@highstate/talos 0.9.14 → 0.9.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/assets/images.json +7 -0
  2. package/dist/cluster/index.js +22 -24
  3. package/dist/cluster/index.js.map +1 -1
  4. package/dist/highstate.manifest.json +1 -1
  5. package/package.json +12 -11
package/assets/images.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "terminal-talosctl": {
3
+ "name": "ghcr.io/exeteres/highstate/terminal-talosctl",
4
+ "tag": "latest",
5
+ "image": "ghcr.io/exeteres/highstate/terminal-talosctl:latest@sha256:97d3a70c55350d5b4edbec9dbdfaaffa9f2c85012ccc40fa6e2d384b15bc07de"
6
+ }
7
+ }
package/dist/cluster/index.js CHANGED
@@ -1,19 +1,15 @@
1
+ import { readFile } from 'node:fs/promises';
2
+ import { forUnit, toPromise, output, all } from '@highstate/pulumi';
3
+ import { talos } from '@highstate/library';
4
+ import { machine, cluster } from '@pulumiverse/talos';
5
+ import { text } from '@highstate/contract';
6
+ import { RenderedChart } from '@highstate/k8s';
7
+ import { Provider, core } from '@pulumi/kubernetes';
8
+ import { l3EndpointToString, l3ToL4Endpoint, l4EndpointToString, filterEndpoints } from '@highstate/common';
9
+ import { KubeConfig } from '@kubernetes/client-node';
10
+ import { uniqueBy } from 'remeda';
11
+
1
12
  // src/cluster/index.ts
2
- import { readFile } from "node:fs/promises";
3
- import { all, forUnit, output, toPromise } from "@highstate/pulumi";
4
- import { talos } from "@highstate/library";
5
- import { cluster, machine } from "@pulumiverse/talos";
6
- import { text } from "@highstate/contract";
7
- import { RenderedChart } from "@highstate/k8s";
8
- import { core, Provider } from "@pulumi/kubernetes";
9
- import {
10
- filterEndpoints,
11
- l3EndpointToString,
12
- l3ToL4Endpoint,
13
- l4EndpointToString
14
- } from "@highstate/common";
15
- import { KubeConfig } from "@kubernetes/client-node";
16
- import { uniqueBy } from "remeda";
17
13
  var { name, args, inputs, outputs } = forUnit(talos.cluster);
18
14
  var { masters, workers } = await toPromise(inputs);
19
15
  var cni = args.cni ?? "cilium";
@@ -21,7 +17,7 @@ var csi = args.csi ?? "local-path-provisioner";
21
17
  var inlineManifests = [];
22
18
  var extraMounts = [];
23
19
  if (cni === "cilium") {
24
- const { chart } = await import("@highstate/cilium");
20
+ const { chart } = await import('@highstate/cilium');
25
21
  const cilium = new RenderedChart("cilium", {
26
22
  namespace: "kube-system",
27
23
  chart,
@@ -69,8 +65,8 @@ var clusterName = args.clusterName ?? name;
69
65
  var globalConfigPatch = output({
70
66
  machine: {
71
67
  install: {
72
- image: "ghcr.io/siderolabs/installer:v1.8.3",
73
- extensions: [{ image: "ghcr.io/siderolabs/qemu-guest-agent:9.1.0" }]
68
+ image: "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.10.4",
69
+ diskSelector: { size: "> 4GB" }
74
70
  },
75
71
  kubelet: {
76
72
  extraMounts
@@ -83,7 +79,7 @@ var globalConfigPatch = output({
83
79
  // proxy: cni === "cilium" ? { disabled: true } : undefined,
84
80
  }
85
81
  }).apply(JSON.stringify);
86
- var secrets = new machine.Secrets("secrets", { talosVersion: "v1.8.3" });
82
+ var secrets = new machine.Secrets("secrets", { talosVersion: "v1.10.4" });
87
83
  var apiEndpoint = `https://${l3EndpointToString(masters[0].endpoints[0])}:6443`;
88
84
  var masterConfig = getConfiguration("controlplane");
89
85
  var workerConfig = getConfiguration("worker");
@@ -155,7 +151,7 @@ function getConfiguration(machineType) {
155
151
  machineSecrets: secrets.machineSecrets,
156
152
  clusterName,
157
153
  machineType,
158
- talosVersion: "v1.8.3",
154
+ talosVersion: "v1.10.4",
159
155
  configPatches
160
156
  });
161
157
  }
@@ -213,6 +209,8 @@ var cluster_default = outputs({
213
209
  $terminals: {
214
210
  management: {
215
211
  title: "Cluster Management",
212
+ description: "Manage the cluster using kubectl and talosctl",
213
+ icon: "devicon:talos",
216
214
  image: "ghcr.io/exeteres/highstate/terminal-talosctl",
217
215
  command: ["bash", "/welcome.sh"],
218
216
  files: {
@@ -236,12 +234,12 @@ var cluster_default = outputs({
236
234
  }
237
235
  }
238
236
  },
239
- $status: {
237
+ $statusFields: {
240
238
  endpoints: endpoints.map(l3EndpointToString),
241
239
  apiEndpoints: apiEndpoints.map(l4EndpointToString)
242
240
  }
243
241
  });
244
- export {
245
- cluster_default as default
246
- };
242
+
243
+ export { cluster_default as default };
244
+ //# sourceMappingURL=index.js.map
247
245
  //# sourceMappingURL=index.js.map
