@rulebricks/cli 2.1.7 → 2.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/README.md +51 -16
  2. package/cluster-setup/aws/README.md +96 -47
  3. package/cluster-setup/aws/check-aws-access.sh +216 -52
  4. package/cluster-setup/aws/parameters.json +13 -0
  5. package/cluster-setup/aws/rulebricks-cluster.cfn.yaml +355 -0
  6. package/cluster-setup/azure/README.md +103 -55
  7. package/cluster-setup/azure/check-aks-prereqs.sh +236 -56
  8. package/cluster-setup/azure/parameters.json +30 -0
  9. package/cluster-setup/azure/rulebricks-cluster.bicep +546 -0
  10. package/cluster-setup/gcp/README.md +51 -34
  11. package/cluster-setup/gcp/check-gke-prereqs.sh +222 -60
  12. package/dist/commands/backup.d.ts +5 -0
  13. package/dist/commands/backup.js +104 -0
  14. package/dist/commands/deploy.d.ts +3 -1
  15. package/dist/commands/deploy.js +226 -326
  16. package/dist/commands/destroy.d.ts +1 -1
  17. package/dist/commands/destroy.js +73 -123
  18. package/dist/commands/init.d.ts +5 -1
  19. package/dist/commands/init.js +78 -54
  20. package/dist/commands/list.d.ts +1 -0
  21. package/dist/commands/list.js +74 -0
  22. package/dist/commands/open.d.ts +1 -1
  23. package/dist/commands/open.js +4 -12
  24. package/dist/commands/redeploy.d.ts +6 -0
  25. package/dist/commands/redeploy.js +310 -0
  26. package/dist/commands/restore.d.ts +5 -0
  27. package/dist/commands/restore.js +338 -0
  28. package/dist/commands/status.js +62 -49
  29. package/dist/commands/upgrade.js +74 -51
  30. package/dist/components/DNSWaitScreen.d.ts +5 -1
  31. package/dist/components/DNSWaitScreen.js +47 -41
  32. package/dist/components/Wizard/WizardContext.d.ts +157 -36
  33. package/dist/components/Wizard/WizardContext.js +872 -160
  34. package/dist/components/Wizard/steps/CloudProviderStep.js +192 -107
  35. package/dist/components/Wizard/steps/DomainStep.js +5 -24
  36. package/dist/components/Wizard/steps/ExternalServicesStep.d.ts +6 -0
  37. package/dist/components/Wizard/steps/ExternalServicesStep.js +645 -0
  38. package/dist/components/Wizard/steps/FeatureConfigStep.d.ts +2 -1
  39. package/dist/components/Wizard/steps/FeatureConfigStep.js +739 -425
  40. package/dist/components/Wizard/steps/FeaturesStep.js +31 -35
  41. package/dist/components/Wizard/steps/ObservabilityStep.d.ts +6 -0
  42. package/dist/components/Wizard/steps/ObservabilityStep.js +137 -0
  43. package/dist/components/Wizard/steps/ReviewStep.d.ts +2 -1
  44. package/dist/components/Wizard/steps/ReviewStep.js +56 -12
  45. package/dist/components/Wizard/steps/StorageStep.d.ts +9 -0
  46. package/dist/components/Wizard/steps/StorageStep.js +592 -0
  47. package/dist/components/Wizard/steps/SupabaseCredentialsStep.js +20 -21
  48. package/dist/components/Wizard/steps/VersionStep.js +45 -23
  49. package/dist/components/Wizard/steps/index.d.ts +3 -3
  50. package/dist/components/Wizard/steps/index.js +3 -3
  51. package/dist/components/common/CommandApproval.d.ts +12 -0
  52. package/dist/components/common/CommandApproval.js +91 -0
  53. package/dist/components/common/DeploymentPicker.d.ts +14 -0
  54. package/dist/components/common/DeploymentPicker.js +16 -0
  55. package/dist/components/common/index.d.ts +2 -0
  56. package/dist/components/common/index.js +2 -0
  57. package/dist/index.js +94 -62
  58. package/dist/lib/cloudCli.d.ts +134 -63
  59. package/dist/lib/cloudCli.js +512 -220
  60. package/dist/lib/clusterSetupDefaults.d.ts +30 -0
  61. package/dist/lib/clusterSetupDefaults.js +64 -0
  62. package/dist/lib/commandApproval.d.ts +26 -0
