@highstate/talos 0.7.11 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/cluster/index.js +8 -5
  2. package/dist/cluster/index.js.map +1 -1
  3. package/dist/highstate.manifest.json +1 -1
  4. package/package.json +8 -8
package/dist/cluster/index.js CHANGED
@@ -165,7 +165,12 @@ var cluster_default = outputs({
165
165
  id: kubeSystem.metadata.uid,
166
166
  name: clusterName,
167
167
  cni: cni === "none" ? void 0 : cni,
168
- externalIps: []
168
+ externalIps: [],
169
+ tunDevicePolicy: {
170
+ type: "plugin",
171
+ resourceName: "squat.ai/tun",
172
+ resourceValue: "1"
173
+ }
169
174
  },
170
175
  kubeconfig
171
176
  },
@@ -183,17 +188,15 @@ var cluster_default = outputs({
183
188
  "/talosconfig": clientConfiguration,
184
189
  "/secrets": machineSecrets,
185
190
  "/welcome.sh": text`
186
- if [ "$HIGHSTATE_TERMINAL_FIRST_LAUNCH" = "1" ]; then
187
191
  echo "Connecting to the cluster..."
188
192
  kubectl cluster-info
189
193
 
190
194
  echo "Use 'kubectl' and 'helm' to manage the cluster."
191
195
  echo "Use 'talosctl' to manage the Talos side of the cluster."
192
196
  echo
193
- fi
194
197
 
195
- exec script -q -c bash /dev/null
196
- `
198
+ exec bash
199
+ `
197
200
  },
198
201
  env: {
199
202
  KUBECONFIG: "/kubeconfig",
package/dist/cluster/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/cluster/index.ts"],"sourcesContent":["import type { EntityValue, Input } from \"@highstate/pulumi\"\nimport { readFile } from \"node:fs/promises\"\nimport { all, forUnit, interpolate, output, Output } from \"@highstate/pulumi\"\nimport { common, talos } from \"@highstate/library\"\nimport { cluster, machine } from \"@pulumiverse/talos\"\nimport { text } from \"@highstate/contract\"\nimport { RenderedChart } from \"@highstate/k8s\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\n\nconst { name, args, inputs, outputs } = forUnit(talos.cluster)\n\nconst cni = args.cni ?? \"cilium\"\nconst csi = args.csi ?? \"local-path-provisioner\"\n\ninterface InlineManifest {\n name: string\n contents: Input<string>\n}\n\ninterface ExtraMount {\n destination: string\n type: string\n source: string\n options: string[]\n}\n\nconst inlineManifests: InlineManifest[] = []\nconst extraMounts: ExtraMount[] = []\n\nif (cni === \"cilium\") {\n const { chart } = await import(\"@highstate/cilium\", { with: { type: \"json\" } })\n\n const cilium = new RenderedChart(\"cilium\", {\n namespace: \"kube-system\",\n chart,\n\n values: {\n \"ipam.mode\": \"kubernetes\",\n // \"kubeProxyReplacement\": \"true\",\n kubeProxyReplacement: \"false\",\n \"operator.replicas\": \"1\",\n \"hubble.relay.enabled\": \"true\",\n \"hubble.ui.enabled\": \"true\",\n \"securityContext.capabilities.ciliumAgent\":\n \"{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}\",\n \"securityContext.capabilities.cleanCiliumState\": \"{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}\",\n \"cgroup.autoMount.enabled\": \"false\",\n \"cgroup.hostRoot\": \"/sys/fs/cgroup\",\n // \"k8sServiceHost\": \"localhost\",\n // \"k8sServicePort\": \"7445\",\n // \"bpf.lbExternalClusterIP\": \"true\",\n },\n })\n\n inlineManifests.push({\n name: \"cilium\",\n contents: cilium.manifest,\n })\n}\n\nif (csi === \"local-path-provisioner\") {\n