@rulebricks/cli 2.1.7 → 2.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/README.md +51 -16
  2. package/cluster-setup/aws/README.md +96 -47
  3. package/cluster-setup/aws/check-aws-access.sh +216 -52
  4. package/cluster-setup/aws/parameters.json +13 -0
  5. package/cluster-setup/aws/rulebricks-cluster.cfn.yaml +355 -0
  6. package/cluster-setup/azure/README.md +103 -55
  7. package/cluster-setup/azure/check-aks-prereqs.sh +236 -56
  8. package/cluster-setup/azure/parameters.json +30 -0
  9. package/cluster-setup/azure/rulebricks-cluster.bicep +546 -0
  10. package/cluster-setup/gcp/README.md +51 -34
  11. package/cluster-setup/gcp/check-gke-prereqs.sh +222 -60
  12. package/dist/commands/backup.d.ts +5 -0
  13. package/dist/commands/backup.js +104 -0
  14. package/dist/commands/deploy.d.ts +3 -1
  15. package/dist/commands/deploy.js +226 -326
  16. package/dist/commands/destroy.d.ts +1 -1
  17. package/dist/commands/destroy.js +73 -123
  18. package/dist/commands/init.d.ts +5 -1
  19. package/dist/commands/init.js +78 -54
  20. package/dist/commands/list.d.ts +1 -0
  21. package/dist/commands/list.js +74 -0
  22. package/dist/commands/open.d.ts +1 -1
  23. package/dist/commands/open.js +4 -12
  24. package/dist/commands/redeploy.d.ts +6 -0
  25. package/dist/commands/redeploy.js +310 -0
  26. package/dist/commands/restore.d.ts +5 -0
  27. package/dist/commands/restore.js +338 -0
  28. package/dist/commands/status.js +62 -49
  29. package/dist/commands/upgrade.js +74 -51
  30. package/dist/components/DNSWaitScreen.d.ts +5 -1
  31. package/dist/components/DNSWaitScreen.js +47 -41
  32. package/dist/components/Wizard/WizardContext.d.ts +157 -36
  33. package/dist/components/Wizard/WizardContext.js +872 -160
  34. package/dist/components/Wizard/steps/CloudProviderStep.js +192 -107
  35. package/dist/components/Wizard/steps/DomainStep.js +5 -24
  36. package/dist/components/Wizard/steps/ExternalServicesStep.d.ts +6 -0
  37. package/dist/components/Wizard/steps/ExternalServicesStep.js +645 -0
  38. package/dist/components/Wizard/steps/FeatureConfigStep.d.ts +2 -1
  39. package/dist/components/Wizard/steps/FeatureConfigStep.js +739 -425
  40. package/dist/components/Wizard/steps/FeaturesStep.js +31 -35
  41. package/dist/components/Wizard/steps/ObservabilityStep.d.ts +6 -0
  42. package/dist/components/Wizard/steps/ObservabilityStep.js +137 -0
  43. package/dist/components/Wizard/steps/ReviewStep.d.ts +2 -1
  44. package/dist/components/Wizard/steps/ReviewStep.js +56 -12
  45. package/dist/components/Wizard/steps/StorageStep.d.ts +9 -0
  46. package/dist/components/Wizard/steps/StorageStep.js +592 -0
  47. package/dist/components/Wizard/steps/SupabaseCredentialsStep.js +20 -21
  48. package/dist/components/Wizard/steps/VersionStep.js +45 -23
  49. package/dist/components/Wizard/steps/index.d.ts +3 -3
  50. package/dist/components/Wizard/steps/index.js +3 -3
  51. package/dist/components/common/CommandApproval.d.ts +12 -0
  52. package/dist/components/common/CommandApproval.js +91 -0
  53. package/dist/components/common/DeploymentPicker.d.ts +14 -0
  54. package/dist/components/common/DeploymentPicker.js +16 -0
  55. package/dist/components/common/index.d.ts +2 -0
  56. package/dist/components/common/index.js +2 -0
  57. package/dist/index.js +94 -62
  58. package/dist/lib/cloudCli.d.ts +134 -63
  59. package/dist/lib/cloudCli.js +512 -220
  60. package/dist/lib/clusterSetupDefaults.d.ts +30 -0
  61. package/dist/lib/clusterSetupDefaults.js +64 -0
  62. package/dist/lib/commandApproval.d.ts +26 -0
  63. package/dist/lib/commandApproval.js +114 -0
  64. package/dist/lib/config.d.ts +12 -10
  65. package/dist/lib/config.js +91 -33
  66. package/dist/lib/configFixtures.d.ts +5 -0
  67. package/dist/lib/configFixtures.js +513 -0
  68. package/dist/lib/deploymentHealth.d.ts +32 -0
  69. package/dist/lib/deploymentHealth.js +157 -0