  63. package/dist/lib/commandApproval.js +114 -0
  64. package/dist/lib/config.d.ts +12 -10
  65. package/dist/lib/config.js +91 -33
  66. package/dist/lib/configFixtures.d.ts +5 -0
  67. package/dist/lib/configFixtures.js +513 -0
  68. package/dist/lib/deploymentHealth.d.ts +32 -0
  69. package/dist/lib/deploymentHealth.js +157 -0
  70. package/dist/lib/dns.d.ts +1 -1
  71. package/dist/lib/dns.js +19 -1
  72. package/dist/lib/dns.test.d.ts +1 -0
  73. package/dist/lib/dns.test.js +27 -0
  74. package/dist/lib/dockerHub.d.ts +12 -1
  75. package/dist/lib/dockerHub.js +18 -8
  76. package/dist/lib/helm.d.ts +4 -0
  77. package/dist/lib/helm.js +16 -0
  78. package/dist/lib/helmValues.d.ts +25 -0
  79. package/dist/lib/helmValues.js +1762 -289
  80. package/dist/lib/helmValues.test.d.ts +1 -0
  81. package/dist/lib/helmValues.test.js +966 -0
  82. package/dist/lib/htpasswd.d.ts +1 -0
  83. package/dist/lib/htpasswd.js +15 -0
  84. package/dist/lib/kubernetes.d.ts +124 -17
  85. package/dist/lib/kubernetes.js +576 -145
  86. package/dist/lib/secrets.d.ts +23 -0
  87. package/dist/lib/secrets.js +158 -0
  88. package/dist/lib/validateValues.d.ts +31 -0
  89. package/dist/lib/validateValues.js +253 -0
  90. package/dist/lib/versions.d.ts +82 -11
  91. package/dist/lib/versions.js +131 -31
  92. package/dist/lib/versions.test.d.ts +1 -0
  93. package/dist/lib/versions.test.js +81 -0
  94. package/dist/lib/wizardSteps.d.ts +14 -0
  95. package/dist/lib/wizardSteps.js +23 -0
  96. package/dist/lib/workloadIdentity.d.ts +26 -0
  97. package/dist/lib/workloadIdentity.js +323 -0
  98. package/dist/lib/workloadIdentity.test.d.ts +1 -0
  99. package/dist/lib/workloadIdentity.test.js +57 -0
  100. package/dist/types/index.d.ts +1860 -164
  101. package/dist/types/index.js +518 -295
  102. package/package.json +9 -4
  103. package/schema/values.schema.json +1934 -0
  104. package/cluster-setup/aws/cluster.yaml +0 -33
  105. package/cluster-setup/azure/main.bicep +0 -282
  106. package/cluster-setup/azure/main.parameters.json +0 -21
  107. package/dist/components/Wizard/steps/CredentialsStep.d.ts +0 -6
  108. package/dist/components/Wizard/steps/CredentialsStep.js +0 -22
  109. package/dist/components/Wizard/steps/DeploymentModeStep.d.ts +0 -5
  110. package/dist/components/Wizard/steps/DeploymentModeStep.js +0 -26
  111. package/dist/components/Wizard/steps/TierStep.d.ts +0 -6
  112. package/dist/components/Wizard/steps/TierStep.js +0 -29
  113. package/dist/lib/terraform.d.ts +0 -66
  114. package/dist/lib/terraform.js +0 -754
  115. package/terraform/aws/main.tf +0 -355
  116. package/terraform/azure/main.tf +0 -371
  117. package/terraform/gcp/main.tf +0 -407
@@ -1,407 +0,0 @@
1
- # Google Cloud GKE Cluster for Rulebricks
2
- # Meets minimum requirements: 4 nodes, 8 vCPU, 16GB RAM per node
3
-
4
- terraform {
5
- required_version = ">= 1.0.0"
6
-
7
- required_providers {
8
- google = {
9
- source = "hashicorp/google"
10
- version = "~> 5.0"
11
- }
12
- google-beta = {
13
- source = "hashicorp/google-beta"
14
- version = "~> 5.0"
15
- }
16
- }
17
- }
18
-
19
- provider "google" {
20
- project = var.project_id
21
- region = var.region
22
- }
23
-
24
- provider "google-beta" {
25
- project = var.project_id
26
- region = var.region
27
- }
28
-
29
- # Variables
30
- variable "cluster_name" {
31
- description = "Name of the GKE cluster"
32
- type = string
33
- default = "rulebricks-cluster"
34
- }
35
-
36
- variable "project_id" {
37
- description = "GCP project ID"
38
- type = string
39
- }
40
-
41
- variable "region" {
42
