAAA,EACE;AAAA,EACA;AAAA,OAIK;AACP,OAAO,WAAW;AAClB,SAAS,cAAc;AACvB,SAAS,YAAY;AACrB,SAAS,aAAa;AACtB,SAAS,YAAY;AAuDd,IAAM,QAAN,cAAoB,kBAAkB;AAAA,EAgB3C,YACmB,MACA,MACA,MACjB;AACA,UAAM,uBAAuB,MAAM,MAAM,IAAI;AAJ5B;AACA;AACA;AAIjB,UAAM,YAAY,OAAO,KAAK,SAAS,EAAE;AAAA,MAAM,CAAAA,eAC7C,OAAOA,aAAY,gCAAgCA,UAAS,IAAI,SAAS;AAAA,IAC3E;AAEA,SAAK,QAAQ,OAAO,EAAE,MAAM,UAAU,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,WAAAD,WAAU,MAAM;AAC5E,aAAO,IAAI,KAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE;AAAA,YACE,GAAGC;AAAA,YACH,OAAO,iBAAiBA,MAAK,KAAK;AAAA,YAClC,WAAAD;AAAA,UACF;AAAA,UACA,CAAC,WAAW;AAAA,QACd;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYC,MAAK,OAAO;AAAA,UAExC,YAAY;AAAA,YACV,GAAI,MAAM,cAAc,CAAC;AAAA,YAEzB,kBAAgB;AACd,oBAAM,cAAcA,MAAK,eAAe;AACxC,oBAAM,eAAe,GAAG,IAAI,IAAID,UAAS,IAAI,WAAW;AAExD,kBACE,aAAa,SAAS,gCACtB,aAAa,SAAS,cACtB;AACA,sBAAM,OAAO,aAAa,MAAM;AAEhC,uBAAO;AAAA,kBACL,OAAO;AAAA,oBACL,GAAG,aAAa;AAAA,oBAChB,MAAM;AAAA,sBACJ,GAAG;AAAA,sBACH,GAAIC,MAAK,WAAW,CAAC;AAAA,sBAErB,MAAM,eAAeA,MAAK,SAASA,MAAK,OAAO;AAAA,sBAE/C,aACEA,MAAK,SAAS,eAAeA,MAAK,QAAQ,eAAe,KAAK;AAAA,oBAClE;AAAA,kBACF;AAAA,kBACA,MAAM,aAAa;AAAA,gBACrB;AAAA,cACF;AAEA,qBAAO;AAAA,YACT;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AAED,SAAK,YAAY,OAAO,KAAK,SAAS,EAAE,MAAM,eAAa;AACzD,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,MACT;AAEA,aAAO,IAAI;AAAA,QACT;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,MAAM;AAAA,YACJ,SAAS,KAAK;AAAA,UAChB;AAAA,QACF;AAAA,QACA,EAAE,GAAG,MAAM,QAAQ,KAAK;AAAA,MAC1B;AAAA,IACF,CAAC;AAED,SAAK,kBAAkB,OAAO,IAAI,EAAE,MAAM,CAAAA,UAAQ;AAChD,YAAM,WAAW,UAAUA,MAAK,eAAeA,MAAK,eAAe;AAEnE,aAAO;AAAA,QACL,SAAS,IAAI,YAAU;AACrB,iBAAO,cAAc;AAAA,YACnB;AAAA,YACA;AAAA,cACE,GAAG;AAAA,cAEH,SAASA,MAAK;AAAA,cACd,WAAWA,MAAK;AAAA,YAClB;AAAA,YACA,EAAE,GAAG,MAAM,QAAQ,KAAK;AAAA,UAC1B;AAAA,QACF,CAAC;AAAA,MACH;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EA/GgB;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA,EAuGhB,IAAI,UAA2B;AAC7B,WAAO,KAAK,iBAAiB,MAAS;AAAA,EACxC;AAAA,EAEiB,WAAW,oBAAI,IAAqB;AAAA,EAErD,iBAAiB,MAA2C;AAC1D,WAAO,OAAO,EAAE,MAAM,KAAK,MAAM,OAAO,KAAK,MAAM,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,MAAM,MAAM;AAC/E,YAAM,eAAe,QAAQ,KAAK,eAAe,KAAK;AACtD,YAAM,kBAAkB,KAAK,SAAS,IAAI,YAAY;AAEtD,UAAI,iBAAiB;AACnB,eAAO;AAAA,MACT;AAEA,YAAM,UAAU,sBAAsB,OAAO,YAAY;AAEzD,YAAM,iBAAiB,QAAQ;AAAA;AAAA,QAE7B;AAAA,QACA;AAAA,QACA,KAAK;AAAA,QACL,EAAE,GAAG,KAAK,MAAM,QAAQ,KAAK;AAAA,MAC/B;AAEA,WAAK,SAAS,IAAI,cAAc,cAAc;AAC9C,aAAO;AAAA,IACT,CAAC;AAAA,EACH;AAAA,EAEA,WAAW,MAAiC;AAC1C,WAAO,UAAU,KAAK,iBAAiB,IAAI,CAAC;AAAA,EAC9C;AACF;AAmBO,IAAM,gBAAN,cAA4B,kBAAkB;AAAA;AAAA;AAAA;AAAA,EAInC;AAAA;AAAA;AAAA;AAAA,EAKA;AAAA,EAEhB,YAAY,MAAc,MAAyB,MAAiC;AAClF,UAAM,+BAA+B,MAAM,MAAM,IAAI;AAErD,SAAK,UAAU,OAAO,IAAI,EAAE,MAAM,CAAAA,UAAQ;AACxC,YAAM,SAASA,MAAK,SAChB,OAAO,QAAQA,MAAK,MAAM,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM,CAAC,SAAS,GAAG,GAAG,KAAK,KAAK,GAAG,CAAC,IACpF,CAAC;AAEL,aAAO,IAAI,MAAM;AAAA,QACf;AAAA,QACA;AAAA,UACE,QAAQ,OAAO;AAAA,YACb;AAAA,YACA;AAAA,YACA,iBAAiBA,MAAK,KAAK;AAAA,YAE3B,GAAIA,MAAK,YACL,CAAC,eAAe,gCAAgCA,MAAK,SAAS,CAAC,IAC/D,CAAC;AAAA,YAEL,GAAG;AAAA,UACL,CAAC,EAAE,MAAM,aAAW,QAAQ,KAAK,GAAG,CAAC;AAAA,UAErC,SAAS;AAAA,QACX;AAAA,QACA,EAAE,QAAQ,MAAM,GAAG,KAAK;AAAA,MAC1B;AAAA,IACF,CAAC;AAED,SAAK,WAAW,KAAK,QAAQ;AAE7B,SAAK,gBAAgB,EAAE,UAAU,KAAK,UAAU,SAAS,KAAK,QAAQ,CAAC;AAAA,EACzE;AACF;AAeA,eAAsB,iBAAiB,UAA0C;AAC/E,MAAI,CAAC,QAAQ,IAAI,qBAAqB;AACpC,UAAM,IAAI,MAAM,qDAAqD;AAAA,EACvE;AAEA,QAAM,YAAY,QAAQ,QAAQ,IAAI,qBAAqB,QAAQ;AACnE,QAAM,MAAM,WAAW,EAAE,WAAW,KAAK,CAAC;AAE1C,QAAM,cAAc,GAAG,SAAS,IAAI;AACpC,QAAM,iBAAiB,GAAG,SAAS,IAAI,IAAI,SAAS,OAAO;AAG3D,QAAM,QAAQ,MAAM,KAAK,aAAa,EAAE,KAAK,UAAU,CAAC;AAExD,MAAI,MAAM,SAAS,cAAc,GAAG;AAClC,WAAO,QAAQ,WAAW,cAAc;AAAA,EAC1C;AAGA,aAAW,QAAQ,OAAO;AACxB,UAAM,OAAO,QAAQ,WAAW,IAAI,CAAC;AAAA,EACvC;AAGA,QAAM,MAAM,QAAQ;AAAA,IAClB;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA;AAAA,EACF,CAAC;AAGD,QAAM,UAAU,MAAM,SAAS,QAAQ,WAAW,cAAc,CAAC;AACjE,QAAM,eAAe,MAAM,OAAO,OAAO;AAEzC,MAAI,iBAAiB,SAAS,QAAQ;AACpC,UAAM,IAAI,MAAM,8BAA8B,SAAS,IAAI,GAAG;AAAA,EAChE;AAEA,SAAO,QAAQ,WAAW,cAAc;AAC1C;AASO,SAAS,sBAAsB,OAAsB,MAAuC;AACjG,QAAM,WAAW,MAAM,UAAU,MAAM,eAAa;AAClD,WAAO,UACJ,OAAO,OAAK,KAAK,GAAG,QAAQ,WAAW,CAAC,CAAC,EACzC,IAAI,cAAY,EAAE,MAAM,QAAQ,SAAS,MAAM,QAAQ,EAAE;AAAA,EAC9D,CAAC;AAED,SAAO,OAAO,QAAQ,EAAE,MAAM,CAAAC,cAAY;AACxC,UAAM,UAAUA,UAAS,KAAK,OAAK,EAAE,SAAS,IAAI,GAAG;AAErD,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,MAAM,sBAAsB,IAAI,oCAAoC;AAAA,IAChF;AAEA,WAAO;AAAA,EACT,CAAC;AACH;AASO,SAAS,gBAAgB,OAAsB,MAAwC;AAC5F,SAAO,UAAU,sBAAsB,OAAO,IAAI,CAAC;AACrD;","names":["namespace","args","services"]}

package/dist/chunk-HTQP2NB4.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/namespace.ts","../src/shared.ts"],"sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n output,\n Output,\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n type Unwrap,\n} from \"@pulumi/pulumi\"\nimport { getProvider, mapMetadata, type CommonArgs } from \"./shared\"\n\nexport type NamespaceArgs = Omit<CommonArgs, \"namespace\"> & {\n /**\n * Whether to apply \"pod-security.kubernetes.io/enforce=privileged\" label to the namespace.\n */\n privileged?: boolean\n}\n\nexport type CreateOrPatchNamespaceArgs = NamespaceArgs & {\n /**\n * The resource to use to determine the name of the namespace.\n *\n * If not provided, the namespace will be created, otherwise it will be retrieved/patched.\n */\n resource: Input<k8s.Resource> | undefined\n}\n\nexport abstract class Namespace extends ComponentResource {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The cluster where the namespace is created.\n */\n readonly cluster: Output<k8s.Cluster>,\n\n /*\n * The metadata of the underlying Kubernetes namespace.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying Kubernetes namespace.\n */\n readonly spec: Output<types.output.core.v1.NamespaceSpec>,\n\n /**\n * The status of the underlying Kubernetes namespace.\n */\n readonly status: Output<types.output.core.v1.NamespaceStatus>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * Creates a new namespace.\n */\n static create(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions): Namespace {\n return new CreatedNamespace(name, args, opts)\n }\n\n /**\n * Creates a new namespace or patches an existing one.\n *\n * Will throw an error if the namespace does not exist when `args.resource` is provided.\n */\n static createOrPatch(\n name: string,\n args: CreateOrPatchNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Namespace {\n if (!args.resource) {\n return new CreatedNamespace(name, args, opts)\n }\n\n return new NamespacePatch(\n name,\n {\n ...args,\n name: output(args).apply(args => {\n if (args.resource!.clusterId !== args.cluster.id) {\n throw new Error(\n `Cluster mismatch when patching namespace \"${name}\": \"${args.resource!.clusterId}\" != \"${args.cluster.id}\"`,\n )\n }\n\n return args.resource!.metadata.namespace\n }),\n },\n opts,\n )\n }\n\n /**\n * Creates a new namespace or gets an existing one.\n *\n * Will throw an error if the namespace does not exist when `args.resource` is provided.\n */\n static createOrGet(\n name: string,\n args: CreateOrPatchNamespaceArgs,\n opts?: ComponentResourceOptions,\n ): Namespace {\n if (!args.resource) {\n return new CreatedNamespace(name, args, opts)\n }\n\n return new ExternalNamespace(\n name,\n output(args).apply(args => {\n if (args.resource!.clusterId !