@rulebricks/cli 2.1.7 → 2.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/README.md +51 -16
  2. package/cluster-setup/aws/README.md +96 -47
  3. package/cluster-setup/aws/check-aws-access.sh +216 -52
  4. package/cluster-setup/aws/parameters.json +13 -0
  5. package/cluster-setup/aws/rulebricks-cluster.cfn.yaml +355 -0
  6. package/cluster-setup/azure/README.md +103 -55
  7. package/cluster-setup/azure/check-aks-prereqs.sh +236 -56
  8. package/cluster-setup/azure/parameters.json +30 -0
  9. package/cluster-setup/azure/rulebricks-cluster.bicep +546 -0
  10. package/cluster-setup/gcp/README.md +51 -34
  11. package/cluster-setup/gcp/check-gke-prereqs.sh +222 -60
  12. package/dist/commands/backup.d.ts +5 -0
  13. package/dist/commands/backup.js +104 -0
  14. package/dist/commands/deploy.d.ts +3 -1
  15. package/dist/commands/deploy.js +226 -326
  16. package/dist/commands/destroy.d.ts +1 -1
  17. package/dist/commands/destroy.js +73 -123
  18. package/dist/commands/init.d.ts +5 -1
  19. package/dist/commands/init.js +78 -54
  20. package/dist/commands/list.d.ts +1 -0
  21. package/dist/commands/list.js +74 -0
  22. package/dist/commands/open.d.ts +1 -1
  23. package/dist/commands/open.js +4 -12
  24. package/dist/commands/redeploy.d.ts +6 -0
  25. package/dist/commands/redeploy.js +310 -0
  26. package/dist/commands/restore.d.ts +5 -0
  27. package/dist/commands/restore.js +338 -0
  28. package/dist/commands/status.js +62 -49
  29. package/dist/commands/upgrade.js +74 -51
  30. package/dist/components/DNSWaitScreen.d.ts +5 -1
  31. package/dist/components/DNSWaitScreen.js +47 -41
  32. package/dist/components/Wizard/WizardContext.d.ts +157 -36
  33. package/dist/components/Wizard/WizardContext.js +872 -160
  34. package/dist/components/Wizard/steps/CloudProviderStep.js +192 -107
  35. package/dist/components/Wizard/steps/DomainStep.js +5 -24
  36. package/dist/components/Wizard/steps/ExternalServicesStep.d.ts +6 -0
  37. package/dist/components/Wizard/steps/ExternalServicesStep.js +645 -0
  38. package/dist/components/Wizard/steps/FeatureConfigStep.d.ts +2 -1
  39. package/dist/components/Wizard/steps/FeatureConfigStep.js +739 -425
  40. package/dist/components/Wizard/steps/FeaturesStep.js +31 -35
  41. package/dist/components/Wizard/steps/ObservabilityStep.d.ts +6 -0
  42. package/dist/components/Wizard/steps/ObservabilityStep.js +137 -0
  43. package/dist/components/Wizard/steps/ReviewStep.d.ts +2 -1
  44. package/dist/components/Wizard/steps/ReviewStep.js +56 -12
  45. package/dist/components/Wizard/steps/StorageStep.d.ts +9 -0
  46. package/dist/components/Wizard/steps/StorageStep.js +592 -0
  47. package/dist/components/Wizard/steps/SupabaseCredentialsStep.js +20 -21
  48. package/dist/components/Wizard/steps/VersionStep.js +45 -23
  49. package/dist/components/Wizard/steps/index.d.ts +3 -3
  50. package/dist/components/Wizard/steps/index.js +3 -3
  51. package/dist/components/common/CommandApproval.d.ts +12 -0
  52. package/dist/components/common/CommandApproval.js +91 -0
  53. package/dist/components/common/DeploymentPicker.d.ts +14 -0
  54. package/dist/components/common/DeploymentPicker.js +16 -0
  55. package/dist/components/common/index.d.ts +2 -0
  56. package/dist/components/common/index.js +2 -0
  57. package/dist/index.js +94 -62
  58. package/dist/lib/cloudCli.d.ts +134 -63
  59. package/dist/lib/cloudCli.js +512 -220
  60. package/dist/lib/clusterSetupDefaults.d.ts +30 -0
  61. package/dist/lib/clusterSetupDefaults.js +64 -0
  62. package/dist/lib/commandApproval.d.ts +26 -0
