@highstate/talos 0.19.1 → 0.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/cluster/index.js +92 -59
  2. package/dist/cluster/index.js.map +1 -1
  3. package/dist/highstate.manifest.json +1 -1
  4. package/package.json +8 -8
package/dist/cluster/index.js CHANGED
@@ -2,16 +2,23 @@ import { readFile } from 'node:fs/promises';
2
2
  import { l3EndpointToString, l3EndpointToL4, l4EndpointToString } from '@highstate/common';
3
3
  import { text } from '@highstate/contract';
4
4
  import { RenderedChart } from '@highstate/k8s';
5
- import { talos } from '@highstate/library';
6
- import { forUnit, toPromise, output, all, fileFromString } from '@highstate/pulumi';
5
+ import { talos, k8s, common } from '@highstate/library';
6
+ import { forUnit, output, all, toPromise, makeFileOutput, makeEntityOutput } from '@highstate/pulumi';
7
7
  import { KubeConfig } from '@kubernetes/client-node';
8
8
  import { Provider, core } from '@pulumi/kubernetes';
9
9
  import { machine, cluster } from '@pulumiverse/talos';
10
10
  import { uniqueBy } from 'remeda';
11
11
 
12
12
  // src/cluster/index.ts
13
- var { name, args, inputs, outputs } = forUnit(talos.cluster);
14
- var { masters, workers } = await toPromise(inputs);
13
+ var {
14
+ name,
15
+ args,
16
+ inputs: { masters, workers },
17
+ outputs
18
+ } = forUnit(talos.cluster);
19
+ if (!masters.length) {
20
+ throw new Error("At least one master node is required.");
21
+ }
15
22
  var cni = args.cni ?? "cilium";
16
23
  var csi = args.csi ?? "local-path-provisioner";
17
24
  var inlineManifests = [];
@@ -83,17 +90,13 @@ var secrets = new machine.Secrets("secrets", { talosVersion: "v1.11.5" });
83
90
  var apiEndpoint = `https://${l3EndpointToString(masters[0].endpoints[0])}:6443`;
84
91
  var masterConfig = getConfiguration("controlplane");
85
92
  var workerConfig = getConfiguration("worker");
86
- var masterApplies = inputs.masters.apply((masters2) => {
87
- if (!masters2.length) {
88
- throw new Error("At least one master node is required.");
89
- }
90
- return masters2.map((master) => {
91
- return new machine.ConfigurationApply(
92
- master.hostname,
93
- getConfigurationApplyArgs(master, masterConfig.machineConfiguration)
94
- );
95
- });
93
+ var masterApplies = masters.map((master) => {
94
+ return new machine.ConfigurationApply(
95
+ master.hostname,
96
+ getConfigurationApplyArgs(master, masterConfig.machineConfiguration)
97
+ );
96
98
  });
99
+ var masterNodes = masterApplies.map((masterApply) => masterApply.node);
97
100
  var bootstrap = new machine.Bootstrap(
98
101
  "bootstrap",
99
102
  {
@@ -102,15 +105,14 @@ var bootstrap = new machine.Bootstrap(
102
105
  },
103
106
  { dependsOn: masterApplies }
104
107
  );
105
- var workerApplies = inputs.workers.apply((workers2) => {
106
- return workers2.map((worker) => {
107
- return new machine.ConfigurationApply(
108
- worker.hostname,
109
- getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),
110
- { dependsOn: bootstrap }
111
- );
112
- });
108
+ var workerApplies = workers.map((worker) => {
109
+ return new machine.ConfigurationApply(
110
+ worker.hostname,
111
+ getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),
112
+ { dependsOn: bootstrap }
113
+ );
113
114
  });
115
+ var workerNodes = workerApplies.map((workerApply) => workerApply.node);
114
116
  var kubeconfig = all([
115
117
  cluster.getKubeconfigOutput({
116
118
  clientConfiguration: secrets.clientConfiguration,
@@ -118,16 +120,16 @@ var kubeconfig = all([
118
120
  }),
119
121
  cluster.getHealthOutput({
120
122
  clientConfiguration: secrets.clientConfiguration,
121
- endpoints: masterApplies.apply((masterApplies2) => masterApplies2.map((x) => x.node)),
122
- controlPlaneNodes: masterApplies.apply((masterApplies2) => masterApplies2.map((x) => x.node)),
123
- workerNodes: workerApplies.apply((workerApplies2) => workerApplies2.map((x) => x.node))
123
+ endpoints: masterNodes,
124
+ controlPlaneNodes: masterNodes,
125
+ workerNodes
124
126
  })
125
127
  ]).apply(([kubeconfig2]) => kubeconfig2.kubeconfigRaw);
126
128
  var clientConfiguration = output({
127
129
  context: clusterName,
128
130
  contexts: {
129
131
  [clusterName]: {
130
- endpoints: masterApplies.apply((masterApplies2) => masterApplies2.map((x) => x.node)),
132
+ endpoints: masterNodes,
131
133
  ca: secrets.clientConfiguration.caCertificate,
132
134
  crt: secrets.clientConfiguration.clientCertificate,
133
135
  key: secrets.clientConfiguration.clientKey
@@ -184,26 +186,57 @@ var apiEndpoints = uniqueBy(
184
186
  l4EndpointToString
185
187
  );
186
188
  var cluster_default = outputs({
187
- k8sCluster: {
188
- id: kubeSystem.metadata.uid,
189
- connectionId: kubeSystem.metadata.uid,
190
- name: clusterName,
191
- externalIps: endpoints.filter((endpoint) => endpoint.type !== "hostname").map((endpoint) => endpoint.address),
192
- endpoints,
193
- apiEndpoints,
194
- quirks: {
195
- tunDevicePolicy: {
196
- type: "plugin",
197
- resourceName: "squat.ai/tun",
198
- resourceValue: "1"
199
- }
189
+ k8sCluster: makeEntityOutput({
190
+ entity: k8s.clusterEntity,
191
+ identity: kubeSystem.metadata.uid,
192
+ meta: {
193
+ title: clusterName
200
194
  },
201
- kubeconfig
202
- },
203
- talosCluster: {
204
- clientConfiguration,
205
- machineSecrets
206
- },
195
+ value: {
196
+ id: kubeSystem.metadata.uid,
197
+ connectionId: kubeSystem.metadata.uid,
198
+ name: clusterName,
199
+ externalIps: endpoints.filter((endpoint) => endpoint.type !== "hostname").map((endpoint) => endpoint.address),
200
+ endpoints,
201
+ apiEndpoints,
202
+ quirks: {
203
+ tunDevicePolicy: {
204
+ type: "plugin",
205
+ resourceName: "squat.ai/tun",
206
+ resourceValue: "1"
207
+ }
208
+ },
209
+ kubeconfig: makeEntityOutput({
210
+ entity: common.fileEntity,
211
+ identity: `${name}:kubeconfig`,
212
+ meta: {
213
+ title: "kubeconfig"
214
+ },
215
+ value: {
216
+ content: {
217
+ type: "embedded-secret",
218
+ value: kubeconfig
219
+ },
220
+ meta: {
221
+ name: "kubeconfig",
222
+ contentType: "text/yaml",
223
+ mode: 384
224
+ }
225
+ }
226
+ })
227
+ }
228
+ }),
229
+ talosCluster: makeEntityOutput({
230
+ entity: talos.clusterEntity,
231
+ identity: `${name}:talos-cluster`,
232
+ meta: {
233
+ title: clusterName
234
+ },
235
+ value: {
236
+ clientConfiguration,
237
+ machineSecrets
238
+ }
239
+ }),
207
240
  $terminals: {
208
241
  management: {
209
242
  meta: {
@@ -215,22 +248,22 @@ var cluster_default = outputs({
215
248
  image: "ghcr.io/highstate-io/highstate/terminal.talosctl",
216
249
  command: ["bash", "/welcome.sh"],
217
250
  files: {
218
- "/kubeconfig": fileFromString("kubeconfig", kubeconfig),
219
- "/talosconfig": fileFromString("talosconfig", clientConfiguration),
220
- "/secrets": fileFromString("secrets", machineSecrets),
221
- "/welcome.sh": fileFromString(
222
- "welcome.sh",
223
- text`
224
- echo "Connecting to the cluster..."
