@intentius/chant-lexicon-k8s 0.0.18 → 0.0.24

package/src/composites/azure-disk-storage-class.ts

@@ -4,6 +4,9 @@
  * @aks Creates a StorageClass with the `disk.csi.azure.com` provisioner.
  */
 
+import { Composite, mergeDefaults } from "@intentius/chant";
+import { StorageClass } from "../generated";
+
 export interface AzureDiskStorageClassProps {
   /** StorageClass name. */
   name: string;
@@ -21,10 +24,14 @@ export interface AzureDiskStorageClassProps {
   allowVolumeExpansion?: boolean;
   /** Additional labels. */
   labels?: Record<string, string>;
+  /** Per-member defaults for fine-grained overrides. */
+  defaults?: {
+    storageClass?: Partial<Record<string, unknown>>;
+  };
 }
 
 export interface AzureDiskStorageClassResult {
-  storageClass: Record<string, unknown>;
+  storageClass: InstanceType<typeof StorageClass>;
 }
 
 /**
@@ -42,7 +49,7 @@ export interface AzureDiskStorageClassResult {
  * });
  * ```
  */
-export function AzureDiskStorageClass(props: AzureDiskStorageClassProps): AzureDiskStorageClassResult {
+export const AzureDiskStorageClass = Composite<AzureDiskStorageClassProps>((props) => {
   const {
     name,
     skuName = "Premium_LRS",
@@ -52,6 +59,7 @@ export function AzureDiskStorageClass(props: AzureDiskStorageClassProps): AzureD
     volumeBindingMode = "WaitForFirstConsumer",
     allowVolumeExpansion = true,
     labels: extraLabels = {},
+    defaults: defs,
   } = props;
 
   const commonLabels: Record<string, string> = {
@@ -66,7 +74,7 @@ export function AzureDiskStorageClass(props: AzureDiskStorageClassProps): AzureD
     networkAccessPolicy,
   };
 
-  const storageClassProps: Record<string, unknown> = {
+  const storageClass = new StorageClass(mergeDefaults({
     metadata: {
       name,
       labels: { ...commonLabels, "app.kubernetes.io/component": "storage" },
@@ -76,7 +84,7 @@ export function AzureDiskStorageClass(props: AzureDiskStorageClassProps): AzureD
     reclaimPolicy,
     volumeBindingMode,
     allowVolumeExpansion,
-  };
+  }, defs?.storageClass));
 
-  return { storageClass: storageClassProps };
-}
+  return { storageClass };
+}, "AzureDiskStorageClass");

package/src/composites/azure-file-storage-class.ts

@@ -5,6 +5,9 @@
  * Azure Files provides ReadWriteMany access mode (shared across pods/nodes).
  */
 
+import { Composite, mergeDefaults } from "@intentius/chant";
+import { StorageClass } from "../generated";
+
 export interface AzureFileStorageClassProps {
   /** StorageClass name. */
   name: string;
@@ -18,10 +21,14 @@ export interface AzureFileStorageClassProps {
   reclaimPolicy?: string;
   /** Additional labels. */
   labels?: Record<string, string>;
+  /** Per-member defaults for fine-grained overrides. */
+  defaults?: {
+    storageClass?: Partial<Record<string, unknown>>;
+  };
 }
 
 export interface AzureFileStorageClassResult {
-  storageClass: Record<string, unknown>;
+  storageClass: InstanceType<typeof StorageClass>;
 }
 
 /**
@@ -40,7 +47,7 @@ export interface AzureFileStorageClassResult {
  * });
  * ```
  */
-export function AzureFileStorageClass(props: AzureFileStorageClassProps): AzureFileStorageClassResult {
+export const AzureFileStorageClass = Composite<AzureFileStorageClassProps>((props) => {
   const {
     name,
     skuName = "Premium_LRS",
@@ -48,6 +55,7 @@ export function AzureFileStorageClass(props: AzureFileStorageClassProps): AzureF
     shareName,
     reclaimPolicy = "Delete",
     labels: extraLabels = {},
+    defaults: defs,
   } = props;
 
   const commonLabels: Record<string, string> = {
@@ -63,7 +71,7 @@ export function AzureFileStorageClass(props: AzureFileStorageClassProps): AzureF
 
   if (shareName) parameters.shareName = shareName;
 
-  const storageClassProps: Record<string, unknown> = {
+  const storageClass = new StorageClass(mergeDefaults({
     metadata: {
       name,
       labels: { ...commonLabels, "app.kubernetes.io/component": "storage" },
@@ -71,7 +79,7 @@ export function AzureFileStorageClass(props: AzureFileStorageClassProps): AzureF
     provisioner: "file.csi.azure.com",
     parameters,
     reclaimPolicy,
-  };
+  }, defs?.storageClass));
 
