aubay-oci-deploy-tool 1.0.1

package/external-secrets/config.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.externalSecretsConfig = exports.compartmentId = void 0;
+const pulumi = require("@pulumi/pulumi");
+const infraConfig = new pulumi.Config("infra");
+exports.compartmentId = infraConfig.require("compartmentId");
+const cfg = new pulumi.Config("deploy:external-secrets");
+exports.externalSecretsConfig = {
+    chartVersion: cfg.get("chartVersion") ?? "1.0.0",
+    namespace: cfg.get("namespace") ?? "external-secrets",
+};
+//# sourceMappingURL=config.js.map

package/external-secrets/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/external-secrets/config.ts"],"names":[],"mappings":";;;AAAA,yCAAyC;AAEzC,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAClC,QAAA,aAAa,GAAW,WAAW,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;AAE1E,MAAM,GAAG,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,yBAAyB,CAAC,CAAC;AAE5C,QAAA,qBAAqB,GAAG;IACjC,YAAY,EAAE,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,OAAO;IAChD,SAAS,EAAE,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,kBAAkB;CACxD,CAAC"}

package/external-secrets/externalsecrets.d.ts

@@ -0,0 +1,22 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as oci from "@pulumi/oci";
+import * as k8s from "@pulumi/kubernetes";
+import { IExternalSecrets, IExternalSecretsConfig } from "./interfaces";
+import { IOkeKubeconfig } from "../oke/interfaces";
+import { IRegion } from "../region/interfaces";
+export declare class ExternalSecrets implements IExternalSecrets {
+    private clusters;
+    private config;
+    private vaults;
+    private region;
+    private opts?;
+    namespace: k8s.core.v1.Namespace[];
+    helmRelease: k8s.helm.v3.Release[];
+    secretStore: k8s.apiextensions.CustomResource[];
+    private static readonly CHART_REPO;
+    private static readonly CHART_NAME;
+    constructor(clusters: pulumi.Output<IOkeKubeconfig[]>, config: IExternalSecretsConfig, vaults: pulumi.Output<oci.kms.Vault[]>, region: pulumi.Output<IRegion>, opts?: pulumi.CustomResourceOptions | undefined);
+    private createNamespace;
+    private installHelmChart;
+    private createClusterSecretStore;
+}

package/external-secrets/externalsecrets.js

@@ -0,0 +1,74 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ExternalSecrets = void 0;
+const pulumi = require("@pulumi/pulumi");
+const k8s = require("@pulumi/kubernetes");
+class ExternalSecrets {
+    constructor(clusters, config, vaults, region, opts) {
+        this.clusters = clusters;
+        this.config = config;
+        this.vaults = vaults;
+        this.region = region;
+        this.opts = opts;
+        this.namespace = [];
+        this.helmRelease = [];
+        this.secretStore = [];
+        this.clusters.apply(clusters => {
+            clusters.forEach(cluster => {
+                // Extraemos kubeconfig y clusterName de cada Output
+                pulumi.all([cluster.kubeconfig, cluster.clusterName]).apply(([kubeconfig, clusterName]) => {
+                    const provider = new k8s.Provider(`k8s-provider-ext-sec-${clusterName}`, {
+                        kubeconfig: kubeconfig,
+                    }, this.opts);
+                    const ns = this.createNamespace(provider, clusterName);
+                    this.namespace.push(ns);
+                    const release = this.installHelmChart(provider, clusterName, ns);
+                    this.helmRelease.push(release);
+                    const secretStore = this.createClusterSecretStore(provider, clusterName, release);
+                    this.secretStore.push(secretStore);
+                });
+            });
+        });
+    }
+    createNamespace(provider, clusterName) {
+        return new k8s.core.v1.Namespace(`external-secrets-namespace-${clusterName}`, {
+            metadata: {
+                name: this.config.namespace,
+            },
+        }, { provider, ...this.opts, });
+    }
+    installHelmChart(provider, clusterName, ns) {
+        return new k8s.helm.v3.Release(`external-secrets-operator-${clusterName}`, {
+            chart: ExternalSecrets.CHART_NAME,
+            version: this.config.chartVersion,
+            repositoryOpts: {
+                repo: ExternalSecrets.CHART_REPO,
+            },
+            namespace: this.config.namespace,
+            values: {},
+        }, { provider, dependsOn: [ns] });
+    }
+    createClusterSecretStore(provider, clusterName, release) {
+        this.region.name.apply(n => pulumi.log.info(`El nombre de la region es: ${n}`));
+        return new k8s.apiextensions.CustomResource(`cluster-secret-store-${clusterName}`, {
+            apiVersion: "external-secrets.io/v1",
+            kind: "ClusterSecretStore",
+            metadata: {
+                name: "oci-vault-cluster-secret-store",
+            },
+            spec: {
+                provider: {
+                    oracle: {
+                        vault: this.vaults[0].id,
+                        //vault: "ocid1.vault.oc1.eu-madrid-1.ifurl64caae3s.abwwcljr2lava4yjsuit7lysd7f4zaaci4syxltpkh6camihqky324dmxzjq",
+                        region: this.region.name,
+                    }
+                },
+            },
+        }, { provider, dependsOn: [release] });
+    }
+}
+exports.ExternalSecrets = ExternalSecrets;
+ExternalSecrets.CHART_REPO = "https://charts.external-secrets.io";
+ExternalSecrets.CHART_NAME = "external-secrets";
+//# sourceMappingURL=externalsecrets.js.map

