@rulebricks/cli 2.1.5 → 2.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +26 -0
- package/cluster-setup/aws/README.md +74 -0
- package/cluster-setup/aws/check-aws-access.sh +78 -0
- package/cluster-setup/aws/cluster.yaml +33 -0
- package/cluster-setup/azure/README.md +93 -0
- package/cluster-setup/azure/check-aks-prereqs.sh +96 -0
- package/cluster-setup/azure/main.bicep +282 -0
- package/cluster-setup/azure/main.parameters.json +21 -0
- package/cluster-setup/gcp/README.md +172 -0
- package/cluster-setup/gcp/check-gke-prereqs.sh +98 -0
- package/dist/commands/deploy.js +31 -4
- package/dist/commands/init.js +9 -2
- package/dist/components/Wizard/WizardContext.d.ts +27 -3
- package/dist/components/Wizard/WizardContext.js +95 -2
- package/dist/components/Wizard/steps/CloudProviderStep.js +7 -2
- package/dist/components/Wizard/steps/FeatureConfigStep.js +407 -10
- package/dist/components/Wizard/steps/ReviewStep.js +7 -2
- package/dist/lib/helmValues.js +227 -22
- package/dist/lib/kubernetes.d.ts +31 -1
- package/dist/lib/kubernetes.js +157 -5
- package/dist/types/index.d.ts +368 -7
- package/dist/types/index.js +47 -2
- package/package.json +2 -1
package/dist/types/index.d.ts
CHANGED
|
@@ -7,6 +7,28 @@ export type DnsProvider = "route53" | "cloudflare" | "google" | "azure" | "other
|
|
|
7
7
|
export declare const SUPPORTED_DNS_PROVIDERS: DnsProvider[];
|
|
8
8
|
export type LoggingSink = "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
9
9
|
export type LoggingSinkCategory = "cloud-storage" | "logging-platform";
|
|
10
|
+
export type MonitoringDestination = "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
11
|
+
export type RemoteWriteDestination = "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
12
|
+
export type RemoteWriteAuthType = "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer";
|
|
13
|
+
export interface SecretKeyRef {
|
|
14
|
+
name: string;
|
|
15
|
+
key: string;
|
|
16
|
+
}
|
|
17
|
+
export interface RemoteWriteConfig {
|
|
18
|
+
destination: RemoteWriteDestination;
|
|
19
|
+
url: string;
|
|
20
|
+
authType?: RemoteWriteAuthType;
|
|
21
|
+
awsRegion?: string;
|
|
22
|
+
awsRoleArn?: string;
|
|
23
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment";
|
|
24
|
+
clientId?: string;
|
|
25
|
+
tenantId?: string;
|
|
26
|
+
clientSecretRef?: SecretKeyRef;
|
|
27
|
+
usernameSecretRef?: SecretKeyRef;
|
|
28
|
+
passwordSecretRef?: SecretKeyRef;
|
|
29
|
+
bearerTokenSecretRef?: SecretKeyRef;
|
|
30
|
+
}
|
|
31
|
+
export type CloudLoggingAuthMode = "workload-identity" | "secret";
|
|
10
32
|
export declare const LOGGING_SINK_CATEGORIES: Record<Exclude<LoggingSink, "console" | "pending">, LoggingSinkCategory>;
|
|
11
33
|
export declare const CLOUD_REGIONS: Record<CloudProvider, string[]>;
|
|
12
34
|
export declare const TIER_CONFIGS: Record<PerformanceTier, TierConfig>;
|
|
@@ -233,39 +255,230 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
233
255
|
clientSecret: z.ZodOptional<z.ZodString>;
|
|
234
256
|
}, "strip", z.ZodTypeAny, {
|
|
235
257
|
enabled: boolean;
|
|
236
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
237
258
|
