@highstate/library 0.9.26 → 0.9.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/highstate.library.msgpack +0 -0
- package/dist/index.js +107 -1
- package/dist/index.js.map +1 -1
- package/package.json +4 -4
- package/src/k8s/apps/workload.ts +8 -1
- package/src/k8s/index.ts +1 -0
- package/src/k8s/reduced-access.ts +118 -0
Binary file
|
package/dist/index.js
CHANGED
@@ -1819,6 +1819,7 @@ __export(k8s_exports, {
|
|
1819
1819
|
networkInterfaceEntity: () => networkInterfaceEntity,
|
1820
1820
|
obfuscators: () => obfuscators_exports,
|
1821
1821
|
persistentVolumeClaimEntity: () => persistentVolumeClaimEntity,
|
1822
|
+
reducedAccessCluster: () => reducedAccessCluster,
|
1822
1823
|
resourceSchema: () => resourceSchema,
|
1823
1824
|
scheduleOnMastersPolicyArgs: () => scheduleOnMastersPolicyArgs,
|
1824
1825
|
scheduleOnMastersPolicySchema: () => scheduleOnMastersPolicySchema,
|
@@ -2576,6 +2577,10 @@ var workload = defineUnit({
|
|
2576
2577
|
* The image to use for the workload.
|
2577
2578
|
*/
|
2578
2579
|
image: $addArgumentDescription(z.string(), `The image to use for the workload.`),
|
2580
|
+
/**
|
2581
|
+
* The command to run in the container.
|
2582
|
+
*/
|
2583
|
+
command: $addArgumentDescription(z.array(z.string()).default([]), `The command to run in the container.`),
|
2579
2584
|
/**
|
2580
2585
|
* The port to expose for the workload.
|
2581
2586
|
*
|
@@ -2726,6 +2731,7 @@ var workload = defineUnit({
|
|
2726
2731
|
])
|
2727
2732
|
},
|
2728
2733
|
outputs: {
|
2734
|
+
namespace: namespaceEntity,
|
2729
2735
|
deployment: deploymentEntity,
|
2730
2736
|
service: serviceEntity
|
2731
2737
|
},
|
@@ -2738,7 +2744,7 @@ var workload = defineUnit({
|
|
2738
2744
|
secondaryIcon: "mdi:cube-outline",
|
2739
2745
|
category: "Kubernetes"
|
2740
2746
|
},
|
2741
|
-
source: source("
|
2747
|
+
source: source("workload")
|
2742
2748
|
});
|
2743
2749
|
var tlsIssuerDataSchema = z.object({
|
2744
2750
|
/**
|
@@ -3074,6 +3080,106 @@ var obfuscator = defineUnit({
|
|
3074
3080
|
path: "phantun/obfuscator"
|
3075
3081
|
}
|
3076
3082
|
});
|
3083
|
+
var k8sVerbsSchema = z.enum([
|
3084
|
+
"get",
|
3085
|
+
"list",
|
3086
|
+
"watch",
|
3087
|
+
"create",
|
3088
|
+
"update",
|
3089
|
+
"patch",
|
3090
|
+
"delete",
|
3091
|
+
"deletecollection"
|
3092
|
+
]);
|
3093
|
+
var reducedAccessCluster = defineUnit({
|
3094
|
+
type: "k8s.reduced-access-cluster.v1",
|
3095
|
+
args: {
|
3096
|
+
/**
|
3097
|
+
* The verbs to allow on the specified resources.
|
3098
|
+
*
|
3099
|
+
* Defaults to read-only access (get, list, watch).
|
3100
|
+
*/
|
3101
|
+
verbs: $addArgumentDescription(k8sVerbsSchema.array().default(["get", "list", "watch"]), `The verbs to allow on the specified resources.
|
3102
|
+
|
3103
|
+
Defaults to read-only access (get, list, watch).`),
|
3104
|
+
/**
|
3105
|
+
* The name of the ServiceAccount to create.
