@vibesdotdev/infra-doks 0.0.1

package/src/kubernetes/index.ts

@@ -0,0 +1,754 @@
+/**
+ * Kubernetes Client Wrapper
+ *
+ * Thin wrapper around @kubernetes/client-node providing
+ * simplified access to common operations with proper typing
+ */
+
+import * as k8s from '@kubernetes/client-node';
+import { Readable, Writable } from 'stream';
+import { getLogger } from '@vibesdotdev/logging';
+import type {
+	K8sConfig,
+	K8sEnvironment,
+	PodSelector,
+	PodStatus,
+	LogOptions,
+	LogEntry,
+	LogStream,
+	DeploymentStatus,
+	ServiceInfo,
+	PodMetrics,
+	K8sEvent,
+	ExecOptions,
+	ExecResult,
+	PortForwardOptions,
+	PortForward,
+	ResourceMetrics,
+	ContainerState,
+	PodPhase,
+	ConditionStatus,
+	DeploymentConditionType,
+	ServiceType,
+	ServiceProtocol,
+	EventType
+} from '../types.ts';
+import { K8sAuthError, K8sError, K8sNotFoundError } from '../types.ts';
+
+const logger = getLogger('infra-doks:k8s');
+
+// K8s-specific types for internal use
+interface K8sMetricsConstructor {
+	new (config: k8s.KubeConfig): K8sMetricsClient;
+}
+
+interface K8sMetricsClient {
+	getPodMetrics(namespace: string): Promise<K8sMetricsList>;
+}
+
+interface K8sMetricsList {
+	items: K8sPodMetric[];
+}
+
+interface K8sPodMetric {
+	metadata: {
+		name: string;
+		namespace: string;
+	};
+	timestamp: string;
+	containers: Array<{
+		name: string;
+		usage?: {
+			cpu?: string;
+			memory?: string;
+		};
+	}>;
+}
+
+export class KubernetesClient {
+	private kc: k8s.KubeConfig;
+	private coreApi: k8s.CoreV1Api;
+	private appsApi: k8s.AppsV1Api;
+	private metrics?: K8sMetricsClient;
+	private config: K8sConfig;
+
+	constructor(config: K8sConfig = {}) {
+		this.config = config;
+		this.kc = new k8s.KubeConfig();
+
+		// Load appropriate config
+		if (config.inCluster) {
+			this.kc.loadFromCluster();
+		} else if (config.kubeconfig) {
+			this.kc.loadFromFile(config.kubeconfig);
+		} else {
+			this.kc.loadFromDefault();
+		}
+
+		// Set context if specified
+		if (config.context) {
+			this.kc.setCurrentContext(config.context);
+		}
+
+		// Initialize API clients
+		this.coreApi = this.kc.makeApiClient(k8s.CoreV1Api);
+		this.appsApi = this.kc.makeApiClient(k8s.AppsV1Api);
+		// Prefer the stable Metrics helper exported by @kubernetes/client-node
+		try {
+			const MetricsCtor = k8s.Metrics;
+			if (MetricsCtor) this.metrics = new MetricsCtor(this.kc);
+		} catch {
+			this.metrics = undefined;
+		}
+	}
+
+	/**
+	 * Get current environment info
+	 */
+	getCurrentEnvironment(): K8sEnvironment {
+		const context = this.kc.getCurrentContext();
+		const cluster = this.kc.getCurrentCluster();
+
+		return {
+			name: context,
+			context: context,
+			namespace: this.config.namespace || 'default',
+			apiServer: cluster?.server,
+			provider: this.detectProvider(cluster?.server || '')
+		};
+	}
+
+	/**
+	 * List available contexts
+	 */
+	getContexts(): string[] {
+		return this.kc.getContexts().map((ctx) => ctx.name);
+	}
+
+	/**
+	 * Switch to a different context
+	 */
+	setContext(contextName: string): void {
+		this.kc.setCurrentContext(contextName);
+		// Reinitialize API clients
+		this.coreApi = this.kc.makeApiClient(k8s.CoreV1Api);
+		this.appsApi = this.kc.makeApiClient(k8s.AppsV1Api);
+		try {
+			const MetricsCtor = k8s.Metrics;
+			if (MetricsCtor) this.metrics = new MetricsCtor(this.kc);
+			else this.metrics = undefined;
+		} catch {
+			this.metrics = undefined;
+		}
+	}
+
+	/**
+	 * Get pod status
+	 */
+	async getPodStatus(selector: PodSelector): Promise<PodStatus[]> {
+		try {
+			const namespace = selector.namespace || this.config.namespace || 'default';
+
+			let pods: k8s.V1Pod[];
+			if (selector.name) {
+				const pod = await this.coreApi.readNamespacedPod({ name: selector.name, namespace });
+				pods = [pod];
+			} else {
+				const labelSelector = selector.labels
+					? Object.entries(selector.labels)
+						.map(([k, v]) => `${k}=${v}`)
+						.join(',')
+					: undefined;
+
+				const response = await this.coreApi.listNamespacedPod({ namespace, labelSelector });
+				pods = response.items;
+			}
+
+			return pods.map((pod) => this.mapPodStatus(pod));
+		} catch (error: unknown) {
+			throw this.handleK8sError(error);
+		}
+	}
+
+	/**
+	 * Stream logs from pods.
