@rulebricks/cli 2.1.6 → 2.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +26 -0
- package/cluster-setup/aws/README.md +74 -0
- package/cluster-setup/aws/check-aws-access.sh +78 -0
- package/cluster-setup/aws/cluster.yaml +33 -0
- package/cluster-setup/azure/README.md +93 -0
- package/cluster-setup/azure/check-aks-prereqs.sh +96 -0
- package/cluster-setup/azure/main.bicep +282 -0
- package/cluster-setup/azure/main.parameters.json +21 -0
- package/cluster-setup/gcp/README.md +172 -0
- package/cluster-setup/gcp/check-gke-prereqs.sh +98 -0
- package/dist/commands/init.js +9 -2
- package/dist/components/Wizard/WizardContext.d.ts +27 -3
- package/dist/components/Wizard/WizardContext.js +95 -2
- package/dist/components/Wizard/steps/CloudProviderStep.js +7 -2
- package/dist/components/Wizard/steps/FeatureConfigStep.js +407 -10
- package/dist/components/Wizard/steps/ReviewStep.js +7 -2
- package/dist/lib/helmValues.js +227 -22
- package/dist/lib/kubernetes.d.ts +7 -1
- package/dist/lib/kubernetes.js +59 -0
- package/dist/types/index.d.ts +367 -6
- package/dist/types/index.js +46 -1
- package/package.json +2 -1
package/dist/types/index.d.ts
CHANGED
|
@@ -7,6 +7,28 @@ export type DnsProvider = "route53" | "cloudflare" | "google" | "azure" | "other
|
|
|
7
7
|
export declare const SUPPORTED_DNS_PROVIDERS: DnsProvider[];
|
|
8
8
|
export type LoggingSink = "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
9
9
|
export type LoggingSinkCategory = "cloud-storage" | "logging-platform";
|
|
10
|
+
export type MonitoringDestination = "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
11
|
+
export type RemoteWriteDestination = "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
12
|
+
export type RemoteWriteAuthType = "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer";
|
|
13
|
+
export interface SecretKeyRef {
|
|
14
|
+
name: string;
|
|
15
|
+
key: string;
|
|
16
|
+
}
|
|
17
|
+
export interface RemoteWriteConfig {
|
|
18
|
+
destination: RemoteWriteDestination;
|
|
19
|
+
url: string;
|
|
20
|
+
authType?: RemoteWriteAuthType;
|
|
21
|
+
awsRegion?: string;
|
|
22
|
+
awsRoleArn?: string;
|
|
23
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment";
|
|
24
|
+
clientId?: string;
|
|
25
|
+
tenantId?: string;
|
|
26
|
+
clientSecretRef?: SecretKeyRef;
|
|
27
|
+
usernameSecretRef?: SecretKeyRef;
|
|
28
|
+
passwordSecretRef?: SecretKeyRef;
|
|
29
|
+
bearerTokenSecretRef?: SecretKeyRef;
|
|
30
|
+
}
|
|
31
|
+
export type CloudLoggingAuthMode = "workload-identity" | "secret";
|
|
10
32
|
export declare const LOGGING_SINK_CATEGORIES: Record<Exclude<LoggingSink, "console" | "pending">, LoggingSinkCategory>;
|
|
11
33
|
export declare const CLOUD_REGIONS: Record<CloudProvider, string[]>;
|
|
12
34
|
export declare const TIER_CONFIGS: Record<PerformanceTier, TierConfig>;
|
|
@@ -233,39 +255,230 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
233
255
|
clientSecret: z.ZodOptional<z.ZodString>;
|
|
234
256
|
}, "strip", z.ZodTypeAny, {
|
|
235
257
|
enabled: boolean;
|
|
236
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
237
258
|
url?: string | undefined;
|
|
238
259
|
clientId?: string | undefined;
|
|
260
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
239
261
|
clientSecret?: string | undefined;
|
|
240
262
|
}, {
|
|
241
263
|
enabled: boolean;
|
|
242
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
243
264
|
url?: string | undefined;
|
|
244
265