extraMounts.push({\n destination: \"/var/lib/local-path-provisioner\",\n type: \"bind\",\n source: \"/var/lib/local-path-provisioner\",\n options: [\"bind\", \"rshared\", \"rw\"],\n })\n\n inlineManifests.push({\n name: \"local-path-provisioner\",\n contents: await readFile(\"../../assets/local-path-provisioner.yaml\", \"utf-8\"),\n })\n}\n\nconst clusterName = args.clusterName ?? name\n\nconst globalConfigPatch = output({\n machine: {\n install: {\n image: \"ghcr.io/siderolabs/installer:v1.8.3\",\n extensions: [{ image: \"ghcr.io/siderolabs/qemu-guest-agent:9.1.0\" }],\n },\n kubelet: {\n extraMounts,\n },\n },\n cluster: {\n allowSchedulingOnMasters: inputs.workers.length.apply(\n length => length === 0 || args.scheduleOnMasters,\n ),\n inlineManifests,\n network: cni !== \"flannel\" ? { cni: { name: \"none\" } } : undefined,\n // proxy: cni === \"cilium\" ? { disabled: true } : undefined,\n },\n}).apply(JSON.stringify)\n\nconst secrets = new machine.Secrets(\"secrets\", { talosVersion: \"v1.8.3\" })\n\nconst clusterEndpoint = args.endpoint ?? interpolate`https://${inputs.masters[0].endpoint}:6443`\n\nconst masterConfig = getConfiguration(\"controlplane\")\nconst workerConfig = getConfiguration(\"worker\")\n\nconst masterApplies = inputs.masters.apply(masters => {\n if (!masters.length) {\n throw new Error(\"At least one master node is required.\")\n }\n\n return masters.map(master => {\n return new machine.ConfigurationApply(\n master.hostname,\n getConfigurationApplyArgs(master, masterConfig.machineConfiguration),\n )\n })\n})\n\nconst bootstrap = new machine.Bootstrap(\n \"bootstrap\",\n {\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n },\n { dependsOn: masterApplies },\n)\n\nconst workerApplies = inputs.workers.apply(workers => {\n return workers.map(worker => {\n return new machine.ConfigurationApply(\n worker.hostname,\n getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),\n { dependsOn: bootstrap },\n )\n })\n})\n\n// Check the health of the cluster and export the kubeconfig\nconst kubeconfig = all([\n cluster.getKubeconfigOutput({\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n }),\n cluster.getHealthOutput({\n clientConfiguration: secrets.clientConfiguration,\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n controlPlaneNodes: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n workerNodes: workerApplies.apply(workerApplies => workerApplies.map(x => x.node)),\n }),\n]).apply(([kubeconfig]) => kubeconfig.kubeconfigRaw)\n\nconst clientConfiguration = output({\n context: clusterName,\n contexts: {\n [clusterName]: {\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n ca: secrets.clientConfiguration.caCertificate,\n crt: secrets.clientConfiguration.clientCertificate,\n key: secrets.clientConfiguration.clientKey,\n },\n },\n}).apply(JSON.stringify)\n\nconst machineSecrets = secrets.machineSecrets.apply(JSON.stringify)\n\nfunction getConfiguration(machineType: string) {\n const configPatches: Input<string>[] = [globalConfigPatch]\n\n if (args.sharedConfigPatch && Object.keys(args.sharedConfigPatch).length > 0) {\n configPatches.push(JSON.stringify(args.sharedConfigPatch))\n }\n\n if (\n machineType === \"controlplane\" &&\n args.masterConfigPatch &&\n