+	 *
+	 * Uses `k8s.Log.log()` (the pod-log streaming API) — NOT `k8s.Watch.watch()`,
+	 * which is for resource-change events (ADDED/MODIFIED/DELETED) and is
+	 * incompatible with the log endpoint. Each pod gets a `Writable` sink that
+	 * splits incoming bytes into lines, parses them as `LogEntry`, and fans them
+	 * out to subscribers. `close()` calls `controller.abort()` on every
+	 * AbortController returned by `Log.log()` to cancel the upstream request.
+	 */
+	async streamLogs(selector: PodSelector, options: LogOptions = {}): Promise<LogStream> {
+		const namespace = selector.namespace || this.config.namespace || 'default';
+		const pods = await this.getPodStatus(selector);
+
+		if (pods.length === 0) {
+			throw new K8sNotFoundError('Pod', JSON.stringify(selector), namespace);
+		}
+
+		const controllers: Map<string, AbortController> = new Map();
+		const listeners: Set<(log: LogEntry) => void> = new Set();
+		let isPaused = false;
+
+		const logClient = new k8s.Log(this.kc);
+
+		// Create a log stream per pod
+		for (const pod of pods) {
+			// Line-splitting Writable. Holds a buffer across writes so partial
+			// chunks at the boundary don't corrupt log entries.
+			let buffer = '';
+			const sink = new Writable({
+				write: (chunk: Buffer | string, _encoding, callback) => {
+					if (isPaused) {
+						callback();
+						return;
+					}
+					buffer += typeof chunk === 'string' ? chunk : chunk.toString('utf8');
+					const lines = buffer.split('\n');
+					buffer = lines.pop() ?? '';
+					for (const line of lines) {
+						if (!line.trim()) continue;
+						const logEntry = this.parseLogEntry(line, pod, namespace);
+						listeners.forEach((listener) => listener(logEntry));
+					}
+					callback();
+				},
+				final: (callback) => {
+					if (buffer.trim()) {
+						const logEntry = this.parseLogEntry(buffer, pod, namespace);
+						listeners.forEach((listener) => listener(logEntry));
+						buffer = '';
+					}
+					callback();
+				}
+			});
+
+			try {
+				const controller = await logClient.log(
+					namespace,
+					pod.name,
+					options.container ?? '',
+					sink,
+					{
+						follow: options.follow !== false,
+						tailLines: options.tailLines ?? 100,
+						timestamps: true,
+						previous: options.previous,
+						sinceSeconds: options.sinceSeconds,
+						limitBytes: options.limitBytes
+					}
+				);
+				controllers.set(pod.name, controller);
+			} catch (err) {
+				logger.error(`Log stream error for ${pod.name}:`, err);
+			}
+		}
+
+		return {
+			subscribe(callback: (log: LogEntry) => void): () => void {
+				listeners.add(callback);
+				return () => listeners.delete(callback);
+			},
+			pause() {
+				isPaused = true;
+			},
+			resume() {
+				isPaused = false;
+			},
+			close() {
+				controllers.forEach((controller) => controller.abort());
+				controllers.clear();
+				listeners.clear();
+			}
+		};
+	}
+
+	/**
+	 * Get logs as a single batch
+	 */
+	async getLogs(selector: PodSelector, options: LogOptions = {}): Promise<LogEntry[]> {
+		const namespace = selector.namespace || this.config.namespace || 'default';
+		const pods = await this.getPodStatus(selector);
+
+		if (pods.length === 0) {
+			throw new K8sNotFoundError('Pod', JSON.stringify(selector), namespace);
+		}
+
+		const allLogs: LogEntry[] = [];
+
+		for (const pod of pods) {
+			try {
+				const logBody = await this.coreApi.readNamespacedPodLog({
+					name: pod.name,
+					namespace,