|
clientId?: string | undefined;
|
|
266
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
245
267
|
clientSecret?: string | undefined;
|
|
246
268
|
}>;
|
|
247
269
|
monitoring: z.ZodObject<{
|
|
248
270
|
enabled: z.ZodBoolean;
|
|
271
|
+
destination: z.ZodOptional<z.ZodEnum<["local-grafana", "aws-amp", "azure-monitor", "grafana-cloud", "generic"]>>;
|
|
249
272
|
remoteWriteUrl: z.ZodOptional<z.ZodString>;
|
|
273
|
+
remoteWrite: z.ZodOptional<z.ZodObject<{
|
|
274
|
+
destination: z.ZodEnum<["aws-amp", "azure-monitor", "grafana-cloud", "generic"]>;
|
|
275
|
+
url: z.ZodString;
|
|
276
|
+
authType: z.ZodOptional<z.ZodEnum<["none", "managed-identity", "workload-identity", "oauth", "basic", "bearer"]>>;
|
|
277
|
+
awsRegion: z.ZodOptional<z.ZodString>;
|
|
278
|
+
awsRoleArn: z.ZodOptional<z.ZodString>;
|
|
279
|
+
azureCloud: z.ZodOptional<z.ZodEnum<["AzurePublic", "AzureChina", "AzureGovernment"]>>;
|
|
280
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
281
|
+
tenantId: z.ZodOptional<z.ZodString>;
|
|
282
|
+
clientSecretRef: z.ZodOptional<z.ZodObject<{
|
|
283
|
+
name: z.ZodString;
|
|
284
|
+
key: z.ZodString;
|
|
285
|
+
}, "strip", z.ZodTypeAny, {
|
|
286
|
+
name: string;
|
|
287
|
+
key: string;
|
|
288
|
+
}, {
|
|
289
|
+
name: string;
|
|
290
|
+
key: string;
|
|
291
|
+
}>>;
|
|
292
|
+
usernameSecretRef: z.ZodOptional<z.ZodObject<{
|
|
293
|
+
name: z.ZodString;
|
|
294
|
+
key: z.ZodString;
|
|
295
|
+
}, "strip", z.ZodTypeAny, {
|
|
296
|
+
name: string;
|
|
297
|
+
key: string;
|
|
298
|
+
}, {
|
|
299
|
+
name: string;
|
|
300
|
+
key: string;
|
|
301
|
+
}>>;
|
|
302
|
+
passwordSecretRef: z.ZodOptional<z.ZodObject<{
|
|
303
|
+
name: z.ZodString;
|
|
304
|
+
key: z.ZodString;
|
|
305
|
+
}, "strip", z.ZodTypeAny, {
|
|
306
|
+
name: string;
|
|
307
|
+
key: string;
|
|
308
|
+
}, {
|
|
309
|
+
name: string;
|
|
310
|
+
key: string;
|
|
311
|
+
}>>;
|
|
312
|
+
bearerTokenSecretRef: z.ZodOptional<z.ZodObject<{
|
|
313
|
+
name: z.ZodString;
|
|
314
|
+
key: z.ZodString;
|
|
315
|
+
}, "strip", z.ZodTypeAny, {
|
|
316
|
+
name: string;
|
|
317
|
+
key: string;
|
|
318
|
+
}, {
|
|
319
|
+
name: string;
|
|
320
|
+
key: string;
|
|
321
|
+
}>>;
|
|
322
|
+
}, "strip", z.ZodTypeAny, {
|
|
323
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
324
|
+
url: string;
|
|
325
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
326
|
+
awsRegion?: string | undefined;
|
|
327
|
+
awsRoleArn?: string | undefined;
|
|
328
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
329
|
+
clientId?: string | undefined;
|
|
330
|
+
tenantId?: string | undefined;
|
|
331
|
+
clientSecretRef?: {
|
|
332
|
+
name: string;
|
|
333
|
+
key: string;
|
|
334
|
+
} | undefined;
|
|
335
|
+
usernameSecretRef?: {
|
|
336
|
+
name: string;
|
|
337
|
+
key: string;
|
|
338
|
+
} | undefined;
|
|
339
|
+
passwordSecretRef?: {
|
|
340
|
+
name: string;
|
|
341
|
+
key: string;
|
|
342
|
+
} | undefined;
|
|
343
|
+
bearerTokenSecretRef?: {
|
|
344
|
+
name: string;
|
|
345
|
+
key: string;
|
|
346
|
+
} | undefined;
|
|
347
|
+
}, {
|
|
348
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
349
|
+
url: string;
|
|
350
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
351
|
+
awsRegion?: string | undefined;
|
|
352
|
+
awsRoleArn?: string | undefined;
|
|
353
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
354
|
+
clientId?: string | undefined;
|
|
355
|
+