url?: string | undefined;
|
|
238
259
|
clientId?: string | undefined;
|
|
260
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
239
261
|
clientSecret?: string | undefined;
|
|
240
262
|
}, {
|
|
241
263
|
enabled: boolean;
|
|
242
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
243
264
|
url?: string | undefined;
|
|
244
265
|
clientId?: string | undefined;
|
|
266
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
245
267
|
clientSecret?: string | undefined;
|
|
246
268
|
}>;
|
|
247
269
|
monitoring: z.ZodObject<{
|
|
248
270
|
enabled: z.ZodBoolean;
|
|
271
|
+
destination: z.ZodOptional<z.ZodEnum<["local-grafana", "aws-amp", "azure-monitor", "grafana-cloud", "generic"]>>;
|
|
249
272
|
remoteWriteUrl: z.ZodOptional<z.ZodString>;
|
|
273
|
+
remoteWrite: z.ZodOptional<z.ZodObject<{
|
|
274
|
+
destination: z.ZodEnum<["aws-amp", "azure-monitor", "grafana-cloud", "generic"]>;
|
|
275
|
+
url: z.ZodString;
|
|
276
|
+
authType: z.ZodOptional<z.ZodEnum<["none", "managed-identity", "workload-identity", "oauth", "basic", "bearer"]>>;
|
|
277
|
+
awsRegion: z.ZodOptional<z.ZodString>;
|
|
278
|
+
awsRoleArn: z.ZodOptional<z.ZodString>;
|
|
279
|
+
azureCloud: z.ZodOptional<z.ZodEnum<["AzurePublic", "AzureChina", "AzureGovernment"]>>;
|
|
280
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
281
|
+
tenantId: z.ZodOptional<z.ZodString>;
|
|
282
|
+
clientSecretRef: z.ZodOptional<z.ZodObject<{
|
|
283
|
+
name: z.ZodString;
|
|
284
|
+
key: z.ZodString;
|
|
285
|
+
}, "strip", z.ZodTypeAny, {
|
|
286
|
+
name: string;
|
|
287
|
+
key: string;
|
|
288
|
+
}, {
|
|
289
|
+
name: string;
|
|
290
|
+
key: string;
|
|
291
|
+
}>>;
|
|
292
|
+
usernameSecretRef: z.ZodOptional<z.ZodObject<{
|
|
293
|
+
name: z.ZodString;
|
|
294
|
+
key: z.ZodString;
|
|
295
|
+
}, "strip", z.ZodTypeAny, {
|
|
296
|
+
name: string;
|
|
297
|
+
key: string;
|
|
298
|
+
}, {
|
|
299
|
+
name: string;
|
|
300
|
+
key: string;
|
|
301
|
+
}>>;
|
|
302
|
+
passwordSecretRef: z.ZodOptional<z.ZodObject<{
|
|
303
|
+
name: z.ZodString;
|
|
304
|
+
key: z.ZodString;
|
|
305
|
+
}, "strip", z.ZodTypeAny, {
|
|
306
|
+
name: string;
|
|
307
|
+
key: string;
|
|
308
|
+
}, {
|
|
309
|
+
name: string;
|
|
310
|
+
key: string;
|
|
311
|
+
}>>;
|
|
312
|
+
bearerTokenSecretRef: z.ZodOptional<z.ZodObject<{
|
|
313
|
+
name: z.ZodString;
|
|
314
|
+
key: z.ZodString;
|
|
315
|
+
}, "strip", z.ZodTypeAny, {
|
|
316
|
+
name: string;
|
|
317
|
+
key: string;
|
|
318
|
+
}, {
|
|
319
|
+
name: string;
|
|
320
|
+
key: string;
|
|
321
|
+
}>>;
|
|
322
|
+
}, "strip", z.ZodTypeAny, {
|
|
323
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
324
|
+
url: string;
|
|
325
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
326
|
+
awsRegion?: string | undefined;
|
|
327
|
+
awsRoleArn?: string | undefined;
|
|
328
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
329
|
+
clientId?: string | undefined;
|
|
330
|
+
tenantId?: string | undefined;
|
|
331
|
+
clientSecretRef?: {
|
|
332
|
+
name: string;
|
|
333
|
+
key: string;
|
|
334
|
+
} | undefined;
|
|
335
|
+
usernameSecretRef?: {
|
|
336
|
+
name: string;
|
|
337
|
+
key: string;