+					container: options.container,
+					follow: options.follow,
+					limitBytes: options.limitBytes,
+					previous: options.previous,
+					sinceSeconds: options.sinceSeconds,
+					tailLines: options.tailLines,
+					timestamps: options.timestamps
+				});
+
+				const lines = logBody.split('\n').filter((line: string) => line.trim());
+				const logs = lines.map((line: string) => this.parseLogEntry(line, pod, namespace));
+				allLogs.push(...logs);
+			} catch (error: unknown) {
+				logger.error(`Failed to get logs for ${pod.name}:`, error);
+			}
+		}
+
+		return allLogs.sort((a, b) => a.timestamp.getTime() - b.timestamp.getTime());
+	}
+
+	/**
+	 * Get deployment status
+	 */
+	async getDeploymentStatus(name: string, namespace?: string): Promise<DeploymentStatus> {
+		try {
+			const ns = namespace || this.config.namespace || 'default';
+			const deployment = await this.appsApi.readNamespacedDeployment({ name, namespace: ns });
+
+			return {
+				name: deployment.metadata!.name!,
+				namespace: deployment.metadata!.namespace!,
+				replicas: {
+					desired: deployment.spec!.replicas || 0,
+					current: deployment.status?.replicas || 0,
+					available: deployment.status?.availableReplicas || 0,
+					updated: deployment.status?.updatedReplicas || 0
+				},
+				conditions: (deployment.status?.conditions || []).map((c: k8s.V1DeploymentCondition) => ({
+					type: c.type as DeploymentConditionType,
+					status: c.status as ConditionStatus,
+					reason: c.reason,
+					message: c.message,
+					lastUpdateTime: new Date(c.lastUpdateTime!),
+					lastTransitionTime: new Date(c.lastTransitionTime!)
+				})),
+				strategy: deployment.spec!.strategy?.type || 'RollingUpdate',
+				minReadySeconds: deployment.spec!.minReadySeconds || 0,
+				revisionHistoryLimit: deployment.spec!.revisionHistoryLimit || 10,
+				selector: deployment.spec!.selector.matchLabels || {}
+			};
+		} catch (error: unknown) {
+			throw this.handleK8sError(error);
+		}
+	}
+
+	/**
+	 * Get service info
+	 */
+	async getServiceInfo(name: string, namespace?: string): Promise<ServiceInfo> {
+		try {
+			const ns = namespace || this.config.namespace || 'default';
+			const service = await this.coreApi.readNamespacedService({ name, namespace: ns });
+
+			return {
+				name: service.metadata!.name!,
+				namespace: service.metadata!.namespace!,
+				type: service.spec!.type as ServiceType,
+				clusterIP: service.spec!.clusterIP,
+				externalIPs: service.spec!.externalIPs,
+				loadBalancerIP: service.status?.loadBalancer?.ingress?.[0]?.ip,
+				ports: (service.spec!.ports || []).map((p: k8s.V1ServicePort) => ({
+					name: p.name,
+					protocol: p.protocol as ServiceProtocol,
+					port: p.port,
+					targetPort: (typeof p.targetPort === 'object'
+						? (p.targetPort as { intVal?: number; strVal?: string }).intVal ||
+							(p.targetPort as { intVal?: number; strVal?: string }).strVal ||
+							0
+						: p.targetPort) as number | string,
+					nodePort: p.nodePort
+				})),
+				selector: service.spec!.selector ?? null
+			};
+		} catch (error: unknown) {
+			throw this.handleK8sError(error);
+		}
+	}
+
+	/**
+	 * Get pod metrics
+	 */
+	async getPodMetrics(selector: PodSelector): Promise<PodMetrics[]> {
+		try {
+			const namespace = selector.namespace || this.config.namespace || 'default';
+
+			if (!this.metrics) {
+				throw new Error('Kubernetes Metrics API is not available in this client version');