  70. package/dist/lib/dns.d.ts +1 -1
  71. package/dist/lib/dns.js +19 -1
  72. package/dist/lib/dns.test.d.ts +1 -0
  73. package/dist/lib/dns.test.js +27 -0
  74. package/dist/lib/dockerHub.d.ts +12 -1
  75. package/dist/lib/dockerHub.js +18 -8
  76. package/dist/lib/helm.d.ts +4 -0
  77. package/dist/lib/helm.js +16 -0
  78. package/dist/lib/helmValues.d.ts +25 -0
  79. package/dist/lib/helmValues.js +1762 -289
  80. package/dist/lib/helmValues.test.d.ts +1 -0
  81. package/dist/lib/helmValues.test.js +966 -0
  82. package/dist/lib/htpasswd.d.ts +1 -0
  83. package/dist/lib/htpasswd.js +15 -0
  84. package/dist/lib/kubernetes.d.ts +124 -17
  85. package/dist/lib/kubernetes.js +576 -145
  86. package/dist/lib/secrets.d.ts +23 -0
  87. package/dist/lib/secrets.js +158 -0
  88. package/dist/lib/validateValues.d.ts +31 -0
  89. package/dist/lib/validateValues.js +253 -0
  90. package/dist/lib/versions.d.ts +82 -11
  91. package/dist/lib/versions.js +131 -31
  92. package/dist/lib/versions.test.d.ts +1 -0
  93. package/dist/lib/versions.test.js +81 -0
  94. package/dist/lib/wizardSteps.d.ts +14 -0
  95. package/dist/lib/wizardSteps.js +23 -0
  96. package/dist/lib/workloadIdentity.d.ts +26 -0
  97. package/dist/lib/workloadIdentity.js +323 -0
  98. package/dist/lib/workloadIdentity.test.d.ts +1 -0
  99. package/dist/lib/workloadIdentity.test.js +57 -0
  100. package/dist/types/index.d.ts +1860 -164
  101. package/dist/types/index.js +518 -295
  102. package/package.json +9 -4
  103. package/schema/values.schema.json +1934 -0
  104. package/cluster-setup/aws/cluster.yaml +0 -33
  105. package/cluster-setup/azure/main.bicep +0 -282
  106. package/cluster-setup/azure/main.parameters.json +0 -21
  107. package/dist/components/Wizard/steps/CredentialsStep.d.ts +0 -6
  108. package/dist/components/Wizard/steps/CredentialsStep.js +0 -22
  109. package/dist/components/Wizard/steps/DeploymentModeStep.d.ts +0 -5
  110. package/dist/components/Wizard/steps/DeploymentModeStep.js +0 -26
  111. package/dist/components/Wizard/steps/TierStep.d.ts +0 -6
  112. package/dist/components/Wizard/steps/TierStep.js +0 -29
  113. package/dist/lib/terraform.d.ts +0 -66
  114. package/dist/lib/terraform.js +0 -754
  115. package/terraform/aws/main.tf +0 -355
  116. package/terraform/azure/main.tf +0 -371
  117. package/terraform/gcp/main.tf +0 -407
@@ -1,355 +0,0 @@
1
- # AWS EKS Cluster for Rulebricks
2
- # Meets minimum requirements: 4 nodes, 8 vCPU, 16GB RAM per node
3
-
4
- terraform {
5
- required_version = ">= 1.0.0"
6
-
7
- required_providers {
8
- aws = {
9
- source = "hashicorp/aws"
10
- version = "~> 5.0"
11
- }
12
- }
13
- }
14
-
15
- provider "aws" {
16
- region = var.region
17
- }
18
-
19
- # Variables
20
- variable "cluster_name" {
21
- description = "Name of the EKS cluster"
22
- type = string
23
- default = "rulebricks-cluster"
24
- }
25
-
26
- variable "region" {
27
- description = "AWS region"
28
- type = string
29
- default = "us-east-1"
30
- }
31
-
32
- variable "tier" {
33
- description = "Performance tier: small, medium, large"
34
- type = string
35
- default = "small"
36
- }
37
-
38
- variable "kubernetes_version" {
39
- description = "Kubernetes version"
40
- type = string
41
- default = "1.34"
42
- }
43
-
44
- variable "enable_external_dns" {
45
- description = "Enable IAM role for external-dns (Route53)"
46
- type = bool
47
- default = false
48
- }
49
-
50
- variable "external_dns_domain" {
51
- description = "Domain filter for external-dns"
52
- type = string
53
- default = ""
54
- }
55
-
56
- variable "enable_s3_logging" {
57
- description = "Enable IAM role for Vector S3 logging"
58
- type = bool
59
- default = false
60
- }
61
-
62
- variable "logging_s3_bucket" {
63
- description = "S3 bucket name for Vector logs"
64
- type = string
65
- default = ""
66
- }
67
-
68
- # Tier configurations
69
- # Using Graviton4 (ARM64) instances for compatibility with arm64 container images