  63. package/dist/lib/commandApproval.js +114 -0
  64. package/dist/lib/config.d.ts +12 -10
  65. package/dist/lib/config.js +91 -33
  66. package/dist/lib/configFixtures.d.ts +5 -0
  67. package/dist/lib/configFixtures.js +513 -0
  68. package/dist/lib/deploymentHealth.d.ts +32 -0
  69. package/dist/lib/deploymentHealth.js +157 -0
  70. package/dist/lib/dns.d.ts +1 -1
  71. package/dist/lib/dns.js +19 -1
  72. package/dist/lib/dns.test.d.ts +1 -0
  73. package/dist/lib/dns.test.js +27 -0
  74. package/dist/lib/dockerHub.d.ts +12 -1
  75. package/dist/lib/dockerHub.js +18 -8
  76. package/dist/lib/helm.d.ts +4 -0
  77. package/dist/lib/helm.js +16 -0
  78. package/dist/lib/helmValues.d.ts +25 -0
  79. package/dist/lib/helmValues.js +1762 -289
  80. package/dist/lib/helmValues.test.d.ts +1 -0
  81. package/dist/lib/helmValues.test.js +966 -0
  82. package/dist/lib/htpasswd.d.ts +1 -0
  83. package/dist/lib/htpasswd.js +15 -0
  84. package/dist/lib/kubernetes.d.ts +124 -17
  85. package/dist/lib/kubernetes.js +576 -145
  86. package/dist/lib/secrets.d.ts +23 -0
  87. package/dist/lib/secrets.js +158 -0
  88. package/dist/lib/validateValues.d.ts +31 -0
  89. package/dist/lib/validateValues.js +253 -0
  90. package/dist/lib/versions.d.ts +82 -11
  91. package/dist/lib/versions.js +131 -31
  92. package/dist/lib/versions.test.d.ts +1 -0
  93. package/dist/lib/versions.test.js +81 -0
  94. package/dist/lib/wizardSteps.d.ts +14 -0
  95. package/dist/lib/wizardSteps.js +23 -0
  96. package/dist/lib/workloadIdentity.d.ts +26 -0
  97. package/dist/lib/workloadIdentity.js +323 -0
  98. package/dist/lib/workloadIdentity.test.d.ts +1 -0
  99. package/dist/lib/workloadIdentity.test.js +57 -0
  100. package/dist/types/index.d.ts +1860 -164
  101. package/dist/types/index.js +518 -295
  102. package/package.json +9 -4
  103. package/schema/values.schema.json +1934 -0
  104. package/cluster-setup/aws/cluster.yaml +0 -33
  105. package/cluster-setup/azure/main.bicep +0 -282
  106. package/cluster-setup/azure/main.parameters.json +0 -21
  107. package/dist/components/Wizard/steps/CredentialsStep.d.ts +0 -6
  108. package/dist/components/Wizard/steps/CredentialsStep.js +0 -22
  109. package/dist/components/Wizard/steps/DeploymentModeStep.d.ts +0 -5
  110. package/dist/components/Wizard/steps/DeploymentModeStep.js +0 -26
  111. package/dist/components/Wizard/steps/TierStep.d.ts +0 -6
  112. package/dist/components/Wizard/steps/TierStep.js +0 -29
  113. package/dist/lib/terraform.d.ts +0 -66
  114. package/dist/lib/terraform.js +0 -754
  115. package/terraform/aws/main.tf +0 -355
  116. package/terraform/azure/main.tf +0 -371
  117. package/terraform/gcp/main.tf +0 -407
@@ -1,371 +0,0 @@
1
- # Azure AKS Cluster for Rulebricks
2
- # Meets minimum requirements: 4 nodes, 8 vCPU, 16GB RAM per node
3
-
4
- terraform {
5
- required_version = ">= 1.0.0"
6
-
7
- required_providers {
8
- azurerm = {
9
- source = "hashicorp/azurerm"
10
- version = "~> 3.0"
11
- }
12
- }
13
- }
14
-
15
- provider "azurerm" {
16
- features {}
17
- }
18
-
19
- # Variables
20
- variable "cluster_name" {
21
- description = "Name of the AKS cluster"
22
- type = string
23
- default = "rulebricks-cluster"
24
- }
25
-
26
- variable "resource_group_name" {
27
- description = "Name of the Azure resource group"
28
- type = string
29
- default = "rulebricks-rg"
30
- }
31
-
32
- variable "location" {
33
- description = "Azure region"
34
- type = string
35
- default = "eastus"
36
- }
37
-
38
- variable "tier" {
39
- description = "Performance tier: small, medium, large"
40
- type = string
41
- default = "small"