tenantId?: string | undefined;
|
|
356
|
+
clientSecretRef?: {
|
|
357
|
+
name: string;
|
|
358
|
+
key: string;
|
|
359
|
+
} | undefined;
|
|
360
|
+
usernameSecretRef?: {
|
|
361
|
+
name: string;
|
|
362
|
+
key: string;
|
|
363
|
+
} | undefined;
|
|
364
|
+
passwordSecretRef?: {
|
|
365
|
+
name: string;
|
|
366
|
+
key: string;
|
|
367
|
+
} | undefined;
|
|
368
|
+
bearerTokenSecretRef?: {
|
|
369
|
+
name: string;
|
|
370
|
+
key: string;
|
|
371
|
+
} | undefined;
|
|
372
|
+
}>>;
|
|
250
373
|
}, "strip", z.ZodTypeAny, {
|
|
251
374
|
enabled: boolean;
|
|
375
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
252
376
|
remoteWriteUrl?: string | undefined;
|
|
377
|
+
remoteWrite?: {
|
|
378
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
379
|
+
url: string;
|
|
380
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
381
|
+
awsRegion?: string | undefined;
|
|
382
|
+
awsRoleArn?: string | undefined;
|
|
383
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
384
|
+
clientId?: string | undefined;
|
|
385
|
+
tenantId?: string | undefined;
|
|
386
|
+
clientSecretRef?: {
|
|
387
|
+
name: string;
|
|
388
|
+
key: string;
|
|
389
|
+
} | undefined;
|
|
390
|
+
usernameSecretRef?: {
|
|
391
|
+
name: string;
|
|
392
|
+
key: string;
|
|
393
|
+
} | undefined;
|
|
394
|
+
passwordSecretRef?: {
|
|
395
|
+
name: string;
|
|
396
|
+
key: string;
|
|
397
|
+
} | undefined;
|
|
398
|
+
bearerTokenSecretRef?: {
|
|
399
|
+
name: string;
|
|
400
|
+
key: string;
|
|
401
|
+
} | undefined;
|
|
402
|
+
} | undefined;
|
|
253
403
|
}, {
|
|
254
404
|
enabled: boolean;
|
|
405
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
255
406
|
remoteWriteUrl?: string | undefined;
|
|
407
|
+
remoteWrite?: {
|
|
408
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
409
|
+
url: string;
|
|
410
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
411
|
+
awsRegion?: string | undefined;
|
|
412
|
+
awsRoleArn?: string | undefined;
|
|
413
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
414
|
+
clientId?: string | undefined;
|
|
415
|
+
tenantId?: string | undefined;
|
|
416
|
+
clientSecretRef?: {
|
|
417
|
+
name: string;
|
|
418
|
+
key: string;
|
|
419
|
+
} | undefined;
|
|
420
|
+
usernameSecretRef?: {
|
|
421
|
+
name: string;
|
|
422
|
+
key: string;
|
|
423
|
+
} | undefined;
|
|
424
|
+
passwordSecretRef?: {
|
|
425
|
+
name: string;
|
|
426
|
+
key: string;
|
|
427
|
+
} | undefined;
|
|
428
|
+
bearerTokenSecretRef?: {
|
|
429
|
+
name: string;
|
|
430
|
+
key: string;
|
|
431
|
+
} | undefined;
|
|
432
|
+
} | undefined;
|
|
256
433
|
}>;
|
|
257
434
|
logging: z.ZodObject<{
|
|
258
435
|
sink: z.ZodEnum<["console", "pending", "s3", "azure-blob", "gcs", "datadog", "splunk", "elasticsearch", "loki", "newrelic", "axiom"]>;
|
|
259
436
|
bucket: z.ZodOptional<z.ZodString>;
|
|
260
437
|
region: z.ZodOptional<z.ZodString>;
|
|
438
|
+
cloudAuthMode: z.ZodOptional<z.ZodEnum<["workload-identity", "secret"]>>;
|
|
439
|
+
awsIamRoleArn: z.ZodOptional<z.ZodString>;
|
|
440
|
+
azureBlobContainer: z.ZodOptional<z.ZodString>;
|
|
441
|
+
azureBlobClientId: z.ZodOptional<z.ZodString>;
|
|
442
|
+
azureBlobTenantId: z.ZodOptional<z.ZodString>;
|
|
443
|
+
azureBlobConnectionStringSecretRef: z.ZodOptional<z.ZodObject<{
|
|
444
|
+
name: z.ZodString;
|
|
445
|
+
key: z.ZodString;
|
|
446
|
+
}, "strip", z.ZodTypeAny, {
|
|
447
|
+
name: string;
|
|
448
|
+
key: string;
|
|
449
|
