@vfarcic/dot-ai 0.195.0 → 1.0.0

package/dist/core/kubernetes-utils.js

@@ -1,288 +0,0 @@
-"use strict";
-/**
- * Shared Kubernetes Utilities
- *
- * Common functions for interacting with Kubernetes clusters
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ErrorClassifier = void 0;
-exports.executeKubectl = executeKubectl;
-exports.buildKubectlCommand = buildKubectlCommand;
-const child_process_1 = require("child_process");
-const util_1 = require("util");
-const tracing_1 = require("./tracing");
-const constants_1 = require("./constants");
-const execAsync = (0, util_1.promisify)(child_process_1.exec);
-/**
- * Simple semaphore to limit concurrent kubectl executions
- * Prevents overwhelming the Kubernetes API with too many parallel requests
- */
-class KubectlSemaphore {
-    maxConcurrent;
-    currentCount = 0;
-    waitQueue = [];
-    constructor(maxConcurrent = 10) {
-        this.maxConcurrent = maxConcurrent;
-    }
-    async acquire() {
-        if (this.currentCount < this.maxConcurrent) {
-            this.currentCount++;
-            return;
-        }
-        // Wait for a slot to become available
-        return new Promise((resolve) => {
-            this.waitQueue.push(resolve);
-        });
-    }
-    release() {
-        if (this.waitQueue.length > 0) {
-            // Give slot to next waiting request
-            const next = this.waitQueue.shift();
-            next();
-        }
-        else {
-            this.currentCount--;
-        }
-    }
-}
-// Limit to 10 concurrent kubectl calls to prevent K8s API rate limiting
-const kubectlSemaphore = new KubectlSemaphore(10);
-/**
- * Execute kubectl command with proper configuration
- * Automatically traced with OpenTelemetry
- * Uses semaphore to limit concurrent executions and prevent K8s API rate limiting
- */
-async function executeKubectl(args, config) {
-    // Acquire semaphore slot before executing
-    await kubectlSemaphore.acquire();
-    try {
-        // Wrap entire execution with tracing
-        return await (0, tracing_1.withKubectlTracing)(args, config, async () => {
-            const command = buildKubectlCommand(args, config);
-            const timeout = config?.timeout || 30000;
-            try {
-                // If stdin is provided, use spawn for proper stdin piping
-                if (config?.stdin) {
-                    const { spawn } = require('child_process');
-                    return new Promise((resolve, reject) => {
-                        let stdout = '';
-                        let stderr = '';
-                        const proc = spawn('sh', ['-c', command], {
-                            timeout,
-                            maxBuffer: 100 * 1024 * 1024
-                        });
-                        proc.stdout.on('data', (data) => { stdout += data.toString(); });
-                        proc.stderr.on('data', (data) => { stderr += data.toString(); });
-                        proc.on('error', (error) => reject(error));
-                        proc.on('close', (code) => {
-                            if (code !== 0) {
-                                reject(new Error(`kubectl command failed: ${stderr || stdout}`));
-                            }
-                            else if (stderr && !stderr.includes('Warning') && !stderr.includes('No resources found')) {
-                                reject(new Error(`kubectl command failed: ${stderr}`));
-                            }
-                            else {
-                                resolve(stdout.trim());
-                            }
-                        });
-                        // Write stdin and close
-                        proc.stdin.write(config.stdin);
-                        proc.stdin.end();
-                    });
-                }
-                // No stdin - use regular execAsync
-                const { stdout, stderr } = await execAsync(command, {
-                    timeout,
-                    maxBuffer: 100 * 1024 * 1024 // 100MB buffer for large clusters with 1000+ CRDs
-                });
-                if (stderr && !stderr.includes('Warning') && !stderr.includes('No resources found')) {
-                    throw new Error(`kubectl command failed: ${stderr}`);
-                }