42
- }
43
-
44
- variable "kubernetes_version" {
45
- description = "Kubernetes version"
46
- type = string
47
- default = "1.34"
48
- }
49
-
50
- variable "enable_external_dns" {
51
- description = "Enable managed identity for external-dns (Azure DNS)"
52
- type = bool
53
- default = false
54
- }
55
-
56
- variable "dns_zone_resource_group" {
57
- description = "Resource group containing the Azure DNS zone"
58
- type = string
59
- default = ""
60
- }
61
-
62
- variable "enable_blob_logging" {
63
- description = "Enable managed identity for Vector Azure Blob logging"
64
- type = bool
65
- default = false
66
- }
67
-
68
- variable "logging_storage_account" {
69
- description = "Azure Storage account name for Vector logs"
70
- type = string
71
- default = ""
72
- }
73
-
74
- variable "logging_container_name" {
75
- description = "Azure Blob container name for Vector logs"
76
- type = string
77
- default = ""
78
- }
79
-
80
- # Tier configurations
81
- # Using Ampere (ARM64) instances for compatibility with arm64 container images
82
- locals {
83
- tier_configs = {
84
- small = {
85
- node_count = 4
86
- vm_size = "Standard_D2ps_v5" # 2 vCPU, 8GB (Ampere ARM64)
87
- min_nodes = 4
88
- max_nodes = 4
89
- disk_size = 20
90
- }
91
- medium = {
92
- node_count = 4
93
- vm_size = "Standard_D4ps_v5" # 4 vCPU, 16GB (Ampere ARM64)
94
- min_nodes = 4
95
- max_nodes = 8
96
- disk_size = 30
97
- }
98
- large = {
99
- node_count = 5
100
- vm_size = "Standard_D8ps_v5" # 8 vCPU, 32GB (Ampere ARM64)
101
- min_nodes = 5
102
- max_nodes = 16
103
- disk_size = 50
104
- }
105
- }
106
-
107
- config = local.tier_configs[var.tier]
108
- }
109
-
110
- # Resource Group
111
- resource "azurerm_resource_group" "rg" {
112
- name = var.resource_group_name
113
- location = var.location
114
-
115
- tags = {
116
- Environment = "rulebricks"
117
- Terraform = "true"
118
- }
119
- }
120
-
121
- # Virtual Network
122
- resource "azurerm_virtual_network" "vnet" {
123
- name = "${var.cluster_name}-vnet"
124
- location = azurerm_resource_group.rg.location
125
- resource_group_name = azurerm_resource_group.rg.name
126
- address_space = ["10.0.0.0/8"]
127
-
128
- tags = {
129
- Environment = "rulebricks"
130
- }
131
- }
132
-
133
- # Subnet for AKS
134
- resource "azurerm_subnet" "aks" {
135
- name = "aks-subnet"
136
- resource_group_name = azurerm_resource_group.rg.name
137
- virtual_network_name = azurerm_virtual_network.vnet.name
138
- address_prefixes = ["10.240.0.0/16"]
139
- }
140
-
141
- # Network Security Group for AKS subnet
142
- # Allows all intra-VNet traffic for Kubernetes node-to-node communication
143
- resource "azurerm_network_security_group" "aks" {
144
- name = "${var.cluster_name}-nsg"
145
- location = azurerm_resource_group.rg.location
146
- resource_group_name = azurerm_resource_group.rg.name
147
-
148
- # Allow all intra-VNet inbound traffic for Kubernetes
149
- security_rule {
150
- name = "AllowVNetInbound"
151
- priority = 100
152
- direction = "Inbound"
153
- access = "Allow"
154
- protocol = "*"
155
- source_port_range = "*"
156
- destination_port_range = "*"
157
- source_address_prefix = "VirtualNetwork"
158
- destination_address_prefix = "VirtualNetwork"
159
- }
160
-
161
- # Allow all intra-VNet outbound traffic for Kubernetes
162
- security_rule {
163
- name = "AllowVNetOutbound"
164
- priority = 100
165
- direction = "Outbound"
166
- access = "Allow"
167
- protocol = "*"
168
- source_port_range = "*"
169
- destination_port_range = "*"
170
- source_address_prefix = "VirtualNetwork"
171
- destination_address_prefix = "VirtualNetwork"