Object.keys(args.masterConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.masterConfigPatch))\n }\n\n if (\n machineType === \"worker\" &&\n args.workerConfigPatch &&\n Object.keys(args.workerConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.workerConfigPatch))\n }\n\n return machine.getConfigurationOutput({\n clusterEndpoint,\n machineSecrets: secrets.machineSecrets,\n clusterName,\n machineType,\n talosVersion: \"v1.8.3\",\n configPatches,\n })\n}\n\nfunction getConfigurationApplyArgs(\n node: EntityValue<typeof common.serverEntity>,\n machineConfiguration: Output<string>,\n): machine.ConfigurationApplyArgs {\n return {\n clientConfiguration: secrets.clientConfiguration,\n machineConfigurationInput: machineConfiguration,\n node: node.endpoint,\n configPatches: [\n JSON.stringify({\n machine: { network: { hostname: node.hostname } },\n }),\n ],\n }\n}\n\nconst provider = new Provider(name, { kubeconfig })\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nexport default outputs({\n k8sCluster: {\n info: {\n id: kubeSystem.metadata.uid,\n name: clusterName,\n cni: cni === \"none\" ? undefined : cni,\n externalIps: [],\n },\n kubeconfig,\n },\n talosCluster: {\n clientConfiguration,\n machineSecrets,\n },\n\n $terminals: {\n management: {\n title: \"Cluster Management\",\n image: \"ghcr.io/exeteres/highstate/terminal-talosctl\",\n command: [\"bash\", \"/welcome.sh\"],\n files: {\n \"/kubeconfig\": kubeconfig,\n \"/talosconfig\": clientConfiguration,\n \"/secrets\": machineSecrets,\n\n \"/welcome.sh\": text`\n if [ \"$HIGHSTATE_TERMINAL_FIRST_LAUNCH\" = \"1\" ]; then\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo \"Use 'talosctl' to manage the Talos side of the cluster.\"\n echo\n fi\n\n exec script -q -c bash /dev/null\n `,\n },\n env: {\n KUBECONFIG: \"/kubeconfig\",\n TALOSCONFIG: \"/talosconfig\",\n },\n },\n },\n})\n"],"mappings":";AACA,SAAS,gBAAgB;AACzB,SAAS,KAAK,SAAS,aAAa,cAAsB;AAC1D,SAAiB,aAAa;AAC9B,SAAS,SAAS,eAAe;AACjC,SAAS,YAAY;AACrB,SAAS,qBAAqB;AAC9B,SAAS,MAAM,gBAAgB;AAE/B,IAAM,EAAE,MAAM,MAAM,QAAQ,QAAQ,IAAI,QAAQ,MAAM,OAAO;AAE7D,IAAM,MAAM,KAAK,OAAO;AACxB,IAAM,MAAM,KAAK,OAAO;AAcxB,IAAM,kBAAoC,CAAC;AAC3C,IAAM,cAA4B,CAAC;AAEnC,IAAI,QAAQ,UAAU;AACpB,QAAM,EAAE,MAAM,IAAI,MAAM,OAAO,qBAAqB,EAAE,MAAM,EAAE,MAAM,OAAO,EAAE,CAAC;AAE9E,QAAM,SAAS,IAAI,cAAc,UAAU;AAAA,IACzC,WAAW;AAAA,IACX;AAAA,IAEA,QAAQ;AAAA,MACN,aAAa;AAAA;AAAA,MAEb,sBAAsB;AAAA,MACtB,qBAAqB;AAAA,MACrB,wBAAwB;AAAA,MACxB,qBAAqB;AAAA,MACrB,4CACE;AAAA,MACF,iDAAiD;AAAA,MACjD,4BAA4B;AAAA,MAC5B,mBAAmB;AAAA;AAAA;AAAA;AAAA,IAIrB;AAAA,EACF,CAAC;AAED,kBAAgB,KAAK;AAAA,IACnB,MAAM;AAAA,IACN,UAAU,OAAO;AAAA,EACnB,CAAC;AACH;AAEA,IAAI,QAAQ,0BAA0B;AACpC,cAAY,KAAK;AAAA,IACf,aAAa;AAAA,IACb,MAAM;AAAA,IACN,QAAQ;AAAA,IACR,SAAS,CAAC,QAAQ,WAAW,IAAI;AAAA,EACnC,CAAC;AAED,kBAAgB,KAAK;AAAA,IACnB,MAAM;AAAA,IACN,UAAU,MAAM,SAAS,4CAA4C,OAAO;AAAA,EAC9E,CAAC;AACH;AAEA,IAAM,cAAc,KAAK,eAAe;AAExC,IAAM,oBAAoB,OAAO;AAAA,EAC/B,SAAS;AAAA,IACP,SAAS;AAAA,MACP,OAAO;AAAA,MACP,YAAY,CAAC,EAAE,OAAO,4CAA4C,CAAC;AAAA,IACrE;AAAA,IACA,SAAS;AAAA,MACP;AAAA,IACF;AAAA,EACF;AAAA,EACA,SAAS;AAAA,IACP,0BAA0B,OAAO,QAAQ,OAAO;AAAA,MAC9C,YAAU,WAAW,KAAK,KAAK;AAAA,IACjC;AAAA,IACA;AAAA,IACA,SAAS,QAAQ,YAAY,EAAE,KAAK,EAAE,MAAM,OAAO,EAAE,IAAI;AAAA;AAAA,EAE3D;AACF,CAAC,EAAE,MAAM,KAAK,SAAS;AAEvB,IAAM,UAAU,IAAI,QAAQ,