|
|
338
|
+
} | undefined;
|
|
339
|
+
passwordSecretRef?: {
|
|
340
|
+
name: string;
|
|
341
|
+
key: string;
|
|
342
|
+
} | undefined;
|
|
343
|
+
bearerTokenSecretRef?: {
|
|
344
|
+
name: string;
|
|
345
|
+
key: string;
|
|
346
|
+
} | undefined;
|
|
347
|
+
}, {
|
|
348
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
349
|
+
url: string;
|
|
350
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
351
|
+
awsRegion?: string | undefined;
|
|
352
|
+
awsRoleArn?: string | undefined;
|
|
353
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
354
|
+
clientId?: string | undefined;
|
|
355
|
+
tenantId?: string | undefined;
|
|
356
|
+
clientSecretRef?: {
|
|
357
|
+
name: string;
|
|
358
|
+
key: string;
|
|
359
|
+
} | undefined;
|
|
360
|
+
usernameSecretRef?: {
|
|
361
|
+
name: string;
|
|
362
|
+
key: string;
|
|
363
|
+
} | undefined;
|
|
364
|
+
passwordSecretRef?: {
|
|
365
|
+
name: string;
|
|
366
|
+
key: string;
|
|
367
|
+
} | undefined;
|
|
368
|
+
bearerTokenSecretRef?: {
|
|
369
|
+
name: string;
|
|
370
|
+
key: string;
|
|
371
|
+
} | undefined;
|
|
372
|
+
}>>;
|
|
250
373
|
}, "strip", z.ZodTypeAny, {
|
|
251
374
|
enabled: boolean;
|
|
375
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
252
376
|
remoteWriteUrl?: string | undefined;
|
|
377
|
+
remoteWrite?: {
|
|
378
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
379
|
+
url: string;
|
|
380
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
381
|
+
awsRegion?: string | undefined;
|
|
382
|
+
awsRoleArn?: string | undefined;
|
|
383
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
384
|
+
clientId?: string | undefined;
|
|
385
|
+
tenantId?: string | undefined;
|
|
386
|
+
clientSecretRef?: {
|
|
387
|
+
name: string;
|
|
388
|
+
key: string;
|
|
389
|
+
} | undefined;
|
|
390
|
+
usernameSecretRef?: {
|
|
391
|
+
name: string;
|
|
392
|
+
key: string;
|
|
393
|
+
} | undefined;
|
|
394
|
+
passwordSecretRef?: {
|
|
395
|
+
name: string;
|
|
396
|
+
key: string;
|
|
397
|
+
} | undefined;
|
|
398
|
+
bearerTokenSecretRef?: {
|
|
399
|
+
name: string;
|
|
400
|
+
key: string;
|
|
401
|
+
} | undefined;
|
|
402
|
+
} | undefined;
|
|
253
403
|
}, {
|
|
254
404
|
enabled: boolean;
|
|
405
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
255
406
|
remoteWriteUrl?: string | undefined;
|
|
407
|
+
remoteWrite?: {
|
|
408
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
409
|
+
url: string;
|
|
410
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
411
|
+
awsRegion?: string | undefined;
|
|
412
|
+
awsRoleArn?: string | undefined;
|
|
413
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
414
|
+
clientId?: string | undefined;
|
|
415
|
+
tenantId?: string | undefined;
|
|
416
|
+
clientSecretRef?: {
|
|
417
|
+
name: string;
|
|
418
|
+
key: string;
|
|
419
|
+
} | undefined;
|
|
420
|
+
usernameSecretRef?: {
|
|
421
|
+
name: string;
|
|
422
|
+
key: string;
|
|
423
|
+
} | undefined;
|
|
424
|
+
passwordSecretRef?: {
|
|
425
|
+
name: string;
|
|
426
|
+
key: string;
|
|
427
|
+
} | undefined;
|
|
428
|
+
bearerTokenSecretRef?: {
|
|
429
|
+
name: string;
|
|
430
|
+
key: string;