-                return stdout.trim();
-            }
-            catch (error) {
-                if (error.code === 'ENOENT') {
-                    throw new Error('kubectl binary not found. Please install kubectl and ensure it\'s in your PATH.');
-                }
-                // Use error classification for better error messages
-                const classified = ErrorClassifier.classifyError(error);
-                throw new Error(classified.enhancedMessage);
-            }
-        });
-    }
-    finally {
-        // Always release the semaphore slot
-        kubectlSemaphore.release();
-    }
-}
-/**
- * Build kubectl command string with proper flags
- */
-/**
- * Safely escape shell arguments to prevent command injection
- */
-function escapeShellArg(arg) {
-    if (!arg || typeof arg !== 'string') {
-        return '""';
-    }
-    // If the argument contains only safe characters, return as-is
-    if (/^[a-zA-Z0-9._/-]+$/.test(arg)) {
-        return arg;
-    }
-    // Otherwise, quote and escape
-    return `"${arg.replace(/["\\]/g, '\\$&')}"`;
-}
-function buildKubectlCommand(args, config) {
-    const cmdParts = ['kubectl'];
-    if (config?.kubeconfig) {
-        cmdParts.push('--kubeconfig', escapeShellArg(config.kubeconfig));
-    }
-    if (config?.context) {
-        cmdParts.push('--context', escapeShellArg(config.context));
-    }
-    if (config?.namespace) {
-        cmdParts.push('--namespace', escapeShellArg(config.namespace));
-    }
-    // Safely add all arguments
-    args.forEach(arg => cmdParts.push(escapeShellArg(arg)));
-    return cmdParts.join(' ');
-}
-// Enhanced Error Classification System
-class ErrorClassifier {
-    static classifyError(error) {
-        const originalMessage = error.message;
-        // Connection and Network Errors
-        if (this.isNetworkError(originalMessage)) {
-            return {
-                type: 'network',
-                enhancedMessage: this.enhanceNetworkError(originalMessage)
-            };
-        }
-        // Authentication Errors
-        if (this.isAuthenticationError(originalMessage)) {
-            return {
-                type: 'authentication',
-                enhancedMessage: this.enhanceAuthenticationError(originalMessage)
-            };
-        }
-        // Authorization/RBAC Errors
-        if (this.isAuthorizationError(originalMessage)) {
-            return {
-                type: 'authorization',
-                enhancedMessage: this.enhanceAuthorizationError(originalMessage)
-            };
-        }
-        // API Availability Errors
-        if (this.isAPIAvailabilityError(originalMessage)) {
-            return {
-                type: 'api-availability',
-                enhancedMessage: this.enhanceAPIAvailabilityError(originalMessage)
-            };
-        }
-        // Kubeconfig Validation Errors
-        if (this.isKubeconfigError(originalMessage)) {
-            return {
-                type: 'kubeconfig',
-                enhancedMessage: this.enhanceKubeconfigError(originalMessage)
-            };
-        }
-        // Version Compatibility Errors
-        if (this.isVersionCompatibilityError(originalMessage)) {
-            return {
-                type: 'version',
-                enhancedMessage: this.enhanceVersionCompatibilityError(originalMessage)
-            };
-        }
-        // Default: return original message with basic enhancement
-        return {
-            type: 'unknown',
-            enhancedMessage: `${originalMessage}\n\nTroubleshooting steps:\n- Run 'kubectl cluster-info' to verify cluster connectivity\n- Check your kubeconfig with 'kubectl config view'\n- Verify cluster endpoint accessibility`
-        };
-    }
-    static isNetworkError(message) {
-        // Fixed: Avoid catastrophic backtracking by using non-overlapping alternation
-        const networkPatterns = [
-            'getaddrinfo ENOTFOUND',
-            'timeout',
-            'ECONNREFUSED',
-            'ENOTFOUND',
-            'network',
-            'unreachable'
-        ];
-        return networkPatterns.some(pattern => message.toLowerCase().includes(pattern.toLowerCase()));
-    }
-    static isAuthenticationError(message) {
-        // Fixed: Avoid catastrophic backtracking by using non-overlapping alternation