== args.cluster.id) {\n throw new Error(\n `Cluster mismatch when receiving namespace \"${name}\": \"${args.resource!.clusterId}\" != \"${args.cluster.id}\"`,\n )\n }\n\n return args.resource!.metadata.namespace\n }),\n args.cluster,\n opts,\n )\n }\n\n /**\n * Patches an existing namespace.\n *\n * Will throw an error if the namespace does not exist.\n */\n static patch(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions): Namespace {\n return new NamespacePatch(name, args, opts)\n }\n\n /**\n * Gets an existing namespace.\n *\n * Will throw an error if the namespace does not exist.\n */\n static get(\n name: string,\n id: Input<string>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ): Namespace {\n return new ExternalNamespace(name, id, cluster, opts)\n }\n}\n\nfunction mapNamespaceMetadata(\n args: Unwrap<NamespaceArgs>,\n name: string,\n): types.input.meta.v1.ObjectMeta {\n const labels: Record<string, string> = args.metadata?.labels ?? {}\n\n if (args.privileged) {\n labels[\"pod-security.kubernetes.io/enforce\"] = \"privileged\"\n }\n\n return { ...mapMetadata(args, name), labels }\n}\n\nclass CreatedNamespace extends Namespace {\n constructor(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions) {\n const namespace = output(args).apply(async args => {\n return new core.v1.Namespace(\n name,\n {\n metadata: mapNamespaceMetadata(args, name),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:Namespace\",\n name,\n args,\n opts,\n output(args.cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n\nclass NamespacePatch extends Namespace {\n constructor(name: string, args: NamespaceArgs, opts?: ComponentResourceOptions) {\n const namespace = output(args).apply(async args => {\n return new core.v1.NamespacePatch(\n name,\n {\n metadata: mapNamespaceMetadata(args, name),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:NamespacePatch\",\n name,\n args,\n opts,\n output(args.cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n\nclass ExternalNamespace extends Namespace {\n constructor(\n name: string,\n id: Input<string>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ) {\n const namespace = output(id).apply(async realName => {\n return core.v1.Namespace.get(\n //\n name,\n realName,\n {\n ...opts,\n parent: this,\n provider: await getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:ExternalNamespace\",\n name,\n { id, cluster },\n opts,\n output(cluster),\n namespace.metadata,\n namespace.spec,\n namespace.status,\n )\n }\n}\n","import type { PartialKeys } from \"@highstate/contract\"\nimport type { k8s } from \"@highstate/library\"\nimport { Output, output, toPromise, type Input, type Unwrap } from \"@highstate/pulumi\"\nimport { core, Provider, types } from \"@pulumi/kubernetes\"\nimport { Namespace } from \"./namespace\"\n\nconst providers = new Map<string, Provider>()\n\nexport function getProvider(cluster: Input<k8s.Cluster>): Promise<Provider> {\n const provider = output(cluster).apply(cluster => {\n const existingProvider = providers.get(cluster.id)\n if (existingProvider) {\n return existingProvider\n }\n\n const provider = new Provider(`${cluster.name}-${cluster.id}`, {\n kubeconfig: cluster.kubeconfig,\n })\n providers.set(cluster.id, provider)\n\n return provider\n })\n\n return toPromise(provider)\n}\n\nexport type NamespaceLike = core.v1.Namespace | Namespace | string\n\nexport type CommonArgs = {\n /**\n * The name of the resource.\n */\n name?: Input<string>\n\n /**\n * The namespace to create the resource in.\n */\n namespace: Input<NamespaceLike | undefined>\n\n /**\n * The cluster to create the resource in.\n */\n cluster: Input<k8s.Cluster>\n\n /**\n * The metadata to apply to the resource.\n */\n metadata?: Input<types.input.meta.v1.ObjectMeta>\n}\n\nexport const commonExtraArgs = [\"name\", \"namespace\", \"cluster\", \"metadata\"] as const\n\nexport function mapMetadata(\n args: PartialKeys<Unwrap<CommonArgs>, \"namespace\" | \"cluster\">,\n fallbackName?: string,\n): types.input.meta.v1.ObjectMeta {\n return {\n ...args.metadata,\n name: args.name ?? args.metadata?.name ?? fallbackName,\n namespace: args.namespace ? mapNamespaceLikeToNamespaceName(args.namespace) : undefined,\n }\n}\n\nexport type SelectorLike = types.input.meta.v1.LabelSelector | Record<string, Input<string>>\n\nexport function mapSelectorLikeToSelector(\n selector: SelectorLike,\n): types.input.meta.v1.LabelSelector {\n if (\"matchLabels\" in selector || \"matchExpressions\" in selector) {\n return selector\n }\n\n return {\n matchLabels: selector as Record<string, Input<string>>,\n }\n}\n\nexport function mapNamespaceLikeToNamespaceName(namespace: NamespaceLike): Output<string> {\n if (Namespace.isInstance(namespace)) {\n return namespace.metadata.name\n }\n\n if (core.v1.Namespace.isInstance(namespace)) {\n return namespace.metadata.name\n }\n\n return output(namespace)\n}\n\nexport function mapNamespaceNameToSelector(\n namespace: Input<string>,\n): types.input.meta.v1.LabelSelector {\n return {\n matchLabels: {\n \"kubernetes.io/metadata.name\": namespace,\n },\n }\n}\n\nexport type ResourceId = {\n name: Input<string>\n namespace?: Input<string | undefined>\n}\n\nexport function resourceIdToString(id: Input<ResourceId>): Output<string> {\n return output(id).apply(metadata => {\n return metadata.namespace ? `${metadata.namespace}/${metadata.name}` : metadata.name\n })\n}\n\nexport function getAppName(resourceId: Unwrap<ResourceId>): string {\n if (resourceId.namespace !== resourceId.name) {\n return `${resourceId.namespace ?? \"default\"}-${resourceId.name}`\n }\n\n return resourceId.name\n}\n\nexport function getAppDisplayName(resourceId: Unwrap<ResourceId>): string {\n if (resourceId.namespace !== resourceId.name) {\n return `${resourceId.namespace ?? \"default\"}/${resourceId.name}`\n }\n\n return resourceId.name\n}\n\nexport function withPatchName(\n resourceType: string,\n resource: Input<k8s.Resource>,\n cluster: Input<k8s.Cluster>,\n): Output<string> {\n return output({ resource, cluster }).apply(({ resource, cluster }) => {\n if (resource.clusterId !