package/external-secrets/externalsecrets.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"externalsecrets.js","sourceRoot":"","sources":["../../src/external-secrets/externalsecrets.ts"],"names":[],"mappings":";;;AAAA,yCAAyC;AAEzC,0CAA0C;AAK1C,MAAa,eAAe;IAQxB,YACY,QAAyC,EACzC,MAA8B,EAC9B,MAAsC,EACtC,MAA8B,EAC9B,IAAmC;QAJnC,aAAQ,GAAR,QAAQ,CAAiC;QACzC,WAAM,GAAN,MAAM,CAAwB;QAC9B,WAAM,GAAN,MAAM,CAAgC;QACtC,WAAM,GAAN,MAAM,CAAwB;QAC9B,SAAI,GAAJ,IAAI,CAA+B;QAZxC,cAAS,GAA4B,EAAE,CAAC;QACxC,gBAAW,GAA0B,EAAE,CAAC;QACxC,gBAAW,GAAuC,EAAE,CAAC;QAYxD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE;YACvB,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;gBACvB,oDAAoD;gBACpD,MAAM,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,EAAE,EAAE;oBACtF,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,wBAAwB,WAAW,EAAE,EAAE;wBACrE,UAAU,EAAE,UAAU;qBACzB,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;oBAEd,MAAM,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;oBACvD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBAExB,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,WAAW,EAAE,EAAE,CAAC,CAAC;oBACjE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBAE/B,MAAM,WAAW,GAAG,IAAI,CAAC,wBAAwB,CAAC,QAAQ,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;oBAClF,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBACvC,CAAC,CAAC,CAAC;YACP,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACX,CAAC;IAEO,eAAe,CAAC,QAAsB,EAAE,WAAmB;QAC/D,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CAC5B,8BAA8B,WAAW,EAAE,EAC3C;YACI,QAAQ,EAAE;gBACN,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;aAC9B;SACJ,EACD,EAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,IAAI,GAAE,CAC5B,CAAC;IACN,CAAC;IAEO,gBAAgB,CAAC,QAAsB,EAAE,WAAmB,EAAE,EAAyB;QAC3F,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAC1B,6BAA6B,WAAW,EAAE,EAC1C;YACI,KAAK,EAAE,eAAe,CAAC,UAAU;YACjC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;YACjC,cAAc,EAAE;gBACZ,IAAI,EAAE,eAAe,CAAC,UAAU;aACnC;YACD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,MAAM,EAAE,EAAE;SACb,EACD,EAAC,QAAQ,EAAE,SAAS,EAAE,CAAC,EAAE,CAAC,EAAC,CAC9B,CAAC;IACN,CAAC;IAEO,wBAAwB,CAC5B,QAAsB,EACtB,WAAmB,EACnB,OAA4B;QAE5B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,8BAA8B,CAAC,EAAE,CAAC,CAAC,CAAA;QAC/E,OAAO,IAAI,GAAG,CAAC,aAAa,CAAC,cAAc,CACvC,wBAAwB,WAAW,EAAE,EACrC;YACI,UAAU,EAAE,wBAAwB;YACpC,IAAI,EAAE,oBAAoB;YAC1B,QAAQ,EAAE;gBACN,IAAI,EAAE,gCAAgC;aACzC;YACD,IAAI,EAAE;gBACF,QAAQ,EAAE;oBACN,MAAM,EAAE;wBACJ,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;wBACxB,kHAAkH;wBAClH,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;qBAC3B;iBACJ;aACJ;SACJ,EACD,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE,CACrC,CAAC;IACN,CAAC;;AA1FL,0CA4FC;AAvF2B,0BAAU,GAAG,oCAAoC,AAAvC,CAAwC;AAClD,0BAAU,GAAG,kBAAkB,AAArB,CAAsB"}