+
}, {
|
|
450
|
+
name: string;
|
|
451
|
+
key: string;
|
|
452
|
+
}>>;
|
|
453
|
+
gcpServiceAccountEmail: z.ZodOptional<z.ZodString>;
|
|
261
454
|
}, "strip", z.ZodTypeAny, {
|
|
262
455
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
263
456
|
region?: string | undefined;
|
|
264
457
|
bucket?: string | undefined;
|
|
458
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
459
|
+
awsIamRoleArn?: string | undefined;
|
|
460
|
+
azureBlobContainer?: string | undefined;
|
|
461
|
+
azureBlobClientId?: string | undefined;
|
|
462
|
+
azureBlobTenantId?: string | undefined;
|
|
463
|
+
azureBlobConnectionStringSecretRef?: {
|
|
464
|
+
name: string;
|
|
465
|
+
key: string;
|
|
466
|
+
} | undefined;
|
|
467
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
265
468
|
}, {
|
|
266
469
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
267
470
|
region?: string | undefined;
|
|
268
471
|
bucket?: string | undefined;
|
|
472
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
473
|
+
awsIamRoleArn?: string | undefined;
|
|
474
|
+
azureBlobContainer?: string | undefined;
|
|
475
|
+
azureBlobClientId?: string | undefined;
|
|
476
|
+
azureBlobTenantId?: string | undefined;
|
|
477
|
+
azureBlobConnectionStringSecretRef?: {
|
|
478
|
+
name: string;
|
|
479
|
+
key: string;
|
|
480
|
+
} | undefined;
|
|
481
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
269
482
|
}>;
|
|
270
483
|
customEmails: z.ZodOptional<z.ZodObject<{
|
|
271
484
|
enabled: z.ZodBoolean;
|
|
@@ -337,19 +550,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
337
550
|
};
|
|
338
551
|
sso: {
|
|
339
552
|
enabled: boolean;
|
|
340
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
341
553
|
url?: string | undefined;
|
|
342
554
|
clientId?: string | undefined;
|
|
555
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
343
556
|
clientSecret?: string | undefined;
|
|
344
557
|
};
|
|
345
558
|
monitoring: {
|
|
346
559
|
enabled: boolean;
|
|
560
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
347
561
|
remoteWriteUrl?: string | undefined;
|
|
562
|
+
remoteWrite?: {
|
|
563
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
564
|
+
url: string;
|
|
565
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
566
|
+
awsRegion?: string | undefined;
|
|
567
|
+
awsRoleArn?: string | undefined;
|
|
568
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
569
|
+
clientId?: string | undefined;
|
|
570
|
+
tenantId?: string | undefined;
|
|
571
|
+
clientSecretRef?: {
|
|
572
|
+
name: string;
|
|
573
|
+
key: string;
|
|
574
|
+
} | undefined;
|
|
575
|
+
usernameSecretRef?: {
|
|
576
|
+
name: string;
|
|
577
|
+
key: string;
|
|
578
|
+
} | undefined;
|
|
579
|
+
passwordSecretRef?: {
|
|
580
|
+
name: string;
|
|
581
|
+
key: string;
|
|
582
|
+
} | undefined;
|
|
583
|
+
bearerTokenSecretRef?: {
|
|
584
|
+
name: string;
|
|
585
|
+
key: string;
|
|
586
|
+
} | undefined;
|
|
587
|
+
} | undefined;
|
|
348
588
|
};
|
|
349
589
|
logging: {
|
|
350
590
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
351
591
|
region?: string | undefined;
|
|
352
592
|
bucket?: string | undefined;
|
|
593
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
594
|
+
awsIamRoleArn?: string | undefined;
|
|
595
|
+
azureBlobContainer?: string | undefined;
|
|
596
|
+
azureBlobClientId?: string | undefined;
|
|
597
|
+
azureBlobTenantId?: string | undefined;
|
|
598
|
+
azureBlobConnectionStringSecretRef?: {