-  return { storageClass: storageClassProps };
-}
+  return { storageClass };
+}, "AzureFileStorageClass");

package/src/composites/azure-monitor-collector.ts

@@ -5,6 +5,9 @@
  * Log Analytics workspace integration on AKS clusters.
  */
 
+import { Composite, mergeDefaults } from "@intentius/chant";
+import { DaemonSet, ServiceAccount, ClusterRole, ClusterRoleBinding, ConfigMap } from "../generated";
+
 export interface AzureMonitorCollectorProps {
   /** Azure Log Analytics workspace ID. */
   workspaceId: string;
@@ -28,14 +31,22 @@ export interface AzureMonitorCollectorProps {
   memoryLimit?: string;
   /** Azure AD client ID for Workload Identity (adds azure.workload.identity annotations to ServiceAccount). */
   clientId?: string;
+  /** Per-member defaults for fine-grained overrides. */
+  defaults?: {
+    daemonSet?: Partial<Record<string, unknown>>;
+    serviceAccount?: Partial<Record<string, unknown>>;
+    clusterRole?: Partial<Record<string, unknown>>;
+    clusterRoleBinding?: Partial<Record<string, unknown>>;
+    configMap?: Partial<Record<string, unknown>>;
+  };
 }
 
 export interface AzureMonitorCollectorResult {
-  daemonSet: Record<string, unknown>;
-  serviceAccount: Record<string, unknown>;
-  clusterRole: Record<string, unknown>;
-  clusterRoleBinding: Record<string, unknown>;
-  configMap: Record<string, unknown>;
+  daemonSet: InstanceType<typeof DaemonSet>;
+  serviceAccount: InstanceType<typeof ServiceAccount>;
+  clusterRole: InstanceType<typeof ClusterRole>;
+  clusterRoleBinding: InstanceType<typeof ClusterRoleBinding>;
+  configMap: InstanceType<typeof ConfigMap>;
 }
 