|
|
431
|
+
} | undefined;
|
|
432
|
+
} | undefined;
|
|
256
433
|
}>;
|
|
257
434
|
logging: z.ZodObject<{
|
|
258
435
|
sink: z.ZodEnum<["console", "pending", "s3", "azure-blob", "gcs", "datadog", "splunk", "elasticsearch", "loki", "newrelic", "axiom"]>;
|
|
259
436
|
bucket: z.ZodOptional<z.ZodString>;
|
|
260
437
|
region: z.ZodOptional<z.ZodString>;
|
|
438
|
+
cloudAuthMode: z.ZodOptional<z.ZodEnum<["workload-identity", "secret"]>>;
|
|
439
|
+
awsIamRoleArn: z.ZodOptional<z.ZodString>;
|
|
440
|
+
azureBlobContainer: z.ZodOptional<z.ZodString>;
|
|
441
|
+
azureBlobClientId: z.ZodOptional<z.ZodString>;
|
|
442
|
+
azureBlobTenantId: z.ZodOptional<z.ZodString>;
|
|
443
|
+
azureBlobConnectionStringSecretRef: z.ZodOptional<z.ZodObject<{
|
|
444
|
+
name: z.ZodString;
|
|
445
|
+
key: z.ZodString;
|
|
446
|
+
}, "strip", z.ZodTypeAny, {
|
|
447
|
+
name: string;
|
|
448
|
+
key: string;
|
|
449
|
+
}, {
|
|
450
|
+
name: string;
|
|
451
|
+
key: string;
|
|
452
|
+
}>>;
|
|
453
|
+
gcpServiceAccountEmail: z.ZodOptional<z.ZodString>;
|
|
261
454
|
}, "strip", z.ZodTypeAny, {
|
|
262
455
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
263
456
|
region?: string | undefined;
|
|
264
457
|
bucket?: string | undefined;
|
|
458
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
459
|
+
awsIamRoleArn?: string | undefined;
|
|
460
|
+
azureBlobContainer?: string | undefined;
|
|
461
|
+
azureBlobClientId?: string | undefined;
|
|
462
|
+
azureBlobTenantId?: string | undefined;
|
|
463
|
+
azureBlobConnectionStringSecretRef?: {
|
|
464
|
+
name: string;
|
|
465
|
+
key: string;
|
|
466
|
+
} | undefined;
|
|
467
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
265
468
|
}, {
|
|
266
469
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
267
470
|
region?: string | undefined;
|
|
268
471
|
bucket?: string | undefined;
|
|
472
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
473
|
+
awsIamRoleArn?: string | undefined;
|
|
474
|
+
azureBlobContainer?: string | undefined;
|
|
475
|
+
azureBlobClientId?: string | undefined;
|
|
476
|
+
azureBlobTenantId?: string | undefined;
|
|
477
|
+
azureBlobConnectionStringSecretRef?: {
|
|
478
|
+
name: string;
|
|
479
|
+
key: string;
|
|
480
|
+
} | undefined;
|
|
481
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
269
482
|
}>;
|
|
270
483
|
customEmails: z.ZodOptional<z.ZodObject<{
|
|
271
484
|
enabled: z.ZodBoolean;
|
|
@@ -337,19 +550,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
337
550
|
};
|
|
338
551
|
sso: {
|
|
339
552
|
enabled: boolean;
|
|
340
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
341
553
|
url?: string | undefined;
|
|
342
554
|
clientId?: string | undefined;
|
|
555
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
343
556
|
clientSecret?: string | undefined;
|
|
344
557
|
};
|
|
345
558
|
monitoring: {
|
|
346
559
|
enabled: boolean;
|
|
560
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
347
561
|
remoteWriteUrl?: string | undefined;
|
|
562
|
+
remoteWrite?: {
|
|
563
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
564
|
+
url: string;
|
|
565
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