== cluster.id) {\n throw new Error(\n `Cluster mismatch when patching ${resourceType} \"${resource.metadata.name}\": \"${resource.clusterId}\" != \"${cluster.id}\"`,\n )\n }\n\n return resource.metadata.name\n })\n}\n"],"mappings":";AACA,SAAS,QAAAA,aAAwB;AACjC;AAAA,EACE;AAAA,EACA,UAAAC;AAAA,OAMK;;;ACRP,SAAiB,QAAQ,iBAA0C;AACnE,SAAS,MAAM,gBAAuB;AAGtC,IAAM,YAAY,oBAAI,IAAsB;AAErC,SAAS,YAAY,SAAgD;AAC1E,QAAM,WAAW,OAAO,OAAO,EAAE,MAAM,CAAAC,aAAW;AAChD,UAAM,mBAAmB,UAAU,IAAIA,SAAQ,EAAE;AACjD,QAAI,kBAAkB;AACpB,aAAO;AAAA,IACT;AAEA,UAAMC,YAAW,IAAI,SAAS,GAAGD,SAAQ,IAAI,IAAIA,SAAQ,EAAE,IAAI;AAAA,MAC7D,YAAYA,SAAQ;AAAA,IACtB,CAAC;AACD,cAAU,IAAIA,SAAQ,IAAIC,SAAQ;AAElC,WAAOA;AAAA,EACT,CAAC;AAED,SAAO,UAAU,QAAQ;AAC3B;AA0BO,IAAM,kBAAkB,CAAC,QAAQ,aAAa,WAAW,UAAU;AAEnE,SAAS,YACd,MACA,cACgC;AAChC,SAAO;AAAA,IACL,GAAG,KAAK;AAAA,IACR,MAAM,KAAK,QAAQ,KAAK,UAAU,QAAQ;AAAA,IAC1C,WAAW,KAAK,YAAY,gCAAgC,KAAK,SAAS,IAAI;AAAA,EAChF;AACF;AAIO,SAAS,0BACd,UACmC;AACnC,MAAI,iBAAiB,YAAY,sBAAsB,UAAU;AAC/D,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL,aAAa;AAAA,EACf;AACF;AAEO,SAAS,gCAAgC,WAA0C;AACxF,MAAI,UAAU,WAAW,SAAS,GAAG;AACnC,WAAO,UAAU,SAAS;AAAA,EAC5B;AAEA,MAAI,KAAK,GAAG,UAAU,WAAW,SAAS,GAAG;AAC3C,WAAO,UAAU,SAAS;AAAA,EAC5B;AAEA,SAAO,OAAO,SAAS;AACzB;AAEO,SAAS,2BACd,WACmC;AACnC,SAAO;AAAA,IACL,aAAa;AAAA,MACX,+BAA+B;AAAA,IACjC;AAAA,EACF;AACF;AAOO,SAAS,mBAAmB,IAAuC;AACxE,SAAO,OAAO,EAAE,EAAE,MAAM,cAAY;AAClC,WAAO,SAAS,YAAY,GAAG,SAAS,SAAS,IAAI,SAAS,IAAI,KAAK,SAAS;AAAA,EAClF,CAAC;AACH;AAEO,SAAS,WAAW,YAAwC;AACjE,MAAI,WAAW,cAAc,WAAW,MAAM;AAC5C,WAAO,GAAG,WAAW,aAAa,SAAS,IAAI,WAAW,IAAI;AAAA,EAChE;AAEA,SAAO,WAAW;AACpB;AAEO,SAAS,kBAAkB,YAAwC;AACxE,MAAI,WAAW,cAAc,WAAW,MAAM;AAC5C,WAAO,GAAG,WAAW,aAAa,SAAS,IAAI,WAAW,IAAI;AAAA,EAChE;AAEA,SAAO,WAAW;AACpB;AAEO,SAAS,cACd,cACA,UACA,SACgB;AAChB,SAAO,OAAO,EAAE,UAAU,QAAQ,CAAC,EAAE,MAAM,CAAC,EAAE,UAAAC,WAAU,SAAAF,SAAQ,MAAM;AACpE,QAAIE,UAAS,cAAcF,SAAQ,IAAI;AACrC,YAAM,IAAI;AAAA,QACR,kCAAkC,YAAY,KAAKE,UAAS,SAAS,IAAI,OAAOA,UAAS,SAAS,SAASF,SAAQ,EAAE;AAAA,MACvH;AAAA,IACF;AAEA,WAAOE,UAAS,SAAS;AAAA,EAC3B,CAAC;AACH;;;AD/GO,IAAe,YAAf,cAAiC,kBAAkB;AAAA,EAC9C,YACR,MACA,MACA,MACA,MAKS,SAKA,UAKA,MAKA,QACT;AACA,UAAM,MAAM,MAAM,MAAM,IAAI;AAjBnB;AAKA;AAKA;AAKA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,OAAO,MAAc,MAAqB,MAA4C;AAC3F,WAAO,IAAI,iBAAiB,MAAM,MAAM,IAAI;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,cACL,MACA,MACA,MACW;AACX,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,IAAI,iBAAiB,MAAM,MAAM,IAAI;AAAA,IAC9C;AAEA,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,QACE,GAAG;AAAA,QACH,MAAMC,QAAO,IAAI,EAAE,MAAM,CAAAC,UAAQ;AAC/B,cAAIA,MAAK,SAAU,cAAcA,MAAK,QAAQ,IAAI;AAChD,kBAAM,IAAI;AAAA,cACR,6CAA6C,IAAI,OAAOA,MAAK,SAAU,SAAS,SAASA,MAAK,QAAQ,EAAE;AAAA,YAC1G;AAAA,UACF;AAEA,iBAAOA,MAAK,SAAU,SAAS;AAAA,QACjC,CAAC;AAAA,MACH;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,YACL,MACA,MACA,MACW;AACX,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,IAAI,iBAAiB,MAAM,MAAM,IAAI;AAAA,IAC9C;AAEA,WAAO,IAAI;AAAA,MACT;AAAA,MACAD,QAAO,IAAI,EAAE,MAAM,CAAAC,UAAQ;AACzB,YAAIA,MAAK,SAAU,cAAcA,MAAK,QAAQ,IAAI;AAChD,gBAAM,IAAI;AAAA,YACR,8CAA8C,IAAI,OAAOA,MAAK,SAAU,SAAS,SAASA,MAAK,QAAQ,EAAE;AAAA,UAC3G;AAAA,QACF;AAEA,eAAOA,MAAK,SAAU,SAAS;AAAA,MACjC,CAAC;AAAA,MACD,KAAK;AAAA,MACL;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,MAAM,MAAc,MAAqB,MAA4C;AAC1F,WAAO,IAAI,eAAe,MAAM,MAAM,IAAI;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,IACL,MACA,IACA,SACA,MACW;AACX,WAAO,IAAI,kBAAkB,MAAM,IAAI,SAAS,IAAI;AAAA,EACtD;AACF;AAEA,SAAS,qBACP,MACA,MACgC;AAChC,QAAM,SAAiC,KAAK,UAAU,UAAU,CAAC;AAEjE,MAAI,KAAK,YAAY;AACnB,WAAO,oCAAoC,IAAI;AAAA,EACjD;AAEA,SAAO,EAAE,GAAG,YAAY,MAAM,IAAI,GAAG,OAAO;AAC9C;AAEA,IAAM,mBAAN,cAA+B,UAAU;AAAA,EACvC,YAAY,MAAc,MAAqB,MAAiC;AAC9E,UAAM,YAAYD,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AACjD,aAAO,IAAIC,MAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,qBAAqBD,OAAM,IAAI;AAAA,QAC3C;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACAD,QAAO,KAAK,OAAO;AAAA,MACnB,UAAU;AAAA,MACV,UAAU;AAAA,MACV,UAAU;AAAA,IACZ;AAAA,EACF;AACF;AAEA,IAAM,iBAAN,cAA6B,UAAU;AAAA,EACrC,YAAY,MAAc,MAAqB,MAAiC;AAC9E,UAAM,YAAYA,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AACjD,aAAO,IAAIC,MAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,qBAAqBD,OAAM,IAAI;AAAA,QAC3C;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACAD,QAAO,KAAK,OAAO;AAAA,MACnB,UAAU;AAAA,MACV,UAAU;AAAA,MACV,UAAU;AAAA,IACZ;AAAA,EACF;AACF;AAEA,IAAM,oBAAN,cAAgC,UAAU;AAAA,EACxC,YACE,MACA,IACA,SACA,MACA;AACA,UAAM,YAAYA,QAAO,EAAE,EAAE,MAAM,OAAM,aAAY;AACnD,aAAOE,MAAK,GAAG,UAAU;AAAA;AAAA,QAEvB;AAAA,QACA;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAY,OAAO;AAAA,QACrC;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA,EAAE,IAAI,QAAQ;AAAA,MACd;AAAA,MACAF,QAAO,OAAO;AAAA,MACd,UAAU;AAAA,MACV,UAAU;AAAA,MACV,UAAU;AAAA,IACZ;AAAA,EACF;AACF;","names":["core","output","cluster","provider","resource","output","args","core"]}

package/dist/chunk-L6G2IHDP.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/pvc.ts","../src/secret.ts","../src/container.ts","../src/workload.ts","../src/pod.ts"],"sourcesContent":["import type { k8s } from \"@highstate/library\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n Output,\n output,\n type ComponentResourceOptions,\n type CustomResourceOptions,\n type Input,\n type Inputs,\n} from \"@highstate/pulumi\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { omit } from \"remeda\"\nimport {\n commonExtraArgs,\n getProvider,\n mapMetadata,\n resourceIdToString,\n type CommonArgs,\n type ResourceId,\n} from \"./shared\"\n\nexport type PersistentVolumeClaimArgs = CommonArgs &\n types.input.core.v1.PersistentVolumeClaimSpec & {\n /**\n * The size of the volume to request.\n *\n * By default, the size is set to \"100Mi\".\n */\n size?: string\n }\n\nexport type CreateOrGetPersistentVolumeClaimArgs = PersistentVolumeClaimArgs & {\n existing: Input<k8s.PersistentVolumeClaim> | undefined\n}\n\nconst extraPersistentVolumeClaimArgs = [...commonExtraArgs, \"size\"] as const\n\nexport abstract class PersistentVolumeClaim extends ComponentResource {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions,\n\n /**\n * The cluster where the PVC is created.\n */\n readonly cluster: Output<k8s.Cluster>,\n\n /**\n * The metadata of the underlying Kubernetes PVC.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The spec of the underlying Kubernetes PVC.\n */\n readonly spec: Output<types.output.core.v1.PersistentVolumeClaimSpec>,\n\n /**\n * The status of the underlying Kubernetes PVC.\n */\n readonly status: Output<types.output.core.v1.PersistentVolumeClaimStatus>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * The Highstate PVC entity.\n */\n get entity(): Output<k8s.PersistentVolumeClaim> {\n return output({\n type: \"k8s.persistent-volume-claim\",\n clusterId: this.cluster.id,\n metadata: this.metadata,\n })\n }\n\n static create(\n name: string,\n args: PersistentVolumeClaimArgs,\n opts: ComponentResourceOptions,\n ): PersistentVolumeClaim {\n return new CreatedPersistentVolumeClaim(name, args, opts)\n }\n\n static of(\n name: string,\n entity: Input<k8s.PersistentVolumeClaim>,\n cluster: Input<k8s.Cluster>,\n opts: ComponentResourceOptions,\n ): PersistentVolumeClaim {\n return new ExternalPersistentVolumeClaim(name, output(entity).metadata, cluster, opts)\n }\n\n static createOrGet(\n name: string,\n args: CreateOrGetPersistentVolumeClaimArgs,\n opts: ComponentResourceOptions,\n ): PersistentVolumeClaim {\n if (!args.existing) {\n return new CreatedPersistentVolumeClaim(name, args, opts)\n }\n\n return new ExternalPersistentVolumeClaim(\n name,\n output(args.existing).metadata,\n args.cluster,\n opts,\n )\n }\n}\n\nexport class CreatedPersistentVolumeClaim extends PersistentVolumeClaim {\n constructor(name: string, args: PersistentVolumeClaimArgs, opts: CustomResourceOptions) {\n const pvc = output(args).apply(async args => {\n return new core.v1.PersistentVolumeClaim(\n name,\n {\n metadata: mapMetadata(args, name),\n spec: deepmerge(\n {\n accessModes: [\"ReadWriteOnce\"],\n resources: {\n requests: {\n storage: args.size ?? \"100Mi\",\n },\n },\n } satisfies types.input.core.v1.PersistentVolumeClaimSpec,\n omit(args, extraPersistentVolumeClaimArgs),\n ),\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n super(\n \"k8s:PersistentVolumeClaim\",\n name,\n args,\n opts,\n\n output(args.cluster),\n pvc.metadata,\n pvc.spec,\n pvc.status,\n )\n }\n}\n\nexport class ExternalPersistentVolumeClaim extends PersistentVolumeClaim {\n constructor(\n name: string,\n id: Input<ResourceId>,\n cluster: Input<k8s.Cluster>,\n opts: ComponentResourceOptions,\n ) {\n const pvc = output(id).apply(async id => {\n return core.v1.PersistentVolumeClaim.get(\n //\n name,\n resourceIdToString(id),\n {\n ...opts,\n parent: this,\n provider: await getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:ExternalPersistentVolumeClaim\",\n name,\n { id, cluster },\n opts,\n\n output(cluster),\n pvc.metadata,\n pvc.spec,\n pvc.status,\n )\n }\n}\n\nexport function getAutoVolumeName(workloadName: string, index: number): string {\n if (index === 0) {\n return `${workloadName}-data`\n }\n\n return `${workloadName}-data-${index}`\n}\n","import type { k8s } from \"@highstate/library\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport {\n ComponentResource,\n output,\n Output,\n type ComponentResourceOptions,\n type Input,\n type Inputs,\n} from \"@pulumi/pulumi\"\nimport { getProvider, mapMetadata, withPatchName, type CommonArgs } from \"./shared\"\n\nexport type SecretArgs = CommonArgs &\n Omit<types.input.core.v1.Secret, \"kind\" | \"metadata\" | \"apiVersion\">\n\nexport type CreateOrPatchSecretArgs = SecretArgs & {\n /**\n * The resource to use to determine the name of the secret.\n *\n * If not provided, the secret will be created, otherwise it will be retrieved/patched.\n */\n existing: Input<k8s.Resource> | undefined\n}\n\nexport abstract class Secret extends ComponentResource {\n protected constructor(\n type: string,\n name: string,\n args: Inputs,\n opts: ComponentResourceOptions | undefined,\n\n /**\n * The cluster where the secret is created.\n */\n readonly cluster: Output<k8s.Cluster>,\n\n /**\n * The metadata of the underlying Kubernetes secret.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The data of the underlying Kubernetes secret.\n */\n readonly data: Output<Record<string, string>>,\n\n /**\n * The stringData of the underlying Kubernetes secret.\n */\n readonly stringData: Output<Record<string, string>>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * Creates a new secret.\n */\n static create(name: string, args: SecretArgs, opts?: ComponentResourceOptions): Secret {\n return new CreatedSecret(name, args, opts)\n }\n\n /**\n * Creates a new secret or patches an existing one.\n *\n * Will throw an error if the secret does not exist when `args.resource` is provided.\n */\n static createOrPatch(\n name: string,\n args: CreateOrPatchSecretArgs,\n opts?: ComponentResourceOptions,\n ): Secret {\n if (!args.existing) {\n return new CreatedSecret(name, args, opts)\n }\n\n return new SecretPatch(\n name,\n {\n ...args,\n name: withPatchName(\"secret\", args.existing, args.cluster),\n namespace: output(args.existing).metadata.namespace,\n },\n opts,\n )\n }\n\n /**\n * Gets an existing secret.\n *\n * Will throw an error if the secret does not exist.\n */\n static get(\n name: string,\n id: Input<string>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ): Secret {\n return new ExternalSecret(name, id, cluster, opts)\n }\n}\n\nclass CreatedSecret extends Secret {\n constructor(name: string, args: SecretArgs, opts?: ComponentResourceOptions) {\n const secret = output(args).apply(async args => {\n return new core.v1.Secret(\n name,\n {\n metadata: mapMetadata(args, name),\n data: args.data,\n stringData: args.stringData,\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:Secret\",\n name,\n args,\n opts,\n output(args.cluster),\n secret.metadata,\n secret.data,\n secret.stringData,\n )\n }\n}\n\nclass SecretPatch extends Secret {\n constructor(name: string, args: SecretArgs, opts?: ComponentResourceOptions) {\n const secret = output(args).apply(async args => {\n return new core.v1.SecretPatch(\n name,\n {\n metadata: mapMetadata(args, name),\n data: args.data,\n stringData: args.stringData,\n },\n {\n ...opts,\n parent: this,\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:SecretPatch\",\n name,\n args,\n opts,\n output(args.cluster),\n secret.metadata,\n secret.data,\n secret.stringData,\n )\n }\n}\n\nclass ExternalSecret extends Secret {\n constructor(\n name: string,\n id: Input<string>,\n cluster: Input<k8s.Cluster>,\n opts?: ComponentResourceOptions,\n ) {\n const secret = output(id).apply(async realName => {\n return core.v1.Secret.get(\n //\n name,\n realName,\n {\n ...opts,\n parent: this,\n provider: await getProvider(cluster),\n },\n )\n })\n\n super(\n \"highstate:k8s:ExternalSecret\",\n name,\n { id, cluster },\n opts,\n output(cluster),\n secret.metadata,\n secret.data,\n secret.stringData,\n )\n }\n}\n","import type { PartialKeys } from \"@highstate/contract\"\nimport type { k8s, network } from \"@highstate/library\"\nimport { core, type types } from \"@pulumi/kubernetes\"\nimport { normalize, output, type Input, type InputArray, type Unwrap } from \"@highstate/pulumi\"\nimport { concat, map, omit } from \"remeda\"\nimport { PersistentVolumeClaim } from \"./pvc\"\nimport { Secret } from \"./secret\"\n\nexport type Container = Omit<PartialKeys<types.input.core.v1.Container, \"name\">, \"volumeMounts\"> & {\n /**\n * The single port to add to the container.\n */\n port?: Input<types.input.core.v1.ContainerPort>\n\n /**\n * The volume mount to attach to the container.\n */\n volumeMount?: Input<ContainerVolumeMount>\n\n /**\n * The volume mounts to attach to the container.\n */\n volumeMounts?: InputArray<ContainerVolumeMount>\n\n /**\n * The volume to include in the parent workload.\n * It is like the `volumes` property, but defined at the container level.\n * It will be defined as a volume mount in the parent workload automatically.\n */\n volume?: Input<WorkloadVolume>\n\n /**\n * The volumes to include in the parent workload.\n * It is like the `volumes` property, but defined at the container level.\n * It will be defined as a volume mount in the parent workload automatically.\n */\n volumes?: InputArray<WorkloadVolume>\n\n /**\n * The map of environment variables to set in the container.\n * It is like the `env` property, but more convenient to use.\n */\n environment?: Input<ContainerEnvironment>\n\n /**\n * The source of environment variables to set in the container.\n * It is like the `envFrom` property, but more convenient to use.\n */\n environmentSource?: Input<ContainerEnvironmentSource>\n\n /**\n * The sources of environment variables to set in the container.\n * It is like the `envFrom` property, but more convenient to use.\n */\n environmentSources?: InputArray<ContainerEnvironmentSource>\n\n /**\n * The list of endpoints that the container is allowed to access.\n *\n * This is used to generate a network policy.\n */\n allowedEndpoints?: InputArray<network.L34Endpoint>\n\n /**\n * Enable the TUN device in the container.\n *\n * All necessary security context settings will be applied to the container.\n */\n enableTun?: Input<boolean>\n}\n\nconst containerExtraArgs = [\n \"port\",\n \"volumeMount\",\n \"volume\",\n \"environment\",\n \"environmentSource\",\n \"environmentSources\",\n] as const\n\nexport type ContainerEnvironment = Record<\n string,\n Input<string | undefined | null | ContainerEnvironmentVariable>\n>\n\nexport type ContainerEnvironmentVariable =\n | types.input.core.v1.EnvVarSource\n | {\n /**\n * The secret to select from.