 /**
@@ -53,7 +64,7 @@ export interface AzureMonitorCollectorResult {
  * });
  * ```
  */
-export function AzureMonitorCollector(props: AzureMonitorCollectorProps): AzureMonitorCollectorResult {
+export const AzureMonitorCollector = Composite<AzureMonitorCollectorProps>((props) => {
   const {
     workspaceId,
     clusterName,
@@ -66,6 +77,7 @@ export function AzureMonitorCollector(props: AzureMonitorCollectorProps): AzureM
     cpuLimit = "500m",
     memoryLimit = "512Mi",
     clientId,
+    defaults: defs,
   } = props;
 
   const saName = `${name}-sa`;
@@ -137,7 +149,7 @@ service:
     ],
   };
 
-  const daemonSetProps: Record<string, unknown> = {
+  const daemonSet = new DaemonSet(mergeDefaults({
     metadata: {
       name,
       namespace,
@@ -157,7 +169,7 @@ service:
         },
       },
     },
-  };
+  }, defs?.daemonSet));
 
   const saLabels: Record<string, string> = {
     ...commonLabels,
@@ -168,16 +180,16 @@ service:
     saLabels["azure.workload.identity/use"] = "true";
   }
 
-  const serviceAccountProps: Record<string, unknown> = {
+  const serviceAccount = new ServiceAccount(mergeDefaults({
     metadata: {
       name: saName,
       namespace,
       labels: saLabels,
       ...(clientId ? { annotations: { "azure.workload.identity/client-id": clientId } } : {}),
     },
-  };
+  }, defs?.serviceAccount));
 
-  const clusterRoleProps: Record<string, unknown> = {
+  const clusterRole = new ClusterRole(mergeDefaults({
     metadata: {
       name: clusterRoleName,
       labels: { ...commonLabels, "app.kubernetes.io/component": "rbac" },
@@ -190,9 +202,9 @@ service:
       { apiGroups: [""], resources: ["nodes/stats", "configmaps", "events"], verbs: ["create", "get"] },
       { apiGroups: [""], resources: ["configmaps"], verbs: ["get", "update", "create"], resourceNames: ["otel-container-insight-clusterleader"] },
     ],
-  };
+  }, defs?.clusterRole));
 
-  const clusterRoleBindingProps: Record<string, unknown> = {
+  const clusterRoleBinding = new ClusterRoleBinding(mergeDefaults({
     metadata: {
       name: bindingName,
       labels: { ...commonLabels, "app.kubernetes.io/component": "rbac" },
@@ -209,9 +221,9 @@ service:
         namespace,
       },
     ],
-  };
+  }, defs?.clusterRoleBinding));
 
-  const configMapProps: Record<string, unknown> = {
+  const configMap = new ConfigMap(mergeDefaults({
     metadata: {
       name: configMapName,
       namespace,
@@ -220,13 +232,13 @@ service:
     data: {
       "config.yaml": collectorConfig,
     },
-  };
+  }, defs?.configMap));
 
   return {
-    daemonSet: daemonSetProps,
-    serviceAccount: serviceAccountProps,
-    clusterRole: clusterRoleProps,
-    clusterRoleBinding: clusterRoleBindingProps,
-    configMap: configMapProps,
+    daemonSet,
+    serviceAccount,
+    clusterRole,
+    clusterRoleBinding,
+    configMap,
   };
-}
+}, "AzureMonitorCollector");

package/src/composites/batch-job.ts

@@ -5,6 +5,8 @@
  * seed tasks, backups). For scheduled workloads, use CronWorkload instead.
  */
 
+import { Composite, mergeDefaults } from "@intentius/chant";
+import { Job, ServiceAccount, Role, RoleBinding } from "../generated";
 import type { ContainerSecurityContext } from "./security-context";
 
 /** Parse a K8s memory string (e.g. "256Mi", "1Gi") to bytes for comparison. */
@@ -68,13 +70,20 @@ export interface BatchJobProps {
   env?: Array<{ name: string; value: string }>;
   /** Container security context (supports PSS restricted fields). */
   securityContext?: ContainerSecurityContext;
+  /** Per-member defaults for fine-grained overrides. */
+  defaults?: {
+    job?: Partial<Record<string, unknown>>;
+    serviceAccount?: Partial<Record<string, unknown>>;
+    role?: Partial<Record<string, unknown>>;
+    roleBinding?: Partial<Record<string, unknown>>;
+  };
 }
 
 export interface BatchJobResult {
-  job: Record<string, unknown>;
-  serviceAccount?: Record<string, unknown>;
-  role?: Record<string, unknown>;
-  roleBinding?: Record<string, unknown>;
+  job: InstanceType<typeof Job>;
+  serviceAccount?: InstanceType<typeof ServiceAccount>;
+  role?: InstanceType<typeof Role>;
+  roleBinding?: InstanceType<typeof RoleBinding>;
 }
 
 /**
@@ -94,7 +103,7 @@ export interface BatchJobResult {
  * });
  * ```
  */
-export function BatchJob(props: BatchJobProps): BatchJobResult {
+export const BatchJob = Composite<BatchJobProps>((props) => {
   const {
     name,
     image,
@@ -114,6 +123,7 @@ export function BatchJob(props: BatchJobProps): BatchJobResult {
     memoryLimit: rawMemoryLimit = "256Mi",
     env,
     securityContext,
+    defaults: defs,
   } = props;
 
   // Ensure limits >= requests (K8s rejects pods where request > limit).
@@ -152,7 +162,7 @@ export function BatchJob(props: BatchJobProps): BatchJobResult {
     ...(securityContext && { securityContext }),
   };
 
-  const jobProps: Record<string, unknown> = {
+  const job = new Job(mergeDefaults({
     metadata: {
       name,
       ...(namespace && { namespace }),
@@ -172,31 +182,29 @@ export function BatchJob(props: BatchJobProps): BatchJobResult {
         },
       },
     },
-  };
+  }, defs?.job));
 
-  const result: BatchJobResult = {
-    job: jobProps,
-  };
+  const result: Record<string, any> = { job };
 
   if (createRbac) {
-    result.serviceAccount = {
+    result.serviceAccount = new ServiceAccount(mergeDefaults({
       metadata: {
         name: saName,
         ...(namespace && { namespace }),
         labels: { ...commonLabels, "app.kubernetes.io/component": "batch" },
       },
-    };
+    }, defs?.serviceAccount));
 
-    result.role = {
+    result.role = new Role(mergeDefaults({
       metadata: {
         name: roleName,
         ...(namespace && { namespace }),
         labels: { ...commonLabels, "app.kubernetes.io/component": "rbac" },
       },
       rules: effectiveRbacRules,
-    };
+    }, defs?.role));
 
-    result.roleBinding = {
+    result.roleBinding = new RoleBinding(mergeDefaults({
       metadata: {
         name: bindingName,
         ...(namespace && { namespace }),
@@ -214,8 +222,8 @@ export function BatchJob(props: BatchJobProps): BatchJobResult {
           ...(namespace && { namespace }),
         },
       ],
-    };
+    }, defs?.roleBinding));
   }
 
   return result;
-}
+}, "BatchJob");