172
- }
173
-
174
- tags = {
175
- Environment = "rulebricks"
176
- Terraform = "true"
177
- }
178
- }
179
-
180
- # Associate NSG with AKS subnet
181
- resource "azurerm_subnet_network_security_group_association" "aks" {
182
- subnet_id = azurerm_subnet.aks.id
183
- network_security_group_id = azurerm_network_security_group.aks.id
184
- }
185
-
186
- # User Assigned Identity for AKS
187
- resource "azurerm_user_assigned_identity" "aks" {
188
- name = "${var.cluster_name}-identity"
189
- location = azurerm_resource_group.rg.location
190
- resource_group_name = azurerm_resource_group.rg.name
191
- }
192
-
193
- # Role assignment for network contributor
194
- resource "azurerm_role_assignment" "network" {
195
- scope = azurerm_virtual_network.vnet.id
196
- role_definition_name = "Network Contributor"
197
- principal_id = azurerm_user_assigned_identity.aks.principal_id
198
- }
199
-
200
- # AKS Cluster
201
- resource "azurerm_kubernetes_cluster" "aks" {
202
- name = var.cluster_name
203
- location = azurerm_resource_group.rg.location
204
- resource_group_name = azurerm_resource_group.rg.name
205
- dns_prefix = var.cluster_name
206
- kubernetes_version = var.kubernetes_version
207
-
208
- default_node_pool {
209
- name = "default"
210
- node_count = var.tier == "small" ? local.config.node_count : null
211
- min_count = var.tier != "small" ? local.config.min_nodes : null
212
- max_count = var.tier != "small" ? local.config.max_nodes : null
213
- enable_auto_scaling = var.tier != "small"
214
- vm_size = local.config.vm_size
215
- os_disk_size_gb = local.config.disk_size
216
- os_disk_type = "Managed"
217
- vnet_subnet_id = azurerm_subnet.aks.id
218
-
219
- node_labels = {
220
- "environment" = "rulebricks"
221
- "tier" = var.tier
222
- }
223
- }
224
-
225
- identity {
226
- type = "UserAssigned"
227
- identity_ids = [azurerm_user_assigned_identity.aks.id]
228
- }
229
-
230
- network_profile {
231
- network_plugin = "azure"
232
- network_policy = "calico"
233
- load_balancer_sku = "standard"
234
- service_cidr = "10.0.0.0/16"
235
- dns_service_ip = "10.0.0.10"
236
- }
237
-
238
- oidc_issuer_enabled = true
239
- workload_identity_enabled = true
240
-
241
- storage_profile {
242
- disk_driver_enabled = true
243
- file_driver_enabled = true
244
- }
245
-
246
- tags = {
247
- Environment = "rulebricks"
248
- Terraform = "true"
249
- }
250
-
251
- depends_on = [
252
- azurerm_role_assignment.network
253
- ]
254
- }
255
-
256
- # ============================================
257
- # External DNS Managed Identity (Azure DNS)
258
- # ============================================
259
- resource "azurerm_user_assigned_identity" "external_dns" {
260
- count = var.enable_external_dns ? 1 : 0
261
- name = "${var.cluster_name}-external-dns"
262
- location = azurerm_resource_group.rg.location
263
- resource_group_name = azurerm_resource_group.rg.name
264
- }
265
-
266
- # DNS Zone Contributor role for external-dns
267
- resource "azurerm_role_assignment" "external_dns_zone" {
268
- count = var.enable_external_dns && var.dns_zone_resource_group != "" ? 1 : 0
269
- scope = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.dns_zone_resource_group}"
270
- role_definition_name = "DNS Zone Contributor"
271
- principal_id = azurerm_user_assigned_identity.external_dns[0].principal_id
272
- }
273
-
274
- # Federated credential for external-dns workload identity
275
- resource "azurerm_federated_identity_credential" "external_dns" {
276
- count = var.enable_external_dns ? 1 : 0
277
- name = "external-dns"
278
- resource_group_name = azurerm_resource_group.rg.name