566
|
+
awsRegion?: string | undefined;
|
|
567
|
+
awsRoleArn?: string | undefined;
|
|
568
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
569
|
+
clientId?: string | undefined;
|
|
570
|
+
tenantId?: string | undefined;
|
|
571
|
+
clientSecretRef?: {
|
|
572
|
+
name: string;
|
|
573
|
+
key: string;
|
|
574
|
+
} | undefined;
|
|
575
|
+
usernameSecretRef?: {
|
|
576
|
+
name: string;
|
|
577
|
+
key: string;
|
|
578
|
+
} | undefined;
|
|
579
|
+
passwordSecretRef?: {
|
|
580
|
+
name: string;
|
|
581
|
+
key: string;
|
|
582
|
+
} | undefined;
|
|
583
|
+
bearerTokenSecretRef?: {
|
|
584
|
+
name: string;
|
|
585
|
+
key: string;
|
|
586
|
+
} | undefined;
|
|
587
|
+
} | undefined;
|
|
348
588
|
};
|
|
349
589
|
logging: {
|
|
350
590
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
351
591
|
region?: string | undefined;
|
|
352
592
|
bucket?: string | undefined;
|
|
593
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
594
|
+
awsIamRoleArn?: string | undefined;
|
|
595
|
+
azureBlobContainer?: string | undefined;
|
|
596
|
+
azureBlobClientId?: string | undefined;
|
|
597
|
+
azureBlobTenantId?: string | undefined;
|
|
598
|
+
azureBlobConnectionStringSecretRef?: {
|
|
599
|
+
name: string;
|
|
600
|
+
key: string;
|
|
601
|
+
} | undefined;
|
|
602
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
353
603
|
};
|
|
354
604
|
customEmails?: {
|
|
355
605
|
enabled: boolean;
|
|
@@ -373,19 +623,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
373
623
|
};
|
|
374
624
|
sso: {
|
|
375
625
|
enabled: boolean;
|
|
376
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
377
626
|
url?: string | undefined;
|
|
378
627
|
clientId?: string | undefined;
|
|
628
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
379
629
|
clientSecret?: string | undefined;
|
|
380
630
|
};
|
|
381
631
|
monitoring: {
|
|
382
632
|
enabled: boolean;
|
|
633
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
383
634
|
remoteWriteUrl?: string | undefined;
|
|
635
|
+
remoteWrite?: {
|
|
636
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
637
|
+
url: string;
|
|
638
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
639
|
+
awsRegion?: string | undefined;
|
|
640
|
+
awsRoleArn?: string | undefined;
|
|
641
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
642
|
+
clientId?: string | undefined;
|
|
643
|
+
tenantId?: string | undefined;
|
|
644
|
+
clientSecretRef?: {
|
|
645
|
+
name: string;
|
|
646
|
+
key: string;
|
|
647
|
+
} | undefined;
|
|
648
|
+
usernameSecretRef?: {
|
|
649
|
+
name: string;
|
|
650
|
+
key: string;
|
|
651
|
+
} | undefined;
|
|
652
|
+
passwordSecretRef?: {
|
|
653
|
+
name: string;
|
|
654
|
+
key: string;
|
|
655
|
+
} | undefined;
|
|
656
|
+
bearerTokenSecretRef?: {
|
|
657
|
+
name: string;
|
|
658
|
+
key: string;
|
|
659
|
+
} | undefined;
|
|
660
|
+
} | undefined;
|
|
384
661
|
};
|
|
385
662
|
logging: {
|
|
386
663
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
387
664
|
region?: string | undefined;
|
|
388
665
|
bucket?: string | undefined;
|
|
666
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
667
|