225
- kubectl cluster-info
251
+ "/kubeconfig": makeFileOutput({ name: "kubeconfig", content: kubeconfig }),
252
+ "/talosconfig": makeFileOutput({ name: "talosconfig", content: clientConfiguration }),
253
+ "/secrets": makeFileOutput({ name: "secrets", content: machineSecrets }),
254
+ "/welcome.sh": makeFileOutput({
255
+ name: "welcome.sh",
256
+ content: text`
257
+ echo "Connecting to the cluster..."
258
+ kubectl cluster-info
226
259
 
227
- echo "Use 'kubectl' and 'helm' to manage the cluster."
228
- echo "Use 'talosctl' to manage the Talos side of the cluster."
229
- echo
260
+ echo "Use 'kubectl', 'helm' or 'k9s' to manage the cluster."
261
+ echo "Use 'talosctl' to manage the Talos side of the cluster."
262
+ echo
230
263
 
231
- exec bash
232
- `
233
- )
264
+ exec bash
265
+ `
266
+ })
234
267
  },
235
268
  env: {
236
269
  KUBECONFIG: "/kubeconfig",
package/dist/cluster/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/cluster/index.ts"],"names":["masters","workers","masterApplies","workerApplies","kubeconfig"],"mappings":";;;;;;;;;;;;AAYA,IAAM,EAAE,MAAM,IAAA,EAAM,MAAA,EAAQ,SAAQ,GAAI,OAAA,CAAQ,MAAM,OAAO,CAAA;AAE7D,IAAM,EAAE,OAAA,EAAS,OAAA,EAAQ,GAAI,MAAM,UAAU,MAAM,CAAA;AAEnD,IAAM,GAAA,GAAM,KAAK,GAAA,IAAO,QAAA;AACxB,IAAM,GAAA,GAAM,KAAK,GAAA,IAAO,wBAAA;AAcxB,IAAM,kBAAoC,EAAC;AAC3C,IAAM,cAA4B,EAAC;AAEnC,IAAI,QAAQ,QAAA,EAAU;AACpB,EAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAM,OAAO,mBAAmB,CAAA;AAElD,EAAA,MAAM,MAAA,GAAS,IAAI,aAAA,CAAc,QAAA,EAAU;AAAA,IACzC,SAAA,EAAW,aAAA;AAAA,IACX,KAAA;AAAA,IAEA,MAAA,EAAQ;AAAA,MACN,WAAA,EAAa,YAAA;AAAA;AAAA,MAEb,oBAAA,EAAsB,OAAA;AAAA,MACtB,mBAAA,EAAqB,GAAA;AAAA,MACrB,sBAAA,EAAwB,MAAA;AAAA,MACxB,mBAAA,EAAqB,MAAA;AAAA,MACrB,0CAAA,EACE,kGAAA;AAAA,MACF,+CAAA,EAAiD,oCAAA;AAAA,MACjD,0BAAA,EAA4B,OAAA;AAAA,MAC5B,iBAAA,EAAmB,gBAAA;AAAA;AAAA;AAAA;AAAA,MAInB,gCAAA,EAAkC;AAAA;AACpC,GACD,CAAA;AAED,EAAA,eAAA,CAAgB,IAAA,CAAK;AAAA,IACnB,IAAA,EAAM,QAAA;AAAA,IACN,UAAU,MAAA,CAAO;AAAA,GAClB,CAAA;AACH;AAEA,IAAI,QAAQ,wBAAA,EAA0B;AACpC,EAAA,WAAA,CAAY,IAAA,CAAK;AAAA,IACf,WAAA,EAAa,iCAAA;AAAA,IACb,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,iCAAA;AAAA,IACR,OAAA,EAAS,CAAC,MAAA,EAAQ,SAAA,EAAW,IAAI;AAAA,GAClC,CAAA;AAED,EAAA,eAAA,CAAgB,IAAA,CAAK;AAAA,IACnB,IAAA,EAAM,wBAAA;AAAA,IACN,QAAA,EAAU,MAAM,QAAA,CAAS,0CAAA,EAA4C,OAAO;AAAA,GAC7E,CAAA;AACH;AAEA,IAAI,KAAK,qBAAA,EAAuB;AAC9B,EAAA,eAAA,CAAgB,IAAA,CAAK;AAAA,IACnB,IAAA,EAAM,mBAAA;AAAA,IACN,QAAA,EAAU,MAAM,QAAA,CAAS,qCAAA,EAAuC,OAAO;AAAA,GACxE,CAAA;AACH;AAEA,IAAM,WAAA,GAAc,KAAK,WAAA,IAAe,IAAA;AAExC,IAAM,oBAAoB,MAAA,CAAO;AAAA,EAC/B,OAAA,EAAS;AAAA,IACP,OAAA,EAAS;AAAA,MACP,KAAA,EACE,8GAAA;AAAA,MACF,IAAA,EAAM;AAAA,KACR;AAAA,IACA,OAAA,EAAS;AAAA,MACP;AAAA;AACF,GACF;AAAA,EACA,OAAA,EAAS;AAAA,IACP,wBAAA,EACE,KAAK,uBAAA,KAA4B,iBAAA,GAC7B,QAAQ,MAAA,KAAW,CAAA,GACnB,KAAK,uBAAA,KAA4B,QAAA;AAAA,IACvC,eAAA;AAAA,IACA,OAAA,EAAS,QAAQ,SAAA,GAAY,EAAE,KAAK,EAAE,IAAA,EAAM,MAAA,EAAO,EAAE,GAAI;AAAA;AAAA;AAG7D,CAAC,CAAA,CAAE,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAEvB,IAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,OAAA,CAAQ,WAAW,EAAE,YAAA,EAAc,WAAW,CAAA;AAE1E,IAAM,WAAA,GAAc,WAAW,kBAAA,CAAmB,OAAA,CAAQ,CAAC,CAAA,CAAE,SAAA,CAAU,CAAC,CAAC,CAAC,CAAA,KAAA,CAAA;AAE1E,IAAM,YAAA,GAAe,iBAAiB,cAAc,CAAA;AACpD,IAAM,YAAA,GAAe,iBAAiB,QAAQ,CAAA;AAE9C,IAAM,aAAA,GAAgB,MAAA,CAAO,OAAA,CAAQ,KAAA,CAAM,CAAAA,QAAAA,KAAW;AACpD,EAAA,IAAI,CAACA,SAAQ,MAAA,EAAQ;AACnB,IAAA,MAAM,IAAI,MAAM,uCAAuC,CAAA;AAAA,EACzD;AAEA,EAAA,OAAOA,QAAAA,CAAQ,IAAI,CAAA,MAAA,KAAU;AAC3B,IAAA,OAAO,IAAI,OAAA,CAAQ,kBAAA;AAAA,MACjB,MAAA,CAAO,QAAA;AAAA,MACP,yBAAA,CAA0B,MAAA,EAAQ,YAAA,CAAa,oBAAoB;AAAA,KACrE;AAAA,EACF,CAAC,CAAA;AACH,CAAC,CAAA;AAED,IAAM,SAAA,GAAY,IAAI,OAAA,CAAQ,SAAA;AAAA,EAC5B,WAAA;AAAA,EACA;AAAA,IACE,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,IAAA,EAAM,aAAA,CAAc,CAAC,CAAA,CAAE;AAAA,GACzB;AAAA,EACA,EAAE,WAAW,aAAA;AACf,CAAA;AAEA,IAAM,aAAA,GAAgB,MAAA,CAAO,OAAA,CAAQ,KAAA,CAAM,CAAAC,QAAAA,KAAW;AACpD,EAAA,OAAOA,QAAAA,CAAQ,IAAI,CAAA,MAAA,KAAU;AAC3B,IAAA,OAAO,IAAI,OAAA,CAAQ,kBAAA;AAAA,MACjB,MAAA,CAAO,QAAA;AAAA,MACP,yBAAA,CAA0B,MAAA,EAAQ,YAAA,CAAa,oBAAoB,CAAA;AAAA,MACnE,EAAE,WAAW,SAAA;AAAU,KACzB;AAAA,EACF,CAAC,CAAA;AACH,CAAC,CAAA;AAGD,IAAM,aAAa,GAAA,CAAI;AAAA,EACrB,QAAQ,mBAAA,CAAoB;AAAA,IAC1B,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,IAAA,EAAM,aAAA,CAAc,CAAC,CAAA,CAAE;AAAA,GACxB,CAAA;AAAA,EACD,QAAQ,eAAA,CAAgB;AAAA,IACtB,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,SAAA,EAAW,aAAA,CAAc,KAAA,CAAM,CAAAC,cAAAA,KAAiBA,eAAc,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,IAAI,CAAC,CAAA;AAAA,IAC9E,iBAAA,EAAmB,aAAA,CAAc,KAAA,CAAM,CAAAA,cAAAA,KAAiBA,eAAc,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,IAAI,CAAC,CAAA;AAAA,IACtF,WAAA,EAAa,aAAA,CAAc,KAAA,CAAM,CAAAC,cAAAA,KAAiBA,eAAc,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,IAAI,CAAC;AAAA,GACjF;AACH,CAAC,EAAE,KAAA,CAAM,CAAC,CAACC,WAAU,CAAA,KAAMA,YAAW,aAAa,CAAA;AAEnD,IAAM,sBAAsB,MAAA,CAAO;AAAA,EACjC,OAAA,EAAS,WAAA;AAAA,EACT,QAAA,EAAU;AAAA,IACR,CAAC,WAAW,GAAG;AAAA,MACb,SAAA,EAAW,aAAA,CAAc,KAAA,CAAM,CAAAF,cAAAA,KAAiBA,eAAc,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