-        const authPatterns = [
-            'unauthorized',
-            'invalid bearer token',
-            'certificate',
-            'auth',
-            'authentication'
-        ];
-        return authPatterns.some(pattern => message.toLowerCase().includes(pattern.toLowerCase()));
-    }
-    static isAuthorizationError(message) {
-        return /forbidden|cannot list|cannot get|cannot create|RBAC|permission denied/i.test(message);
-    }
-    static isAPIAvailabilityError(message) {
-        return /server could not find|resource type.*not found|doesn't have a resource type|no matches for kind/i.test(message);
-    }
-    static isKubeconfigError(message) {
-        // Be more specific - don't match "path does not exist" errors which are about manifest files
-        return /context.*does not exist|kubeconfig.*not found|invalid.*kubeconfig|config.*not found|no Auth Provider/i.test(message) &&
-            !/the path.*does not exist/.test(message);
-    }
-    static isVersionCompatibilityError(message) {
-        return /server version|version.*old|unsupported.*version|api.*version/i.test(message);
-    }
-    static enhanceNetworkError(message) {
-        if (message.includes('getaddrinfo ENOTFOUND')) {
-            return `DNS resolution failed: Cannot resolve cluster endpoint hostname.\n\nTroubleshooting steps:\n- Check cluster endpoint in kubeconfig: kubectl config view\n- Verify network connectivity and DNS settings\n- Confirm cluster is running and accessible\n- Check VPN connection if using private cluster\n\nOriginal error: ${message}`;
-        }
-        if (message.includes('timeout')) {
-            return `Connection timeout: Unable to reach cluster within timeout period.\n\nTroubleshooting steps:\n- Check network latency to cluster endpoint\n- Increase timeout value if needed\n- Verify cluster is responsive: kubectl get nodes\n- Check firewall and proxy settings\n\nOriginal error: ${message}`;
-        }
-        return `Network connectivity issue detected.\n\nTroubleshooting steps:\n- Verify cluster endpoint accessibility\n- Run 'kubectl cluster-info' to test connectivity\n- Check network and firewall settings\n- Confirm cluster is running\n\nOriginal error: ${message}`;
-    }
-    static enhanceAuthenticationError(message) {
-        if (message.includes('invalid bearer token')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.AUTHENTICATION.INVALID_TOKEN(message);
-        }
-        if (message.includes('certificate')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.AUTHENTICATION.CERTIFICATE_FAILED(message);
-        }
-        if (message.includes('no Auth Provider found')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.AUTHENTICATION.PROVIDER_MISSING(message);
-        }
-        return constants_1.KUBERNETES_ERROR_TEMPLATES.AUTHENTICATION.GENERIC_FAILED(message);
-    }
-    static enhanceAuthorizationError(message) {
-        if (message.includes('customresourcedefinitions')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.AUTHORIZATION.CRD_PERMISSIONS(message);
-        }
-        if (message.includes('forbidden')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.AUTHORIZATION.FORBIDDEN(message);
-        }
-        return constants_1.KUBERNETES_ERROR_TEMPLATES.AUTHORIZATION.PERMISSION_DENIED(message);
-    }
-    static enhanceAPIAvailabilityError(message) {
-        if (message.includes('apps/v1beta1')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.API.VERSION_UNSUPPORTED(message);
-        }
-        return constants_1.KUBERNETES_ERROR_TEMPLATES.API.RESOURCE_UNAVAILABLE(message);
-    }
-    static enhanceKubeconfigError(message) {
-        if (message.includes('context') && message.includes('does not exist')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.KUBECONFIG.CONTEXT_NOT_FOUND(message);
-        }
-        if (message.includes('not found')) {
-            return constants_1.KUBERNETES_ERROR_TEMPLATES.KUBECONFIG.FILE_NOT_FOUND(message);
-        }
-        return constants_1.KUBERNETES_ERROR_TEMPLATES.KUBECONFIG.INVALID_FORMAT(message);
-    }
-    static enhanceVersionCompatibilityError(message) {
-        return constants_1.KUBERNETES_ERROR_TEMPLATES.VERSION_COMPATIBILITY(message);
-    }
-}
-exports.ErrorClassifier = ErrorClassifier;

