@highstate/library 0.9.26 → 0.9.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/highstate.library.msgpack +0 -0
  2. package/dist/index.js +128 -2
  3. package/dist/index.js.map +1 -1
  4. package/package.json +4 -4
  5. package/src/common/access-point.ts +17 -0
  6. package/src/k8s/apps/workload.ts +8 -1
  7. package/src/k8s/index.ts +1 -0
  8. package/src/k8s/reduced-access.ts +118 -0
package/dist/highstate.library.msgpack CHANGED
Binary file
package/dist/index.js CHANGED
@@ -656,7 +656,11 @@ var accessPointEntity = defineEntity({
656
656
  /**
657
657
  * The DNS providers used to manage the DNS records for the access point.
658
658
  */
659
- dnsProviders: providerEntity.schema.array().meta({ title: camelCaseToHumanReadable("dnsProviders"), description: `The DNS providers used to manage the DNS records for the access point.` })
659
+ dnsProviders: providerEntity.schema.array().meta({ title: camelCaseToHumanReadable("dnsProviders"), description: `The DNS providers used to manage the DNS records for the access point.` }),
660
+ /**
661
+ * Whether the DNS records created for the access point should be proxied.
662
+ */
663
+ proxied: z.boolean().default(false).meta({ title: camelCaseToHumanReadable("proxied"), description: `Whether the DNS records created for the access point should be proxied.` })
660
664
  }),
661
665
  meta: {
662
666
  color: "#F57F17"
@@ -664,6 +668,22 @@ var accessPointEntity = defineEntity({
664
668
  });
665
669
  var accessPoint = defineUnit({
666
670
  type: "common.access-point.v1",
671
+ args: {
672
+ /**
673
+ * Whether the DNS records created for the access point should be proxied.
674
+ *
675
+ * This option is specific to certain DNS providers that support proxying, such as Cloudflare.
676
+ * When enabled, the DNS records will be proxied through the provider's network, providing additional security and performance benefits.
677
+ *
678
+ * Defaults to `false`.
679
+ */
680
+ proxied: $addArgumentDescription(z.boolean().default(false), `Whether the DNS records created for the access point should be proxied.
681
+
682
+ This option is specific to certain DNS providers that support proxying, such as Cloudflare.
683
+ When enabled, the DNS records will be proxied through the provider's network, providing additional security and performance benefits.
684
+
685
+ Defaults to \`false\`.`)
686
+ },
667
687
  inputs: {
668
688
  gateway: gatewayEntity,
669
689
  tlsIssuers: {
@@ -1819,6 +1839,7 @@ __export(k8s_exports, {
1819
1839
  networkInterfaceEntity: () => networkInterfaceEntity,
1820
1840
  obfuscators: () => obfuscators_exports,
1821
1841
  persistentVolumeClaimEntity: () => persistentVolumeClaimEntity,
1842
+ reducedAccessCluster: () => reducedAccessCluster,
1822
1843
  resourceSchema: () => resourceSchema,
1823
1844
  scheduleOnMastersPolicyArgs: () => scheduleOnMastersPolicyArgs,
1824
1845
  scheduleOnMastersPolicySchema: () => scheduleOnMastersPolicySchema,
@@ -2576,6 +2597,10 @@ var workload = defineUnit({
2576
2597
  * The image to use for the workload.
2577
2598
  */
2578
2599
  image: $addArgumentDescription(z.string(), `The image to use for the workload.`),
2600
+ /**
2601
+ * The command to run in the container.
2602
+ */
2603
+ command: $addArgumentDescription(z.array(z.string()).default([]), `The command to run in the container.`),
2579
2604
  /**
2580
2605
  * The port to expose for the workload.