|
|
599
|
+
name: string;
|
|
600
|
+
key: string;
|
|
601
|
+
} | undefined;
|
|
602
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
353
603
|
};
|
|
354
604
|
customEmails?: {
|
|
355
605
|
enabled: boolean;
|
|
@@ -373,19 +623,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
373
623
|
};
|
|
374
624
|
sso: {
|
|
375
625
|
enabled: boolean;
|
|
376
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
377
626
|
url?: string | undefined;
|
|
378
627
|
clientId?: string | undefined;
|
|
628
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
379
629
|
clientSecret?: string | undefined;
|
|
380
630
|
};
|
|
381
631
|
monitoring: {
|
|
382
632
|
enabled: boolean;
|
|
633
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
383
634
|
remoteWriteUrl?: string | undefined;
|
|
635
|
+
remoteWrite?: {
|
|
636
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
637
|
+
url: string;
|
|
638
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
639
|
+
awsRegion?: string | undefined;
|
|
640
|
+
awsRoleArn?: string | undefined;
|
|
641
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
642
|
+
clientId?: string | undefined;
|
|
643
|
+
tenantId?: string | undefined;
|
|
644
|
+
clientSecretRef?: {
|
|
645
|
+
name: string;
|
|
646
|
+
key: string;
|
|
647
|
+
} | undefined;
|
|
648
|
+
usernameSecretRef?: {
|
|
649
|
+
name: string;
|
|
650
|
+
key: string;
|
|
651
|
+
} | undefined;
|
|
652
|
+
passwordSecretRef?: {
|
|
653
|
+
name: string;
|
|
654
|
+
key: string;
|
|
655
|
+
} | undefined;
|
|
656
|
+
bearerTokenSecretRef?: {
|
|
657
|
+
name: string;
|
|
658
|
+
key: string;
|
|
659
|
+
} | undefined;
|
|
660
|
+
} | undefined;
|
|
384
661
|
};
|
|
385
662
|
logging: {
|
|
386
663
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
387
664
|
region?: string | undefined;
|
|
388
665
|
bucket?: string | undefined;
|
|
666
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
667
|
+
awsIamRoleArn?: string | undefined;
|
|
668
|
+
azureBlobContainer?: string | undefined;
|
|
669
|
+
azureBlobClientId?: string | undefined;
|
|
670
|
+
azureBlobTenantId?: string | undefined;
|
|
671
|
+
azureBlobConnectionStringSecretRef?: {
|
|
672
|
+
name: string;
|
|
673
|
+
key: string;
|
|
674
|
+
} | undefined;
|
|
675
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
389
676
|
};
|
|
390
677
|
customEmails?: {
|
|
391
678
|
enabled: boolean;
|
|
@@ -453,19 +740,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
453
740
|
};
|
|
454
741
|
sso: {
|
|
455
742
|
enabled: boolean;
|
|
456
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
457
743
|
url?: string | undefined;
|
|
458
744
|
clientId?: string | undefined;
|
|
745
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
459
746
|
clientSecret?: string | undefined;
|
|
460
747
|
};
|
|
461
748
|
monitoring: {
|
|
462
749
|
enabled: boolean;
|
|
750
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
463
751
|
remoteWriteUrl?: string | undefined;
|
|
752
|
+
remoteWrite?: {
|
|
753
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
754
|
+
url: string;
|
|
755
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
756
|
+
awsRegion?: string | undefined;
|
|
757
|
+
awsRoleArn?: string | undefined;
|
|
758
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
759
|
+
clientId?: string | undefined;
|
|
760
|
+
tenantId?: string | undefined;
|
|
761
|
+
clientSecretRef?: {
|
|
762
|
+
name: string;
|
|
763