,IAAI,CAAC,CAAA;AAAA,MAC9E,EAAA,EAAI,QAAQ,mBAAA,CAAoB,aAAA;AAAA,MAChC,GAAA,EAAK,QAAQ,mBAAA,CAAoB,iBAAA;AAAA,MACjC,GAAA,EAAK,QAAQ,mBAAA,CAAoB;AAAA;AACnC;AAEJ,CAAC,CAAA,CAAE,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAEvB,IAAM,cAAA,GAAiB,OAAA,CAAQ,cAAA,CAAe,KAAA,CAAM,KAAK,SAAS,CAAA;AAElE,SAAS,iBAAiB,WAAA,EAAqB;AAC7C,EAAA,MAAM,aAAA,GAAiC,CAAC,iBAAiB,CAAA;AAEzD,EAAA,IAAI,IAAA,CAAK,qBAAqB,MAAA,CAAO,IAAA,CAAK,KAAK,iBAAiB,CAAA,CAAE,SAAS,CAAA,EAAG;AAC5E,IAAA,aAAA,CAAc,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA,EAC3D;AAEA,EAAA,IACE,WAAA,KAAgB,cAAA,IAChB,IAAA,CAAK,iBAAA,IACL,MAAA,CAAO,KAAK,IAAA,CAAK,iBAAiB,CAAA,CAAE,MAAA,GAAS,CAAA,EAC7C;AACA,IAAA,aAAA,CAAc,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA,EAC3D;AAEA,EAAA,IACE,WAAA,KAAgB,QAAA,IAChB,IAAA,CAAK,iBAAA,IACL,MAAA,CAAO,KAAK,IAAA,CAAK,iBAAiB,CAAA,CAAE,MAAA,GAAS,CAAA,EAC7C;AACA,IAAA,aAAA,CAAc,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA,EAC3D;AAEA,EAAA,OAAO,QAAQ,sBAAA,CAAuB;AAAA,IACpC,eAAA,EAAiB,WAAA;AAAA,IACjB,gBAAgB,OAAA,CAAQ,cAAA;AAAA,IACxB,WAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA,EAAc,SAAA;AAAA,IACd;AAAA,GACD,CAAA;AACH;AAEA,SAAS,yBAAA,CACP,MACA,oBAAA,EACgC;AAChC,EAAA,MAAM,aAAa,IAAA,CAAK,SAAA,CAAU,KAAK,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,UAAU,CAAA;AAC/E,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,IAAA,CAAK,QAAQ,CAAA,CAAE,CAAA;AAAA,EAClE;AAEA,EAAA,OAAO;AAAA,IACL,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,yBAAA,EAA2B,oBAAA;AAAA,IAC3B,IAAA,EAAM,mBAAmB,UAAU,CAAA;AAAA,IACnC,aAAA,EAAe;AAAA,MACb,KAAK,SAAA,CAAU;AAAA,QACb,SAAS,EAAE,OAAA,EAAS,EAAE,QAAA,EAAU,IAAA,CAAK,UAAS;AAAE,OACjD;AAAA;AACH,GACF;AACF;AAEA,IAAM,WAAW,IAAI,QAAA,CAAS,IAAA,EAAM,EAAE,YAAY,CAAA;AAClD,IAAM,UAAA,GAAa,KAAK,EAAA,CAAG,SAAA,CAAU,IAAI,aAAA,EAAe,aAAA,EAAe,EAAE,QAAA,EAAU,CAAA;AAEnF,IAAM,UAAA,GAAa,IAAI,UAAA,EAAW;AAClC,UAAA,CAAW,cAAA,CAAe,MAAM,SAAA,CAAU,UAAU,CAAC,CAAA;AAErD,IAAM,SAAA,GAAY,QAAA;AAAA,EAChB,CAAC,GAAG,OAAA,EAAS,GAAG,OAAO,CAAA,CAAE,OAAA,CAAQ,CAAA,MAAA,KAAU,MAAA,CAAO,SAAS,CAAA;AAAA,EAC3D;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,QAAA;AAAA,EACnB,OAAA,CAAQ,OAAA,CAAQ,CAAA,MAAA,KAAU,MAAA,CAAO,SAAA,CAAU,GAAA,CAAI,CAAA,QAAA,KAAY,cAAA,CAAe,QAAA,EAAU,IAAI,CAAC,CAAC,CAAA;AAAA,EAC1F;AACF,CAAA;AAEA,IAAO,kBAAQ,OAAA,CAAQ;AAAA,EACrB,UAAA,EAAY;AAAA,IACV,EAAA,EAAI,WAAW,QAAA,CAAS,GAAA;AAAA,IACxB,YAAA,EAAc,WAAW,QAAA,CAAS,GAAA;AAAA,IAElC,IAAA,EAAM,WAAA;AAAA,IAEN,WAAA,EAAa,SAAA,CACV,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,IAAA,KAAS,UAAU,CAAA,CAC/C,GAAA,CAAI,CAAA,QAAA,KAAY,QAAA,CAAS,OAAO,CAAA;AAAA,IAEnC,SAAA;AAAA,IACA,YAAA;AAAA,IAEA,MAAA,EAAQ;AAAA,MACN,eAAA,EAAiB;AAAA,QACf,IAAA,EAAM,QAAA;AAAA,QACN,YAAA,EAAc,cAAA;AAAA,QACd,aAAA,EAAe;AAAA;AACjB,KACF;AAAA,IAEA;AAAA,GACF;AAAA,EAEA,YAAA,EAAc;AAAA,IACZ,mBAAA;AAAA,IACA;AAAA,GACF;AAAA,EAEA,UAAA,EAAY;AAAA,IACV,UAAA,EAAY;AAAA,MACV,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO,oBAAA;AAAA,QACP,WAAA,EAAa,+CAAA;AAAA,QACb,IAAA,EAAM;AAAA,OACR;AAAA,MAEA,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO,kDAAA;AAAA,QACP,OAAA,EAAS,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA,QAE/B,KAAA,EAAO;AAAA,UACL,aAAA,EAAe,cAAA,CAAe,YAAA,EAAc,UAAU,CAAA;AAAA,UACtD,cAAA,EAAgB,cAAA,CAAe,aAAA,EAAe,mBAAmB,CAAA;AAAA,UACjE,UAAA,EAAY,cAAA,CAAe,SAAA,EAAW,cAAc,CAAA;AAAA,UAEpD,aAAA,EAAe,cAAA;AAAA,YACb,YAAA;AAAA,YACA,IAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;;AAAA;AAAA,UAAA;AAAA;AAUF,SACF;AAAA,QAEA,GAAA,EAAK;AAAA,UACH,UAAA,EAAY,aAAA;AAAA,UACZ,WAAA,EAAa;AAAA;AACf;AACF;AACF,GACF;AAAA,EAEA,aAAA,EAAe;AAAA,IACb,SAAA,EAAW,SAAA,CAAU,GAAA,CAAI,kBAAkB,CAAA;AAAA,IAC3C,YAAA,EAAc,YAAA,CAAa,GAAA,CAAI,kBAAkB;AAAA;AAErD,CAAC","file":"index.js","sourcesContent":["import type { Input } from \"@highstate/pulumi\"\nimport { readFile } from \"node:fs/promises\"\nimport { l3EndpointToL4, l3EndpointToString, l4EndpointToString } from \"@highstate/common\"\nimport { text } from \"@highstate/contract\"\nimport { RenderedChart } from \"@highstate/k8s\"\nimport { type common, talos } from \"@highstate/library\"\nimport { all, fileFromString, forUnit, type Output, output, toPromise } from \"@highstate/pulumi\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\nimport { cluster, machine } from \"@pulumiverse/talos\"\nimport { uniqueBy } from \"remeda\"\n\nconst { name, args, inputs, outputs } = forUnit(talos.cluster)\n\nconst { masters, workers } = await toPromise(inputs)\n\nconst cni = args.cni ?? \"cilium\"\nconst csi = args.csi ?? \"local-path-provisioner\"\n\ninterface InlineManifest {\n name: string\n contents: Input<string>\n}\n\ninterface ExtraMount {\n destination: string\n type: string\n source: string\n options: string[]\n}\n\nconst inlineManifests: InlineManifest[] = []\nconst extraMounts: ExtraMount[] = []\n\nif (cni === \"cilium\") {\n const { chart } = await import(\"@highstate/cilium\")\n\n const cilium = new RenderedChart(\"cilium\", {\n namespace: \"kube-system\",\n chart,\n\n values: {\n \"ipam.mode\": \"kubernetes\",\n // \"kubeProxyReplacement\": \"true\",\n kubeProxyReplacement: \"false\",\n \"operator.replicas\": \"1\",\n \"hubble.relay.enabled\": \"true\",\n \"hubble.ui.enabled\": \"true\",\n \"securityContext.capabilities.ciliumAgent\":\n \"{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}\",\n \"securityContext.capabilities.cleanCiliumState\": \"{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}\",\n \"cgroup.autoMount.enabled\": \"false\",\n \"cgroup.hostRoot\": \"/sys/fs/cgroup\",\n // \"k8sServiceHost\": \"localhost\",\n // \"k8sServicePort\": \"7445\",\n // \"bpf.lbExternalClusterIP\": \"true\",\n \"dnsProxy.dnsRejectResponseCode\": \"nameError\",\n },\n })\n\n inlineManifests.push({\n name: \"cilium\",\n contents: cilium.manifest,\n })\n}\n\nif (csi === \"local-path-provisioner\") {\n extraMounts.push({\n destination: \"/var/lib/local-path-provisioner\",\n type: \"bind\",\n source: \"/var/lib/local-path-provisioner\",\n options: [\"bind\", \"rshared\", \"rw\"],\n })\n\n inlineManifests.push({\n name: \"local-path-provisioner\",\n contents: await readFile(\"../../assets/local-path-provisioner.yaml\", \"utf-8\"),\n })\n}\n\nif (args.enableTunDevicePlugin) {\n inlineManifests.push({\n name: \"tun-device-plugin\",\n contents: await readFile(\"../../assets/tun-device-plugin.yaml\", \"utf-8\"),\n })\n}\n\nconst clusterName = args.clusterName ?? name\n\nconst globalConfigPatch = output({\n machine: {\n install: {\n image:\n \"factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.5\",\n disk: \"/dev/vda\",\n },\n kubelet: {\n extraMounts,\n },\n },\n cluster: {\n allowSchedulingOnMasters:\n args.scheduleOnMastersPolicy === \"when-no-workers\"\n ? workers.length === 0\n : args.scheduleOnMastersPolicy === \"always\",\n inlineManifests,\n network: cni !== \"flannel\" ? { cni: { name: \"none\" } } : undefined,\n // proxy: cni === \"cilium\" ? { disabled: true } : undefined,\n },\n}).apply(JSON.stringify)\n\nconst secrets = new machine.Secrets(\"secrets\", { talosVersion: \"v1.11.5\" })\n\nconst apiEndpoint = `https://${l3EndpointToString(masters[0].endpoints[0])}:6443`\n\nconst masterConfig = getConfiguration(\"controlplane\")\nconst workerConfig = getConfiguration(\"worker\")\n\nconst masterApplies = inputs.masters.apply(masters => {\n if (!masters.length) {\n throw new Error(\"At least one master node is required.\")\n }\n\n return masters.map(master => {\n return new machine.ConfigurationApply(\n master.hostname,\n getConfigurationApplyArgs(master, masterConfig.machineConfiguration),\n )\n })\n})\n\nconst bootstrap = new machine.Bootstrap(\n \"bootstrap\",\n {\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n },\n { dependsOn: masterApplies },\n)\n\nconst workerApplies = inputs.workers.apply(workers => {\n return workers.map(worker => {\n return new machine.ConfigurationApply(\n worker.hostname,\n getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),\n { dependsOn: bootstrap },\n )\n })\n})\n\n// Check the health of the cluster and export the kubeconfig\nconst kubeconfig = all([\n cluster.getKubeconfigOutput({\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n }),\n cluster.getHealthOutput({\n clientConfiguration: secrets.clientConfiguration,\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n controlPlaneNodes: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n workerNodes: workerApplies.apply(workerApplies => workerApplies.map(x => x.node)),\n }),\n]).apply(([kubeconfig]) => kubeconfig.kubeconfigRaw)\n\nconst clientConfiguration = output({\n context: clusterName,\n contexts: {\n [clusterName]: {\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n ca: secrets.clientConfiguration.caCertificate,\n crt: secrets.clientConfiguration.clientCertificate,\n key: secrets.clientConfiguration.clientKey,\n },\n },\n}).apply(JSON.stringify)\n\nconst machineSecrets = secrets.machineSecrets.apply(JSON.stringify)\n\nfunction getConfiguration(machineType: string) {\n const configPatches: Input<string>[] = [globalConfigPatch]\n\n if (args.sharedConfigPatch && Object.keys(args.sharedConfigPatch).length > 0) {\n configPatches.push(JSON.stringify(args.sharedConfigPatch))\n }\n\n if (\n machineType === \"controlplane\" &&\n args.masterConfigPatch &&\n Object.keys(args.masterConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.masterConfigPatch))\n }\n\n if (\n machineType === \"worker\" &&\n args.workerConfigPatch &&\n Object.keys(args.workerConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.workerConfigPatch))\n }\n\n return machine.getConfigurationOutput({\n clusterEndpoint: apiEndpoint,\n machineSecrets: secrets.machineSecrets,\n clusterName,\n machineType,\n talosVersion: \"v1.10.4\",\n configPatches,\n })\n}\n\nfunction getConfigurationApplyArgs(\n node: common.Server,\n machineConfiguration: Output<string>,\n): machine.ConfigurationApplyArgs {\n const ipEndpoint = node.endpoints.find(endpoint => endpoint.type !