package/external-secrets/interfaces.d.ts

@@ -0,0 +1,10 @@
+import * as k8s from "@pulumi/kubernetes";
+export interface IExternalSecretsConfig {
+    chartVersion: string;
+    namespace: string;
+}
+export interface IExternalSecrets {
+    namespace: k8s.core.v1.Namespace[];
+    helmRelease: k8s.helm.v3.Release[];
+    secretStore: k8s.apiextensions.CustomResource[];
+}

package/external-secrets/interfaces.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=interfaces.js.map

package/external-secrets/interfaces.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/external-secrets/interfaces.ts"],"names":[],"mappings":""}

package/iam/config.d.ts

@@ -0,0 +1,2 @@
+import { IIamConfig } from "./interfaces";
+export declare const iamCfg: IIamConfig;

package/iam/config.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.iamCfg = void 0;
+const pulumi = require("@pulumi/pulumi");
+const stack = pulumi.getStack();
+const tenancyId = new pulumi.Config("tenancy").require("compartmentId");
+const compartmentId = new pulumi.Config("infra").require("compartmentId");
+const compartmentName = new pulumi.Config("infra").require("compartmentName");
+const ocirCompartmentName = new pulumi.Config("ocir").require("compartmentName");
+exports.iamCfg = {
+    tenancyId: tenancyId,
+    compartmentId: compartmentId,
+    compartmentName: compartmentName,
+    ocirCompartmentName: ocirCompartmentName,
+    dynamicGroupName: `${stack}-oke-instances-dg`
+};
+//# sourceMappingURL=config.js.map

package/iam/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/iam/config.ts"],"names":[],"mappings":";;;AAAA,yCAAyC;AAGzC,MAAM,KAAK,GAAW,MAAM,CAAC,QAAQ,EAAE,CAAC;AAExC,MAAM,SAAS,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;AACxE,MAAM,aAAa,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;AAC1E,MAAM,eAAe,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAC9E,MAAM,mBAAmB,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEpE,QAAA,MAAM,GAAe;IAC9B,SAAS,EAAE,SAAS;IACpB,aAAa,EAAE,aAAa;IAC5B,eAAe,EAAE,eAAe;IAChC,mBAAmB,EAAE,mBAAmB;IACxC,gBAAgB,EAAE,GAAG,KAAK,mBAAmB;CAChD,CAAA"}

package/iam/iam.d.ts

@@ -0,0 +1,10 @@
+import * as oci from "@pulumi/oci";
+import { IIam, IIamConfig } from "./interfaces";
+export declare class Iam implements IIam {
+    private config;
+    dynamicGroup: oci.identity.DynamicGroup;
+    policy: oci.identity.Policy;
+    constructor(config: IIamConfig);
+    private createDynamicGroup;
+    private createPolicy;
+}