279
- parent_id = azurerm_user_assigned_identity.external_dns[0].id
280
- audience = ["api://AzureADTokenExchange"]
281
- issuer = azurerm_kubernetes_cluster.aks.oidc_issuer_url
282
- subject = "system:serviceaccount:rulebricks:external-dns"
283
- }
284
-
285
- # ============================================
286
- # Vector Blob Storage Managed Identity
287
- # ============================================
288
- resource "azurerm_user_assigned_identity" "vector" {
289
- count = var.enable_blob_logging ? 1 : 0
290
- name = "${var.cluster_name}-vector"
291
- location = azurerm_resource_group.rg.location
292
- resource_group_name = azurerm_resource_group.rg.name
293
- }
294
-
295
- # Get storage account (if provided)
296
- data "azurerm_storage_account" "logging" {
297
- count = var.enable_blob_logging && var.logging_storage_account != "" ? 1 : 0
298
- name = var.logging_storage_account
299
- resource_group_name = azurerm_resource_group.rg.name
300
- }
301
-
302
- # Storage Blob Data Contributor role for Vector
303
- resource "azurerm_role_assignment" "vector_blob" {
304
- count = var.enable_blob_logging && var.logging_storage_account != "" ? 1 : 0
305
- scope = data.azurerm_storage_account.logging[0].id
306
- role_definition_name = "Storage Blob Data Contributor"
307
- principal_id = azurerm_user_assigned_identity.vector[0].principal_id
308
- }
309
-
310
- # Federated credential for Vector workload identity
311
- resource "azurerm_federated_identity_credential" "vector" {
312
- count = var.enable_blob_logging ? 1 : 0
313
- name = "vector"
314
- resource_group_name = azurerm_resource_group.rg.name
315
- parent_id = azurerm_user_assigned_identity.vector[0].id
316
- audience = ["api://AzureADTokenExchange"]
317
- issuer = azurerm_kubernetes_cluster.aks.oidc_issuer_url
318
- subject = "system:serviceaccount:rulebricks:vector"
319
- }
320
-
321
- # Current subscription data
322
- data "azurerm_subscription" "current" {}
323
-
324
- # Outputs
325
- output "cluster_name" {
326
- value = azurerm_kubernetes_cluster.aks.name
327
- description = "AKS cluster name"
328
- }
329
-
330
- output "cluster_endpoint" {
331
- value = azurerm_kubernetes_cluster.aks.kube_config[0].host
332
- description = "AKS cluster endpoint"
333
- sensitive = true
334
- }
335
-
336
- output "cluster_ca_certificate" {
337
- value = azurerm_kubernetes_cluster.aks.kube_config[0].cluster_ca_certificate
338
- description = "Base64 encoded cluster CA certificate"
339
- sensitive = true
340
- }
341
-
342
- output "resource_group_name" {
343
- value = azurerm_resource_group.rg.name
344
- description = "Azure resource group name"
345
- }
346
-
347
- output "location" {
348
- value = var.location
349
- description = "Azure region"
350
- }
351
-
352
- output "kubeconfig_command" {
353
- value = "az aks get-credentials --name ${var.cluster_name} --resource-group ${var.resource_group_name}"
354
- description = "Command to update kubeconfig"
355
- }
356
-
357
- output "kube_config" {
358
- value = azurerm_kubernetes_cluster.aks.kube_config_raw
359
- description = "Raw kubeconfig for the AKS cluster"
360
- sensitive = true
361
- }
362
-
363
- output "external_dns_client_id" {
364
- value = var.enable_external_dns ? azurerm_user_assigned_identity.external_dns[0].client_id : ""
365
- description = "Client ID for external-dns managed identity"
366
- }
367
-
368
- output "vector_client_id" {
369
- value = var.enable_blob_logging ? azurerm_user_assigned_identity.vector[0].client_id : ""
370
- description = "Client ID for Vector managed identity"
371
- }