QAAQ,WAAW,EAAE,cAAc,SAAS,CAAC;AAEzE,IAAM,kBAAkB,KAAK,YAAY,sBAAsB,OAAO,QAAQ,CAAC,EAAE,QAAQ;AAEzF,IAAM,eAAe,iBAAiB,cAAc;AACpD,IAAM,eAAe,iBAAiB,QAAQ;AAE9C,IAAM,gBAAgB,OAAO,QAAQ,MAAM,aAAW;AACpD,MAAI,CAAC,QAAQ,QAAQ;AACnB,UAAM,IAAI,MAAM,uCAAuC;AAAA,EACzD;AAEA,SAAO,QAAQ,IAAI,YAAU;AAC3B,WAAO,IAAI,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,0BAA0B,QAAQ,aAAa,oBAAoB;AAAA,IACrE;AAAA,EACF,CAAC;AACH,CAAC;AAED,IAAM,YAAY,IAAI,QAAQ;AAAA,EAC5B;AAAA,EACA;AAAA,IACE,qBAAqB,QAAQ;AAAA,IAC7B,MAAM,cAAc,CAAC,EAAE;AAAA,EACzB;AAAA,EACA,EAAE,WAAW,cAAc;AAC7B;AAEA,IAAM,gBAAgB,OAAO,QAAQ,MAAM,aAAW;AACpD,SAAO,QAAQ,IAAI,YAAU;AAC3B,WAAO,IAAI,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,0BAA0B,QAAQ,aAAa,oBAAoB;AAAA,MACnE,EAAE,WAAW,UAAU;AAAA,IACzB;AAAA,EACF,CAAC;AACH,CAAC;AAGD,IAAM,aAAa,IAAI;AAAA,EACrB,QAAQ,oBAAoB;AAAA,IAC1B,qBAAqB,QAAQ;AAAA,IAC7B,MAAM,cAAc,CAAC,EAAE;AAAA,EACzB,CAAC;AAAA,EACD,QAAQ,gBAAgB;AAAA,IACtB,qBAAqB,QAAQ;AAAA,IAC7B,WAAW,cAAc,MAAM,CAAAA,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,IAC9E,mBAAmB,cAAc,MAAM,CAAAA,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,IACtF,aAAa,cAAc,MAAM,CAAAC,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,EAClF,CAAC;AACH,CAAC,EAAE,MAAM,CAAC,CAACC,WAAU,MAAMA,YAAW,aAAa;AAEnD,IAAM,sBAAsB,OAAO;AAAA,EACjC,SAAS;AAAA,EACT,UAAU;AAAA,IACR,CAAC,WAAW,GAAG;AAAA,MACb,WAAW,cAAc,MAAM,CAAAF,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,MAC9E,IAAI,QAAQ,oBAAoB;AAAA,MAChC,KAAK,QAAQ,oBAAoB;AAAA,MACjC,KAAK,QAAQ,oBAAoB;AAAA,IACnC;AAAA,EACF;AACF,CAAC,EAAE,MAAM,KAAK,SAAS;AAEvB,IAAM,iBAAiB,QAAQ,eAAe,MAAM,KAAK,SAAS;AAElE,SAAS,iBAAiB,aAAqB;AAC7C,QAAM,gBAAiC,CAAC,iBAAiB;AAEzD,MAAI,KAAK,qBAAqB,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAAG;AAC5E,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,MACE,gBAAgB,kBAChB,KAAK,qBACL,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAC7C;AACA,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,MACE,gBAAgB,YAChB,KAAK,qBACL,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAC7C;AACA,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,SAAO,QAAQ,uBAAuB;AAAA,IACpC;AAAA,IACA,gBAAgB,QAAQ;AAAA,IACxB;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd;AAAA,EACF,CAAC;AACH;AAEA,SAAS,0BACP,MACA,sBACgC;AAChC,SAAO;AAAA,IACL,qBAAqB,QAAQ;AAAA,IAC7B,2BAA2B;AAAA,IAC3B,MAAM,KAAK;AAAA,IACX,eAAe;AAAA,MACb,KAAK,UAAU;AAAA,QACb,SAAS,EAAE,SAAS,EAAE,UAAU,KAAK,SAAS,EAAE;AAAA,MAClD,CAAC;AAAA,IACH;AAAA,EACF;AACF;AAEA,IAAM,WAAW,IAAI,SAAS,MAAM,EAAE,WAAW,CAAC;AAClD,IAAM,aAAa,KAAK,GAAG,UAAU,IAAI,eAAe,eAAe,EAAE,SAAS,CAAC;AAEnF,IAAO,kBAAQ,QAAQ;AAAA,EACrB,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,IAAI,WAAW,SAAS;AAAA,MACxB,MAAM;AAAA,MACN,KAAK,QAAQ,SAAS,SAAY;AAAA,MAClC,aAAa,CAAC;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AAAA,EACA,cAAc;AAAA,IACZ;AAAA,IACA;AAAA,EACF;AAAA,EAEA,YAAY;AAAA,IACV,YAAY;AAAA,MACV,OAAO;AAAA,MACP,OAAO;AAAA,MACP,SAAS,CAAC,QAAQ,aAAa;AAAA,MAC/B,OAAO;AAAA,QACL,eAAe;AAAA,QACf,gBAAgB;AAAA,QAChB,YAAY;AAAA,QAEZ,eAAe;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAYjB;AAAA,MACA,KAAK;AAAA,QACH,YAAY;AAAA,QACZ,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AACF,CAAC;","names":["masterApplies","workerApplies","kubeconfig"]}
1