package/iam/iam.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Iam = void 0;
+const oci = require("@pulumi/oci");
+class Iam {
+    constructor(config) {
+        this.config = config;
+        this.dynamicGroup = this.createDynamicGroup();
+        this.policy = this.createPolicy();
+    }
+    createDynamicGroup() {
+        return new oci.identity.DynamicGroup(this.config.dynamicGroupName, {
+            name: this.config.dynamicGroupName,
+            compartmentId: this.config.tenancyId,
+            description: "Dynamic group para nodos de los OKEs",
+            matchingRule: `ALL {instance.compartment.id = '${this.config.compartmentId}'}`,
+        });
+    }
+    createPolicy() {
+        return new oci.identity.Policy(`${this.config.dynamicGroupName}-policy`, {
+            name: `${this.config.dynamicGroupName}-policy`,
+            compartmentId: this.config.compartmentId,
+            description: "Permisos para las instancias de los OKEs",
+            statements: [
+                `Allow dynamic-group ${this.config.dynamicGroupName} to read secret-family in compartment ${this.config.compartmentName}`,
+                `Allow dynamic-group ${this.config.dynamicGroupName} to use vault in compartment ${this.config.compartmentName}`,
+                `Allow dynamic-group ${this.config.dynamicGroupName} to read repos in compartment ${this.config.ocirCompartmentName}`,
+            ],
+        });
+    }
+}
+exports.Iam = Iam;
+//# sourceMappingURL=iam.js.map

package/iam/iam.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"iam.js","sourceRoot":"","sources":["../../src/iam/iam.ts"],"names":[],"mappings":";;;AAAA,mCAAmC;AAGnC,MAAa,GAAG;IAIZ,YAAoB,MAAkB;QAAlB,WAAM,GAAN,MAAM,CAAY;QAClC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC9C,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;IACtC,CAAC;IAEO,kBAAkB;QACtB,OAAO,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAC/D,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB;YAClC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YACpC,WAAW,EAAE,sCAAsC;YACnD,YAAY,EAAE,mCAAmC,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI;SACjF,CAAC,CAAC;IACP,CAAC;IAEO,YAAY;QAChB,OAAO,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,SAAS,EAAE;YACrE,IAAI,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,SAAS;YAC9C,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;YACxC,WAAW,EAAE,0CAA0C;YACvD,UAAU,EAAE;gBACR,uBAAuB,IAAI,CAAC,MAAM,CAAC,gBAAgB,yCAAyC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE;gBACzH,uBAAuB,IAAI,CAAC,MAAM,CAAC,gBAAgB,gCAAgC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE;gBAChH,uBAAuB,IAAI,CAAC,MAAM,CAAC,gBAAgB,iCAAiC,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE;aACxH;SACJ,CAAC,CAAC;IACP,CAAC;CACJ;AA9BD,kBA8BC"}

package/iam/interfaces.d.ts

@@ -0,0 +1,12 @@
+import * as oci from "@pulumi/oci";
+export interface IIamConfig {
+    tenancyId: string;
+    compartmentId: string;
+    compartmentName: string;
+    ocirCompartmentName: string;
+    dynamicGroupName: string;
+}
+export interface IIam {
+    dynamicGroup: oci.identity.DynamicGroup;
+    policy: oci.identity.Policy;
+}

package/iam/interfaces.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=interfaces.js.map

package/iam/interfaces.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/iam/interfaces.ts"],"names":[],"mappings":""}