== \"hostname\")\n if (!ipEndpoint) {\n throw new Error(`No IP endpoint found for node ${node.hostname}`)\n }\n\n return {\n clientConfiguration: secrets.clientConfiguration,\n machineConfigurationInput: machineConfiguration,\n node: l3EndpointToString(ipEndpoint),\n configPatches: [\n JSON.stringify({\n machine: { network: { hostname: node.hostname } },\n }),\n ],\n }\n}\n\nconst provider = new Provider(name, { kubeconfig })\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nconst kubeConfig = new KubeConfig()\nkubeConfig.loadFromString(await toPromise(kubeconfig))\n\nconst endpoints = uniqueBy(\n [...workers, ...masters].flatMap(server => server.endpoints),\n l3EndpointToString,\n)\n\nconst apiEndpoints = uniqueBy(\n masters.flatMap(server => server.endpoints.map(endpoint => l3EndpointToL4(endpoint, 6443))),\n l4EndpointToString,\n)\n\nexport default outputs({\n k8sCluster: {\n id: kubeSystem.metadata.uid,\n connectionId: kubeSystem.metadata.uid,\n\n name: clusterName,\n\n externalIps: endpoints\n .filter(endpoint => endpoint.type !== \"hostname\")\n .map(endpoint => endpoint.address),\n\n endpoints,\n apiEndpoints,\n\n quirks: {\n tunDevicePolicy: {\n type: \"plugin\",\n resourceName: \"squat.ai/tun\",\n resourceValue: \"1\",\n },\n },\n\n kubeconfig,\n },\n\n talosCluster: {\n clientConfiguration,\n machineSecrets,\n },\n\n $terminals: {\n management: {\n meta: {\n title: \"Cluster Management\",\n description: \"Manage the cluster using kubectl and talosctl\",\n icon: \"devicon:talos\",\n },\n\n spec: {\n image: \"ghcr.io/highstate-io/highstate/terminal.talosctl\",\n command: [\"bash\", \"/welcome.sh\"],\n\n files: {\n \"/kubeconfig\": fileFromString(\"kubeconfig\", kubeconfig),\n \"/talosconfig\": fileFromString(\"talosconfig\", clientConfiguration),\n \"/secrets\": fileFromString(\"secrets\", machineSecrets),\n\n \"/welcome.sh\": fileFromString(\n \"welcome.sh\",\n text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo \"Use 'talosctl' to manage the Talos side of the cluster.\"\n echo\n\n exec bash\n `,\n ),\n },\n\n env: {\n KUBECONFIG: \"/kubeconfig\",\n TALOSCONFIG: \"/talosconfig\",\n },\n },\n },\n },\n\n $statusFields: {\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"]}
1
+ {"version":3,"sources":["../../src/cluster/index.ts"],"names":["kubeconfig"],"mappings":";;;;;;;;;;;;AAoBA,IAAM;AAAA,EACJ,IAAA;AAAA,EACA,IAAA;AAAA,EACA,MAAA,EAAQ,EAAE,OAAA,EAAS,OAAA,EAAQ;AAAA,EAC3B;AACF,CAAA,GAAI,OAAA,CAAQ,MAAM,OAAO,CAAA;AAEzB,IAAI,CAAC,QAAQ,MAAA,EAAQ;AACnB,EAAA,MAAM,IAAI,MAAM,uCAAuC,CAAA;AACzD;AAEA,IAAM,GAAA,GAAM,KAAK,GAAA,IAAO,QAAA;AACxB,IAAM,GAAA,GAAM,KAAK,GAAA,IAAO,wBAAA;AAcxB,IAAM,kBAAoC,EAAC;AAC3C,IAAM,cAA4B,EAAC;AAEnC,IAAI,QAAQ,QAAA,EAAU;AACpB,EAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAM,OAAO,mBAAmB,CAAA;AAElD,EAAA,MAAM,MAAA,GAAS,IAAI,aAAA,CAAc,QAAA,EAAU;AAAA,IACzC,SAAA,EAAW,aAAA;AAAA,IACX,KAAA;AAAA,IAEA,MAAA,EAAQ;AAAA,MACN,WAAA,EAAa,YAAA;AAAA;AAAA,MAEb,oBAAA,EAAsB,OAAA;AAAA,MACtB,mBAAA,EAAqB,GAAA;AAAA,MACrB,sBAAA,EAAwB,MAAA;AAAA,MACxB,mBAAA,EAAqB,MAAA;AAAA,MACrB,0CAAA,EACE,kGAAA;AAAA,MACF,+CAAA,EAAiD,oCAAA;AAAA,MACjD,0BAAA,EAA4B,OAAA;AAAA,MAC5B,iBAAA,EAAmB,gBAAA;AAAA;AAAA;AAAA;AAAA,MAInB,gCAAA,EAAkC;AAAA;AACpC,GACD,CAAA;AAED,EAAA,eAAA,CAAgB,IAAA,CAAK;AAAA,IACnB,IAAA,EAAM,QAAA;AAAA,IACN,UAAU,MAAA,CAAO;AAAA,GAClB,CAAA;AACH;AAEA,IAAI,QAAQ,wBAAA,EAA0B;AACpC,EAAA,WAAA,CAAY,IAAA,CAAK;AAAA,IACf,WAAA,EAAa,iCAAA;AAAA,IACb,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,iCAAA;AAAA,IACR,OAAA,EAAS,CAAC,MAAA,EAAQ,SAAA,EAAW,IAAI;AAAA,GAClC,CAAA;AAED,EAAA,eAAA,CAAgB,IAAA,CAAK;AAAA,IACnB,IAAA,EAAM,wBAAA;AAAA,IACN,QAAA,EAAU,MAAM,QAAA,CAAS,0CAAA,EAA4C,OAAO;AAAA,GAC7E,CAAA;AACH;AAEA,IAAI,KAAK,qBAAA,EAAuB;AAC9B,EAAA,eAAA,CAAgB,IAAA,CAAK;AAAA,IACnB,IAAA,EAAM,mBAAA;AAAA,IACN,QAAA,EAAU,MAAM,QAAA,CAAS,qCAAA,EAAuC,OAAO;AAAA,GACxE,CAAA;AACH;AAEA,IAAM,WAAA,GAAc,KAAK,WAAA,IAAe,IAAA;AAExC,IAAM,oBAAoB,MAAA,CAAO;AAAA,EAC/B,OAAA,EAAS;AAAA,IACP,OAAA,EAAS;AAAA,MACP,KAAA,EACE,8GAAA;AAAA,MACF,IAAA,EAAM;AAAA,KACR;AAAA,IACA,OAAA,EAAS;AAAA,MACP;AAAA;AACF,GACF;AAAA,EACA,OAAA,EAAS;AAAA,IACP,wBAAA,EACE,KAAK,uBAAA,KAA4B,iBAAA,GAC7B,QAAQ,MAAA,KAAW,CAAA,GACnB,KAAK,uBAAA,KAA4B,QAAA;AAAA,IACvC,eAAA;AAAA,IACA,OAAA,EAAS,QAAQ,SAAA,GAAY,EAAE,KAAK,EAAE,IAAA,EAAM,MAAA,EAAO,EAAE,GAAI;AAAA;AAAA;AAG7D,CAAC,CAAA,CAAE,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAEvB,IAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,OAAA,CAAQ,WAAW,EAAE,YAAA,EAAc,WAAW,CAAA;AAE1E,IAAM,WAAA,GAAc,WAAW,kBAAA,CAAmB,OAAA,CAAQ,CAAC,CAAA,CAAE,SAAA,CAAU,CAAC,CAAC,CAAC,CAAA,KAAA,CAAA;AAE1E,IAAM,YAAA,GAAe,iBAAiB,cAAc,CAAA;AACpD,IAAM,YAAA,GAAe,iBAAiB,QAAQ,CAAA;AAE9C,IAAM,aAAA,GAAgB,OAAA,CAAQ,GAAA,CAAI,CAAA,MAAA,KAAU;AAC1C,EAAA,OAAO,IAAI,OAAA,CAAQ,kBAAA;AAAA,IACjB,MAAA,CAAO,QAAA;AAAA,IACP,yBAAA,CAA0B,MAAA,EAAQ,YAAA,CAAa,oBAAoB;AAAA,GACrE;AACF,CAAC,CAAA;AAED,IAAM,WAAA,GAAc,aAAA,CAAc,GAAA,CAAI,CAAA,WAAA,KAAe,YAAY,IAAI,CAAA;AAErE,IAAM,SAAA,GAAY,IAAI,OAAA,CAAQ,SAAA;AAAA,EAC5B,WAAA;AAAA,EACA;AAAA,IACE,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,IAAA,EAAM,aAAA,CAAc,CAAC,CAAA,CAAG;AAAA,GAC1B;AAAA,EACA,EAAE,WAAW,aAAA;AACf,CAAA;AAEA,IAAM,aAAA,GAAgB,OAAA,CAAQ,GAAA,CAAI,CAAA,MAAA,KAAU;AAC1C,EAAA,OAAO,IAAI,OAAA,CAAQ,kBAAA;AAAA,IACjB,MAAA,CAAO,QAAA;AAAA,IACP,yBAAA,CAA0B,MAAA,EAAQ,YAAA,CAAa,oBAAoB,CAAA;AAAA,IACnE,EAAE,WAAW,SAAA;AAAU,GACzB;AACF,CAAC,CAAA;AAED,IAAM,WAAA,GAAc,aAAA,CAAc,GAAA,CAAI,CAAA,WAAA,KAAe,YAAY,IAAI,CAAA;AAGrE,IAAM,aAAa,GAAA,CAAI;AAAA,EACrB,QAAQ,mBAAA,CAAoB;AAAA,IAC1B,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,IAAA,EAAM,aAAA,CAAc,CAAC,CAAA,CAAG;AAAA,GACzB,CAAA;AAAA,EACD,QAAQ,eAAA,CAAgB;AAAA,IACtB,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,SAAA,EAAW,WAAA;AAAA,IACX,iBAAA,EAAmB,WAAA;AAAA,IACnB;AAAA,GACD;AACH,CAAC,EAAE,KAAA,CAAM,CAAC,CAACA,WAAU,CAAA,KAAMA,YAAW,aAAa,CAAA;AAEnD,IAAM,sBAAsB,MAAA,CAAO;AAAA,EACjC,OAAA,EAAS,WAAA;AAAA,EACT,QAAA,EAAU;AAAA,IACR,CAAC,WAAW,GAAG;AAAA,MACb,SAAA,EAAW,WAAA;AAAA,MACX,EAAA,EAAI,QAAQ,mBAAA,CAAoB,aAAA;AAAA,MAChC,GAAA,EAAK,QAAQ,mBAAA,CAAoB,iBAAA;AAAA,MACjC,GAAA,EAAK,QAAQ,mBAAA,CAAoB;AAAA;AACnC;AAEJ,CAAC,CAAA,CAAE,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAEvB,IAAM,cAAA,GAAiB,OAAA,CAAQ,cAAA,CAAe,KAAA,CAAM,KAAK,SAAS,CAAA;AAElE,SAAS,iBAAiB,WAAA,EAAqB;AAC7C,EAAA,MAAM,aAAA,GAAiC,CAAC,iBAAiB,CAAA;AAEzD,EAAA,IAAI,IAAA,CAAK,qBAAqB,MAAA,CAAO,IAAA,CAAK,KAAK,iBAAiB,CAAA,CAAE,SAAS,CAAA,EAAG;AAC5E,IAAA,aAAA,CAAc,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA,EAC3D;AAEA,EAAA,IACE,WAAA,KAAgB,cAAA,IAChB,IAAA,CAAK,iBAAA,IACL,MAAA,CAAO,KAAK,IAAA,CAAK,iBAAiB,CAAA,CAAE,MAAA,GAAS,CAAA,EAC7C;AACA,IAAA,aAAA,CAAc,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA,EAC3D;AAEA,EAAA,IACE,WAAA,KAAgB,QAAA,IAChB,IAAA,CAAK,iBAAA,IACL,MAAA,CAAO,KAAK,IAAA,CAAK,iBAAiB,CAAA,CAAE,MAAA,GAAS,CAAA,EAC7C;AACA,IAAA,aAAA,CAAc,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA,EAC3D;AAEA,EAAA,OAAO,QAAQ,sBAAA,CAAuB;AAAA,IACpC,eAAA,EAAiB,WAAA;AAAA,IACjB,gBAAgB,OAAA,CAAQ,cAAA;AAAA,IACxB,WAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA,EAAc,SAAA;AAAA,IACd;AAAA,GACD,CAAA;AACH;AAEA,SAAS,yBAAA,CACP,MACA,oBAAA,EACgC;AAChC,EAAA,MAAM,aAAa,IAAA,CAAK,SAAA,CAAU,KAAK,CAAA,QAAA,KAAY,QAAA,CAAS,SAAS,UAAU,CAAA;AAC/E,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,IAAA,CAAK,QAAQ,CAAA,CAAE,CAAA;AAAA,EAClE;AAEA,EAAA,OAAO;AAAA,IACL,qBAAqB,OAAA,CAAQ,mBAAA;AAAA,IAC7B,yBAAA,EAA2B,oBAAA;AAAA,IAC3B,IAAA,EAAM,mBAAmB,UAAU,CAAA;AAAA,IACnC,aAAA,EAAe;AAAA,MACb,KAAK,SAAA,CAAU;AAAA,QACb,SAAS,EAAE,OAAA,EAAS,EAAE,QAAA,EAAU,IAAA,CAAK,UAAS;AAAE,OACjD;AAAA;AACH,GACF;AACF;AAEA,IAAM,WAAW,IAAI,QAAA,CAAS,IAAA,EAAM,EAAE,YAAY,CAAA;AAClD,IAAM,UAAA,GAAa,KAAK,EAAA,CAAG,SAAA,CAAU,IAAI,aAAA,EAAe,aAAA,EAAe,EAAE,QAAA,EAAU,CAAA;AAEnF,IAAM,UAAA,GAAa,IAAI,UAAA,EAAW;AAClC,UAAA,CAAW,cAAA,CAAe,MAAM,SAAA,CAAU,UAAU,CAAC,CAAA;AAErD,IAAM,SAAA,GAAY,QAAA;AAAA,EAChB,CAAC,GAAG,OAAA,EAAS,GAAG,OAAO,CAAA,CAAE,OAAA,CAAQ,CAAA,MAAA,KAAU,MAAA,CAAO,SAAS,CAAA;AAAA,EAC3D;AACF,CAAA;AAEA,IAAM,YAAA,GAAe,QAAA;AAAA,EACnB,OAAA,CAAQ,OAAA,CAAQ,CAAA,MAAA,KAAU,MAAA,CAAO,SAAA,CAAU,GAAA,CAAI,CAAA,QAAA,KAAY,cAAA,CAAe,QAAA,EAAU,IAAI,CAAC,CAAC,CAAA;AAAA,EAC1F;AACF,CAAA;AAEA,IAAO,kBAAQ,OAAA,CAAQ;AAAA,EACrB,YAAY,gBAAA,CAAiB;AAAA,IAC3B,QAAQ,GAAA,CAAI,aAAA;AAAA,IACZ,QAAA,EAAU,WAAW,QAAA,CAAS,GAAA;AAAA,IAC9B,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO;AAAA,KACT;AAAA,IACA,KAAA,EAAO;AAAA,MACL,EAAA,EAAI,WAAW,QAAA,CAAS,GAAA;AAAA,MACxB,YAAA,EAAc,WAAW,QAAA,CAAS,GAAA;AAAA,MAElC,IAAA,EAAM,WAAA;AAAA,MAEN,WAAA,EAAa,SAAA,CACV,MAAA,CAAO,CAAA,QAAA,KAAY,QAAA,CAAS,IAAA,KAAS,UAAU,CAAA,CAC/C,GAAA,CAAI,CAAA,QAAA,KAAY,QAAA,CAAS,OAAO,CAAA;AAAA,MAEnC,SAAA;AAAA,MACA,YAAA;AAAA,MAEA,MAAA,EAAQ;AAAA,QACN,eAAA,EAAiB;AAAA,UACf,IAAA,EAAM,QAAA;AAAA,UACN,YAAA,EAAc,cAAA;AAAA,UACd,aAAA,EAAe;AAAA;AACjB,OACF;AAAA,MAEA,YAAY,gBAAA,CAAiB;AAAA,QAC3B,QAAQ,MAAA,CAAO,UAAA;AAAA,QACf,QAAA,EAAU,GAAG,IAAI,CAAA,WAAA,CAAA;AAAA,QACjB,IAAA,EAAM;AAAA,UACJ,KAAA,EAAO;AAAA,SACT;AAAA,QACA,KAAA,EAAO;AAAA,UACL,OAAA,EAAS;AAAA,YACP,IAAA,EAAM,iBAAA;AAAA,YACN,KAAA,EAAO;AAAA,WACT;AAAA,UACA,IAAA,EAAM;AAAA,YACJ,IAAA,EAAM,YAAA;AAAA,YACN,WAAA,EAAa,WAAA;AAAA,YACb,IAAA,EAAM;AAAA;AACR;AACF,OACD;AAAA;AACH,GACD,CAAA;AAAA,EAED,cAAc,gBAAA,CAAiB;AAAA,IAC7B,QAAQ,KAAA,CAAM,aAAA;AAAA,IACd,QAAA,EAAU,GAAG,IAAI,CAAA,cAAA,CAAA;AAAA,IACjB,IAAA,EAAM;AAAA,MACJ,KAAA,EAAO;AAAA,KACT;AAAA,IACA,KAAA,EAAO;AAAA,MACL,mBAAA;AAAA,MACA;AAAA;AACF,GACD,CAAA;AAAA,EAED,UAAA,EAAY;AAAA,IACV,UAAA,EAAY;AAAA,MACV,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO,oBAAA;AAAA,QACP,WAAA,EAAa,+CAAA;AAAA,QACb,IAAA,EAAM;AAAA,OACR;AAAA,MAEA,IAAA,EAAM;AAAA,QACJ,KAAA,EAAO,kDAAA;AAAA,QACP,OAAA,EAAS,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA,QAE/B,KAAA,EAAO;AAAA,UACL,eAAe,cAAA,CAAe,EAAE,MAAM,YAAA,EAAc,OAAA,EAAS,YAAY,CAAA;AAAA,UACzE,gBAAgB,cAAA,CAAe,EAAE,MAAM,aAAA,EAAe,OAAA,EAAS,qBAAqB,CAAA;AAAA,UACpF,YAAY,cAAA,CAAe,EAAE,MAAM,SAAA,EAAW,OAAA,EAAS,gBAAgB,CAAA;AAAA,UAEvE,eAAe,cAAA,CAAe;AAAA,YAC5B,IAAA,EAAM,YAAA;AAAA,YAEN,OAAA,EAAS,IAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;;AAAA;AAAA,YAAA;AAAA,WAUV;AAAA,SACH;AAAA,QAEA,GAAA,EAAK;AAAA,UACH,UAAA,EAAY,aAAA;AAAA,UACZ,WAAA,EAAa;AAAA;AACf;AACF;AACF,GACF;AAAA,EAEA,aAAA,EAAe;AAAA,IACb,SAAA,EAAW,SAAA,CAAU,GAAA,CAAI,kBAAkB,CAAA;AAAA,IAC3C,YAAA,EAAc,YAAA,CAAa,GAAA,CAAI,kBAAkB;AAAA;AAErD,CAAC","file":"index.js","sourcesContent":["import { readFile } from \"node:fs/promises\"\nimport { l3EndpointToL4, l3EndpointToString, l4EndpointToString } from \"@highstate/common\"\nimport { text } from \"@highstate/contract\"\nimport { RenderedChart } from \"@highstate/k8s\"\nimport { common, k8s, talos } from \"@highstate/library\"\nimport {\n all,\n forUnit,\n type Input,\n makeEntityOutput,\n makeFileOutput,\n type Output,\n output,\n toPromise,\n} from \"@highstate/pulumi\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\nimport { cluster, machine } from \"@pulumiverse/talos\"\nimport { uniqueBy } from \"remeda\"\n\nconst {\n name,\n args,\n inputs: { masters, workers },\n outputs,\n} = forUnit(talos.cluster)\n\nif (!masters.length) {\n throw new Error(\"At least one master node is required.