+
awsIamRoleArn?: string | undefined;
|
|
668
|
+
azureBlobContainer?: string | undefined;
|
|
669
|
+
azureBlobClientId?: string | undefined;
|
|
670
|
+
azureBlobTenantId?: string | undefined;
|
|
671
|
+
azureBlobConnectionStringSecretRef?: {
|
|
672
|
+
name: string;
|
|
673
|
+
key: string;
|
|
674
|
+
} | undefined;
|
|
675
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
389
676
|
};
|
|
390
677
|
customEmails?: {
|
|
391
678
|
enabled: boolean;
|
|
@@ -453,19 +740,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
453
740
|
};
|
|
454
741
|
sso: {
|
|
455
742
|
enabled: boolean;
|
|
456
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
457
743
|
url?: string | undefined;
|
|
458
744
|
clientId?: string | undefined;
|
|
745
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
459
746
|
clientSecret?: string | undefined;
|
|
460
747
|
};
|
|
461
748
|
monitoring: {
|
|
462
749
|
enabled: boolean;
|
|
750
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
463
751
|
remoteWriteUrl?: string | undefined;
|
|
752
|
+
remoteWrite?: {
|
|
753
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
754
|
+
url: string;
|
|
755
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
756
|
+
awsRegion?: string | undefined;
|
|
757
|
+
awsRoleArn?: string | undefined;
|
|
758
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
759
|
+
clientId?: string | undefined;
|
|
760
|
+
tenantId?: string | undefined;
|
|
761
|
+
clientSecretRef?: {
|
|
762
|
+
name: string;
|
|
763
|
+
key: string;
|
|
764
|
+
} | undefined;
|
|
765
|
+
usernameSecretRef?: {
|
|
766
|
+
name: string;
|
|
767
|
+
key: string;
|
|
768
|
+
} | undefined;
|
|
769
|
+
passwordSecretRef?: {
|
|
770
|
+
name: string;
|
|
771
|
+
key: string;
|
|
772
|
+
} | undefined;
|
|
773
|
+
bearerTokenSecretRef?: {
|
|
774
|
+
name: string;
|
|
775
|
+
key: string;
|
|
776
|
+
} | undefined;
|
|
777
|
+
} | undefined;
|
|
464
778
|
};
|
|
465
779
|
logging: {
|
|
466
780
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
467
781
|
region?: string | undefined;
|
|
468
782
|
bucket?: string | undefined;
|
|
783
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
784
|
+
awsIamRoleArn?: string | undefined;
|
|
785
|
+
azureBlobContainer?: string | undefined;
|
|
786
|
+
azureBlobClientId?: string | undefined;
|
|
787
|
+
azureBlobTenantId?: string | undefined;
|
|
788
|
+
azureBlobConnectionStringSecretRef?: {
|
|
789
|
+
name: string;
|
|
790
|
+
key: string;
|
|
791
|
+
} | undefined;
|
|
792
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
469
793
|
};
|
|
470
794
|
customEmails?: {
|
|
471
795
|
enabled: boolean;
|
|
@@ -533,19 +857,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
533
857
|
};
|
|
534
858
|
sso: {
|
|
535
859
|
enabled: boolean;
|
|
536
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
537
860
|
url?: string | undefined;
|
|
538
861
|
clientId?: string | undefined;
|
|
862
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
539
863
|
clientSecret?: string | undefined;
|
|
540
864
|
};
|
|
541
865
|
monitoring: {
|
|
542
866
|
enabled: boolean;
|
|
867
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