\n */\n secret: Input<core.v1.Secret | Secret>\n\n /**\n * The key of the secret to select from.\n */\n key: string\n }\n | {\n /**\n * The config map to select from.\n */\n configMap: Input<core.v1.ConfigMap>\n\n /**\n * The key of the config map to select from.\n */\n key: string\n }\n\nexport type ContainerEnvironmentSource =\n | types.input.core.v1.EnvFromSource\n | core.v1.ConfigMap\n | core.v1.Secret\n\nexport type ContainerVolumeMount =\n | types.input.core.v1.VolumeMount\n | (Omit<types.input.core.v1.VolumeMount, \"name\"> & {\n /**\n * The volume to mount.\n */\n volume: Input<WorkloadVolume>\n })\n\nexport type WorkloadVolume =\n | types.input.core.v1.Volume\n | core.v1.PersistentVolumeClaim\n | PersistentVolumeClaim\n | Secret\n | core.v1.ConfigMap\n | core.v1.Secret\n\nexport function mapContainerToRaw(\n container: Unwrap<Container>,\n cluster: k8s.Cluster,\n fallbackName: string,\n): types.input.core.v1.Container {\n const containerName = container.name ?? fallbackName\n\n const spec = {\n ...omit(container, containerExtraArgs),\n\n name: containerName,\n ports: normalize(container.port, container.ports),\n\n volumeMounts: map(normalize(container.volumeMount, container.volumeMounts), mapVolumeMount),\n\n env: concat(\n container.environment ? mapContainerEnvironment(container.environment) : [],\n container.env ?? [],\n ),\n\n envFrom: concat(\n map(\n normalize(container.environmentSource, container.environmentSources),\n mapEnvironmentSource,\n ),\n container.envFrom ?? [],\n ),\n } as Unwrap<types.input.core.v1.Container>\n\n if (container.enableTun) {\n spec.securityContext ??= {}\n spec.securityContext.capabilities ??= {}\n spec.securityContext.capabilities.add = [\"NET_ADMIN\"]\n\n if (cluster.quirks?.tunDevicePolicy?.type === \"plugin\") {\n spec.resources ??= {}\n spec.resources.limits ??= {}\n spec.resources.limits[cluster.quirks.tunDevicePolicy.resourceName] =\n cluster.quirks.tunDevicePolicy.resourceValue\n } else {\n spec.volumeMounts ??= []\n spec.volumeMounts.push({\n name: \"tun-device\",\n mountPath: \"/dev/net/tun\",\n readOnly: false,\n })\n }\n }\n\n return spec\n}\n\nexport function mapContainerEnvironment(\n environment: Unwrap<ContainerEnvironment>,\n): types.input.core.v1.EnvVar[] {\n const envVars: types.input.core.v1.EnvVar[] = []\n\n for (const [name, value] of Object.entries(environment)) {\n if (!value) {\n continue\n }\n\n if (typeof value === \"string\") {\n envVars.push({ name, value })\n continue\n }\n\n if (\"secret\" in value) {\n envVars.push({\n name,\n valueFrom: {\n secretKeyRef: {\n name: value.secret.metadata.name,\n key: value.key,\n },\n },\n })\n continue\n }\n\n if (\"configMap\" in value) {\n envVars.push({\n name,\n valueFrom: {\n configMapKeyRef: {\n name: value.configMap.metadata.name,\n key: value.key,\n },\n },\n })\n continue\n }\n\n envVars.push({ name, valueFrom: value })\n }\n\n return envVars\n}\n\nexport function mapVolumeMount(volumeMount: ContainerVolumeMount): types.input.core.v1.VolumeMount {\n if (\"volume\" in volumeMount) {\n return omit(\n {\n ...volumeMount,\n name: output(volumeMount.volume)\n .apply(mapWorkloadVolume)\n .apply(volume => output(volume.name)),\n },\n [\"volume\"],\n )\n }\n\n return {\n ...volumeMount,\n name: volumeMount.name,\n }\n}\n\nexport function mapEnvironmentSource(\n envFrom: ContainerEnvironmentSource,\n): types.input.core.v1.EnvFromSource {\n if (envFrom instanceof core.v1.ConfigMap) {\n return {\n configMapRef: {\n name: envFrom.metadata.name,\n },\n }\n }\n\n if (envFrom instanceof core.v1.Secret) {\n return {\n secretRef: {\n name: envFrom.metadata.name,\n },\n }\n }\n\n return envFrom\n}\n\nexport function mapWorkloadVolume(volume: WorkloadVolume) {\n if (volume instanceof PersistentVolumeClaim) {\n return {\n name: volume.metadata.name,\n persistentVolumeClaim: {\n claimName: volume.metadata.name,\n },\n }\n }\n\n if (volume instanceof Secret) {\n return {\n name: volume.metadata.name,\n secret: {\n secretName: volume.metadata.name,\n },\n }\n }\n\n if (core.v1.PersistentVolumeClaim.isInstance(volume)) {\n return {\n name: volume.metadata.name,\n persistentVolumeClaim: {\n claimName: volume.metadata.name,\n },\n }\n }\n\n if (core.v1.ConfigMap.isInstance(volume)) {\n return {\n name: volume.metadata.name,\n configMap: {\n name: volume.metadata.name,\n },\n }\n }\n\n if (core.v1.Secret.isInstance(volume)) {\n return {\n name: volume.metadata.name,\n secret: {\n secretName: volume.metadata.name,\n },\n }\n }\n\n return volume\n}\n","import type { k8s } from \"@highstate/library\"\nimport type { DeploymentArgs } from \"./deployment\"\nimport type { StatefulSetArgs } from \"./stateful-set\"\nimport type { types } from \"@pulumi/kubernetes\"\nimport {\n normalize,\n type ComponentResourceOptions,\n type InputArray,\n type InstanceTerminal,\n} from \"@highstate/pulumi\"\nimport {\n ComponentResource,\n interpolate,\n Output,\n output,\n type CustomResourceOptions,\n type Input,\n} from \"@pulumi/pulumi\"\nimport { uniqueBy } from \"remeda\"\nimport { deepmerge } from \"deepmerge-ts\"\nimport { commonExtraArgs, getProvider, type CommonArgs } from \"./shared\"\nimport { mapContainerPortToServicePort, Service, type ServiceArgs } from \"./service\"\nimport { HttpRoute, type HttpRouteArgs } from \"./gateway\"\nimport {\n mapContainerToRaw,\n mapWorkloadVolume,\n type Container,\n type WorkloadVolume,\n} from \"./container\"\nimport { NetworkPolicy } from \"./network-policy\"\nimport { podSpecDefaults } from \"./pod\"\n\nexport type WorkloadArgs = CommonArgs & {\n container?: Input<Container>\n containers?: InputArray<Container>\n\n /**\n * The shell to use in the terminal.\n *\n * By default, `bash` is used.\n */\n terminalShell?: string\n}\n\nexport const workloadExtraArgs = [...commonExtraArgs, \"container\", \"containers\"] as const\n\nexport type ExposableWorkloadArgs = WorkloadArgs & {\n service?: Input<Omit<ServiceArgs, \"cluster\" | \"namespace\">>\n httpRoute?: Input<Omit<HttpRouteArgs, \"cluster\" | \"namespace\">>\n\n /**\n * The existing workload to patch.\n */\n existing?: Input<k8s.ExposableWorkload>\n}\n\nexport const exposableWorkloadExtraArgs = [...workloadExtraArgs, \"service\", \"httpRoute\"] as const\n\nexport type ExposableWorkloadType = \"Deployment\" | \"StatefulSet\"\n\nexport type GenericExposableWorkloadArgs = Omit<ExposableWorkloadArgs, \"existing\"> & {\n /**\n * The type of workload to create.\n *\n * Will be ignored if the `existing` argument is provided.\n */\n type: ExposableWorkloadType\n\n /**\n * The existing workload to patch.\n */\n existing: Input<k8s.ExposableWorkload | undefined>\n\n /**\n * The args specific to the \"Deployment\" workload type.\n *\n * Will be ignored for other workload types.\n */\n deployment?: Input<DeploymentArgs>\n\n /**\n * The args specific to the \"StatefulSet\" workload type.\n *\n * Will be ignored for other workload types.