70
- locals {
71
- tier_configs = {
72
- small = {
73
- node_count = 4
74
- instance_type = "c8g.large" # 2 vCPU, 4GB (Graviton4 ARM64)
75
- min_nodes = 4
76
- max_nodes = 4
77
- disk_size = 20
78
- }
79
- medium = {
80
- node_count = 4
81
- instance_type = "c8g.xlarge" # 4 vCPU, 8GB (Graviton4 ARM64)
82
- min_nodes = 4
83
- max_nodes = 8
84
- disk_size = 30
85
- }
86
- large = {
87
- node_count = 5
88
- instance_type = "c8g.2xlarge" # 8 vCPU, 16GB (Graviton4 ARM64)
89
- min_nodes = 5
90
- max_nodes = 16
91
- disk_size = 50
92
- }
93
- }
94
-
95
- config = local.tier_configs[var.tier]
96
- }
97
-
98
- # VPC
99
- module "vpc" {
100
- source = "terraform-aws-modules/vpc/aws"
101
- version = "~> 5.0"
102
-
103
- name = "${var.cluster_name}-vpc"
104
- cidr = "10.0.0.0/16"
105
-
106
- azs = ["${var.region}a", "${var.region}b", "${var.region}c"]
107
- private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
108
- public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
109
-
110
- enable_nat_gateway = true
111
- single_nat_gateway = var.tier == "small" ? true : false
112
- enable_dns_hostnames = true
113
- enable_dns_support = true
114
-
115
- public_subnet_tags = {
116
- "kubernetes.io/role/elb" = 1
117
- "kubernetes.io/cluster/${var.cluster_name}" = "owned"
118
- }
119
-
120
- private_subnet_tags = {
121
- "kubernetes.io/role/internal-elb" = 1
122
- "kubernetes.io/cluster/${var.cluster_name}" = "owned"
123
- }
124
-
125
- tags = {
126
- Environment = "rulebricks"
127
- Terraform = "true"
128
- }
129
- }
130
-
131
- # EKS Cluster
132
- module "eks" {
133
- source = "terraform-aws-modules/eks/aws"
134
- version = "~> 20.0"
135
-
136
- cluster_name = var.cluster_name
137
- cluster_version = var.kubernetes_version
138
-
139
- # Grant the IAM identity running Terraform admin access to the cluster
140
- enable_cluster_creator_admin_permissions = true
141
-
142
- cluster_endpoint_public_access = true
143
- cluster_endpoint_private_access = true
144
-
145
- # Disable Terraform-managed CloudWatch log group to prevent
146
- # ResourceAlreadyExistsException on re-deploy after partial failures.
147
- # AWS creates the log group automatically if control-plane logging is enabled.
148
- create_cloudwatch_log_group = false
149
- cluster_enabled_log_types = []
150
-
151
- vpc_id = module.vpc.vpc_id
152
- subnet_ids = module.vpc.private_subnets
153
-
154
- # EKS Managed Node Group
155
- eks_managed_node_groups = {
156
- rulebricks = {
157
- name = "rulebricks-nodes"
158
- instance_types = [local.config.instance_type]
159
- ami_type = "AL2023_ARM_64_STANDARD" # ARM AMI for Graviton instances
160
-
161
- min_size = local.config.min_nodes
162
- max_size = local.config.max_nodes
163
- desired_size = local.config.node_count
164
-
165
- disk_size = local.config.disk_size
166
-
167
- labels = {
168
- Environment = "rulebricks"
169
- Tier = var.tier
170
- }
171
- }
172
- }
173
-
174
- # Enable IRSA for service accounts
175
- enable_irsa = true
176
-
177
- # Cluster add-ons
178
- cluster_addons = {
179
- coredns = {
180
- most_recent = true
181
- }
182
- kube-proxy = {
183
- most_recent = true
184
- }
185
- vpc-cni = {
186
- most_recent = true
187
- }
188
- aws-ebs-csi-driver = {
189
- most_recent = true
190
- service_account_role_arn = module.ebs_csi_irsa.iam_role_arn
191
- }
192
- }
193
-
194
- # Allow all node-to-node traffic for intra-cluster communication
195
- # This ensures services on any port (including port 80 for serverless-redis-http) can communicate
196
- node_security_group_additional_rules = {
197
- ingress_self_all = {
198
- description = "Node to node all ports/protocols"
199
- protocol = "-1"
200
- from_port = 0
201
- to_port = 0
202
- type = "ingress"
203
- self = true
204
- }
205
- egress_all = {
206
- description = "Node all egress"
207
- protocol = "-1"
208
- from_port = 0
209
- to_port = 0
210
- type = "egress"