- description = "GCP region"
43
- type = string
44
- default = "us-central1"
45
- }
46
-
47
- variable "tier" {
48
- description = "Performance tier: small, medium, large"
49
- type = string
50
- default = "small"
51
- }
52
-
53
- variable "kubernetes_version" {
54
- description = "Kubernetes version"
55
- type = string
56
- default = "1.34"
57
- }
58
-
59
- variable "enable_external_dns" {
60
- description = "Enable service account for external-dns (Cloud DNS)"
61
- type = bool
62
- default = false
63
- }
64
-
65
- variable "enable_gcs_logging" {
66
- description = "Enable service account for Vector GCS logging"
67
- type = bool
68
- default = false
69
- }
70
-
71
- variable "logging_gcs_bucket" {
72
- description = "GCS bucket name for Vector logs"
73
- type = string
74
- default = ""
75
- }
76
-
77
- # Tier configurations
78
- # Using C4A (Google Axion ARM64) instances for best ARM64 performance
79
- # C4A requires Hyperdisk (does not support Persistent Disk)
80
- locals {
81
- tier_configs = {
82
- small = {
83
- node_count = 4
84
- machine_type = "c4a-standard-2" # 2 vCPU, 8GB (Google Axion ARM64)
85
- min_nodes = 4
86
- max_nodes = 4
87
- disk_size = 20
88
- }
89
- medium = {
90
- node_count = 4
91
- machine_type = "c4a-standard-4" # 4 vCPU, 16GB (Google Axion ARM64)
92
- min_nodes = 4
93
- max_nodes = 8
94
- disk_size = 30
95
- }
96
- large = {
97
- node_count = 5
98
- machine_type = "c4a-standard-8" # 8 vCPU, 32GB (Google Axion ARM64)
99
- min_nodes = 5
100
- max_nodes = 16
101
- disk_size = 50
102
- }
103
- }
104
-
105
- config = local.tier_configs[var.tier]
106
- }
107
-
108
- # Enable required APIs
109
- resource "google_project_service" "compute" {
110
- service = "compute.googleapis.com"
111
- disable_on_destroy = false
112
- }
113
-
114
- resource "google_project_service" "container" {
115
- service = "container.googleapis.com"
116
- disable_on_destroy = false
117
- }
118
-
119
- resource "google_project_service" "dns" {
120
- count = var.enable_external_dns ? 1 : 0
121
- service = "dns.googleapis.com"
122
- disable_on_destroy = false
123
- }
124
-
125
- # VPC Network
126
- resource "google_compute_network" "vpc" {
127
- name = "${var.cluster_name}-vpc"
128
- auto_create_subnetworks = false
129
-
130
- depends_on = [google_project_service.compute]
131
- }
132
-
133
- # Subnet
134
- resource "google_compute_subnetwork" "subnet" {
135
- name = "${var.cluster_name}-subnet"
136
- region = var.region
137
- network = google_compute_network.vpc.name
138
- ip_cidr_range = "10.0.0.0/16"
139
-
140
- secondary_ip_range {
141
- range_name = "pods"
142
- ip_cidr_range = "10.1.0.0/16"
143
- }
144
-
145
- secondary_ip_range {
146
- range_name = "services"
147
- ip_cidr_range = "10.2.0.0/16"
148
- }
149
-
150
- private_ip_google_access = true
151
- }
152
-
153
- # Cloud Router for NAT
154
- resource "google_compute_router" "router" {
155
- name = "${var.cluster_name}-router"
156
- region = var.region
157
- network = google_compute_network.vpc.id
158
- }
159
-
160
- # Cloud NAT
161
- resource "google_compute_router_nat" "nat" {
162
- name = "${var.cluster_name}-nat"
163
- router = google_compute_router.router.name
164
- region = var.region
165
- nat_ip_allocate_option = "AUTO_ONLY"
166
- source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
167
- }
168
-
169
- # Firewall rule to allow all internal traffic within the VPC
170
- # This ensures services on any port can communicate between nodes
171
- resource "google_compute_firewall" "allow_internal" {
172
- name = "${var.cluster_name}-allow-internal"
173