+			}
+
+			const metricsList = await this.metrics.getPodMetrics(namespace);
+			const allMetrics = metricsList.items;
+
+			const pods = await this.getPodStatus(selector);
+			const podNames = new Set(pods.map((p) => p.name));
+
+			return allMetrics
+				.filter((m) => podNames.has(m.metadata.name))
+				.map((m) => ({
+					pod: m.metadata.name,
+					namespace: m.metadata.namespace,
+					containers: m.containers.reduce(
+						(acc, c) => {
+							acc[c.name] = {
+								cpu: { usage: this.parseCPU(c.usage?.cpu || '0') },
+								memory: { usage: this.parseMemory(c.usage?.memory || '0') },
+								timestamp: new Date(m.timestamp)
+							};
+							return acc;
+						},
+						{} as Record<string, ResourceMetrics>
+					)
+				}));
+		} catch (error: unknown) {
+			throw this.handleK8sError(error);
+		}
+	}
+
+	/**
+	 * Get events for a resource
+	 */
+	async getEvents(kind: string, name: string, namespace?: string): Promise<K8sEvent[]> {
+		try {
+			const ns = namespace || this.config.namespace || 'default';
+			const fieldSelector = `involvedObject.name=${name},involvedObject.kind=${kind}`;
+
+			const response = await this.coreApi.listNamespacedEvent({
+				namespace: ns,
+				fieldSelector
+			});
+
+			return response.items.map((e: k8s.CoreV1Event) => ({
+				type: e.type as EventType,
+				reason: e.reason!,
+				message: e.message!,
+				source: {
+					component: e.source?.component,
+					host: e.source?.host
+				},
+				firstTimestamp: new Date(e.firstTimestamp!),
+				lastTimestamp: new Date(e.lastTimestamp!),
+				count: e.count || 1,
+				involvedObject: {
+					kind: e.involvedObject.kind!,
+					name: e.involvedObject.name!,
+					namespace: e.involvedObject.namespace
+				}
+			}));
+		} catch (error: unknown) {
+			throw this.handleK8sError(error);
+		}
+	}
+
+	/**
+	 * Execute command in pod
+	 */
+	exec(options: ExecOptions): Promise<ExecResult> {
+		const namespace = options.namespace || this.config.namespace || 'default';
+		const exec = new k8s.Exec(this.kc);
+
+		let stdout = '';
+		let stderr = '';
+		const stdoutStream = new Writable({
+			write(chunk, _encoding, callback) {
+				stdout += chunk.toString();
+				callback();
+			}
+		});
+		const stderrStream = new Writable({
+			write(chunk, _encoding, callback) {
+				stderr += chunk.toString();
+				callback();
+			}
+		});
+
+		return new Promise((resolve, _reject) => {
+			exec.exec(
+				namespace,
+				options.pod,
+				options.container ?? '',
+				options.command,
+				stdoutStream,
+				stderrStream,
+				null,
+				options.tty || false,
+				(status) => {
+					if (status.status === 'Success') {
+						resolve({ stdout, stderr, exitCode: 0 });
+					} else {
+						resolve({
+							stdout,
+							stderr,
+							exitCode: Number.parseInt(
+								String((status.details as { causes?: Array<{ reason?: string; message?: string }> } | undefined)?.causes?.[0]?.message ?? '1'),
+								10
+							)
+						});
+					}
+				}
+			);
+		});
+	}
+
+	/**
+	 * Port forward to a pod.
+	 *
+	 * `PortForward.portForward()` requires Node `Writable` for output (and
+	 * optionally for err) and a Node `Readable` for input. The previous
+	 * implementation passed `Writable.toWeb(new Writable())` cast through
+	 * `unknown` — that produced a WHATWG `WritableStream` (not a Node
+	 * `Writable`) and then lied about its type. Replace with a real
+	 * pass-through Node `Writable` sink that forwards bytes to the logger.