\n */\n statefulSet?: Input<StatefulSetArgs>\n}\n\nexport function getWorkloadComponents(\n name: string,\n args: WorkloadArgs,\n parent: () => ComponentResource,\n opts: ComponentResourceOptions | undefined,\n) {\n const labels = {\n \"app.kubernetes.io/name\": name,\n }\n\n const containers = output(args).apply(args => normalize(args.container, args.containers))\n\n const volumes = containers.apply(containers => {\n const containerVolumes = containers\n .flatMap(container => normalize(container.volume, container.volumes))\n .map(mapWorkloadVolume)\n\n const containerVolumeMounts = containers\n .flatMap(container => {\n return normalize(container.volumeMount, container.volumeMounts)\n .map(volumeMount => {\n return \"volume\" in volumeMount ? volumeMount.volume : undefined\n })\n .filter(Boolean) as WorkloadVolume[]\n })\n .map(mapWorkloadVolume)\n\n return output([...containerVolumes, ...containerVolumeMounts]).apply(\n uniqueBy(volume => volume.name),\n )\n })\n\n const podSpec = output({ args, containers, volumes }).apply(({ args, containers, volumes }) => {\n const spec = {\n volumes,\n containers: containers.map(container => mapContainerToRaw(container, args.cluster, name)),\n ...podSpecDefaults,\n } satisfies types.input.core.v1.PodSpec\n\n if (\n containers.some(container => container.enableTun) &&\n args.cluster.quirks?.tunDevicePolicy?.type !== \"plugin\"\n ) {\n spec.volumes = output(spec.volumes).apply(volumes => [\n ...(volumes ?? []),\n {\n name: \"tun-device\",\n hostPath: {\n path: \"/dev/net/tun\",\n },\n },\n ])\n }\n\n return spec\n })\n\n const podTemplate = podSpec.apply(podSpec => {\n return {\n metadata: { labels },\n spec: podSpec,\n } satisfies types.input.core.v1.PodTemplateSpec\n })\n\n const networkPolicy = containers.apply(containers => {\n const allowedEndpoints = containers.flatMap(container => container.allowedEndpoints ?? [])\n\n if (allowedEndpoints.length === 0) {\n return undefined\n }\n\n return NetworkPolicy.create(\n name,\n {\n cluster: args.cluster,\n namespace: args.namespace,\n selector: labels,\n\n egressRule: {\n toEndpoints: allowedEndpoints,\n },\n },\n { ...opts, parent: parent() },\n )\n }) as Output<NetworkPolicy | undefined>\n\n return { labels, containers, volumes, podSpec, podTemplate, networkPolicy }\n}\n\nexport function getExposableWorkloadComponents(\n name: string,\n args: ExposableWorkloadArgs,\n parent: () => ComponentResource,\n opts: ComponentResourceOptions | undefined,\n) {\n const { labels, containers, volumes, podSpec, podTemplate, networkPolicy } =\n getWorkloadComponents(name, args, parent, opts)\n\n const service = output({ args, containers }).apply(async ({ args, containers }) => {\n if (!args.service && !args.httpRoute) {\n return undefined\n }\n\n if (args.existing?.service) {\n return Service.of(name, args.existing.service, args.cluster, { ...opts, parent: parent() })\n }\n\n if (args.existing) {\n return undefined\n }\n\n const ports = containers.flatMap(container => normalize(container.port, container.ports))\n\n return Service.create(\n name,\n {\n ...args.service,\n selector: labels,\n cluster: args.cluster,\n namespace: args.namespace,\n\n ports:\n // allow to completely override the ports\n !args.service?.port && !args.service?.ports\n ? ports.map(mapContainerPortToServicePort)\n : args.service?.ports,\n },\n {\n ...opts,\n parent: parent(),\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n const httpRoute = output({\n args,\n service,\n }).apply(async ({ args, service }) => {\n if (!args.httpRoute || !service) {\n return undefined\n }\n\n if (args.existing) {\n return undefined\n }\n\n return new HttpRoute(\n name,\n {\n ...args.httpRoute,\n cluster: args.cluster,\n rule: {\n backend: service,\n },\n },\n {\n ...opts,\n parent: parent(),\n provider: await getProvider(args.cluster),\n },\n )\n })\n\n return { labels, containers, volumes, podSpec, podTemplate, networkPolicy, service, httpRoute }\n}\n\nexport abstract class Workload extends ComponentResource {\n protected constructor(\n type: string,\n protected readonly name: string,\n private readonly args: WorkloadArgs,\n opts: ComponentResourceOptions | undefined,\n\n protected readonly resourceType: string,\n\n /**\n * The cluster where the workload is created.\n */\n readonly cluster: Output<k8s.Cluster>,\n\n /**\n * The metadata of the underlying Kubernetes workload.\n */\n readonly metadata: Output<types.output.meta.v1.ObjectMeta>,\n\n /**\n * The network policy associated with the workload.\n *\n * Will be created if one or more containers have `allowedEndpoints` defined.\n */\n readonly networkPolicy: Output<NetworkPolicy | undefined>,\n ) {\n super(type, name, args, opts)\n }\n\n /**\n * The instance terminal to interact with the deployment.\n */\n get terminal(): Output<InstanceTerminal> {\n const containerName = output(this.args).apply(args => {\n const containers = normalize(args.container, args.containers)\n\n return containers[0]?.name ?? this.name\n })\n\n return output({\n name: this.metadata.name,\n title: this.metadata.name,\n image: \"ghcr.io/exeteres/highstate/terminal-kubectl\",\n command: [\n \"exec\",\n \"kubectl\",\n \"exec\",\n \"-it\",\n \"-n\",\n this.metadata.namespace,\n interpolate`${this.resourceType}/${this.metadata.name}`,\n \"-c\",\n containerName,\n \"--\",\n this.args.terminalShell ?? \"bash\",\n ],\n files: {\n \"/kubeconfig\": this.cluster.kubeconfig,\n },\n env: {\n KUBECONFIG: \"/kubeconfig\",\n },\n })\n }\n}\n\nexport abstract class ExposableWorkload extends Workload {\n protected constructor(\n type: string,\n protected readonly name: string,\n args: ExposableWorkloadArgs,\n opts: ComponentResourceOptions | undefined,\n\n resourceType: string,\n cluster: Output<k8s.Cluster>,\n metadata: Output<types.output.meta.v1.ObjectMeta>,\n networkPolicy: Output<NetworkPolicy | undefined>,\n\n protected readonly _service: Output<Service | undefined>,\n protected readonly _httpRoute: Output<HttpRoute | undefined>,\n ) {\n super(type, name, args, opts, resourceType, cluster, metadata, networkPolicy)\n }\n\n /**\n * The service associated with the workload.\n */\n get optionalService(): Output<Service | undefined> {\n return this._service\n }\n\n /**\n * The HTTP route associated with the workload.\n */\n get optionalHttpRoute(): Output<HttpRoute | undefined> {\n return this._httpRoute\n }\n\n /**\n * The service associated with the workload.\n *\n * Will throw an error if the service is not available.\n */\n get service(): Output<Service> {\n return this._service.apply(service => {\n if (!service) {\n throw new Error(`The service of the workload \"${this.name}\" is not available.`)\n }\n\n return service\n })\n }\n\n /**\n * The HTTP route associated with the workload.\n *\n * Will throw an error if the HTTP route is not available.\n */\n get httpRoute(): Output<HttpRoute> {\n return this._httpRoute.apply(httpRoute => {\n if (!httpRoute) {\n throw new Error(`The HTTP route of the workload \"${this.name}\" is not available.`)\n }\n\n return httpRoute\n })\n }\n\n /**\n * The entity of the workload.\n */\n abstract get entity(): Output<k8s.ExposableWorkload>\n\n /**\n * The sped of the underlying Kubernetes workload.\n */\n abstract get spec(): Output<\n types.output.apps.v1.DeploymentSpec | types.output.apps.v1.StatefulSetSpec\n >\n\n /**\n * Creates a generic workload or patches the existing one.