- network = google_compute_network.vpc.name
174
-
175
- allow {
176
- protocol = "tcp"
177
- ports = ["0-65535"]
178
- }
179
-
180
- allow {
181
- protocol = "udp"
182
- ports = ["0-65535"]
183
- }
184
-
185
- allow {
186
- protocol = "icmp"
187
- }
188
-
189
- # Allow traffic from nodes, pods, and services in the same VPC
190
- source_ranges = [
191
- google_compute_subnetwork.subnet.ip_cidr_range, # Node IPs (10.0.0.0/16)
192
- google_compute_subnetwork.subnet.secondary_ip_range[0].ip_cidr_range, # Pod IPs (10.1.0.0/16)
193
- google_compute_subnetwork.subnet.secondary_ip_range[1].ip_cidr_range # Service IPs (10.2.0.0/16)
194
- ]
195
-
196
- # Target all instances in the VPC
197
- target_tags = ["gke-${var.cluster_name}"]
198
- }
199
-
200
- # GKE Cluster
201
- resource "google_container_cluster" "cluster" {
202
- provider = google-beta
203
-
204
- name = var.cluster_name
205
- location = var.region
206
-
207
- # Use VPC-native cluster
208
- network = google_compute_network.vpc.name
209
- subnetwork = google_compute_subnetwork.subnet.name
210
-
211
- # Remove default node pool
212
- remove_default_node_pool = true
213
- initial_node_count = 1
214
-
215
- # Allow terraform destroy to delete the cluster
216
- deletion_protection = false
217
-
218
- # Cluster configuration
219
- min_master_version = var.kubernetes_version
220
-
221
- # Enable Workload Identity
222
- workload_identity_config {
223
- workload_pool = "${var.project_id}.svc.id.goog"
224
- }
225
-
226
- # IP allocation policy for VPC-native
227
- ip_allocation_policy {
228
- cluster_secondary_range_name = "pods"
229
- services_secondary_range_name = "services"
230
- }
231
-
232
- # Private cluster config
233
- private_cluster_config {
234
- enable_private_nodes = true
235
- enable_private_endpoint = false
236
- master_ipv4_cidr_block = "172.16.0.0/28"
237
- }
238
-
239
- # Master authorized networks
240
- master_authorized_networks_config {
241
- cidr_blocks {
242
- cidr_block = "0.0.0.0/0"
243
- display_name = "All"
244
- }
245
- }
246
-
247
- # Release channel
248
- release_channel {
249
- channel = "REGULAR"
250
- }
251
-
252
- # Enable network policy
253
- network_policy {
254
- enabled = true
255
- provider = "CALICO"
256
- }
257
-
258
- addons_config {
259
- http_load_balancing {
260
- disabled = false
261
- }
262
- horizontal_pod_autoscaling {
263
- disabled = false
264
- }
265
- gce_persistent_disk_csi_driver_config {
266
- enabled = true
267
- }
268
- }
269
-
270
- depends_on = [google_project_service.container]
271
- }
272
-
273
- # Node Pool
274
- resource "google_container_node_pool" "primary" {
275
- name = "rulebricks-nodes"
276
- location = var.region
277
- cluster = google_container_cluster.cluster.name
278
-
279
- node_count = var.tier == "small" ? local.config.node_count : null
280
-
281
- dynamic "autoscaling" {
282
- for_each = var.tier != "small" ? [1] : []
283
- content {
284
- min_node_count = local.config.min_nodes
285
- max_node_count = local.config.max_nodes
286
- }
287
- }
288
-
289
- node_config {
290
- preemptible = false
291
- machine_type = local.config.machine_type
292
- disk_size_gb = local.config.disk_size
293
- disk_type = "hyperdisk-balanced"
294
-
295
- oauth_scopes = [
296
- "https://www.googleapis.com/auth/cloud-platform"
297
- ]
298
-
299
- labels = {
300
- environment = "rulebricks"
301
- tier = var.tier
302
- }
303
-
304
- # Network tags for firewall rules
305
- tags = ["gke-${var.cluster_name}"]
306
-
307
- workload_metadata_config {
308
- mode = "GKE_METADATA"
309
- }
310
- }
311
-
312
- management {
313
- auto_repair = true