+ {"version":3,"sources":["../../src/cluster/index.ts"],"sourcesContent":["import type { EntityValue, Input } from \"@highstate/pulumi\"\nimport { readFile } from \"node:fs/promises\"\nimport { all, forUnit, interpolate, output, Output } from \"@highstate/pulumi\"\nimport { common, talos } from \"@highstate/library\"\nimport { cluster, machine } from \"@pulumiverse/talos\"\nimport { text } from \"@highstate/contract\"\nimport { RenderedChart } from \"@highstate/k8s\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\n\nconst { name, args, inputs, outputs } = forUnit(talos.cluster)\n\nconst cni = args.cni ?? \"cilium\"\nconst csi = args.csi ?? \"local-path-provisioner\"\n\ninterface InlineManifest {\n name: string\n contents: Input<string>\n}\n\ninterface ExtraMount {\n destination: string\n type: string\n source: string\n options: string[]\n}\n\nconst inlineManifests: InlineManifest[] = []\nconst extraMounts: ExtraMount[] = []\n\nif (cni === \"cilium\") {\n const { chart } = await import(\"@highstate/cilium\", { with: { type: \"json\" } })\n\n const cilium = new RenderedChart(\"cilium\", {\n namespace: \"kube-system\",\n chart,\n\n values: {\n \"ipam.mode\": \"kubernetes\",\n // \"kubeProxyReplacement\": \"true\",\n kubeProxyReplacement: \"false\",\n \"operator.replicas\": \"1\",\n \"hubble.relay.enabled\": \"true\",\n \"hubble.ui.enabled\": \"true\",\n \"securityContext.capabilities.ciliumAgent\":\n \"{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}\",\n \"securityContext.capabilities.cleanCiliumState\": \"{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}\",\n \"cgroup.autoMount.enabled\": \"false\",\n \"cgroup.hostRoot\": \"/sys/fs/cgroup\",\n // \"k8sServiceHost\": \"localhost\",\n // \"k8sServicePort\": \"7445\",\n // \"bpf.lbExternalClusterIP\": \"true\",\n },\n })\n\n inlineManifests.push({\n name: \"cilium\",\n contents: cilium.manifest,\n })\n}\n\nif (csi === \"local-path-provisioner\") {\n extraMounts.push({\n destination: \"/var/lib/local-path-provisioner\",\n type: \"bind\",\n source: \"/var/lib/local-path-provisioner\",\n options: [\"bind\", \"rshared\", \"rw\"],\n })\n\n inlineManifests.push({\n name: \"local-path-provisioner\",\n contents: await readFile(\"../../assets/local-path-provisioner.yaml\", \"utf-8\"),\n })\n}\n\nconst clusterName = args.clusterName ?? name\n\nconst globalConfigPatch = output({\n machine: {\n install: {\n image: \"ghcr.io/siderolabs/installer:v1.8.3\",\n extensions: [{ image: \"ghcr.io/siderolabs/qemu-guest-agent:9.1.0\" }],\n },\n kubelet: {\n extraMounts,\n },\n },\n cluster: {\n allowSchedulingOnMasters: inputs.workers.length.apply(\n length => length === 0 || args.scheduleOnMasters,\n ),\n inlineManifests,\n network: cni !== \"flannel\" ? { cni: { name: \"none\" } } : undefined,\n // proxy: cni === \"cilium\" ? { disabled: true } : undefined,\n },\n}).apply(JSON.stringify)\n\nconst secrets = new machine.Secrets(\"secrets\", { talosVersion: \"v1.8.3\" })\n\nconst clusterEndpoint = args.endpoint ?? interpolate`https://${inputs.masters[0].endpoint}:6443`\n\nconst masterConfig = getConfiguration(\"controlplane\")\nconst workerConfig = getConfiguration(\"worker\")\n\nconst masterApplies = inputs.masters.apply(masters => {\n if (!masters.length) {\n throw new Error(\"At least one master node is required.