2581
2606
  *
@@ -2726,6 +2751,7 @@ var workload = defineUnit({
2726
2751
  ])
2727
2752
  },
2728
2753
  outputs: {
2754
+ namespace: namespaceEntity,
2729
2755
  deployment: deploymentEntity,
2730
2756
  service: serviceEntity
2731
2757
  },
@@ -2738,7 +2764,7 @@ var workload = defineUnit({
2738
2764
  secondaryIcon: "mdi:cube-outline",
2739
2765
  category: "Kubernetes"
2740
2766
  },
2741
- source: source("deployment")
2767
+ source: source("workload")
2742
2768
  });
2743
2769
  var tlsIssuerDataSchema = z.object({
2744
2770
  /**
@@ -3074,6 +3100,106 @@ var obfuscator = defineUnit({
3074
3100
  path: "phantun/obfuscator"
3075
3101
  }
3076
3102
  });
3103
+ var k8sVerbsSchema = z.enum([
3104
+ "get",
3105
+ "list",
3106
+ "watch",
3107
+ "create",
3108
+ "update",
3109
+ "patch",
3110
+ "delete",
3111
+ "deletecollection"
3112
+ ]);
3113
+ var reducedAccessCluster = defineUnit({
3114
+ type: "k8s.reduced-access-cluster.v1",
3115
+ args: {
3116
+ /**
3117
+ * The verbs to allow on the specified resources.
3118
+ *
3119
+ * Defaults to read-only access (get, list, watch).
3120
+ */
3121
+ verbs: $addArgumentDescription(k8sVerbsSchema.array().default(["get", "list", "watch"]), `The verbs to allow on the specified resources.
3122
+
3123
+ Defaults to read-only access (get, list, watch).`),
3124
+ /**
3125
+ * The name of the ServiceAccount to create.
3126
+ *
3127
+ * If not provided, will be the same as the unit name.
3128
+ */
3129
+ serviceAccountName: $addArgumentDescription(z.string().optional(), `The name of the ServiceAccount to create.
3130
+
3131
+ If not provided, will be the same as the unit name.`)
3132
+ },
3133
+ inputs: {
3134
+ k8sCluster: clusterEntity,
3135
+ /**
3136
+ * The namespace where the ServiceAccount will be created.
3137
+ */
3138
+ namespace: $addInputDescription(namespaceEntity, `The namespace where the ServiceAccount will be created.`),
3139
+ /**
3140
+ * The deployments to grant access to.
3141
+ */
3142
+ deployments: $addInputDescription({
3143
+ entity: deploymentEntity,
3144
+ multiple: true,
3145
+ required: false
3146
+ }, `The deployments to grant access to.`),
3147
+ /**
3148
+ * The stateful sets to grant access to.
3149
+ */
3150
+ statefulSets: $addInputDescription({
3151
+ entity: statefulSetEntity,
3152
+ multiple: true,
3153
+ required: false
3154
+ }, `The stateful sets to grant access to.`),
3155
+ /**
3156
+ * The services to grant access to.
3157
+ */
3158
+ services: $addInputDescription({
3159
+ entity: serviceEntity,
3160
+ multiple: true,
3161
+ required: false
3162
+ }, `The services to grant access to.`),
3163
+ /**
3164
+ * The persistent volume claims to grant access to.
3165
+ */
3166
+ persistentVolumeClaims: $addInputDescription({
3167
+ entity: persistentVolumeClaimEntity,
3168
+ multiple: true,
3169
+ required: false
3170
+ }, `The persistent volume claims to grant access to.`),
3171
+ /**
3172
+ * The secrets to grant access to.
3173
+ */
3174
+ secrets: $addInputDescription({
3175
+ entity: certificateEntity,
3176
+ multiple: true,
3177
+ required: false
3178
+ }, `The secrets to grant access to.`),
3179
+ /**
3180
+ * The config maps to grant access to.
3181
+ */
3182
+ configMaps: $addInputDescription({
3183
+ entity: certificateEntity,
3184
+ multiple: true,
3185
+ required: false
3186
+ }, `The config maps to grant access to.`)
3187
+ },
3188
+ outputs: {
3189
+ k8sCluster: clusterEntity
3190
+ },
3191
+ meta: {
3192
+ description: `Creates a reduced access cluster with ServiceAccount-based authentication for specific Kubernetes resources.`,
3193
+ title: "Reduced Access Cluster",
3194
+ icon: "devicon:kubernetes",
3195
+ secondaryIcon: "mdi:shield-lock",
3196
+ category: "Kubernetes"
3197
+ },
3198
+ source: {
3199
+ package: "@highstate/k8s",
3200
+ path: "units/reduced-access-cluster"
3201
+ }
3202
+ });
3077
3203
 
3078
3204
  // src/nixos.ts
3079
3205
  var nixos_exports = {};