211
- cidr_blocks = ["0.0.0.0/0"]
212
- ipv6_cidr_blocks = ["::/0"]
213
- }
214
- }
215
-
216
- tags = {
217
- Environment = "rulebricks"
218
- Terraform = "true"
219
- }
220
- }
221
-
222
- # IAM role for EBS CSI driver
223
- module "ebs_csi_irsa" {
224
- source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
225
- version = "~> 5.0"
226
-
227
- role_name = "${var.cluster_name}-ebs-csi"
228
- attach_ebs_csi_policy = true
229
-
230
- oidc_providers = {
231
- main = {
232
- provider_arn = module.eks.oidc_provider_arn
233
- namespace_service_accounts = ["kube-system:ebs-csi-controller-sa"]
234
- }
235
- }
236
- }
237
-
238
- # ============================================
239
- # External DNS IAM Role (Route53)
240
- # ============================================
241
- module "external_dns_irsa" {
242
- source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
243
- version = "~> 5.0"
244
-
245
- count = var.enable_external_dns ? 1 : 0
246
-
247
- role_name = "${var.cluster_name}-external-dns"
248
- attach_external_dns_policy = true
249
- external_dns_hosted_zone_arns = ["arn:aws:route53:::hostedzone/*"]
250
-
251
- oidc_providers = {
252
- main = {
253
- provider_arn = module.eks.oidc_provider_arn
254
- namespace_service_accounts = ["rulebricks:external-dns"]
255
- }
256
- }
257
-
258
- tags = {
259
- Environment = "rulebricks"
260
- Terraform = "true"
261
- }
262
- }
263
-
264
- # ============================================
265
- # Vector S3 Logging IAM Role
266
- # ============================================
267
- resource "aws_iam_policy" "vector_s3" {
268
- count = var.enable_s3_logging ? 1 : 0
269
-
270
- name = "${var.cluster_name}-vector-s3"
271
- description = "IAM policy for Vector to write logs to S3"
272
-
273
- policy = jsonencode({
274
- Version = "2012-10-17"
275
- Statement = [
276
- {
277
- Effect = "Allow"
278
- Action = [
279
- "s3:PutObject",
280
- "s3:PutObjectAcl",
281
- "s3:GetObject",
282
- "s3:DeleteObject",
283
- "s3:ListBucket"
284
- ]
285
- Resource = [
286
- "arn:aws:s3:::${var.logging_s3_bucket}",
287
- "arn:aws:s3:::${var.logging_s3_bucket}/*"
288
- ]
289
- }
290
- ]
291
- })
292
- }
293
-
294
- module "vector_irsa" {
295
- source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
296
- version = "~> 5.0"
297
-
298
- count = var.enable_s3_logging ? 1 : 0
299
-
300
- role_name = "${var.cluster_name}-vector"
301
-
302
- role_policy_arns = {
303
- vector_s3 = aws_iam_policy.vector_s3[0].arn
304
- }
305
-
306
- oidc_providers = {
307
- main = {
308
- provider_arn = module.eks.oidc_provider_arn
309
- namespace_service_accounts = ["rulebricks:vector"]
310
- }
311
- }
312
-
313
- tags = {
314
- Environment = "rulebricks"
315
- Terraform = "true"
316
- }
317
- }
318
-
319
-
320
- # Outputs
321
- output "cluster_name" {
322
- value = module.eks.cluster_name
323
- description = "EKS cluster name"
324
- }
325
-
326
- output "cluster_endpoint" {
327
- value = module.eks.cluster_endpoint
328
- description = "EKS cluster endpoint"
329
- }
330
-
331
- output "cluster_certificate_authority" {
332
- value = module.eks.cluster_certificate_authority_data
333
- description = "Base64 encoded cluster CA certificate"
334
- sensitive = true
335
- }
336
-
337
- output "region" {
338
- value = var.region
339
- description = "AWS region"
340
- }
341
-
342
- output "kubeconfig_command" {
343
- value = "aws eks update-kubeconfig --name ${var.cluster_name} --region ${var.region}"
344
- description = "Command to update kubeconfig"
345
- }
346
-
347
- output "external_dns_role_arn" {
348
- value = var.enable_external_dns ? module.external_dns_irsa[0].iam_role_arn : ""
349
- description = "IAM role ARN for external-dns service account"
350
- }
351
-
352
- output "vector_role_arn" {
353
- value = var.enable_s3_logging ? module.vector_irsa[0].iam_role_arn : ""
354
- description = "IAM role ARN for Vector service account"
355
- }