package/dist/cluster/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/cluster/index.ts"],"sourcesContent":["import type { EntityValue, Input } from \"@highstate/pulumi\"\nimport { readFile } from \"node:fs/promises\"\nimport { all, forUnit, output, Output, toPromise } from \"@highstate/pulumi\"\nimport { common, talos } from \"@highstate/library\"\nimport { cluster, machine } from \"@pulumiverse/talos\"\nimport { text } from \"@highstate/contract\"\nimport { RenderedChart } from \"@highstate/k8s\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\nimport {\n filterEndpoints,\n l3EndpointToString,\n l3ToL4Endpoint,\n l4EndpointToString,\n} from \"@highstate/common\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { uniqueBy } from \"remeda\"\n\nconst { name, args, inputs, outputs } = forUnit(talos.cluster)\n\nconst { masters, workers } = await toPromise(inputs)\n\nconst cni = args.cni ?? \"cilium\"\nconst csi = args.csi ?? \"local-path-provisioner\"\n\ninterface InlineManifest {\n name: string\n contents: Input<string>\n}\n\ninterface ExtraMount {\n destination: string\n type: string\n source: string\n options: string[]\n}\n\nconst inlineManifests: InlineManifest[] = []\nconst extraMounts: ExtraMount[] = []\n\nif (cni === \"cilium\") {\n const { chart } = await import(\"@highstate/cilium\")\n\n const cilium = new RenderedChart(\"cilium\", {\n namespace: \"kube-system\",\n chart,\n\n values: {\n \"ipam.mode\": \"kubernetes\",\n // \"kubeProxyReplacement\": \"true\",\n kubeProxyReplacement: \"false\",\n \"operator.replicas\": \"1\",\n \"hubble.relay.enabled\": \"true\",\n \"hubble.ui.enabled\": \"true\",\n \"securityContext.capabilities.ciliumAgent\":\n \"{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}\",\n \"securityContext.capabilities.cleanCiliumState\": \"{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}\",\n \"cgroup.autoMount.enabled\": \"false\",\n \"cgroup.hostRoot\": \"/sys/fs/cgroup\",\n // \"k8sServiceHost\": \"localhost\",\n // \"k8sServicePort\": \"7445\",\n // \"bpf.lbExternalClusterIP\": \"true\",\n \"dnsProxy.dnsRejectResponseCode\": \"nameError\",\n },\n })\n\n inlineManifests.push({\n name: \"cilium\",\n contents: cilium.manifest,\n })\n}\n\nif (csi === \"local-path-provisioner\") {\n extraMounts.push({\n destination: \"/var/lib/local-path-provisioner\",\n type: \"bind\",\n source: \"/var/lib/local-path-provisioner\",\n options: [\"bind\", \"rshared\", \"rw\"],\n })\n\n inlineManifests.push({\n name: \"local-path-provisioner\",\n contents: await readFile(\"../../assets/local-path-provisioner.yaml\", \"utf-8\"),\n })\n}\n\nif (args.enableTunDevicePlugin) {\n inlineManifests.push({\n name: \"tun-device-plugin\",\n contents: await readFile(\"../../assets/tun-device-plugin.yaml\", \"utf-8\"),\n })\n}\n\nconst clusterName = args.clusterName ?? name\n\nconst globalConfigPatch = output({\n machine: {\n install: {\n image: \"ghcr.io/siderolabs/installer:v1.8.3\",\n extensions: [{ image: \"ghcr.io/siderolabs/qemu-guest-agent:9.1.0\" }],\n },\n kubelet: {\n extraMounts,\n },\n },\n cluster: {\n allowSchedulingOnMasters:\n args.scheduleOnMastersPolicy === \"when-no-workers\"\n ? workers.length === 0\n : args.scheduleOnMastersPolicy === \"always\",\n inlineManifests,\n network: cni !== \"flannel\" ? { cni: { name: \"none\" } } : undefined,\n // proxy: cni === \"cilium\" ? { disabled: true } : undefined,\n },\n}).apply(JSON.stringify)\n\nconst secrets = new machine.Secrets(\"secrets\", { talosVersion: \"v1.8.3\" })\n\nconst apiEndpoint = `https://${l3EndpointToString(masters[0].endpoints[0])}:6443`\n\nconst masterConfig = getConfiguration(\"controlplane\")\nconst workerConfig = getConfiguration(\"worker\")\n\nconst masterApplies = inputs.masters.apply(masters => {\n if (!masters.length) {\n throw new Error(\"At least one master node is required.\")\n }\n\n return masters.map(master => {\n return new machine.ConfigurationApply(\n master.hostname,\n getConfigurationApplyArgs(master, masterConfig.machineConfiguration),\n )\n })\n})\n\nconst bootstrap = new machine.Bootstrap(\n \"bootstrap\",\n {\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n },\n { dependsOn: masterApplies },\n)\n\nconst workerApplies = inputs.workers.apply(workers => {\n return workers.map(worker => {\n return new machine.ConfigurationApply(\n worker.hostname,\n getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),\n { dependsOn: bootstrap },\n )\n })\n})\n\n// Check the health of the cluster and export the kubeconfig\nconst kubeconfig = all([\n