|
+
key: string;
|
|
764
|
+
} | undefined;
|
|
765
|
+
usernameSecretRef?: {
|
|
766
|
+
name: string;
|
|
767
|
+
key: string;
|
|
768
|
+
} | undefined;
|
|
769
|
+
passwordSecretRef?: {
|
|
770
|
+
name: string;
|
|
771
|
+
key: string;
|
|
772
|
+
} | undefined;
|
|
773
|
+
bearerTokenSecretRef?: {
|
|
774
|
+
name: string;
|
|
775
|
+
key: string;
|
|
776
|
+
} | undefined;
|
|
777
|
+
} | undefined;
|
|
464
778
|
};
|
|
465
779
|
logging: {
|
|
466
780
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
467
781
|
region?: string | undefined;
|
|
468
782
|
bucket?: string | undefined;
|
|
783
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
784
|
+
awsIamRoleArn?: string | undefined;
|
|
785
|
+
azureBlobContainer?: string | undefined;
|
|
786
|
+
azureBlobClientId?: string | undefined;
|
|
787
|
+
azureBlobTenantId?: string | undefined;
|
|
788
|
+
azureBlobConnectionStringSecretRef?: {
|
|
789
|
+
name: string;
|
|
790
|
+
key: string;
|
|
791
|
+
} | undefined;
|
|
792
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
469
793
|
};
|
|
470
794
|
customEmails?: {
|
|
471
795
|
enabled: boolean;
|
|
@@ -533,19 +857,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
|
|
|
533
857
|
};
|
|
534
858
|
sso: {
|
|
535
859
|
enabled: boolean;
|
|
536
|
-
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
537
860
|
url?: string | undefined;
|
|
538
861
|
clientId?: string | undefined;
|
|
862
|
+
provider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
|
|
539
863
|
clientSecret?: string | undefined;
|
|
540
864
|
};
|
|
541
865
|
monitoring: {
|
|
542
866
|
enabled: boolean;
|
|
867
|
+
destination?: "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic" | undefined;
|
|
543
868
|
remoteWriteUrl?: string | undefined;
|
|
869
|
+
remoteWrite?: {
|
|
870
|
+
destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
|
|
871
|
+
url: string;
|
|
872
|
+
authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
|
|
873
|
+
awsRegion?: string | undefined;
|
|
874
|
+
awsRoleArn?: string | undefined;
|
|
875
|
+
azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
|
|
876
|
+
clientId?: string | undefined;
|
|
877
|
+
tenantId?: string | undefined;
|
|
878
|
+
clientSecretRef?: {
|
|
879
|
+
name: string;
|
|
880
|
+
key: string;
|
|
881
|
+
} | undefined;
|
|
882
|
+
usernameSecretRef?: {
|
|
883
|
+
name: string;
|
|
884
|
+
key: string;
|
|
885
|
+
} | undefined;
|
|
886
|
+
passwordSecretRef?: {
|
|
887
|
+
name: string;
|
|
888
|
+
key: string;
|
|
889
|
+
} | undefined;
|
|
890
|
+
bearerTokenSecretRef?: {
|
|
891
|
+
name: string;
|
|
892
|
+
key: string;
|
|
893
|
+
} | undefined;
|
|
894
|
+
} | undefined;
|
|
544
895
|
};
|
|
545
896
|
logging: {
|
|
546
897
|
sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
|
|
547
898
|
region?: string | undefined;
|
|
548
899
|
bucket?: string | undefined;
|
|
900
|
+
cloudAuthMode?: "workload-identity" | "secret" | undefined;
|
|
901
|
+
awsIamRoleArn?: string | undefined;
|
|
902
|
+
azureBlobContainer?: string | undefined;
|
|
903
|
+
azureBlobClientId?: string | undefined;
|
|
904
|
+
azureBlobTenantId?: string | undefined;
|
|
905
|
+
azureBlobConnectionStringSecretRef?: {
|
|
906
|
+
name: string;
|
|
907
|
+
key: string;
|
|
908
|
+
} | undefined;
|
|
909
|
+
gcpServiceAccountEmail?: string | undefined;
|
|
549
910
|
};
|
|
550
911
|
customEmails?: {
|
|
551
912
|
enabled: boolean;
|
package/dist/types/index.js