|
3106
|
+
*
|
3107
|
+
* If not provided, will be the same as the unit name.
|
3108
|
+
*/
|
3109
|
+
serviceAccountName: $addArgumentDescription(z.string().optional(), `The name of the ServiceAccount to create.
|
3110
|
+
|
3111
|
+
If not provided, will be the same as the unit name.`)
|
3112
|
+
},
|
3113
|
+
inputs: {
|
3114
|
+
k8sCluster: clusterEntity,
|
3115
|
+
/**
|
3116
|
+
* The namespace where the ServiceAccount will be created.
|
3117
|
+
*/
|
3118
|
+
namespace: $addInputDescription(namespaceEntity, `The namespace where the ServiceAccount will be created.`),
|
3119
|
+
/**
|
3120
|
+
* The deployments to grant access to.
|
3121
|
+
*/
|
3122
|
+
deployments: $addInputDescription({
|
3123
|
+
entity: deploymentEntity,
|
3124
|
+
multiple: true,
|
3125
|
+
required: false
|
3126
|
+
}, `The deployments to grant access to.`),
|
3127
|
+
/**
|
3128
|
+
* The stateful sets to grant access to.
|
3129
|
+
*/
|
3130
|
+
statefulSets: $addInputDescription({
|
3131
|
+
entity: statefulSetEntity,
|
3132
|
+
multiple: true,
|
3133
|
+
required: false
|
3134
|
+
}, `The stateful sets to grant access to.`),
|
3135
|
+
/**
|
3136
|
+
* The services to grant access to.
|
3137
|
+
*/
|
3138
|
+
services: $addInputDescription({
|
3139
|
+
entity: serviceEntity,
|
3140
|
+
multiple: true,
|
3141
|
+
required: false
|
3142
|
+
}, `The services to grant access to.`),
|
3143
|
+
/**
|
3144
|
+
* The persistent volume claims to grant access to.
|
3145
|
+
*/
|
3146
|
+
persistentVolumeClaims: $addInputDescription({
|
3147
|
+
entity: persistentVolumeClaimEntity,
|
3148
|
+
multiple: true,
|
3149
|
+
required: false
|
3150
|
+
}, `The persistent volume claims to grant access to.`),
|
3151
|
+
/**
|
3152
|
+
* The secrets to grant access to.
|
3153
|
+
*/
|
3154
|
+
secrets: $addInputDescription({
|
3155
|
+
entity: certificateEntity,
|
3156
|
+
multiple: true,
|
3157
|
+
required: false
|
3158
|
+
}, `The secrets to grant access to.`),
|
3159
|
+
/**
|
3160
|
+
* The config maps to grant access to.
|
3161
|
+
*/
|
3162
|
+
configMaps: $addInputDescription({
|
3163
|
+
entity: certificateEntity,
|
3164
|
+
multiple: true,
|
3165
|
+
required: false
|
3166
|
+
}, `The config maps to grant access to.`)
|
3167
|
+
},
|
3168
|
+
outputs: {
|
3169
|
+
k8sCluster: clusterEntity
|
3170
|
+
},
|
3171
|
+
meta: {
|
3172
|
+
description: `Creates a reduced access cluster with ServiceAccount-based authentication for specific Kubernetes resources.`,
|
3173
|
+
title: "Reduced Access Cluster",
|
3174
|
+
icon: "devicon:kubernetes",
|
3175
|
+
secondaryIcon: "mdi:shield-lock",
|
3176
|
+
category: "Kubernetes"
|
3177
|
+
},
|
3178
|
+
source: {
|
3179
|
+
package: "@highstate/k8s",
|
3180
|
+
path: "units/reduced-access-cluster"
|
3181
|
+
}
|
3182
|
+
});
|
3077
3183
|
|
3078
3184
|
// src/nixos.ts
|
3079
3185
|
var nixos_exports = {};
|