package/dist/core/tracing/k8s-tracing.d.ts

@@ -1,57 +0,0 @@
-/**
- * Kubernetes Client Tracing Utilities
- *
- * Generic tracing wrappers for Kubernetes operations:
- * 1. Transparent proxy for @kubernetes/client-node API clients
- * 2. Wrapper for kubectl CLI command execution
- *
- * Uses CLIENT span kind with k8s.* semantic conventions
- */
-/**
- * Configuration for kubectl command tracing
- */
-export interface KubectlConfig {
-    context?: string;
-    namespace?: string;
-    kubeconfig?: string;
-    timeout?: number;
-    stdin?: string;
-}
-/**
- * Create traced Kubernetes API client using JavaScript Proxy
- *
- * Transparently wraps ANY Kubernetes API client method with tracing.
- * No code changes needed in calling code - just wrap the client once.
- *
- * @param apiClient Original K8s API client instance
- * @param apiType API client type (e.g., 'CoreV1Api', 'AppsV1Api')
- * @returns Proxied client with automatic tracing for all methods
- *
- * @example
- * const coreApi = createTracedK8sClient(
- *   kc.makeApiClient(k8s.CoreV1Api),
- *   'CoreV1Api'
- * );
- * await coreApi.listNamespace(); // Automatically traced as "k8s.listNamespace"
- */
-export declare function createTracedK8sClient<T extends object>(apiClient: T, apiType: string): T;
-/**
- * Tracing wrapper for kubectl CLI command execution
- *
- * Wraps kubectl command execution with OpenTelemetry tracing spans.
- * Captures command details, operation type, and execution results.
- *
- * @param args kubectl command arguments (e.g., ['get', 'pods', '-n', 'default'])
- * @param config kubectl execution configuration
- * @param handler Function that executes the actual kubectl command
- * @returns kubectl command output
- *
- * @example
- * const output = await withKubectlTracing(
- *   ['get', 'crd', '-o', 'json'],
- *   { kubeconfig: '/path/to/config' },
- *   async () => execAsync('kubectl get crd -o json')
- * );
- */
-export declare function withKubectlTracing(args: string[], config: KubectlConfig | undefined, handler: () => Promise<string>): Promise<string>;
-//# sourceMappingURL=k8s-tracing.d.ts.map

package/dist/core/tracing/k8s-tracing.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"k8s-tracing.d.ts","sourceRoot":"","sources":["../../../src/core/tracing/k8s-tracing.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,qBAAqB,CAAC,CAAC,SAAS,MAAM,EACpD,SAAS,EAAE,CAAC,EACZ,OAAO,EAAE,MAAM,GACd,CAAC,CAoEH;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,MAAM,EAAE,EACd,MAAM,EAAE,aAAa,GAAG,SAAS,EACjC,OAAO,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,GAC7B,OAAO,CAAC,MAAM,CAAC,CAgEjB"}