\")\n }\n\n return masters.map(master => {\n return new machine.ConfigurationApply(\n master.hostname,\n getConfigurationApplyArgs(master, masterConfig.machineConfiguration),\n )\n })\n})\n\nconst bootstrap = new machine.Bootstrap(\n \"bootstrap\",\n {\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n },\n { dependsOn: masterApplies },\n)\n\nconst workerApplies = inputs.workers.apply(workers => {\n return workers.map(worker => {\n return new machine.ConfigurationApply(\n worker.hostname,\n getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),\n { dependsOn: bootstrap },\n )\n })\n})\n\n// Check the health of the cluster and export the kubeconfig\nconst kubeconfig = all([\n cluster.getKubeconfigOutput({\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n }),\n cluster.getHealthOutput({\n clientConfiguration: secrets.clientConfiguration,\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n controlPlaneNodes: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n workerNodes: workerApplies.apply(workerApplies => workerApplies.map(x => x.node)),\n }),\n]).apply(([kubeconfig]) => kubeconfig.kubeconfigRaw)\n\nconst clientConfiguration = output({\n context: clusterName,\n contexts: {\n [clusterName]: {\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n ca: secrets.clientConfiguration.caCertificate,\n crt: secrets.clientConfiguration.clientCertificate,\n key: secrets.clientConfiguration.clientKey,\n },\n },\n}).apply(JSON.stringify)\n\nconst machineSecrets = secrets.machineSecrets.apply(JSON.stringify)\n\nfunction getConfiguration(machineType: string) {\n const configPatches: Input<string>[] = [globalConfigPatch]\n\n if (args.sharedConfigPatch && Object.keys(args.sharedConfigPatch).length > 0) {\n configPatches.push(JSON.stringify(args.sharedConfigPatch))\n }\n\n if (\n machineType === \"controlplane\" &&\n args.masterConfigPatch &&\n Object.keys(args.masterConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.masterConfigPatch))\n }\n\n if (\n machineType === \"worker\" &&\n args.workerConfigPatch &&\n Object.keys(args.workerConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.workerConfigPatch))\n }\n\n return machine.getConfigurationOutput({\n clusterEndpoint,\n machineSecrets: secrets.machineSecrets,\n clusterName,\n machineType,\n talosVersion: \"v1.8.3\",\n configPatches,\n })\n}\n\nfunction getConfigurationApplyArgs(\n node: EntityValue<typeof common.serverEntity>,\n machineConfiguration: Output<string>,\n): machine.ConfigurationApplyArgs {\n return {\n clientConfiguration: secrets.clientConfiguration,\n machineConfigurationInput: machineConfiguration,\n node: node.endpoint,\n configPatches: [\n JSON.stringify({\n machine: { network: { hostname: node.hostname } },\n }),\n ],\n }\n}\n\nconst provider = new Provider(name, { kubeconfig })\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nexport default outputs({\n k8sCluster: {\n info: {\n id: kubeSystem.metadata.uid,\n name: clusterName,\n cni: cni === \"none\" ? undefined : cni,\n externalIps: [],\n tunDevicePolicy: {\n type: \"plugin\",\n resourceName: \"squat.ai/tun\",\n resourceValue: \"1\",\n },\n },\n kubeconfig,\n },\n talosCluster: {\n clientConfiguration,\n machineSecrets,\n },\n\n $terminals: {\n management: {\n title: \"Cluster Management\",\n image: \"ghcr.io/exeteres/highstate/terminal-talosctl\",\n command: [\"bash\", \"/welcome.sh\"],\n files: {\n \"/kubeconfig\": kubeconfig,\n \"/talosconfig\": clientConfiguration,\n \"/secrets\": machineSecrets,\n\n \"/welcome.sh\": text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo \"Use 'talosctl' to manage the Talos side of the cluster.