cluster.getKubeconfigOutput({\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n }),\n cluster.getHealthOutput({\n clientConfiguration: secrets.clientConfiguration,\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n controlPlaneNodes: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n workerNodes: workerApplies.apply(workerApplies => workerApplies.map(x => x.node)),\n }),\n]).apply(([kubeconfig]) => kubeconfig.kubeconfigRaw)\n\nconst clientConfiguration = output({\n context: clusterName,\n contexts: {\n [clusterName]: {\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n ca: secrets.clientConfiguration.caCertificate,\n crt: secrets.clientConfiguration.clientCertificate,\n key: secrets.clientConfiguration.clientKey,\n },\n },\n}).apply(JSON.stringify)\n\nconst machineSecrets = secrets.machineSecrets.apply(JSON.stringify)\n\nfunction getConfiguration(machineType: string) {\n const configPatches: Input<string>[] = [globalConfigPatch]\n\n if (args.sharedConfigPatch && Object.keys(args.sharedConfigPatch).length > 0) {\n configPatches.push(JSON.stringify(args.sharedConfigPatch))\n }\n\n if (\n machineType === \"controlplane\" &&\n args.masterConfigPatch &&\n Object.keys(args.masterConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.masterConfigPatch))\n }\n\n if (\n machineType === \"worker\" &&\n args.workerConfigPatch &&\n Object.keys(args.workerConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.workerConfigPatch))\n }\n\n return machine.getConfigurationOutput({\n clusterEndpoint: apiEndpoint,\n machineSecrets: secrets.machineSecrets,\n clusterName,\n machineType,\n talosVersion: \"v1.8.3\",\n configPatches,\n })\n}\n\nfunction getConfigurationApplyArgs(\n node: EntityValue<typeof common.serverEntity>,\n machineConfiguration: Output<string>,\n): machine.ConfigurationApplyArgs {\n const ipEndpoint = node.endpoints.find(endpoint => endpoint.type !== \"hostname\")\n if (!ipEndpoint) {\n throw new Error(`No IP endpoint found for node ${node.hostname}`)\n }\n\n return {\n clientConfiguration: secrets.clientConfiguration,\n machineConfigurationInput: machineConfiguration,\n node: l3EndpointToString(ipEndpoint),\n configPatches: [\n JSON.stringify({\n machine: { network: { hostname: node.hostname } },\n }),\n ],\n }\n}\n\nconst provider = new Provider(name, { kubeconfig })\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nconst kubeConfig = new KubeConfig()\nkubeConfig.loadFromString(await toPromise(kubeconfig))\n\nconst endpoints = uniqueBy(\n [...workers, ...masters].flatMap(server => server.endpoints),\n l3EndpointToString,\n)\n\nconst apiEndpoints = uniqueBy(\n masters.flatMap(server => server.endpoints.map(endpoint => l3ToL4Endpoint(endpoint, 6443))),\n l4EndpointToString,\n)\n\nexport default outputs({\n k8sCluster: {\n id: kubeSystem.metadata.uid,\n name: clusterName,\n cni: cni === \"cilium\" ? \"cilium\" : \"other\",\n\n externalIps: filterEndpoints(endpoints, [\"public\", \"external\"])\n .filter(endpoint => endpoint.type !== \"hostname\")\n .map(l3EndpointToString),\n\n endpoints,\n apiEndpoints,\n\n quirks: {\n tunDevicePolicy: {\n type: \"plugin\",\n resourceName: \"squat.ai/tun\",\n resourceValue: \"1\",\n },\n },\n\n kubeconfig,\n },\n\n talosCluster: {\n clientConfiguration,\n machineSecrets,\n },\n\n endpoints,\n apiEndpoints,\n\n $terminals: {\n management: {\n title: \"Cluster Management\",\n image: \"ghcr.io/exeteres/highstate/terminal-talosctl\",\n command: [\"bash\", \"/welcome.sh\"],\n files: {\n \"/kubeconfig\": kubeconfig,\n \"/talosconfig\": clientConfiguration,\n \"/secrets\": machineSecrets,\n\n \"/welcome.sh\": text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo \"Use 'talosctl' to manage the Talos side of the cluster.\"\n echo\n\n exec bash\n `,\n },\n env: {\n KUBECONFIG: \"/kubeconfig\",\n TALOSCONFIG: \"/talosconfig\",\n },\n },\n },\n\n $status: {\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"],"mappings":";AACA,SAAS,gBAAgB;AACzB,SAAS,KAAK,SAAS,QAAgB,iBAAiB;AACxD,SAAiB,aAAa;AAC9B,SAAS,SAAS,eAAe;AACjC,SAAS,YAAY;AACrB,SAAS,qBAAqB;AAC9B,SAAS,MAAM,gBAAgB;AAC/B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,kBAAkB;AAC3B,SAAS,gBAAgB;AAEzB,IAAM,EAAE,MAAM,MAAM,QAAQ,QAAQ,IAAI,QAAQ,MAAM,OAAO;AAE7D,IAAM,EAAE,SAAS,QAAQ,IAAI,MAAM,UAAU,MAAM;AAEnD,IAAM,MAAM,KAAK,OAAO;AACxB,IAAM,MAAM,KAAK,OAAO;AAcxB,IAAM,kBAAoC,CAAC;AAC3C,IAAM,cAA4B,CAAC;AAEnC,IAAI,QAAQ,UAAU;AACpB,QAAM,EAAE,MAAM,IAAI,MAAM,OAAO,mBAAmB;AAElD,QAAM,SAAS,IAAI,cAAc,UAAU;AAAA,IACzC,WAAW;AAAA,IACX;AAAA,IAEA,QAAQ;AAAA,MACN,aAAa;AAAA;AAAA,MAEb,sBAAsB;AAAA,MACtB,qBAAqB;AAAA,MACrB,wBAAwB;AAAA,MACxB,qBAAqB;AAAA,MACrB,4CACE;AAAA,MACF,iDAAiD;AAAA,MACjD,4BAA4B;AAAA,MAC5B,mBAAmB;AAAA;AAAA;AAAA;AAAA,MAInB,kCAAkC;AAAA,IACpC;AAAA,EACF,CAAC;AAED,kBAAgB,KAAK;AAAA,IACnB,MAAM;AAAA,IACN,UAAU,OAAO;AAAA,EACnB,CAAC;AACH;AAEA,IAAI,QAAQ,0BAA0B;AACpC,cAAY,KAAK;AAAA,IACf,aAAa;AAAA,IACb,MAAM;AAAA,IACN,QAAQ;AAAA,IACR,SAAS,CAAC,QAAQ,WAAW,IAAI;AAAA,EACnC,CAAC;AAED,kBAAgB,KAAK;AAAA,IACnB,MAAM;AAAA,IACN,UAAU,MAAM,SAAS,4CAA4C,OAAO;AAAA,EAC9E,CAAC;AACH;AAEA,IAAI,KAAK,uBAAuB;AAC9B,kBAAgB,KAAK;AAAA,IACnB,MAAM;AAAA,IACN,UAAU,MAAM,SAAS,uCAAuC,OAAO;AAAA,EACzE,CAAC;AACH;AAEA,IAAM,cAAc,KAAK,eAAe;AAExC,IAAM,oBAAoB,OAAO;AAAA,EAC/B,SAAS;AAAA,IACP,SAAS;AAAA,MACP,OAAO;AAAA,MACP,YAAY,CAAC,EAAE,OAAO,4CAA4C,CAAC;AAAA,IACrE;AAAA,IACA,SAAS;AAAA,MACP;AAAA,IACF;AAAA,EACF;AAAA,EACA,SAAS;AAAA,IACP,0BACE,KAAK,4BAA4B,oBAC7B,QAAQ,WAAW,IACnB,KAAK,4BAA4B;AAAA,IACvC;AAAA,IACA,SAAS,QAAQ,YAAY,EAAE,KAAK,EAAE,MAAM,OAAO,EAAE,IAAI;AAAA;AAAA,EAE3D;AACF,CAAC,EAAE,MAAM,KAAK,SAAS;AAEvB,IAAM,UAAU,IAAI,QAAQ,QAAQ,WAAW,EAAE,cAAc,SAAS,CAAC;AAEzE,IAAM,cAAc,WAAW,mBAAmB,QAAQ,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;AAE1E,IAAM,eAAe,iBAAiB,cAAc;AACpD,IAAM,eAAe,iBAAiB,QAAQ;AAE9C,IAAM,gBAAgB,OAAO,QAAQ,MAAM,CAAAA,aAAW;AACpD,MAAI,CAACA,SAAQ,QAAQ;AACnB,UAAM,IAAI,MAAM,uCAAuC;AAAA,EACzD;AAEA,SAAOA,SAAQ,IAAI,YAAU;AAC3B,WAAO,IAAI,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,0BAA0B,QAAQ,aAAa,oBAAoB;AAAA,IACrE;AAAA,EACF,CAAC;AACH,CAAC;AAED,IAAM,YAAY,IAAI,QAAQ;AAAA,EAC5B;AAAA,EACA;AAAA,IACE,qBAAqB,QAAQ;AAAA,IAC7B,MAAM,cAAc,CAAC,EAAE;AAAA,EACzB;AAAA,EACA,EAAE,WAAW,cAAc;AAC7B;AAEA,IAAM,gBAAgB,OAAO,QAAQ,MAAM,CAAAC,aAAW;AACpD,SAAOA,SAAQ,IAAI,YAAU;AAC3B,WAAO,IAAI,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,0BAA0B,QAAQ,aAAa,oBAAoB;AAAA,MACnE,EAAE,WAAW,UAAU;AAAA,IACzB;AAAA,EACF,CAAC;AACH,CAAC;AAGD,IAAM,aAAa,IAAI;AAAA,EACrB,QAAQ,oBAAoB;AAAA,IAC1B,qBAAqB,QAAQ;AAAA,IAC7B,MAAM,cAAc,CAAC,EAAE;AAAA,EACzB,CAAC;AAAA,EACD,QAAQ,gBAAgB;AAAA,IACtB,qBAAqB,QAAQ;AAAA,IAC7B,WAAW,cAAc,MAAM,CAAAC,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,IAC9E,mBAAmB,cAAc,MAAM,CAAAA,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,IACtF,aAAa,cAAc,MAAM,CAAAC,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,EAClF,CAAC;AACH,CAAC,EAAE,MAAM,CAAC,CAACC,WAAU,MAAMA,YAAW,aAAa;AAEnD,IAAM,sBAAsB,OAAO;AAAA,EACjC,SAAS;AAAA,EACT,UAAU;AAAA,IACR,CAAC,WAAW,GAAG;AAAA,MACb,WAAW,cAAc,MAAM,CAAAF,mBAAiBA,eAAc,IAAI,OAAK,EAAE,IAAI,CAAC;AAAA,MAC9E,IAAI,QAAQ,oBAAoB;AAAA,MAChC,KAAK,QAAQ,oBAAoB;AAAA,MACjC,KAAK,QAAQ,oBAAoB;AAAA,IACnC;AAAA,EACF;AACF,CAAC,EAAE,MAAM,KAAK,SAAS;AAEvB,IAAM,iBAAiB,QAAQ,eAAe,MAAM,KAAK,SAAS;AAElE,SAAS,iBAAiB,aAAqB;AAC7C,QAAM,gBAAiC,CAAC,iBAAiB;AAEzD,MAAI,KAAK,qBAAqB,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAAG;AAC5E,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,MACE,gBAAgB,kBAChB,KAAK,qBACL,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAC7C;AACA,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,MACE,gBAAgB,YAChB,KAAK,qBACL,OAAO,KAAK,KAAK,iBAAiB,EAAE,SAAS,GAC7C;AACA,kBAAc,KAAK,KAAK,UAAU,KAAK,iBAAiB,CAAC;AAAA,EAC3D;AAEA,SAAO,QAAQ,uBAAuB;AAAA,IACpC,iBAAiB;AAAA,IACjB,gBAAgB,QAAQ;AAAA,IACxB;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd;AAAA,EACF,CAAC;AACH;AAEA,SAAS,0BACP,MACA,sBACgC;AAChC,QAAM,aAAa,KAAK,UAAU,KAAK,cAAY,SAAS,SAAS,UAAU;AAC/E,MAAI,CAAC,YAAY;AACf,UAAM,IAAI,MAAM,iCAAiC,KAAK,QAAQ,EAAE;AAAA,EAClE;AAEA,SAAO;AAAA,IACL,qBAAqB,QAAQ;AAAA,IAC7B,2BAA2B;AAAA,IAC3B,MAAM,mBAAmB,UAAU;AAAA,IACnC,eAAe;AAAA,MACb,KAAK,UAAU;AAAA,QACb,SAAS,EAAE,SAAS,EAAE,UAAU,KAAK,SAAS,EAAE;AAAA,MAClD,CAAC;AAAA,IACH;AAAA,EACF;AACF;AAEA,IAAM,WAAW,IAAI,SAAS,MAAM,EAAE,WAAW,CAAC;AAClD,IAAM,aAAa,KAAK,GAAG,UAAU,IAAI,eAAe,eAAe,EAAE,SAAS,CAAC;AAEnF,IAAM,aAAa,IAAI,WAAW;AAClC,WAAW,eAAe,MAAM,UAAU,UAAU,CAAC;AAErD,IAAM,YAAY;AAAA,EAChB,CAAC,GAAG,SAAS,GAAG,OAAO,EAAE,QAAQ,YAAU,OAAO,SAAS;AAAA,EAC3D;AACF;AAEA,IAAM,eAAe;AAAA,EACnB,QAAQ,QAAQ,YAAU,OAAO,UAAU,IAAI,cAAY,eAAe,UAAU,IAAI,CAAC,CAAC;AAAA,EAC1F;AACF;AAEA,IAAO,kBAAQ,QAAQ;AAAA,EACrB,YAAY;AAAA,IACV,IAAI,WAAW,SAAS;AAAA,IACxB,MAAM;AAAA,IACN,KAAK,QAAQ,WAAW,WAAW;AAAA,IAEnC,aAAa,gBAAgB,WAAW,CAAC,UAAU,UAAU,CAAC,EAC3D,OAAO,cAAY,SAAS,SAAS,UAAU,EAC/C,IAAI,kBAAkB;AAAA,IAEzB;AAAA,IACA;AAAA,IAEA,QAAQ;AAAA,MACN,iBAAiB;AAAA,QACf,MAAM;AAAA,QACN,cAAc;AAAA,QACd,eAAe;AAAA,MACjB;AAAA,IACF;AAAA,IAEA;AAAA,EACF;AAAA,EAEA,cAAc;AAAA,IACZ;AAAA,IACA;AAAA,EACF;AAAA,EAEA;AAAA,EACA;AAAA,EAEA,YAAY;AAAA,IACV,YAAY;AAAA,MACV,OAAO;AAAA,MACP,OAAO;AAAA,MACP,SAAS,CAAC,QAAQ,aAAa;AAAA,MAC/B,OAAO;AAAA,QACL,eAAe;AAAA,QACf,gBAAgB;AAAA,QAChB,YAAY;AAAA,QAEZ,eAAe;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAUjB;AAAA,MACA,KAAK;AAAA,QACH,YAAY;AAAA,QACZ,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AAAA,EAEA,SAAS;AAAA,IACP,WAAW,UAAU,IAAI,kBAAkB;AAAA,IAC3C,cAAc,aAAa,IAAI,kBAAkB;AAAA,EACnD;AACF,CAAC;","names":["masters","workers","masterApplies","workerApplies","kubeconfig"]}