package/dist/core/tracing/k8s-tracing.js

@@ -1,155 +0,0 @@
-"use strict";
-/**
- * Kubernetes Client Tracing Utilities
- *
- * Generic tracing wrappers for Kubernetes operations:
- * 1. Transparent proxy for @kubernetes/client-node API clients
- * 2. Wrapper for kubectl CLI command execution
- *
- * Uses CLIENT span kind with k8s.* semantic conventions
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createTracedK8sClient = createTracedK8sClient;
-exports.withKubectlTracing = withKubectlTracing;
-const api_1 = require("@opentelemetry/api");
-/**
- * Create traced Kubernetes API client using JavaScript Proxy
- *
- * Transparently wraps ANY Kubernetes API client method with tracing.
- * No code changes needed in calling code - just wrap the client once.
- *
- * @param apiClient Original K8s API client instance
- * @param apiType API client type (e.g., 'CoreV1Api', 'AppsV1Api')
- * @returns Proxied client with automatic tracing for all methods
- *
- * @example
- * const coreApi = createTracedK8sClient(
- *   kc.makeApiClient(k8s.CoreV1Api),
- *   'CoreV1Api'
- * );
- * await coreApi.listNamespace(); // Automatically traced as "k8s.listNamespace"
- */
-function createTracedK8sClient(apiClient, apiType) {
-    const tracer = api_1.trace.getTracer('dot-ai-mcp');
-    return new Proxy(apiClient, {
-        get(target, prop, receiver) {
-            const original = Reflect.get(target, prop, receiver);
-            // Only wrap functions (API methods), not properties
-            if (typeof original !== 'function') {
-                return original;
-            }
-            // Return wrapped function with tracing
-            return function (...args) {
-                const methodName = String(prop);
-                const spanName = `k8s.${methodName}`;
-                return tracer.startActiveSpan(spanName, {
-                    kind: api_1.SpanKind.CLIENT,
-                    attributes: {
-                        'k8s.client': 'kubernetes-client-node',
-                        'k8s.api': apiType,
-                        'k8s.method': methodName,
-                    },
-                }, async (span) => {
-                    try {
-                        // Execute the original K8s API method
-                        const result = await original.apply(target, args);
-                        // Add response metadata if available
-                        if (result?.response?.statusCode) {
-                            span.setAttribute('http.response.status_code', result.response.statusCode);
-                        }
-                        span.setStatus({ code: api_1.SpanStatusCode.OK });
-                        return result;
-                    }
-                    catch (error) {
-                        // Record K8s API error
-                        span.recordException(error);
-                        span.setStatus({
-                            code: api_1.SpanStatusCode.ERROR,
-                            message: error instanceof Error ? error.message : String(error),
-                        });
-                        // Add K8s-specific error attributes
-                        if (error instanceof Error && 'statusCode' in error) {
-                            span.setAttribute('k8s.error.status_code', error.statusCode);
-                        }
-                        throw error;
-                    }
-                    finally {
-                        span.end();
-                    }
-                });
-            };
-        },
-    });
-}
-/**
- * Tracing wrapper for kubectl CLI command execution
- *
- * Wraps kubectl command execution with OpenTelemetry tracing spans.
- * Captures command details, operation type, and execution results.
- *
- * @param args kubectl command arguments (e.g., ['get', 'pods', '-n', 'default'])
- * @param config kubectl execution configuration
- * @param handler Function that executes the actual kubectl command
- * @returns kubectl command output
- *
- * @example
- * const output = await withKubectlTracing(
- *   ['get', 'crd', '-o', 'json'],
- *   { kubeconfig: '/path/to/config' },
- *   async () => execAsync('kubectl get crd -o json')
- * );
- */
-async function withKubectlTracing(args, config, handler) {
-    const tracer = api_1.trace.getTracer('dot-ai-mcp');
-    // Parse operation and resource from args
-    const operation = args[0] || 'unknown'; // 'get', 'apply', 'delete', etc.
-    const resource = args[1] || 'unknown'; // 'pods', 'crd', 'deployments', etc.
-    const spanName = `kubectl ${operation} ${resource}`;
-    return await tracer.startActiveSpan(spanName, {
-        kind: api_1.SpanKind.CLIENT,
-        attributes: {
-            'k8s.client': 'kubectl',
-            'k8s.command': 'kubectl',
-            'k8s.operation': operation,
-            'k8s.resource': resource,
-            'k8s.args': args.join(' '),
-            ...(config?.namespace && { 'k8s.namespace': config.namespace }),
-            ...(config?.context && { 'k8s.context': config.context }),
-            ...(config?.kubeconfig && { 'k8s.kubeconfig': config.kubeconfig }),
-        },
-    }, async (span) => {
-        const startTime = Date.now();
-        try {
-            // Execute the kubectl command
-            const result = await api_1.context.with(api_1.trace.setSpan(api_1.context.active(), span), handler);
-            // Add execution metrics
-            span.setAttribute('k8s.duration_ms', Date.now() - startTime);
-            span.setAttribute('k8s.output_size_bytes', result.length);
-            span.setStatus({ code: api_1.SpanStatusCode.OK });
-            return result;
-        }
-        catch (error) {
-            // Record kubectl error with details
-            span.recordException(error);
-            span.setStatus({
-                code: api_1.SpanStatusCode.ERROR,
-                message: error instanceof Error ? error.message : String(error),
-            });
-            // Parse kubectl error for additional context
-            const errorMessage = error instanceof Error ? error.message : String(error);
-            if (errorMessage.includes('not found')) {
-                span.setAttribute('k8s.error.type', 'NotFound');
-            }
-            else if (errorMessage.includes('forbidden')) {
-                span.setAttribute('k8s.error.type', 'Forbidden');
-            }
-            else if (errorMessage.includes('timeout')) {
-                span.setAttribute('k8s.error.type', 'Timeout');
-            }
-            throw error;
-        }
-        finally {
-            span.end();
-        }
-    });
-}

package/scripts/toolhive.nu

@@ -1,21 +0,0 @@
-#!/usr/bin/env nu
-
-# Installs Stacklock Toolhive
-#
-# Examples:
-# > main apply toolhive
-def "main apply toolhive" [] {
-
-    (
-        helm upgrade --install toolhive-operator-crds
-            oci://ghcr.io/stacklok/toolhive/toolhive-operator-crds
-    )
-
-    (
-        helm upgrade --install toolhive-operator
-            oci://ghcr.io/stacklok/toolhive/toolhive-operator
-            --namespace toolhive-system --create-namespace
-            --wait
-    )
-
-}