+	 */
+	async portForward(options: PortForwardOptions): Promise<PortForward> {
+		const namespace = options.namespace || this.config.namespace || 'default';
+		const forward = new k8s.PortForward(this.kc);
+
+		const output = new Writable({
+			write(chunk: Buffer | string, _encoding, callback) {
+				logger.debug('portForward stdout', {
+					pod: options.pod,
+					namespace,
+					bytes: typeof chunk === 'string' ? Buffer.byteLength(chunk) : chunk.length
+				});
+				callback();
+			}
+		});
+		const errOutput = new Writable({
+			write(chunk: Buffer | string, _encoding, callback) {
+				logger.warn('portForward stderr', {
+					pod: options.pod,
+					namespace,
+					message: typeof chunk === 'string' ? chunk : chunk.toString('utf8')
+				});
+				callback();
+			}
+		});
+		// A do-nothing input stream — no bytes are pushed from this side; the
+		// `Readable` is required by the API signature.
+		const input = new Readable({ read() {} });
+
+		const server = await forward.portForward(
+			namespace,
+			options.pod,
+			[options.remotePort],
+			output,
+			errOutput,
+			input,
+			options.localPort
+		);
+		const socket = typeof server === 'function' ? server() : server;
+
+		return {
+			localPort: options.localPort,
+			remotePort: options.remotePort,
+			close: () => {
+				socket?.close();
+				input.push(null);
+				output.end();
+				errOutput.end();
+			}
+		};
+	}
+
+	/**
+	 * Check cluster health
+	 */
+	async checkHealth(): Promise<{
+		healthy: boolean;
+		version?: string;
+		message?: string;
+	}> {
+		try {
+			const versionApi = this.kc.makeApiClient(k8s.VersionApi);
+			const versionInfo = await versionApi.getCode();
+			const version = versionInfo.gitVersion;
+			return { healthy: true, version };
+		} catch (error: unknown) {
+			return {
+				healthy: false,
+				message: error instanceof Error ? error.message : 'Unknown error'
+			};
+		}
+	}
+
+	// Private helper methods
+
+	private mapPodStatus(pod: k8s.V1Pod): PodStatus {
+		const containerStatuses = pod.status?.containerStatuses || [];
+		const conditions = pod.status?.conditions || [];
+
+		return {
+			name: pod.metadata!.name!,
+			namespace: pod.metadata!.namespace!,
+			phase: (pod.status?.phase as PodPhase) || 'Unknown',
+			ready: conditions.some((c) => c.type === 'Ready' && c.status === 'True'),
+			restarts: containerStatuses.reduce((sum, cs) => sum + cs.restartCount, 0),
+			age: this.getAge(pod.metadata!.creationTimestamp),
+			ip: pod.status?.podIP,
+			node: pod.spec?.nodeName,
+			conditions: conditions.map((c) => ({
+				type: c.type,
+				status: c.status as ConditionStatus,
+				reason: c.reason,
+				message: c.message,
+				lastTransitionTime: new Date(c.lastTransitionTime!)
+			})),
+			containers: containerStatuses.map((cs) => ({
+				name: cs.name,
+				ready: cs.ready,
+				restartCount: cs.restartCount,
+				state: this.mapContainerState(cs.state!),
+				image: cs.image,
+				imageID: cs.imageID
+			}))
+		};
+	}
+
+	private mapContainerState(state: k8s.V1ContainerState): ContainerState {
+		if (state.running) {
+			return {
+				running: {
+					startedAt: new Date(state.running.startedAt!)