1
+ {"version":3,"sources":["../../src/cluster/index.ts"],"names":["masters","workers","masterApplies","workerApplies","kubeconfig"],"mappings":";;;;;;;;;;;;AAiBA,IAAM,EAAE,MAAM,IAAM,EAAA,MAAA,EAAQ,SAAY,GAAA,OAAA,CAAQ,MAAM,OAAO,CAAA;AAE7D,IAAM,EAAE,OAAS,EAAA,OAAA,EAAY,GAAA,MAAM,UAAU,MAAM,CAAA;AAEnD,IAAM,GAAA,GAAM,KAAK,GAAO,IAAA,QAAA;AACxB,IAAM,GAAA,GAAM,KAAK,GAAO,IAAA,wBAAA;AAcxB,IAAM,kBAAoC,EAAC;AAC3C,IAAM,cAA4B,EAAC;AAEnC,IAAI,QAAQ,QAAU,EAAA;AACpB,EAAA,MAAM,EAAE,KAAA,EAAU,GAAA,MAAM,OAAO,mBAAmB,CAAA;AAElD,EAAM,MAAA,MAAA,GAAS,IAAI,aAAA,CAAc,QAAU,EAAA;AAAA,IACzC,SAAW,EAAA,aAAA;AAAA,IACX,KAAA;AAAA,IAEA,MAAQ,EAAA;AAAA,MACN,WAAa,EAAA,YAAA;AAAA;AAAA,MAEb,oBAAsB,EAAA,OAAA;AAAA,MACtB,mBAAqB,EAAA,GAAA;AAAA,MACrB,sBAAwB,EAAA,MAAA;AAAA,MACxB,mBAAqB,EAAA,MAAA;AAAA,MACrB,0CACE,EAAA,kGAAA;AAAA,MACF,+CAAiD,EAAA,oCAAA;AAAA,MACjD,0BAA4B,EAAA,OAAA;AAAA,MAC5B,iBAAmB,EAAA,gBAAA;AAAA;AAAA;AAAA;AAAA,MAInB,gCAAkC,EAAA;AAAA;AACpC,GACD,CAAA;AAED,EAAA,eAAA,CAAgB,IAAK,CAAA;AAAA,IACnB,IAAM,EAAA,QAAA;AAAA,IACN,UAAU,MAAO,CAAA;AAAA,GAClB,CAAA;AACH;AAEA,IAAI,QAAQ,wBAA0B,EAAA;AACpC,EAAA,WAAA,CAAY,IAAK,CAAA;AAAA,IACf,WAAa,EAAA,iCAAA;AAAA,IACb,IAAM,EAAA,MAAA;AAAA,IACN,MAAQ,EAAA,iCAAA;AAAA,IACR,OAAS,EAAA,CAAC,MAAQ,EAAA,SAAA,EAAW,IAAI;AAAA,GAClC,CAAA;AAED,EAAA,eAAA,CAAgB,IAAK,CAAA;AAAA,IACnB,IAAM,EAAA,wBAAA;AAAA,IACN,QAAU,EAAA,MAAM,QAAS,CAAA,0CAAA,EAA4C,OAAO;AAAA,GAC7E,CAAA;AACH;AAEA,IAAI,KAAK,qBAAuB,EAAA;AAC9B,EAAA,eAAA,CAAgB,IAAK,CAAA;AAAA,IACnB,IAAM,EAAA,mBAAA;AAAA,IACN,QAAU,EAAA,MAAM,QAAS,CAAA,qCAAA,EAAuC,OAAO;AAAA,GACxE,CAAA;AACH;AAEA,IAAM,WAAA,GAAc,KAAK,WAAe,IAAA,IAAA;AAExC,IAAM,oBAAoB,MAAO,CAAA;AAAA,EAC/B,OAAS,EAAA;AAAA,IACP,OAAS,EAAA;AAAA,MACP,KACE,EAAA,8GAAA;AAAA,MACF,YAAA,EAAc,EAAE,IAAA,EAAM,OAAQ;AAAA,KAChC;AAAA,IACA,OAAS,EAAA;AAAA,MACP;AAAA;AACF,GACF;AAAA,EACA,OAAS,EAAA;AAAA,IACP,wBAAA,EACE,KAAK,uBAA4B,KAAA,iBAAA,GAC7B,QAAQ,MAAW,KAAA,CAAA,GACnB,KAAK,uBAA4B,KAAA,QAAA;AAAA,IACvC,eAAA;AAAA,IACA,OAAA,EAAS,QAAQ,SAAY,GAAA,EAAE,KAAK,EAAE,IAAA,EAAM,MAAO,EAAA,EAAM,GAAA;AAAA;AAAA;AAG7D,CAAC,CAAA,CAAE,KAAM,CAAA,IAAA,CAAK,SAAS,CAAA;AAEvB,IAAM,OAAA,GAAU,IAAI,OAAQ,CAAA,OAAA,CAAQ,WAAW,EAAE,YAAA,EAAc,WAAW,CAAA;AAE1E,IAAM,WAAA,GAAc,WAAW,kBAAmB,CAAA,OAAA,CAAQ,CAAC,CAAE,CAAA,SAAA,CAAU,CAAC,CAAC,CAAC,CAAA,KAAA,CAAA;AAE1E,IAAM,YAAA,GAAe,iBAAiB,cAAc,CAAA;AACpD,IAAM,YAAA,GAAe,iBAAiB,QAAQ,CAAA;AAE9C,IAAM,aAAgB,GAAA,MAAA,CAAO,OAAQ,CAAA,KAAA,CAAM,CAAAA,QAAW,KAAA;AACpD,EAAI,IAAA,CAACA,SAAQ,MAAQ,EAAA;AACnB,IAAM,MAAA,IAAI,MAAM,uCAAuC,CAAA;AAAA;AAGzD,EAAOA,OAAAA,QAAAA,CAAQ,IAAI,CAAU,MAAA,KAAA;AAC3B,IAAA,OAAO,IAAI,OAAQ,CAAA,kBAAA;AAAA,MACjB,MAAO,CAAA,QAAA;AAAA,MACP,yBAAA,CAA0B,MAAQ,EAAA,YAAA,CAAa,oBAAoB;AAAA,KACrE;AAAA,GACD,CAAA;AACH,CAAC,CAAA;AAED,IAAM,SAAA,GAAY,IAAI,OAAQ,CAAA,SAAA;AAAA,EAC5B,WAAA;AAAA,EACA;AAAA,IACE,qBAAqB,OAAQ,CAAA,mBAAA;AAAA,IAC7B,IAAA,EAAM,aAAc,CAAA,CAAC,CAAE,CAAA;AAAA,GACzB;AAAA,EACA,EAAE,WAAW,aAAc;AAC7B,CAAA;AAEA,IAAM,aAAgB,GAAA,MAAA,CAAO,OAAQ,CAAA,KAAA,CAAM,CAAAC,QAAW,KAAA;AACpD,EAAOA,OAAAA,QAAAA,CAAQ,IAAI,CAAU,MAAA,KAAA;AAC3B,IAAA,OAAO,IAAI,OAAQ,CAAA,kBAAA;AAAA,MACjB,MAAO,CAAA,QAAA;AAAA,MACP,yBAAA,CAA0B,MAAQ,EAAA,YAAA,CAAa,oBAAoB,CAAA;AAAA,MACnE,EAAE,WAAW,SAAU;AAAA,KACzB;AAAA,GACD,CAAA;AACH,CAAC,CAAA;AAGD,IAAM,aAAa,GAAI,CAAA;AAAA,EACrB,QAAQ,mBAAoB,CAAA;AAAA,IAC1B,qBAAqB,OAAQ,CAAA,mBAAA;AAAA,IAC7B,IAAA,EAAM,aAAc,CAAA,CAAC,CAAE,CAAA;AAAA,GACxB,CAAA;AAAA,EACD,QAAQ,eAAgB,CAAA;AAAA,IACtB,qBAAqB,OAAQ,CAAA,mBAAA;AAAA,IAC7B,SAAA,EAAW,aAAc,CAAA,KAAA,CAAM,CAAAC,cAAAA,KAAiBA,eAAc,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,IAAI,CAAC,CAAA;AAAA,IAC9E,iBAAA,EAAmB,aAAc,CAAA,KAAA,CAAM,CAAAA,cAAAA,KAAiBA,eAAc,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,IAAI,CAAC,CAAA;AAAA,IACtF,WAAA,EAAa,aAAc,CAAA,KAAA,CAAM,CAAAC,cAAAA,KAAiBA,eAAc,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,IAAI,CAAC;AAAA,GACjF;AACH,CAAC,EAAE,KAAM,CAAA,CAAC,CAACC,WAAU,CAAA,KAAMA,YAAW,aAAa,CAAA;AAEnD,IAAM,sBAAsB,MAAO,CAAA;AAAA,EACjC,OAAS,EAAA,WAAA;AAAA,EACT,QAAU,EAAA;AAAA,IACR,CAAC,WAAW,GAAG;AAAA,MACb,SAAA,EAAW,aAAc,CAAA,KAAA,CAAM,CAAAF,cAAAA,KAAiBA,eAAc,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,IAAI,CAAC,CAAA;AAAA,MAC9E,EAAA,EAAI,QAAQ,mBAAoB,CAAA,aAAA;AAAA,MAChC,GAAA,EAAK,QAAQ,mBAAoB,CAAA,iBAAA;AAAA,MACjC,GAAA,EAAK,QAAQ,mBAAoB,CAAA;AAAA;AACnC;AAEJ,CAAC,CAAA,CAAE,KAAM,CAAA,IAAA,CAAK,SAAS,CAAA;AAEvB,IAAM,cAAiB,GAAA,OAAA,CAAQ,cAAe,CAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAElE,SAAS,iBAAiB,WAAqB,EAAA;AAC7C,EAAM,MAAA,aAAA,GAAiC,CAAC,iBAAiB,CAAA;AAEzD,EAAI,IAAA,IAAA,CAAK,qBAAqB,MAAO,CAAA,IAAA,CAAK,KAAK,iBAAiB,CAAA,CAAE,SAAS,CAAG,EAAA;AAC5E,IAAA,aAAA,CAAc,IAAK,CAAA,IAAA,CAAK,SAAU,CAAA,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA;AAG3D,EACE,IAAA,WAAA,KAAgB,cAChB,IAAA,IAAA,CAAK,iBACL,IAAA,MAAA,CAAO,KAAK,IAAK,CAAA,iBAAiB,CAAE,CAAA,MAAA,GAAS,CAC7C,EAAA;AACA,IAAA,aAAA,CAAc,IAAK,CAAA,IAAA,CAAK,SAAU,CAAA,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA;AAG3D,EACE,IAAA,WAAA,KAAgB,QAChB,IAAA,IAAA,CAAK,iBACL,IAAA,MAAA,CAAO,KAAK,IAAK,CAAA,iBAAiB,CAAE,CAAA,MAAA,GAAS,CAC7C,EAAA;AACA,IAAA,aAAA,CAAc,IAAK,CAAA,IAAA,CAAK,SAAU,CAAA,IAAA,CAAK,iBAAiB,CAAC,CAAA;AAAA;AAG3D,EAAA,OAAO,QAAQ,sBAAuB,CAAA;AAAA,IACpC,eAAiB,EAAA,WAAA;AAAA,IACjB,gBAAgB,OAAQ,CAAA,cAAA;AAAA,IACxB,WAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAc,EAAA,SAAA;AAAA,IACd;AAAA,GACD,CAAA;AACH;AAEA,SAAS,yBAAA,CACP,MACA,oBACgC,EAAA;AAChC,EAAA,MAAM,aAAa,IAAK,CAAA,SAAA,CAAU,KAAK,CAAY,QAAA,KAAA,QAAA,CAAS,SAAS,UAAU,CAAA;AAC/E,EAAA,IAAI,CAAC,UAAY,EAAA;AACf,IAAA,MAAM,IAAI,KAAA,CAAM,CAAiC,8BAAA,EAAA,IAAA,CAAK,QAAQ,CAAE,CAAA,CAAA;AAAA;AAGlE,EAAO,OAAA;AAAA,IACL,qBAAqB,OAAQ,CAAA,mBAAA;AAAA,IAC7B,yBAA2B,EAAA,oBAAA;AAAA,IAC3B,IAAA,EAAM,mBAAmB,UAAU,CAAA;AAAA,IACnC,aAAe,EAAA;AAAA,MACb,KAAK,SAAU,CAAA;AAAA,QACb,SAAS,EAAE,OAAA,EAAS,EAAE,QAAU,EAAA,IAAA,CAAK,UAAW;AAAA,OACjD;AAAA;AACH,GACF;AACF;AAEA,IAAM,WAAW,IAAI,QAAA,CAAS,IAAM,EAAA,EAAE,YAAY,CAAA;AAClD,IAAM,UAAA,GAAa,KAAK,EAAG,CAAA,SAAA,CAAU,IAAI,aAAe,EAAA,aAAA,EAAe,EAAE,QAAA,EAAU,CAAA;AAEnF,IAAM,UAAA,GAAa,IAAI,UAAW,EAAA;AAClC,UAAA,CAAW,cAAe,CAAA,MAAM,SAAU,CAAA,UAAU,CAAC,CAAA;AAErD,IAAM,SAAY,GAAA,QAAA;AAAA,EAChB,CAAC,GAAG,OAAS,EAAA,GAAG,OAAO,CAAE,CAAA,OAAA,CAAQ,CAAU,MAAA,KAAA,MAAA,CAAO,SAAS,CAAA;AAAA,EAC3D;AACF,CAAA;AAEA,IAAM,YAAe,GAAA,QAAA;AAAA,EACnB,OAAA,CAAQ,OAAQ,CAAA,CAAA,MAAA,KAAU,MAAO,CAAA,SAAA,CAAU,GAAI,CAAA,CAAA,QAAA,KAAY,cAAe,CAAA,QAAA,EAAU,IAAI,CAAC,CAAC,CAAA;AAAA,EAC1F;AACF,CAAA;AAEA,IAAO,kBAAQ,OAAQ,CAAA;AAAA,EACrB,UAAY,EAAA;AAAA,IACV,EAAA,EAAI,WAAW,QAAS,CAAA,GAAA;AAAA,IACxB,IAAM,EAAA,WAAA;AAAA,IACN,GAAA,EAAK,GAAQ,KAAA,QAAA,GAAW,QAAW,GAAA,OAAA;AAAA,IAEnC,WAAa,EAAA,eAAA,CAAgB,SAAW,EAAA,CAAC,UAAU,UAAU,CAAC,CAC3D,CAAA,MAAA,CAAO,cAAY,QAAS,CAAA,IAAA,KAAS,UAAU,CAAA,CAC/C,IAAI,kBAAkB,CAAA;AAAA,IAEzB,SAAA;AAAA,IACA,YAAA;AAAA,IAEA,MAAQ,EAAA;AAAA,MACN,eAAiB,EAAA;AAAA,QACf,IAAM,EAAA,QAAA;AAAA,QACN,YAAc,EAAA,cAAA;AAAA,QACd,aAAe,EAAA;AAAA;AACjB,KACF;AAAA,IAEA;AAAA,GACF;AAAA,EAEA,YAAc,EAAA;AAAA,IACZ,mBAAA;AAAA,IACA;AAAA,GACF;AAAA,EAEA,SAAA;AAAA,EACA,YAAA;AAAA,EAEA,UAAY,EAAA;AAAA,IACV,UAAY,EAAA;AAAA,MACV,KAAO,EAAA,oBAAA;AAAA,MACP,WAAa,EAAA,+CAAA;AAAA,MACb,IAAM,EAAA,eAAA;AAAA,MAEN,KAAO,EAAA,8CAAA;AAAA,MACP,OAAA,EAAS,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA,MAE/B,KAAO,EAAA;AAAA,QACL,aAAe,EAAA,UAAA;AAAA,QACf,cAAgB,EAAA,mBAAA;AAAA,QAChB,UAAY,EAAA,cAAA;AAAA,QAEZ,aAAe,EAAA,IAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;;AAAA;AAAA,QAAA;AAAA,OAUjB;AAAA,MAEA,GAAK,EAAA;AAAA,QACH,UAAY,EAAA,aAAA;AAAA,QACZ,WAAa,EAAA;AAAA;AACf;AACF,GACF;AAAA,EAEA,aAAe,EAAA;AAAA,IACb,SAAA,EAAW,SAAU,CAAA,GAAA,CAAI,kBAAkB,CAAA;AAAA,IAC3C,YAAA,EAAc,YAAa,CAAA,GAAA,CAAI,kBAAkB;AAAA;AAErD,CAAC","file":"index.js","sourcesContent":["import type { EntityValue, Input } from \"@highstate/pulumi\"\nimport { readFile } from \"node:fs/promises\"\nimport { all, forUnit, output, Output, toPromise } from \"@highstate/pulumi\"\nimport { common, talos } from \"@highstate/library\"\nimport { cluster, machine } from \"@pulumiverse/talos\"\nimport { text } from \"@highstate/contract\"\nimport { RenderedChart } from \"@highstate/k8s\"\nimport { core, Provider } from \"@pulumi/kubernetes\"\nimport {\n filterEndpoints,\n l3EndpointToString,\n l3ToL4Endpoint,\n l4EndpointToString,\n} from \"@highstate/common\"\nimport { KubeConfig } from \"@kubernetes/client-node\"\nimport { uniqueBy } from \"remeda\"\n\nconst { name, args, inputs, outputs } = forUnit(talos.cluster)\n\nconst { masters, workers } = await toPromise(inputs)\n\nconst cni = args.cni ?? \"cilium\"\nconst csi = args.csi ?? \"local-path-provisioner\"\n\ninterface InlineManifest {\n name: string\n contents: Input<string>\n}\n\ninterface ExtraMount {\n destination: string\n type: string\n source: string\n options: string[]\n}\n\nconst inlineManifests: InlineManifest[] = []\nconst extraMounts: ExtraMount[] = []\n\nif (cni === \"cilium\") {\n const { chart } = await import(\"@highstate/cilium\")\n\n const cilium = new RenderedChart(\"cilium\", {\n namespace: \"kube-system\",\n chart,\n\n values: {\n \"ipam.mode\": \"kubernetes\",\n // \"kubeProxyReplacement\": \"true\",\n kubeProxyReplacement: \"false\",\n \"operator.replicas\": \"1\",\n \"hubble.relay.enabled\": \"true\",\n \"hubble.ui.enabled\": \"true\",\n \"securityContext.capabilities.ciliumAgent\":\n \"{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}\",\n \"securityContext.capabilities.cleanCiliumState\": \"{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}\",\n \"cgroup.autoMount.enabled\": \"false\",\n \"cgroup.hostRoot\": \"/sys/fs/cgroup\",\n // \"k8sServiceHost\": \"localhost\",\n // \"k8sServicePort\": \"7445\",\n // \"bpf.lbExternalClusterIP\": \"true\",\n \"dnsProxy.dnsRejectResponseCode\": \"nameError\",\n },\n })\n\n inlineManifests.push({\n name: \"cilium\",\n contents: cilium.manifest,\n })\n}\n\nif (csi === \"local-path-provisioner\") {\n extraMounts.push({\n destination: \"/var/lib/local-path-provisioner\",\n type: \"bind\",\n source: \"/var/lib/local-path-provisioner\",\n options: [\"bind\", \"rshared\", \"rw\"],\n })\n\n inlineManifests.push({\n name: \"local-path-provisioner\",\n contents: await readFile(\"../../assets/local-path-provisioner.yaml\", \"utf-8\"),\n })\n}\n\nif (args.enableTunDevicePlugin) {\n inlineManifests.push({\n name: \"tun-device-plugin\",\n contents: await readFile(\"../../assets/tun-device-plugin.yaml\", \"utf-8\"),\n })\n}\n\nconst clusterName = args.clusterName ?? name\n\nconst globalConfigPatch = output({\n machine: {\n install: {\n image:\n \"factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.10.4\",\n diskSelector: { size: \"> 4GB\" },\n },\n kubelet: {\n extraMounts,\n },\n },\n cluster: {\n allowSchedulingOnMasters:\n args.scheduleOnMastersPolicy === \"when-no-workers\"\n ? workers.length === 0\n : args.scheduleOnMastersPolicy === \"always\",\n inlineManifests,\n network: cni !== \"flannel\" ? { cni: { name: \"none\" } } : undefined,\n // proxy: cni === \"cilium\" ? { disabled: true } : undefined,\n },\n}).apply(JSON.stringify)\n\nconst secrets = new machine.Secrets(\"secrets\", { talosVersion: \"v1.10.4\" })\n\nconst apiEndpoint = `https://${l3EndpointToString(masters[0].endpoints[0])}:6443`\n\nconst masterConfig = getConfiguration(\"controlplane\")\nconst workerConfig = getConfiguration(\"worker\")\n\nconst masterApplies = inputs.masters.apply(masters => {\n if (!masters.length) {\n throw new Error(\"At least one master node is required.\")\n }\n\n return masters.map(master => {\n return new machine.ConfigurationApply(\n master.hostname,\n getConfigurationApplyArgs(master, masterConfig.machineConfiguration),\n )\n })\n})\n\nconst bootstrap = new machine.Bootstrap(\n \"bootstrap\",\n {\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n },\n { dependsOn: masterApplies },\n)\n\nconst workerApplies = inputs.workers.apply(workers => {\n return workers.map(worker => {\n return new machine.ConfigurationApply(\n worker.hostname,\n getConfigurationApplyArgs(worker, workerConfig.machineConfiguration),\n { dependsOn: bootstrap },\n )\n })\n})\n\n// Check the health of the cluster and export the kubeconfig\nconst kubeconfig = all([\n cluster.getKubeconfigOutput({\n clientConfiguration: secrets.clientConfiguration,\n node: masterApplies[0].node,\n }),\n cluster.getHealthOutput({\n clientConfiguration: secrets.clientConfiguration,\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n controlPlaneNodes: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n workerNodes: workerApplies.apply(workerApplies => workerApplies.map(x => x.node)),\n }),\n]).apply(([kubeconfig]) => kubeconfig.kubeconfigRaw)\n\nconst clientConfiguration = output({\n context: clusterName,\n contexts: {\n [clusterName]: {\n endpoints: masterApplies.apply(masterApplies => masterApplies.map(x => x.node)),\n ca: secrets.clientConfiguration.caCertificate,\n crt: secrets.clientConfiguration.clientCertificate,\n key: secrets.clientConfiguration.clientKey,\n },\n },\n}).apply(JSON.stringify)\n\nconst machineSecrets = secrets.machineSecrets.apply(JSON.stringify)\n\nfunction getConfiguration(machineType: string) {\n const configPatches: Input<string>[] = [globalConfigPatch]\n\n if (args.sharedConfigPatch && Object.keys(args.sharedConfigPatch).length > 0) {\n configPatches.push(JSON.stringify(args.sharedConfigPatch))\n }\n\n if (\n machineType === \"controlplane\" &&\n args.masterConfigPatch &&\n Object.keys(args.masterConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.masterConfigPatch))\n }\n\n if (\n machineType === \"worker\" &&\n args.workerConfigPatch &&\n Object.keys(args.workerConfigPatch).length > 0\n ) {\n configPatches.push(JSON.stringify(args.workerConfigPatch))\n }\n\n return machine.getConfigurationOutput({\n clusterEndpoint: apiEndpoint,\n machineSecrets: secrets.machineSecrets,\n clusterName,\n machineType,\n talosVersion: \"v1.10.4\",\n configPatches,\n })\n}\n\nfunction getConfigurationApplyArgs(\n node: EntityValue<typeof common.serverEntity>,\n machineConfiguration: Output<string>,\n): machine.ConfigurationApplyArgs {\n const ipEndpoint = node.endpoints.find(endpoint => endpoint.type !