543
868
|
remoteWriteUrl?: string | undefined;
|
|
869
|
+
remoteWrite?: {
|
|
870
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
871
|
+
url: string;
|
|
872
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
873
|
+
awsRegion?: string | undefined;
|
|
874
|
+
awsRoleArn?: string | undefined;
|
|
875
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
876
|
+
clientId?: string | undefined;
|
|
877
|
+
tenantId?: string | undefined;
|
|
878
|
+
clientSecretRef?: {
|
|
879
|
+
name: string;
|
|
880
|
+
key: string;
|
|
881
|
+
} | undefined;
|
|
882
|
+
usernameSecretRef?: {
|
|
883
|
+
name: string;
|
|
884
|
+
key: string;
|
|
885
|
+
} | undefined;
|
|
886
|
+
passwordSecretRef?: {
|
|
887
|
+
name: string;
|
|
888
|
+
key: string;
|
|
889
|
+
} | undefined;
|
|
890
|
+
bearerTokenSecretRef?: {
|
|
891
|
+
name: string;
|
|
892
|
+
key: string;
|
|
893
|
+
} | undefined;
|
|
894
|
+
} | undefined;
|
|
544
895
|
};
|
|
545
896
|
logging: {
|
|
546
897
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
547
898
|
region?: string | undefined;
|
|
548
899
|
bucket?: string | undefined;
|
|
900
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
901
|
+
awsIamRoleArn?: string | undefined;
|
|
902
|
+
azureBlobContainer?: string | undefined;
|
|
903
|
+
azureBlobClientId?: string | undefined;
|
|
904
|
+
azureBlobTenantId?: string | undefined;
|
|
905
|
+
azureBlobConnectionStringSecretRef?: {
|
|
906
|
+
name: string;
|
|
907
|
+
key: string;
|
|
908
|
+
} | undefined;
|
|
909
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
549
910
|
};
|
|
550
911
|
customEmails?: {
|
|
551
912
|
enabled: boolean;
|
|
@@ -701,7 +1062,7 @@ export declare const ProfileConfigSchema: z.ZodObject<{
|
|
|
701
1062
|
}>;
|
|
702
1063
|
export type ProfileConfig = z.infer<typeof ProfileConfigSchema>;
|
|
703
1064
|
export declare const CHANGELOG_URL = "https://rulebricks.com/docs/changelog";
|
|
704
|
-
export declare const HELM_CHART_OCI = "oci://ghcr.io/rulebricks/
|
|
1065
|
+
export declare const HELM_CHART_OCI = "oci://ghcr.io/rulebricks/helm/stack";
|
|
705
1066
|
export declare const DEFAULT_NAMESPACE = "rulebricks";
|
|
706
1067
|
export declare const LEGACY_RELEASE_NAME = "rulebricks";
|
|
707
1068
|
/**
|
package/dist/types/index.js
CHANGED
|
@@ -382,6 +382,42 @@ export const LOGGING_DESTINATION_LABELS = {
|
|
|
382
382
|
export function getLoggingDestinationLabel(sink) {
|
|
383
383
|
return LOGGING_DESTINATION_LABELS[sink] || "Console (stdout)";
|
|
384
384
|
}
|
|
385
|
+
const SecretKeyRefSchema = z.object({
|
|
386
|
+
name: z.string().min(1),
|
|
387
|
+
key: z.string().min(1),
|
|
388
|
+
});
|
|
389
|
+
const RemoteWriteConfigSchema = z.object({
|
|
390
|
+
destination: z.enum(["aws-amp", "azure-monitor", "grafana-cloud", "generic"]),
|
|
391
|
+
url: z.string().url(),
|
|
392
|
+
authType: z
|
|
393
|
+
.enum([
|
|
394
|
+
"none",
|
|
395
|
+
"managed-identity",
|
|
396
|
+
"workload-identity",
|
|
397
|
+
"oauth",
|
|
398
|
+
"basic",
|
|
399
|
+
"bearer",
|
|
400
|
+
])
|
|
401
|
+
.optional(),
|
|
402
|
+
awsRegion: z.string().optional(),
|
|
403
|
+
awsRoleArn: z.string().optional(),