\")\n}\n\nconst cni = args.cni ?? \"cilium\"\nconst csi = args.csi ?? \"local-path-provisioner\"\n\ninterface InlineManifest {\n name: string\n contents: Input<string>\n}\n\ninterface ExtraMount {\n destination: string\n type: string\n source: string\n options: string[]\n}\n\nconst inlineManifests: InlineManifest[] = []\nconst extraMounts: ExtraMount[] = []\n\nif (cni === \"cilium\") {\n const { chart } = await import(\"@highstate/cilium\")\n\n const cilium = new RenderedChart(\"cilium\", {\n namespace: \"kube-system\",\n chart,\n\n values: {\n \"ipam.mode\": \"kubernetes\",\n // \"kubeProxyReplacement\": \"true\",\n kubeProxyReplacement: \"false\",\n \"operator.replicas\": \"1\",\n \"hubble.relay.enabled\": \"true\",\n \"hubble.ui.enabled\": \"true\",\n \"securityContext.capabilities.ciliumAgent\":\n \"{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}\",\n \"securityContext.capabilities.cleanCiliumState\": \"{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}\",\n \"cgroup.autoMount.enabled\": \"false\",\n \"cgroup.hostRoot\": \"/sys/fs/cgroup\",\n // \"k8sServiceHost\": \"localhost\",\n // \"k8sServicePort\": \"7445\",\n // \"bpf.lbExternalClusterIP\": \"true\",\n \"dnsProxy.dnsRejectResponseCode\": \"nameError\",\n },\n })\n\n inlineManifests.push({\n name: \"cilium\",\n contents: cilium.manifest,\n })\n}\n\nif (csi === \"local-path-provisioner\") {\n extraMounts.push({\n destination: \"/var/lib/local-path-provisioner\",\n type: \"bind\",\n source: \"/var/lib/local-path-provisioner\",\n options: [\"bind\", \"rshared\", \"rw\"],\n })\n\n inlineManifests.push({\n name: \"local-path-provisioner\",\n contents: await readFile(\"../../assets/local-path-provisioner.yaml\", \"utf-8\"),\n })\n}\n\nif (args.enableTunDevicePlugin) {\n inlineManifests.push({\n name: \"tun-device-plugin\",\n contents: await readFile(\"../../assets/tun-device-plugin.yaml\", \"utf-8\"),\n })\n}\n\nconst clusterName = args.clusterName ?? name\n\nconst globalConfigPatch = output({\n machine: {\n install: {\n image:\n \"factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.5\",\n disk: \"/dev/vda\",\n },\n kubelet: {\n extraMounts,\n },\n },\n cluster: {\n allowSchedulingOnMasters:\n args.scheduleOnMastersPolicy === \"when-no-workers\"\n ? workers.length === 0\n : args.scheduleOnMastersPolicy === \"always\",\n inlineManifests,\n network: cni !== \"flannel\" ? { cni: { name: \"none\" } } : undefined,\n // proxy: cni === \"cilium\" ? { disabled: true } : undefined,\n },\n}).apply(JSON.stringify)\n\nconst secrets = new machine.Secrets(\"secrets\", { talosVersion: \"v1.11.5\" })\n\nconst apiEndpoint = `https://${l3EndpointToString(masters[0].endpoints[0])}:6443`\n\nconst masterConfig = getConfiguration(\"controlplane\")\nconst workerConfig = getConfiguration(\"worker\")\n\nconst masterApplies = masters.map(master => {\n return new machine.ConfigurationApply(\n master.hostname,\n getConfigurationApplyArgs(master, masterConfig.machineConfiguration),\n )\n})\n\nconst masterNodes = masterApplies.map(masterApply => masterApply.node)\n\nconst bootstrap = new machine.Bootstrap(\n \"bootstrap\",\n {\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0]!.node,\n },\n { dependsOn: masterApplies },\n)\n\nconst workerApplies = workers.map(worker => {\n return new machine.ConfigurationApply(\n worker.hostname,\n getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),\n { dependsOn: bootstrap },\n )\n})\n\nconst workerNodes = workerApplies.map(workerApply => workerApply.node)\n\n// Check the health of the cluster and export the kubeconfig\nconst kubeconfig = all([\n cluster.getKubeconfigOutput({\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0]!.node,\n }),\n cluster.getHealthOutput({\n clientConfiguration: secrets.clientConfiguration,\n endpoints: masterNodes,\n controlPlaneNodes: masterNodes,\n workerNodes,\n }),\n]).apply(([kubeconfig]) => kubeconfig.kubeconfigRaw)\n\nconst clientConfiguration = output({\n context: clusterName,\n contexts: {\n [clusterName]: {\n endpoints: masterNodes,\n ca: secrets.clientConfiguration.caCertificate,\n crt: secrets.clientConfiguration.clientCertificate,\n key: secrets.clientConfiguration.clientKey,\n },\n },\n}).apply(JSON.stringify)\n\nconst machineSecrets = secrets.machineSecrets.apply(JSON.stringify)\n\nfunction getConfiguration(machineType: string) {\n const configPatches: Input<string>[] = [globalConfigPatch]\n\n if (args.sharedConfigPatch && Object.keys(args.sharedConfigPatch).length > 0) {\n configPatches.push(JSON.stringify(args.sharedConfigPatch))\n }\n\n if (\n machineType === \"controlplane\" &&\n args.masterConfigPatch &&\n Object.keys(args.masterConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.masterConfigPatch))\n }\n\n if (\n machineType === \"worker\" &&\n args.workerConfigPatch &&\n Object.keys(args.workerConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.workerConfigPatch))\n }\n\n return machine.getConfigurationOutput({\n clusterEndpoint: apiEndpoint,\n machineSecrets: secrets.machineSecrets,\n clusterName,\n machineType,\n talosVersion: \"v1.10.4\",\n configPatches,\n })\n}\n\nfunction getConfigurationApplyArgs(\n node: common.Server,\n machineConfiguration: Output<string>,\n): machine.ConfigurationApplyArgs {\n const ipEndpoint = node.endpoints.find(endpoint => endpoint.type !== \"hostname\")\n if (!ipEndpoint) {\n throw new Error(`No IP endpoint found for node ${node.hostname}`)\n }\n\n return {\n clientConfiguration: secrets.clientConfiguration,\n machineConfigurationInput: machineConfiguration,\n node: l3EndpointToString(ipEndpoint),\n configPatches: [\n JSON.stringify({\n machine: { network: { hostname: node.hostname } },\n }),\n ],\n }\n}\n\nconst provider = new Provider(name, { kubeconfig })\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nconst kubeConfig = new KubeConfig()\nkubeConfig.loadFromString(await toPromise(kubeconfig))\n\nconst endpoints = uniqueBy(\n [...workers, ...masters].flatMap(server => server.endpoints),\n l3EndpointToString,\n)\n\nconst apiEndpoints = uniqueBy(\n masters.flatMap(server => server.endpoints.map(endpoint => l3EndpointToL4(endpoint, 6443))),\n l4EndpointToString,\n)\n\nexport default outputs({\n k8sCluster: makeEntityOutput({\n entity: k8s.clusterEntity,\n identity: kubeSystem.metadata.uid,\n meta: {\n title: clusterName,\n },\n value: {\n id: kubeSystem.metadata.uid,\n connectionId: kubeSystem.metadata.uid,\n\n name: clusterName,\n\n externalIps: endpoints\n .filter(endpoint => endpoint.type !== \"hostname\")\n .map(endpoint => endpoint.address),\n\n endpoints,\n apiEndpoints,\n\n quirks: {\n tunDevicePolicy: {\n type: \"plugin\",\n resourceName: \"squat.ai/tun\",\n resourceValue: \"1\",\n },\n },\n\n kubeconfig: makeEntityOutput({\n entity: common.fileEntity,\n identity: `${name}:kubeconfig`,\n meta: {\n title: \"kubeconfig\",\n },\n value: {\n content: {\n type: \"embedded-secret\",\n value: kubeconfig,\n },\n meta: {\n name: \"kubeconfig\",\n contentType: \"text/yaml\",\n mode: 0o600,\n },\n },\n }),\n },\n }),\n\n talosCluster: makeEntityOutput({\n entity: talos.clusterEntity,\n identity: `${name}:talos-cluster`,\n meta: {\n title: clusterName,\n },\n value: {\n clientConfiguration,\n machineSecrets,\n },\n }),\n\n $terminals: {\n management: {\n meta: {\n title: \"Cluster Management\",\n description: \"Manage the cluster using kubectl and talosctl\",\n icon: \"devicon:talos\",\n },\n\n spec: {\n image: \"ghcr.io/highstate-io/highstate/terminal.talosctl\",\n command: [\"bash\", \"/welcome.sh\"],\n\n files: {\n \"/kubeconfig\": makeFileOutput({ name: \"kubeconfig\", content: kubeconfig }),\n \"/talosconfig\": makeFileOutput({ name: \"talosconfig\", content: clientConfiguration }),\n \"/secrets\": makeFileOutput({ name: \"secrets\", content: machineSecrets }),\n\n \"/welcome.sh\": makeFileOutput({\n name: \"welcome.sh\",\n\n content: text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl', 'helm' or 'k9s' to manage the cluster.\"\n echo \"Use 'talosctl' to manage the Talos side of the cluster.\"\n echo\n\n exec bash\n `,\n }),\n },\n\n env: {\n KUBECONFIG: \"/kubeconfig\",\n TALOSCONFIG: \"/talosconfig\",\n },\n },\n },\n },\n\n $statusFields: {\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"]}
package/dist/highstate.manifest.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
2
  "sourceHashes": {
3
- "./dist/cluster/index.js": 3344329834
3
+ "./dist/cluster/index.js": 497587371
4
4
  }
5
5
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@highstate/talos",
3
- "version": "0.19.1",
3
+ "version": "0.20.0",
4
4
  "type": "module",
5
5
  "files": [
6
6
  "assets",
@@ -23,17 +23,17 @@
23
23
  "@pulumi/kubernetes": "^4.18.0",
24
24
  "@pulumiverse/talos": "^0.6.0",
25
25
  "remeda": "^2.21.0",
26
- "@highstate/cilium": "0.19.1",
27
- "@highstate/common": "0.19.1",
28
- "@highstate/contract": "0.19.1",
29
- "@highstate/k8s": "0.19.1",
30
- "@highstate/library": "0.19.1",
31
- "@highstate/pulumi": "0.19.1"
26
+ "@highstate/common": "0.20.0",
27
+ "@highstate/contract": "0.20.0",
28
+ "@highstate/cilium": "0.20.0",
29
+ "@highstate/library": "0.20.0",
30
+ "@highstate/k8s": "0.20.0",
31
+ "@highstate/pulumi": "0.20.0"
32
32
  },
33
33
  "devDependencies": {
34
34
  "@biomejs/biome": "2.2.0",
35
35
  "@typescript/native-preview": "^7.0.0-dev.20250920.1",
36
- "@highstate/cli": "0.19.1"
36
+ "@highstate/cli": "0.20.0"
37
37
  },
38
38
  "repository": {
39
39
  "url": "https://github.com/highstate-io/highstate"