== \"hostname\")\n if (!ipEndpoint) {\n throw new Error(`No IP endpoint found for node ${node.hostname}`)\n }\n\n return {\n clientConfiguration: secrets.clientConfiguration,\n machineConfigurationInput: machineConfiguration,\n node: l3EndpointToString(ipEndpoint),\n configPatches: [\n JSON.stringify({\n machine: { network: { hostname: node.hostname } },\n }),\n ],\n }\n}\n\nconst provider = new Provider(name, { kubeconfig })\nconst kubeSystem = core.v1.Namespace.get(\"kube-system\", \"kube-system\", { provider })\n\nconst kubeConfig = new KubeConfig()\nkubeConfig.loadFromString(await toPromise(kubeconfig))\n\nconst endpoints = uniqueBy(\n [...workers, ...masters].flatMap(server => server.endpoints),\n l3EndpointToString,\n)\n\nconst apiEndpoints = uniqueBy(\n masters.flatMap(server => server.endpoints.map(endpoint => l3ToL4Endpoint(endpoint, 6443))),\n l4EndpointToString,\n)\n\nexport default outputs({\n k8sCluster: {\n id: kubeSystem.metadata.uid,\n name: clusterName,\n cni: cni === \"cilium\" ? \"cilium\" : \"other\",\n\n externalIps: filterEndpoints(endpoints, [\"public\", \"external\"])\n .filter(endpoint => endpoint.type !== \"hostname\")\n .map(l3EndpointToString),\n\n endpoints,\n apiEndpoints,\n\n quirks: {\n tunDevicePolicy: {\n type: \"plugin\",\n resourceName: \"squat.ai/tun\",\n resourceValue: \"1\",\n },\n },\n\n kubeconfig,\n },\n\n talosCluster: {\n clientConfiguration,\n machineSecrets,\n },\n\n endpoints,\n apiEndpoints,\n\n $terminals: {\n management: {\n title: \"Cluster Management\",\n description: \"Manage the cluster using kubectl and talosctl\",\n icon: \"devicon:talos\",\n\n image: \"ghcr.io/exeteres/highstate/terminal-talosctl\",\n command: [\"bash\", \"/welcome.sh\"],\n\n files: {\n \"/kubeconfig\": kubeconfig,\n \"/talosconfig\": clientConfiguration,\n \"/secrets\": machineSecrets,\n\n \"/welcome.sh\": text`\n echo \"Connecting to the cluster...\"\n kubectl cluster-info\n\n echo \"Use 'kubectl' and 'helm' to manage the cluster.\"\n echo \"Use 'talosctl' to manage the Talos side of the cluster.\"\n echo\n\n exec bash\n `,\n },\n\n env: {\n KUBECONFIG: \"/kubeconfig\",\n TALOSCONFIG: \"/talosconfig\",\n },\n },\n },\n\n $statusFields: {\n endpoints: endpoints.map(l3EndpointToString),\n apiEndpoints: apiEndpoints.map(l4EndpointToString),\n },\n})\n"]}
package/dist/highstate.manifest.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
2
  "sourceHashes": {
3
- "./dist/cluster/index.js": "901d6582a136eb1135fd4db9ae0c4cb73b3638aebc57e55ec04361488c5e7236"
3
+ "./dist/cluster/index.js": 3000348750
4
4
  }
5
5
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@highstate/talos",
3
- "version": "0.9.14",
3
+ "version": "0.9.16",
4
4
  "type": "module",
5
5
  "files": [
6
6
  "assets",
@@ -14,23 +14,24 @@
14
14
  },
15
15
  "scripts": {
16
16
  "build": "highstate build",
17
- "update-assets": "./scripts/update-assets.sh"
17
+ "update-assets": "./scripts/update-assets.sh",
18
+ "update-images": "../../scripts/update-images.sh ./assets/images.json"
18
19
  },
19
20
  "dependencies": {
20
- "@highstate/cilium": "^0.9.14",
21
- "@highstate/common": "^0.9.14",
22
- "@highstate/contract": "^0.9.14",
23
- "@highstate/k8s": "^0.9.14",
24
- "@highstate/library": "^0.9.14",
25
- "@highstate/pulumi": "^0.9.14",
21
+ "@highstate/cilium": "^0.9.16",
22
+ "@highstate/common": "^0.9.16",
23
+ "@highstate/contract": "^0.9.16",
24
+ "@highstate/k8s": "^0.9.16",
25
+ "@highstate/library": "^0.9.16",
26
+ "@highstate/pulumi": "^0.9.16",
26
27
  "@kubernetes/client-node": "^1.1.0",
27
28
  "@pulumi/command": "^1.0.2",
28
29
  "@pulumi/kubernetes": "^4.18.0",
29
- "@pulumiverse/talos": "^0.4.1",
30
+ "@pulumiverse/talos": "^0.6.0",
30
31
  "remeda": "^2.21.0"
31
32
  },
32
33
  "devDependencies": {
33
- "@highstate/cli": "^0.9.14"
34
+ "@highstate/cli": "^0.9.16"
34
35
  },
35
- "gitHead": "8b5d1079961cc5bf9cf8ea3c10f7313384e3a2ff"
36
+ "gitHead": "458d6f1f9f6d4aec0ba75a2b2c4c01408cb9c8df"
36
37
  }