\"\n echo\n\n exec bash\n `,\n },\n env: {\n KUBECONFIG: \"/kubeconfig\",\n TALOSCONFIG: \"/talosconfig\",\n },\n },\n },\n})\n"],"mappings":";AACA,SAAS,gBAAgB;AACzB,SAAS,KAAK,SAAS,aAAa,cAAsB;AAC1D,SAAiB,aAAa;AAC9B,SAAS,SAAS,eAAe;AACjC,SAAS,YAAY;AACrB,SAAS,qBAAqB;AAC9B,SAAS,MAAM,gBAAgB;AAE/B,IAAM,EAAE,MAAM,MAAM,QAAQ,QAAQ,IAAI,QAAQ,MAAM,OAAO;AAE7D,IAAM,MAAM,KAAK,OAAO;AACxB,IAAM,MAAM,KAAK,OAAO;AAcxB,IAAM,kBAAoC,CAAC;AAC3C,IAAM,cAA4B,CAAC;AAEnC,IAAI,QAAQ,UAAU;AACpB,QAAM,EAAE,MAAM,IAAI,MAAM,OAAO,qBAAqB,EAAE,MAAM,EAAE,MAAM,OAAO,EAAE,CAAC;AAE9E,QAAM,SAAS,IAAI,cAAc,UAAU;AAAA,IACzC,WAAW;AAAA,IACX;AAAA,IAEA,QAAQ;AAAA,MACN,aAAa;AAAA;AAAA,MAEb,sBAAsB;AAAA,MACtB,qBAAqB;AAAA,MACrB,wBAAwB;AAAA,MACxB,qBAAqB;AAAA,MACrB,4CACE;AAAA,MACF,iDAAiD;AAAA,MACjD,4BAA4B;AAAA,MAC5B,mBAAmB;AAAA;AAAA;AAAA;AAAA,IAIrB;AAAA,EACF,CAAC;AAED,kBAAgB,KAAK;AAAA,IACnB,MAAM;AAAA,IACN,UAAU,OAAO;AAAA,EACnB,CAAC;AACH;AAEA,IAAI,QAAQ,0BAA0B;AACpC,cAAY,KAAK;AAAA,IACf,aAAa;AAAA,IACb,MAAM;AAAA,IACN,QAAQ;AAAA,IACR,SAAS,CAAC,QAAQ,WAAW,IAAI;AAAA,EACnC,CAAC;AAED,kBAAgB,KAAK;AAAA,IACnB,MAAM;AAAA,IACN,UAAU,MAAM,SAAS,4CAA4C,OAAO;AAAA,EAC9E,CAAC;AACH;AAEA,IAAM,cAAc,KAAK,eAAe;AAExC,IAAM,oBAAoB,OAAO;AAAA,EAC/B,SAAS;AAAA,IACP,SAAS;AAAA,MACP,OAAO;AAAA,MACP,YAAY,CAAC,EAAE,OAAO,4CAA4C,CAAC;AAAA,IACrE;AAAA,IACA,SAAS;AAAA,MACP;AAAA,IACF;AAAA,EACF;AAAA,EACA,SAAS;AAAA,IACP,0BAA0B,OAAO,QAAQ,OAAO;AAAA,MAC9C,YAAU,WAAW,KAAK,KAAK;AAAA,IACjC;AAAA,IACA;AAAA,IACA,SAAS,QAAQ,YAAY,EAAE,KAAK,EAAE,MAAM,OAAO,EAAE,IAAI;AAAA;AAAA,EAE3D;AACF,CAAC,EAAE,MAAM,KAAK,SAAS;AAEvB,IAAM,UAAU,IAAI,QAAQ,QAAQ,WAAW,EAAE,cAAc,SAAS,CAAC;AAEzE,IAAM,kBAAkB,KAAK,YAAY,sBAAsB,OAAO,QAAQ,CAAC,EAAE,QAAQ;AAEzF,IAAM,eAAe,iBAAiB,cAAc;AACpD,IAAM,eAAe,iBAAiB,QAAQ;AAE9C,IAAM,gBAAgB,OAAO,QAAQ,MAAM,aAAW;AACpD,MAAI,CAAC,QAAQ,QAAQ;AACnB,UAAM,IAAI,MAAM,uCAAuC;AAAA,EACzD;AAEA,SAAO,QAAQ,IAAI,YAAU;AAC3B,WAAO,IAAI,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,0BAA0B,QAAQ,aAAa,oBAAoB;AAAA,IACrE;AAAA,EACF,CAAC;AACH,CAAC;AAED,IAAM,YAAY,IAAI,QAAQ;AAAA,EAC5B;AAAA,EACA;AAAA,IACE,qBAAqB,QAAQ;AAAA,IAC7B,MAAM,cAAc,CAAC,EAAE;AAAA,EACzB;AAAA,EACA,EAAE,WAAW,cAAc;AAC7B;AAEA,IAAM,gBAAgB,OAAO,QAAQ,MAAM,aAAW;AACpD,SAAO,QAAQ,IAAI,YAAU;AAC3B,WAAO,IAAI,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,0BAA0B,QAAQ,aAAa,oBAAoB;AAAA,MACnE,EAAE,WAAW,UAAU;AAAA,IACzB;AAAA,EACF,CAAC;AACH,CAAC;AAGD,IAAM,aAAa,IAAI;AAAA,EACrB,QAAQ,oBAAoB;AAAA,IAC1B,qBAAqB,QAAQ;AAAA,IAC7B,MAAM,cAAc,CAAC,EAAE;AAAA,EACzB,CAAC;AAAA,EACD,QAAQ,gBAAgB;AAAA,IACtB,qBAAqB,QAAQ;AAAA,IAC7B,WAAW,cAAc,MAAM,CAAAA,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,IAC9E,mBAAmB,cAAc,MAAM,CAAAA,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,IACtF,aAAa,cAAc,MAAM,CAAAC,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,EAClF,CAAC;AACH,CAAC,EAAE,MAAM,CAAC,CAACC,WAAU,MAAMA,YAAW,aAAa;AAEnD,IAAM,sBAAsB,OAAO;AAAA,EACjC,SAAS;AAAA,EACT,UAAU;AAAA,IACR,CAAC,WAAW,GAAG;AAAA,MACb,WAAW,cAAc,MAAM,CAAAF,