\n */\n static createOrPatchGeneric(\n name: string,\n args: GenericExposableWorkloadArgs,\n opts?: CustomResourceOptions,\n ): Output<ExposableWorkload> {\n return output(args).apply(async args => {\n if (args.existing?.type === \"k8s.deployment\") {\n const { Deployment } = await import(\"./deployment\")\n\n return Deployment.patch(\n name,\n {\n ...deepmerge(args, args.deployment),\n name: args.existing.metadata.name,\n namespace: args.existing.metadata.namespace,\n },\n opts,\n )\n }\n\n if (args.existing?.type === \"k8s.stateful-set\") {\n const { StatefulSet } = await import(\"./stateful-set\")\n\n return StatefulSet.patch(\n name,\n {\n ...deepmerge(args, args.statefulSet),\n name: args.existing.metadata.name,\n namespace: args.existing.metadata.namespace,\n },\n opts,\n )\n }\n\n if (args.type === \"Deployment\") {\n const { Deployment } = await import(\"./deployment\")\n\n return Deployment.create(name, deepmerge(args, args.deployment), opts)\n }\n\n if (args.type === \"StatefulSet\") {\n const { StatefulSet } = await import(\"./stateful-set\")\n\n return StatefulSet.create(name, deepmerge(args, args.statefulSet), opts)\n }\n\n throw new Error(`Unknown workload type: ${args.type as string}`)\n })\n }\n}\n","import type { types } from \"@pulumi/kubernetes\"\n\nexport const podSpecDefaults: Partial<types.input.core.v1.PodSpec> = {\n automountServiceAccountToken: false,\n}\n"],"mappings":";;;;;;;;;;;;;;;AACA,SAAS,YAAwB;AACjC;AAAA,EACE;AAAA,EAEA;AAAA,OAKK;AACP,SAAS,iBAAiB;AAC1B,SAAS,YAAY;AAwBrB,IAAM,iCAAiC,CAAC,GAAG,iBAAiB,MAAM;AAE3D,IAAe,wBAAf,cAA6C,kBAAkB;AAAA,EAC1D,YACR,MACA,MACA,MACA,MAKS,SAKA,UAKA,MAKA,QACT;AACA,UAAM,MAAM,MAAM,MAAM,IAAI;AAjBnB;AAKA;AAKA;AAKA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,SAA4C;AAC9C,WAAO,OAAO;AAAA,MACZ,MAAM;AAAA,MACN,WAAW,KAAK,QAAQ;AAAA,MACxB,UAAU,KAAK;AAAA,IACjB,CAAC;AAAA,EACH;AAAA,EAEA,OAAO,OACL,MACA,MACA,MACuB;AACvB,WAAO,IAAI,6BAA6B,MAAM,MAAM,IAAI;AAAA,EAC1D;AAAA,EAEA,OAAO,GACL,MACA,QACA,SACA,MACuB;AACvB,WAAO,IAAI,8BAA8B,MAAM,OAAO,MAAM,EAAE,UAAU,SAAS,IAAI;AAAA,EACvF;AAAA,EAEA,OAAO,YACL,MACA,MACA,MACuB;AACvB,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,IAAI,6BAA6B,MAAM,MAAM,IAAI;AAAA,IAC1D;AAEA,WAAO,IAAI;AAAA,MACT;AAAA,MACA,OAAO,KAAK,QAAQ,EAAE;AAAA,MACtB,KAAK;AAAA,MACL;AAAA,IACF;AAAA,EACF;AACF;AAEO,IAAM,+BAAN,cAA2C,sBAAsB;AAAA,EACtE,YAAY,MAAc,MAAiC,MAA6B;AACtF,UAAM,MAAM,OAAO,IAAI,EAAE,MAAM,OAAMA,UAAQ;AAC3C,aAAO,IAAI,KAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,YAAYA,OAAM,IAAI;AAAA,UAChC,MAAM;AAAA,YACJ;AAAA,cACE,aAAa,CAAC,eAAe;AAAA,cAC7B,WAAW;AAAA,gBACT,UAAU;AAAA,kBACR,SAASA,MAAK,QAAQ;AAAA,gBACxB;AAAA,cACF;AAAA,YACF;AAAA,YACA,KAAKA,OAAM,8BAA8B;AAAA,UAC3C;AAAA,QACF;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MAEA,OAAO,KAAK,OAAO;AAAA,MACnB,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACN;AAAA,EACF;AACF;AAEO,IAAM,gCAAN,cAA4C,sBAAsB;AAAA,EACvE,YACE,MACA,IACA,SACA,MACA;AACA,UAAM,MAAM,OAAO,EAAE,EAAE,MAAM,OAAMC,QAAM;AACvC,aAAO,KAAK,GAAG,sBAAsB;AAAA;AAAA,QAEnC;AAAA,QACA,mBAAmBA,GAAE;AAAA,QACrB;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAY,OAAO;AAAA,QACrC;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA,EAAE,IAAI,QAAQ;AAAA,MACd;AAAA,MAEA,OAAO,OAAO;AAAA,MACd,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,IACN;AAAA,EACF;AACF;;;AC1LA,SAAS,QAAAC,aAAwB;AACjC;AAAA,EACE,qBAAAC;AAAA,EACA,UAAAC;AAAA,OAKK;AAeA,IAAe,SAAf,cAA8BC,mBAAkB;AAAA,EAC3C,YACR,MACA,MACA,MACA,MAKS,SAKA,UAKA,MAKA,YACT;AACA,UAAM,MAAM,MAAM,MAAM,IAAI;AAjBnB;AAKA;AAKA;AAKA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,OAAO,MAAc,MAAkB,MAAyC;AACrF,WAAO,IAAI,cAAc,MAAM,MAAM,IAAI;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,cACL,MACA,MACA,MACQ;AACR,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,IAAI,cAAc,MAAM,MAAM,IAAI;AAAA,IAC3C;AAEA,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,QACE,GAAG;AAAA,QACH,MAAM,cAAc,UAAU,KAAK,UAAU,KAAK,OAAO;AAAA,QACzD,WAAWC,QAAO,KAAK,QAAQ,EAAE,SAAS;AAAA,MAC5C;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,IACL,MACA,IACA,SACA,MACQ;AACR,WAAO,IAAI,eAAe,MAAM,IAAI,SAAS,IAAI;AAAA,EACnD;AACF;AAEA,IAAM,gBAAN,cAA4B,OAAO;AAAA,EACjC,YAAY,MAAc,MAAkB,MAAiC;AAC3E,UAAM,SAASA,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AAC9C,aAAO,IAAIC,MAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,YAAYD,OAAM,IAAI;AAAA,UAChC,MAAMA,MAAK;AAAA,UACX,YAAYA,MAAK;AAAA,QACnB;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACAD,QAAO,KAAK,OAAO;AAAA,MACnB,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,IAAM,cAAN,cAA0B,OAAO;AAAA,EAC/B,YAAY,MAAc,MAAkB,MAAiC;AAC3E,UAAM,SAASA,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AAC9C,aAAO,IAAIC,MAAK,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,UACE,UAAU,YAAYD,OAAM,IAAI;AAAA,UAChC,MAAMA,MAAK;AAAA,UACX,YAAYA,MAAK;AAAA,QACnB;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,QAC1C;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACAD,QAAO,KAAK,OAAO;AAAA,MACnB,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,IAAM,iBAAN,cAA6B,OAAO;AAAA,EAClC,YACE,MACA,IACA,SACA,MACA;AACA,UAAM,SAASA,QAAO,EAAE,EAAE,MAAM,OAAM,aAAY;AAChD,aAAOE,MAAK,GAAG,OAAO;AAAA;AAAA,QAEpB;AAAA,QACA;AAAA,QACA;AAAA,UACE,GAAG;AAAA,UACH,QAAQ;AAAA,UACR,UAAU,MAAM,YAAY,OAAO;AAAA,QACrC;AAAA,MACF;AAAA,IACF,CAAC;AAED;AAAA,MACE;AAAA,MACA;AAAA,MACA,EAAE,IAAI,QAAQ;AAAA,MACd;AAAA,MACAF,QAAO,OAAO;AAAA,MACd,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAAA,EACF;AACF;;;AChMA,SAAS,QAAAG,aAAwB;AACjC,SAAS,WAAW,UAAAC,eAAwD;AAC5E,SAAS,QAAQ,KAAK,QAAAC,aAAY;AAmElC,IAAM,qBAAqB;AAAA,EACzB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAsDO,SAAS,kBACd,WACA,SACA,cAC+B;AAC/B,QAAM,gBAAgB,UAAU,QAAQ;AAExC,QAAM,OAAO;AAAA,IACX,GAAGC,MAAK,WAAW,kBAAkB;AAAA,IAErC,MAAM;AAAA,IACN,OAAO,UAAU,UAAU,MAAM,UAAU,KAAK;AAAA,IAEhD,cAAc,IAAI,UAAU,UAAU,aAAa,UAAU,YAAY,GAAG,cAAc;AAAA,IAE1F,KAAK;AAAA,MACH,UAAU,cAAc,wBAAwB,UAAU,WAAW,IAAI,CAAC;AAAA,MAC1E,UAAU,OAAO,CAAC;AAAA,IACpB;AAAA,IAEA,SAAS;AAAA,MACP;AAAA,QACE,UAAU,UAAU,mBAAmB,UAAU,kBAAkB;AAAA,QACnE;AAAA,MACF;AAAA,MACA,UAAU,WAAW,CAAC;AAAA,IACxB;AAAA,EACF;AAEA,MAAI,UAAU,WAAW;AACvB,SAAK,oBAAoB,CAAC;AAC1B,SAAK,gBAAgB,iBAAiB,CAAC;AACvC,SAAK,gBAAgB,aAAa,MAAM,CAAC,WAAW;AAEpD,QAAI,QAAQ,QAAQ,iBAAiB,SAAS,UAAU;AACtD,WAAK,cAAc,CAAC;AACpB,WAAK,UAAU,WAAW,CAAC;AAC3B,WAAK,UAAU,OAAO,QAAQ,OAAO,gBAAgB,YAAY,IAC/D,QAAQ,OAAO,gBAAgB;AAAA,IACnC,OAAO;AACL,WAAK,iBAAiB,CAAC;AACvB,WAAK,aAAa,KAAK;AAAA,QACrB,MAAM;AAAA,QACN,WAAW;AAAA,QACX,UAAU;AAAA,MACZ,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO;AACT;AAEO,SAAS,wBACd,aAC8B;AAC9B,QAAM,UAAwC,CAAC;AAE/C,aAAW,CAAC,MAAM,KAAK,KAAK,OAAO,QAAQ,WAAW,GAAG;AACvD,QAAI,CAAC,OAAO;AACV;AAAA,IACF;AAEA,QAAI,OAAO,UAAU,UAAU;AAC7B,cAAQ,KAAK,EAAE,MAAM,MAAM,CAAC;AAC5B;AAAA,IACF;AAEA,QAAI,YAAY,OAAO;AACrB,cAAQ,KAAK;AAAA,QACX;AAAA,QACA,WAAW;AAAA,UACT,cAAc;AAAA,YACZ,MAAM,MAAM,OAAO,SAAS;AAAA,YAC5B,KAAK,MAAM;AAAA,UACb;AAAA,QACF;AAAA,MACF,CAAC;AACD;AAAA,IACF;AAEA,QAAI,eAAe,OAAO;AACxB,cAAQ,KAAK;AAAA,QACX;AAAA,QACA,WAAW;AAAA,UACT,iBAAiB;AAAA,YACf,MAAM,MAAM,UAAU,SAAS;AAAA,YAC/B,KAAK,MAAM;AAAA,UACb;AAAA,QACF;AAAA,MACF,CAAC;AACD;AAAA,IACF;AAEA,YAAQ,KAAK,EAAE,MAAM,WAAW,MAAM,CAAC;AAAA,EACzC;AAEA,SAAO;AACT;AAEO,SAAS,eAAe,aAAoE;AACjG,MAAI,YAAY,aAAa;AAC3B,WAAOA;AAAA,MACL;AAAA,QACE,GAAG;AAAA,QACH,MAAMC,QAAO,YAAY,MAAM,EAC5B,MAAM,iBAAiB,EACvB,MAAM,YAAUA,QAAO,OAAO,IAAI,CAAC;AAAA,MACxC;AAAA,MACA,CAAC,QAAQ;AAAA,IACX;AAAA,EACF;AAEA,SAAO;AAAA,IACL,GAAG;AAAA,IACH,MAAM,YAAY;AAAA,EACpB;AACF;AAEO,SAAS,qBACd,SACmC;AACnC,MAAI,mBAAmBC,MAAK,GAAG,WAAW;AACxC,WAAO;AAAA,MACL,cAAc;AAAA,QACZ,MAAM,QAAQ,SAAS;AAAA,MACzB;AAAA,IACF;AAAA,EACF;AAEA,MAAI,mBAAmBA,MAAK,GAAG,QAAQ;AACrC,WAAO;AAAA,MACL,WAAW;AAAA,QACT,MAAM,QAAQ,SAAS;AAAA,MACzB;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAEO,SAAS,kBAAkB,QAAwB;AACxD,MAAI,kBAAkB,uBAAuB;AAC3C,WAAO;AAAA,MACL,MAAM,OAAO,SAAS;AAAA,MACtB,uBAAuB;AAAA,QACrB,WAAW,OAAO,SAAS;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAEA,MAAI,kBAAkB,QAAQ;AAC5B,WAAO;AAAA,MACL,MAAM,OAAO,SAAS;AAAA,MACtB,QAAQ;AAAA,QACN,YAAY,OAAO,SAAS;AAAA,MAC9B;AAAA,IACF;AAAA,EACF;AAEA,MAAIA,MAAK,GAAG,sBAAsB,WAAW,MAAM,GAAG;AACpD,WAAO;AAAA,MACL,MAAM,OAAO,SAAS;AAAA,MACtB,uBAAuB;AAAA,QACrB,WAAW,OAAO,SAAS;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAEA,MAAIA,MAAK,GAAG,UAAU,WAAW,MAAM,GAAG;AACxC,WAAO;AAAA,MACL,MAAM,OAAO,SAAS;AAAA,MACtB,WAAW;AAAA,QACT,MAAM,OAAO,SAAS;AAAA,MACxB;AAAA,IACF;AAAA,EACF;AAEA,MAAIA,MAAK,GAAG,OAAO,WAAW,MAAM,GAAG;AACrC,WAAO;AAAA,MACL,MAAM,OAAO,SAAS;AAAA,MACtB,QAAQ;AAAA,QACN,YAAY,OAAO,SAAS;AAAA,MAC9B;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;;;AC3TA;AAAA,EACE,aAAAC;AAAA,OAIK;AACP;AAAA,EACE,qBAAAC;AAAA,EACA;AAAA,EAEA,UAAAC;AAAA,OAGK;AACP,SAAS,gBAAgB;AACzB,SAAS,aAAAC,kBAAiB;;;ACjBnB,IAAM,kBAAwD;AAAA,EACnE,8BAA8B;AAChC;;;ADwCO,IAAM,oBAAoB,CAAC,GAAG,iBAAiB,aAAa,YAAY;AAYxE,IAAM,6BAA6B,CAAC,GAAG,mBAAmB,WAAW,WAAW;AAgChF,SAAS,sBACd,MACA,MACA,QACA,MACA;AACA,QAAM,SAAS;AAAA,IACb,0BAA0B;AAAA,EAC5B;AAEA,QAAM,aAAaC,QAAO,IAAI,EAAE,MAAM,CAAAC,UAAQC,WAAUD,MAAK,WAAWA,MAAK,UAAU,CAAC;AAExF,QAAM,UAAU,WAAW,MAAM,CAAAE,gBAAc;AAC7C,UAAM,mBAAmBA,YACtB,QAAQ,eAAaD,WAAU,UAAU,QAAQ,UAAU,OAAO,CAAC,EACnE,IAAI,iBAAiB;AAExB,UAAM,wBAAwBC,YAC3B,QAAQ,eAAa;AACpB,aAAOD,WAAU,UAAU,aAAa,UAAU,YAAY,EAC3D,IAAI,iBAAe;AAClB,eAAO,YAAY,cAAc,YAAY,SAAS;AAAA,MACxD,CAAC,EACA,OAAO,OAAO;AAAA,IACnB,CAAC,EACA,IAAI,iBAAiB;AAExB,WAAOF,QAAO,CAAC,GAAG,kBAAkB,GAAG,qBAAqB,CAAC,EAAE;AAAA,MAC7D,SAAS,YAAU,OAAO,IAAI;AAAA,IAChC;AAAA,EACF,CAAC;AAED,QAAM,UAAUA,QAAO,EAAE,MAAM,YAAY,QAAQ,CAAC,EAAE,MAAM,CAAC,EAAE,MAAAC,OAAM,YAAAE,aAAY,SAAAC,SAAQ,MAAM;AAC7F,UAAM,OAAO;AAAA,MACX,SAAAA;AAAA,MACA,YAAYD,YAAW,IAAI,eAAa,kBAAkB,WAAWF,MAAK,SAAS,IAAI,CAAC;AAAA,MACxF,GAAG;AAAA,IACL;AAEA,QACEE,YAAW,KAAK,eAAa,UAAU,SAAS,KAChDF,MAAK,QAAQ,QAAQ,iBAAiB,SAAS,UAC/C;AACA,WAAK,UAAUD,QAAO,KAAK,OAAO,EAAE,MAAM,CAAAI,aAAW;AAAA,QACnD,GAAIA,YAAW,CAAC;AAAA,QAChB;AAAA,UACE,MAAM;AAAA,UACN,UAAU;AAAA,YACR,MAAM;AAAA,UACR;AAAA,QACF;AAAA,MACF,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT,CAAC;AAED,QAAM,cAAc,QAAQ,MAAM,CAAAC,aAAW;AAC3C,WAAO;AAAA,MACL,UAAU,EAAE,OAAO;AAAA,MACnB,MAAMA;AAAA,IACR;AAAA,EACF,CAAC;AAED,QAAM,gBAAgB,WAAW,MAAM,CAAAF,gBAAc;AACnD,UAAM,mBAAmBA,YAAW,QAAQ,eAAa,UAAU,oBAAoB,CAAC,CAAC;AAEzF,QAAI,iBAAiB,WAAW,GAAG;AACjC,aAAO;AAAA,IACT;AAEA,WAAO,cAAc;AAAA,MACnB;AAAA,MACA;AAAA,QACE,SAAS,KAAK;AAAA,QACd,WAAW,KAAK;AAAA,QAChB,UAAU;AAAA,QAEV,YAAY;AAAA,UACV,aAAa;AAAA,QACf;AAAA,MACF;AAAA,MACA,EAAE,GAAG,MAAM,QAAQ,OAAO,EAAE;AAAA,IAC9B;AAAA,EACF,CAAC;AAED,SAAO,EAAE,QAAQ,YAAY,SAAS,SAAS,aAAa,cAAc;AAC5E;AAEO,SAAS,+BACd,MACA,MACA,QACA,MACA;AACA,QAAM,EAAE,QAAQ,YAAY,SAAS,SAAS,aAAa,cAAc,IACvE,sBAAsB,MAAM,MAAM,QAAQ,IAAI;AAEhD,QAAM,UAAUH,QAAO,EAAE,MAAM,WAAW,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,YAAAE,YAAW,MAAM;AACjF,QAAI,CAACF,MAAK,WAAW,CAACA,MAAK,WAAW;AACpC,aAAO;AAAA,IACT;AAEA,QAAIA,MAAK,UAAU,SAAS;AAC1B,aAAO,QAAQ,GAAG,MAAMA,MAAK,SAAS,SAASA,MAAK,SAAS,EAAE,GAAG,MAAM,QAAQ,OAAO,EAAE,CAAC;AAAA,IAC5F;AAEA,QAAIA,MAAK,UAAU;AACjB,aAAO;AAAA,IACT;AAEA,UAAM,QAAQE,YAAW,QAAQ,eAAaD,WAAU,UAAU,MAAM,UAAU,KAAK,CAAC;AAExF,WAAO,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,QACE,GAAGD,MAAK;AAAA,QACR,UAAU;AAAA,QACV,SAASA,MAAK;AAAA,QACd,WAAWA,MAAK;AAAA,QAEhB;AAAA;AAAA,UAEE,CAACA,MAAK,SAAS,QAAQ,CAACA,MAAK,SAAS,QAClC,MAAM,IAAI,6BAA6B,IACvCA,MAAK,SAAS;AAAA;AAAA,MACtB;AAAA,MACA;AAAA,QACE,GAAG;AAAA,QACH,QAAQ,OAAO;AAAA,QACf,UAAU,MAAM,YAAYA,MAAK,OAAO;AAAA,MAC1C;AAAA,IACF;AAAA,EACF,CAAC;AAED,QAAM,YAAYD,QAAO;AAAA,IACvB;AAAA,IACA;AAAA,EACF,CAAC,EAAE,MAAM,OAAO,EAAE,MAAAC,OAAM,SAAAK,SAAQ,MAAM;AACpC,QAAI,CAACL,MAAK,aAAa,CAACK,UAAS;AAC/B,aAAO;AAAA,IACT;AAEA,QAAIL,MAAK,UAAU;AACjB,aAAO;AAAA,IACT;AAEA,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,QACE,GAAGA,MAAK;AAAA,QACR,SAASA,MAAK;AAAA,QACd,MAAM;AAAA,UACJ,SAASK;AAAA,QACX;AAAA,MACF;AAAA,MACA;AAAA,QACE,GAAG;AAAA,QACH,QAAQ,OAAO;AAAA,QACf,UAAU,MAAM,YAAYL,MAAK,OAAO;AAAA,MAC1C;AAAA,IACF;AAAA,EACF,CAAC;AAED,SAAO,EAAE,QAAQ,YAAY,SAAS,SAAS,aAAa,eAAe,SAAS,UAAU;AAChG;AAEO,IAAe,WAAf,cAAgCM,mBAAkB;AAAA,EAC7C,YACR,MACmB,MACF,MACjB,MAEmB,cAKV,SAKA,UAOA,eACT;AACA,UAAM,MAAM,MAAM,MAAM,IAAI;AAvBT;AACF;AAGE;AAKV;AAKA;AAOA;AAAA,EAGX;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,WAAqC;AACvC,UAAM,gBAAgBP,QAAO,KAAK,IAAI,EAAE,MAAM,UAAQ;AACpD,YAAM,aAAaE,WAAU,KAAK,WAAW,KAAK,UAAU;AAE5D,aAAO,WAAW,CAAC,GAAG,QAAQ,KAAK;AAAA,IACrC,CAAC;AAED,WAAOF,QAAO;AAAA,MACZ,MAAM,KAAK,SAAS;AAAA,MACpB,OAAO,KAAK,SAAS;AAAA,MACrB,OAAO;AAAA,MACP,SAAS;AAAA,QACP;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,KAAK,SAAS;AAAA,QACd,cAAc,KAAK,YAAY,IAAI,KAAK,SAAS,IAAI;AAAA,QACrD;AAAA,QACA;AAAA,QACA;AAAA,QACA,KAAK,KAAK,iBAAiB;AAAA,MAC7B;AAAA,MACA,OAAO;AAAA,QACL,eAAe,KAAK,QAAQ;AAAA,MAC9B;AAAA,MACA,KAAK;AAAA,QACH,YAAY;AAAA,MACd;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAEO,IAAe,oBAAf,cAAyC,SAAS;AAAA,EAC7C,YACR,MACmB,MACnB,MACA,MAEA,cACA,SACA,UACA,eAEmB,UACA,YACnB;AACA,UAAM,MAAM,MAAM,MAAM,MAAM,cAAc,SAAS,UAAU,aAAa;AAZzD;AASA;AACA;AAAA,EAGrB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,kBAA+C;AACjD,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,oBAAmD;AACrD,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,UAA2B;AAC7B,WAAO,KAAK,SAAS,MAAM,aAAW;AACpC,UAAI,CAAC,SAAS;AACZ,cAAM,IAAI,MAAM,gCAAgC,KAAK,IAAI,qBAAqB;AAAA,MAChF;AAEA,aAAO;AAAA,IACT,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,YAA+B;AACjC,WAAO,KAAK,WAAW,MAAM,eAAa;AACxC,UAAI,CAAC,WAAW;AACd,cAAM,IAAI,MAAM,mCAAmC,KAAK,IAAI,qBAAqB;AAAA,MACnF;AAEA,aAAO;AAAA,IACT,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAiBA,OAAO,qBACL,MACA,MACA,MAC2B;AAC3B,WAAOA,QAAO,IAAI,EAAE,MAAM,OAAMC,UAAQ;AACtC,UAAIA,MAAK,UAAU,SAAS,kBAAkB;AAC5C,cAAM,EAAE,WAAW,IAAI,MAAM,OAAO,0BAAc;AAElD,eAAO,WAAW;AAAA,UAChB;AAAA,UACA;AAAA,YACE,GAAGO,WAAUP,OAAMA,MAAK,UAAU;AAAA,YAClC,MAAMA,MAAK,SAAS,SAAS;AAAA,YAC7B,WAAWA,MAAK,SAAS,SAAS;AAAA,UACpC;AAAA,UACA;AAAA,QACF;AAAA,MACF;AAEA,UAAIA,MAAK,UAAU,SAAS,oBAAoB;AAC9C,cAAM,EAAE,YAAY,IAAI,MAAM,OAAO,4BAAgB;AAErD,eAAO,YAAY;AAAA,UACjB;AAAA,UACA;AAAA,YACE,GAAGO,WAAUP,OAAMA,MAAK,WAAW;AAAA,YACnC,MAAMA,MAAK,SAAS,SAAS;AAAA,YAC7B,WAAWA,MAAK,SAAS,SAAS;AAAA,UACpC;AAAA,UACA;AAAA,QACF;AAAA,MACF;AAEA,UAAIA,MAAK,SAAS,cAAc;AAC9B,cAAM,EAAE,WAAW,IAAI,MAAM,OAAO,0BAAc;AAElD,eAAO,WAAW,OAAO,MAAMO,WAAUP,OAAMA,MAAK,UAAU,GAAG,IAAI;AAAA,MACvE;AAEA,UAAIA,MAAK,SAAS,eAAe;AAC/B,cAAM,EAAE,YAAY,IAAI,MAAM,OAAO,4BAAgB;AAErD,eAAO,YAAY,OAAO,MAAMO,WAAUP,OAAMA,MAAK,WAAW,GAAG,IAAI;AAAA,MACzE;AAEA,YAAM,IAAI,MAAM,0BAA0BA,MAAK,IAAc,EAAE;AAAA,IACjE,CAAC;AAAA,EACH;AACF;","names":["args","id","core","ComponentResource","output","ComponentResource","output","args","core","core","output","omit","omit","output","core","normalize","ComponentResource","output","deepmerge","output","args","normalize","containers","volumes","podSpec","service","ComponentResource","deepmerge"]}