314
- auto_upgrade = true
315
- }
316
- }
317
-
318
- # ============================================
319
- # External DNS Service Account (Cloud DNS)
320
- # ============================================
321
- resource "google_service_account" "external_dns" {
322
- count = var.enable_external_dns ? 1 : 0
323
- account_id = "${var.cluster_name}-external-dns"
324
- display_name = "External DNS for Rulebricks"
325
- description = "Service account for external-dns to manage Cloud DNS records"
326
- }
327
-
328
- resource "google_project_iam_member" "external_dns" {
329
- count = var.enable_external_dns ? 1 : 0
330
- project = var.project_id
331
- role = "roles/dns.admin"
332
- member = "serviceAccount:${google_service_account.external_dns[0].email}"
333
- }
334
-
335
- resource "google_service_account_iam_member" "external_dns_workload_identity" {
336
- count = var.enable_external_dns ? 1 : 0
337
- service_account_id = google_service_account.external_dns[0].name
338
- role = "roles/iam.workloadIdentityUser"
339
- member = "serviceAccount:${var.project_id}.svc.id.goog[rulebricks/external-dns]"
340
- }
341
-
342
- # ============================================
343
- # Vector GCS Logging Service Account
344
- # ============================================
345
- resource "google_service_account" "vector" {
346
- count = var.enable_gcs_logging ? 1 : 0
347
- account_id = "${var.cluster_name}-vector"
348
- display_name = "Vector for Rulebricks"
349
- description = "Service account for Vector to write logs to GCS"
350
- }
351
-
352
- resource "google_storage_bucket_iam_member" "vector_gcs" {
353
- count = var.enable_gcs_logging && var.logging_gcs_bucket != "" ? 1 : 0
354
- bucket = var.logging_gcs_bucket
355
- role = "roles/storage.objectCreator"
356
- member = "serviceAccount:${google_service_account.vector[0].email}"
357
- }
358
-
359
- resource "google_service_account_iam_member" "vector_workload_identity" {
360
- count = var.enable_gcs_logging ? 1 : 0
361
- service_account_id = google_service_account.vector[0].name
362
- role = "roles/iam.workloadIdentityUser"
363
- member = "serviceAccount:${var.project_id}.svc.id.goog[rulebricks/vector]"
364
- }
365
-
366
- # Outputs
367
- output "cluster_name" {
368
- value = google_container_cluster.cluster.name
369
- description = "GKE cluster name"
370
- }
371
-
372
- output "cluster_endpoint" {
373
- value = google_container_cluster.cluster.endpoint
374
- description = "GKE cluster endpoint"
375
- sensitive = true
376
- }
377
-
378
- output "cluster_ca_certificate" {
379
- value = google_container_cluster.cluster.master_auth[0].cluster_ca_certificate
380
- description = "Base64 encoded cluster CA certificate"
381
- sensitive = true
382
- }
383
-
384
- output "region" {
385
- value = var.region
386
- description = "GCP region"
387
- }
388
-
389
- output "project_id" {
390
- value = var.project_id
391
- description = "GCP project ID"
392
- }
393
-
394
- output "kubeconfig_command" {
395
- value = "gcloud container clusters get-credentials ${var.cluster_name} --region ${var.region} --project ${var.project_id}"
396
- description = "Command to update kubeconfig"
397
- }
398
-
399
- output "external_dns_service_account" {
400
- value = var.enable_external_dns ? google_service_account.external_dns[0].email : ""
401
- description = "GCP service account email for external-dns"
402
- }
403
-
404
- output "vector_service_account" {
405
- value = var.enable_gcs_logging ? google_service_account.vector[0].email : ""
406
- description = "GCP service account email for Vector"
407
- }