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,MAC9E,IAAI,QAAQ,oBAAoB;AAAA,MAChC,KAAK,QAAQ,oBAAoB;AAAA,MACjC,KAAK,QAAQ,oBAAoB;AAAA,IACnC;AAAA,EACF;AACF,CAAC,EAAE,MAAM,KAAK,SAAS;AAEvB,IAAM,iBAAiB,QAAQ,eAAe,MAAM,KAAK,SAAS;AAElE,SAAS,iBAAiB,aAAqB;AAC7C,QAAM,gBAAiC,CAAC,iBAAiB;AAEzD,MAAI,KAAK,qBAAqB,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAAG;AAC5E,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,MACE,gBAAgB,kBAChB,KAAK,qBACL,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAC7C;AACA,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,MACE,gBAAgB,YAChB,KAAK,qBACL,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAC7C;AACA,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,SAAO,QAAQ,uBAAuB;AAAA,IACpC;AAAA,IACA,gBAAgB,QAAQ;AAAA,IACxB;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd;AAAA,EACF,CAAC;AACH;AAEA,SAAS,0BACP,MACA,sBACgC;AAChC,SAAO;AAAA,IACL,qBAAqB,QAAQ;AAAA,IAC7B,2BAA2B;AAAA,IAC3B,MAAM,KAAK;AAAA,IACX,eAAe;AAAA,MACb,KAAK,UAAU;AAAA,QACb,SAAS,EAAE,SAAS,EAAE,UAAU,KAAK,SAAS,EAAE;AAAA,MAClD,CAAC;AAAA,IACH;AAAA,EACF;AACF;AAEA,IAAM,WAAW,IAAI,SAAS,MAAM,EAAE,WAAW,CAAC;AAClD,IAAM,aAAa,KAAK,GAAG,UAAU,IAAI,eAAe,eAAe,EAAE,SAAS,CAAC;AAEnF,IAAO,kBAAQ,QAAQ;AAAA,EACrB,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,IAAI,WAAW,SAAS;AAAA,MACxB,MAAM;AAAA,MACN,KAAK,QAAQ,SAAS,SAAY;AAAA,MAClC,aAAa,CAAC;AAAA,MACd,iBAAiB;AAAA,QACf,MAAM;AAAA,QACN,cAAc;AAAA,QACd,eAAe;AAAA,MACjB;AAAA,IACF;AAAA,IACA;AAAA,EACF;AAAA,EACA,cAAc;AAAA,IACZ;AAAA,IACA;AAAA,EACF;AAAA,EAEA,YAAY;AAAA,IACV,YAAY;AAAA,MACV,OAAO;AAAA,MACP,OAAO;AAAA,MACP,SAAS,CAAC,QAAQ,aAAa;AAAA,MAC/B,OAAO;AAAA,QACL,eAAe;AAAA,QACf,gBAAgB;AAAA,QAChB,YAAY;AAAA,QAEZ,eAAe;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAUjB;AAAA,MACA,KAAK;AAAA,QACH,YAAY;AAAA,QACZ,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AACF,CAAC;","names":["masterApplies","workerApplies","kubeconfig"]}
package/dist/highstate.manifest.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
2
  "sourceHashes": {
3
- "./dist/cluster/index.js": "9a8ff774e1832e9fec5a1524f60340b1a99ae05237edd7e57c2b266dc441faea"
3
+ "./dist/cluster/index.js": "f82b9f388623e7000d2300b3d485a7ff79a8bdf59856e79889720e54295bf030"
4
4
  }
5
5
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@highstate/talos",
3
- "version": "0.7.11",
3
+ "version": "0.9.0",
4
4
  "type": "module",
5
5
  "files": [
6
6
  "assets",
@@ -17,11 +17,11 @@
17
17
  "update-assets": "./scripts/update-assets.sh"
18
18
  },
19
19
  "dependencies": {
20
- "@highstate/cilium": "^0.7.11",
21
- "@highstate/common": "^0.7.11",
22
- "@highstate/contract": "^0.7.11",
23
- "@highstate/k8s": "^0.7.11",
24
- "@highstate/pulumi": "^0.7.11",
20
+ "@highstate/cilium": "^0.9.0",
21
+ "@highstate/common": "^0.9.0",
22
+ "@highstate/contract": "^0.9.0",
23
+ "@highstate/k8s": "^0.9.0",
24
+ "@highstate/pulumi": "^0.9.0",
25
25
  "@pulumi/command": "^1.0.2",
26
26
  "@pulumi/kubernetes": "^4.18.0",
27
27
  "@pulumiverse/talos": "^0.4.1"
@@ -30,7 +30,7 @@
30
30
  "@highstate/library": "workspace:^0.4.4"
31
31
  },
32
32
  "devDependencies": {
33
- "@highstate/cli": "^0.7.11"
33
+ "@highstate/cli": "^0.9.0"
34
34
  },
35
- "gitHead": "f425f2be2d5800fdee3512c848129adab1b0186e"
35
+ "gitHead": "b64df0df33afcadf019936eaa2a2ca7ffc82940b"
36
36
  }