|
|
404
|
+
azureCloud: z
|
|
405
|
+
.enum(["AzurePublic", "AzureChina", "AzureGovernment"])
|
|
406
|
+
.optional(),
|
|
407
|
+
clientId: z.string().optional(),
|
|
408
|
+
tenantId: z.string().optional(),
|
|
409
|
+
clientSecretRef: SecretKeyRefSchema.optional(),
|
|
410
|
+
usernameSecretRef: SecretKeyRefSchema.optional(),
|
|
411
|
+
passwordSecretRef: SecretKeyRefSchema.optional(),
|
|
412
|
+
bearerTokenSecretRef: SecretKeyRefSchema.optional(),
|
|
413
|
+
});
|
|
414
|
+
const MonitoringDestinationSchema = z.enum([
|
|
415
|
+
"local-grafana",
|
|
416
|
+
"aws-amp",
|
|
417
|
+
"azure-monitor",
|
|
418
|
+
"grafana-cloud",
|
|
419
|
+
"generic",
|
|
420
|
+
]);
|
|
385
421
|
// Deployment configuration schema
|
|
386
422
|
export const DeploymentConfigSchema = z.object({
|
|
387
423
|
name: z
|
|
@@ -454,8 +490,10 @@ export const DeploymentConfigSchema = z.object({
|
|
|
454
490
|
}),
|
|
455
491
|
monitoring: z.object({
|
|
456
492
|
enabled: z.boolean(),
|
|
457
|
-
|
|
493
|
+
destination: MonitoringDestinationSchema.optional(),
|
|
494
|
+
// Legacy optional URL retained for existing config files.
|
|
458
495
|
remoteWriteUrl: z.string().url().optional(),
|
|
496
|
+
remoteWrite: RemoteWriteConfigSchema.optional(),
|
|
459
497
|
}),
|
|
460
498
|
logging: z.object({
|
|
461
499
|
// Logging always happens to console by default
|
|
@@ -478,6 +516,13 @@ export const DeploymentConfigSchema = z.object({
|
|
|
478
516
|
// For platforms: repurposed for credentials (API key) and extra config
|
|
479
517
|
bucket: z.string().optional(),
|
|
480
518
|
region: z.string().optional(),
|
|
519
|
+
cloudAuthMode: z.enum(["workload-identity", "secret"]).optional(),
|
|
520
|
+
awsIamRoleArn: z.string().optional(),
|
|
521
|
+
azureBlobContainer: z.string().optional(),
|
|
522
|
+
azureBlobClientId: z.string().optional(),
|
|
523
|
+
azureBlobTenantId: z.string().optional(),
|
|
524
|
+
azureBlobConnectionStringSecretRef: SecretKeyRefSchema.optional(),
|
|
525
|
+
gcpServiceAccountEmail: z.string().optional(),
|
|
481
526
|
}),
|
|
482
527
|
customEmails: z
|
|
483
528
|
.object({
|
|
@@ -603,7 +648,7 @@ export const ProfileConfigSchema = z.object({
|
|
|
603
648
|
});
|
|
604
649
|
// Constants
|
|
605
650
|
export const CHANGELOG_URL = "https://rulebricks.com/docs/changelog";
|
|
606
|
-
export const HELM_CHART_OCI = "oci://ghcr.io/rulebricks/
|
|
651
|
+
export const HELM_CHART_OCI = "oci://ghcr.io/rulebricks/helm/stack";
|
|
607
652
|
// Legacy namespace/release name - kept for backwards compatibility with existing deployments
|
|
608
653
|
export const DEFAULT_NAMESPACE = "rulebricks";
|
|
609
654
|
export const LEGACY_RELEASE_NAME = "rulebricks";
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@rulebricks/cli",
|
|
3
|
-
"version": "2.1.
|
|
3
|
+
"version": "2.1.7",
|
|
4
4
|
"description": "CLI for deploying and managing private Rulebricks instances",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -59,6 +59,7 @@
|
|
|
59
59
|
"files": [
|
|
60
60
|
"dist",
|
|
61
61
|
"terraform",
|
|
62
|
+
"cluster-setup",
|
|
62
63
|
"templates",
|
|
63
64
|
"benchmarks"
|
|
64
65
|
]
|