+				}
+			};
+		} else if (state.terminated) {
+			return {
+				terminated: {
+					exitCode: state.terminated.exitCode,
+					reason: state.terminated.reason,
+					message: state.terminated.message,
+					startedAt: state.terminated.startedAt ? new Date(state.terminated.startedAt) : undefined,
+					finishedAt: state.terminated.finishedAt
+						? new Date(state.terminated.finishedAt)
+						: undefined
+				}
+			};
+		} else if (state.waiting) {
+			return {
+				waiting: {
+					reason: state.waiting.reason,
+					message: state.waiting.message
+				}
+			};
+		}
+		return {};
+	}
+
+	private parseLogEntry(line: string, pod: PodStatus, namespace: string): LogEntry {
+		// Parse timestamp if present (when timestamps: true)
+		const timestampMatch = line.match(/^(\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z)\s+(.*)$/);
+		let timestamp: Date;
+		let message: string;
+
+		if (timestampMatch) {
+			timestamp = new Date(timestampMatch[1] ?? '');
+			message = timestampMatch[2] ?? '';
+		} else {
+			timestamp = new Date();
+			message = line;
+		}
+
+		// Try to parse log level
+		const levelMatch = message.match(/\b(ERROR|WARN|INFO|DEBUG|TRACE)\b/i);
+		const level = levelMatch ? levelMatch[1].toUpperCase() : undefined;
+
+		return {
+			timestamp,
+			pod: pod.name,
+			namespace,
+			container: pod.containers[0]?.name || 'unknown',
+			message,
+			level,
+			cluster: this.kc.getCurrentContext(),
+			node: pod.node,
+			labels: {}
+		};
+	}
+
+	private getAge(timestamp?: Date | string): string {
+		if (!timestamp) return 'Unknown';
+
+		const created = new Date(timestamp);
+		const now = new Date();
+		const diff = now.getTime() - created.getTime();
+
+		const days = Math.floor(diff / (1000 * 60 * 60 * 24));
+		const hours = Math.floor((diff % (1000 * 60 * 60 * 24)) / (1000 * 60 * 60));
+		const minutes = Math.floor((diff % (1000 * 60 * 60)) / (1000 * 60));
+
+		if (days > 0) return `${days}d${hours}h`;
+		if (hours > 0) return `${hours}h${minutes}m`;
+		return `${minutes}m`;
+	}
+
+	private parseCPU(cpu: string): number {
+		// Convert CPU to millicores
+		if (cpu.endsWith('n')) {
+			return parseInt(cpu) / 1_000_000;
+		} else if (cpu.endsWith('m')) {
+			return parseInt(cpu);
+		} else {
+			return parseFloat(cpu) * 1000;
+		}
+	}
+
+	private parseMemory(memory: string): number {
+		// Convert memory to bytes
+		const units: Record<string, number> = {
+			Ki: 1024,
+			Mi: 1024 * 1024,
+			Gi: 1024 * 1024 * 1024,
+			K: 1000,
+			M: 1000 * 1000,
+			G: 1000 * 1000 * 1000
+		};
+
+		for (const [unit, multiplier] of Object.entries(units)) {
+			if (memory.endsWith(unit)) {
+				return parseInt(memory) * multiplier;
+			}
+		}
+
+		return parseInt(memory);
+	}
+
+	private detectProvider(server: string): K8sEnvironment['provider'] {
+		if (server.includes('eks.amazonaws.com')) return 'eks';
+		if (server.includes('azmk8s.io')) return 'aks';
+		if (server.includes('gke.')) return 'gke';
+		if (server.includes('docker-desktop')) return 'docker-desktop';
+		if (server.includes('minikube')) return 'minikube';
+		return 'other';
+	}
+
+	private handleK8sError(error: unknown): Error {
+		if ((error as { response?: { statusCode: number; body?: { message?: string } } }).response) {
+			const response = (error as { response: { statusCode: number; body?: { message?: string } } }).response;
+			const status = response.statusCode;
+			const message = response.body?.message || String(error);
+
+			if (status === 401 || status === 403) {
+				return new K8sAuthError(message);
+			}
+
+			if (status === 404) {
+				return new K8sNotFoundError(
+					(response.body as { details?: { kind?: string } } | undefined)?.details?.kind || 'Resource',
+					(response.body as { details?: { name?: string } } | undefined)?.details?.name || 'unknown'
+				);
+			}
+
+			return new K8sError(message, status, (error as { response?: { body?: { reason?: string } } }).response?.body?.reason);
+		}
+
+		return error instanceof Error ? error : new Error('Unknown Kubernetes error');
+	}
+}
+
+export default KubernetesClient;