CHANGED
|
@@ -382,6 +382,42 @@ export const LOGGING_DESTINATION_LABELS = {
|
|
|
382
382
|
export function getLoggingDestinationLabel(sink) {
|
|
383
383
|
return LOGGING_DESTINATION_LABELS[sink] || "Console (stdout)";
|
|
384
384
|
}
|
|
385
|
+
const SecretKeyRefSchema = z.object({
|
|
386
|
+
name: z.string().min(1),
|
|
387
|
+
key: z.string().min(1),
|
|
388
|
+
});
|
|
389
|
+
const RemoteWriteConfigSchema = z.object({
|
|
390
|
+
destination: z.enum(["aws-amp", "azure-monitor", "grafana-cloud", "generic"]),
|
|
391
|
+
url: z.string().url(),
|
|
392
|
+
authType: z
|
|
393
|
+
.enum([
|
|
394
|
+
"none",
|
|
395
|
+
"managed-identity",
|
|
396
|
+
"workload-identity",
|
|
397
|
+
"oauth",
|
|
398
|
+
"basic",
|
|
399
|
+
"bearer",
|
|
400
|
+
])
|
|
401
|
+
.optional(),
|
|
402
|
+
awsRegion: z.string().optional(),
|
|
403
|
+
awsRoleArn: z.string().optional(),
|
|
404
|
+
azureCloud: z
|
|
405
|
+
.enum(["AzurePublic", "AzureChina", "AzureGovernment"])
|
|
406
|
+
.optional(),
|
|
407
|
+
clientId: z.string().optional(),
|
|
408
|
+
tenantId: z.string().optional(),
|
|
409
|
+
clientSecretRef: SecretKeyRefSchema.optional(),
|
|
410
|
+
usernameSecretRef: SecretKeyRefSchema.optional(),
|
|
411
|
+
passwordSecretRef: SecretKeyRefSchema.optional(),
|
|
412
|
+
bearerTokenSecretRef: SecretKeyRefSchema.optional(),
|
|
413
|
+
});
|
|
414
|
+
const MonitoringDestinationSchema = z.enum([
|
|
415
|
+
"local-grafana",
|
|
416
|
+
"aws-amp",
|
|
417
|
+
"azure-monitor",
|
|
418
|
+
"grafana-cloud",
|
|
419
|
+
"generic",
|
|
420
|
+
]);
|
|
385
421
|
// Deployment configuration schema
|
|
386
422
|
export const DeploymentConfigSchema = z.object({
|
|
387
423
|
name: z
|
|
@@ -454,8 +490,10 @@ export const DeploymentConfigSchema = z.object({
|
|
|
454
490
|
}),
|
|
455
491
|
monitoring: z.object({
|
|
456
492
|
enabled: z.boolean(),
|
|
457
|
-
|
|
493
|
+
destination: MonitoringDestinationSchema.optional(),
|
|
494
|
+
// Legacy optional URL retained for existing config files.
|
|
458
495
|
remoteWriteUrl: z.string().url().optional(),
|
|
496
|
+
remoteWrite: RemoteWriteConfigSchema.optional(),
|
|
459
497
|
}),
|
|
460
498
|
logging: z.object({
|
|
461
499
|
// Logging always happens to console by default
|
|
@@ -478,6 +516,13 @@ export const DeploymentConfigSchema = z.object({
|
|
|
478
516
|
// For platforms: repurposed for credentials (API key) and extra config
|
|
479
517
|
bucket: z.string().optional(),
|
|
480
518
|
region: z.string().optional(),
|
|
519
|
+
cloudAuthMode: z.enum(["workload-identity", "secret"]).optional(),
|
|
520
|
+
awsIamRoleArn: z.string().optional(),
|
|
521
|
+
azureBlobContainer: z.string().optional(),
|
|
522
|
+
azureBlobClientId: z.string().optional(),
|
|
523
|
+
azureBlobTenantId: z.string().optional(),
|
|
524
|
+
azureBlobConnectionStringSecretRef: SecretKeyRefSchema.optional(),
|
|
525
|
+
gcpServiceAccountEmail: z.string().optional(),
|
|
481
526
|
}),
|
|
482
527
|
customEmails: z
|
|
483
528
|
.object({
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@rulebricks/cli",
|
|
3
|
-
"version": "2.1.
|
|
3
|
+
"version": "2.1.7",
|
|
4
4
|
"description": "CLI for deploying and managing private Rulebricks instances",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -59,6 +59,7 @@
|
|
|
59
59
|
"files": [
|
|
60
60
|
"dist",
|
|
61
61
|
"terraform",
|
|
62
|
+
"cluster-setup",
|
|
62
63
|
"templates",
|
|
63
64
|
"benchmarks"
|
|
64
65
|
]
|