package/index.d.ts

@@ -0,0 +1,39 @@
+export * from './argocd/config';
+export * from './argocd/interfaces';
+export * from './argocd/argocd';
+export * from './compute/config';
+export * from './compute/interfaces';
+export * from './compute/compute';
+export * from './compute/config';
+export * from './compute/interfaces';
+export * from './compute/compute';
+export { compartmentId as ES_compartmentId } from './external-secrets/config';
+export { externalSecretsConfig } from './external-secrets/config';
+export * from './external-secrets/interfaces';
+export * from './external-secrets/externalsecrets';
+export * from './iam/config';
+export * from './iam/interfaces';
+export * from './iam/iam';
+export * from './istio/config';
+export * from './istio/interfaces';
+export * from './istio/istio';
+export { compartmentId as N_compartmentId } from './network/config';
+export { vcns } from './network/config';
+export * from './network/interfaces';
+export * from './network/network';
+export * from './oke/config';
+export * from './oke/interfaces';
+export * from './oke/oke';
+export * from './region/config';
+export * from './region/interfaces';
+export * from './region/region';
+export * from './region/shortcode';
+export { compartmentId as SE_compartmentId } from './security/config';
+export { vaults } from './security/config';
+export * from './security/interfaces';
+export * from './security/security';
+export { compartmentId as ST_compartmentId } from './storage/config';
+export { namespace } from './storage/config';
+export { buckets } from './storage/config';
+export * from './storage/interfaces';
+export * from './storage/storage';

package/index.js

@@ -0,0 +1,81 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buckets = exports.namespace = exports.ST_compartmentId = exports.vaults = exports.SE_compartmentId = exports.vcns = exports.N_compartmentId = exports.externalSecretsConfig = exports.ES_compartmentId = void 0;
+// argocd structure
+__exportStar(require("./argocd/config"), exports);
+__exportStar(require("./argocd/interfaces"), exports);
+__exportStar(require("./argocd/argocd"), exports);
+// compute structure
+__exportStar(require("./compute/config"), exports);
+__exportStar(require("./compute/interfaces"), exports);
+__exportStar(require("./compute/compute"), exports);
+// crds structure
+__exportStar(require("./compute/config"), exports);
+__exportStar(require("./compute/interfaces"), exports);
+__exportStar(require("./compute/compute"), exports);
+// external-secrets structure
+// export * from './external-secrets/config';
+var config_1 = require("./external-secrets/config");
+Object.defineProperty(exports, "ES_compartmentId", { enumerable: true, get: function () { return config_1.compartmentId; } });
+var config_2 = require("./external-secrets/config");
+Object.defineProperty(exports, "externalSecretsConfig", { enumerable: true, get: function () { return config_2.externalSecretsConfig; } });
+__exportStar(require("./external-secrets/interfaces"), exports);
+__exportStar(require("./external-secrets/externalsecrets"), exports);
+// iam structure
+__exportStar(require("./iam/config"), exports);
+__exportStar(require("./iam/interfaces"), exports);
+__exportStar(require("./iam/iam"), exports);
+// istio structure
+__exportStar(require("./istio/config"), exports);
+__exportStar(require("./istio/interfaces"), exports);
+__exportStar(require("./istio/istio"), exports);
+// network structure
+// export * from './network/config';
+var config_3 = require("./network/config");
+Object.defineProperty(exports, "N_compartmentId", { enumerable: true, get: function () { return config_3.compartmentId; } });
+var config_4 = require("./network/config");
+Object.defineProperty(exports, "vcns", { enumerable: true, get: function () { return config_4.vcns; } });
+__exportStar(require("./network/interfaces"), exports);
+__exportStar(require("./network/network"), exports);
+// oke structure
+__exportStar(require("./oke/config"), exports);
+__exportStar(require("./oke/interfaces"), exports);
+__exportStar(require("./oke/oke"), exports);
+// region structure
+__exportStar(require("./region/config"), exports);
+__exportStar(require("./region/interfaces"), exports);
+__exportStar(require("./region/region"), exports);
+__exportStar(require("./region/shortcode"), exports);
+// security structure
+// export * from './security/config';
+var config_5 = require("./security/config");
+Object.defineProperty(exports, "SE_compartmentId", { enumerable: true, get: function () { return config_5.compartmentId; } });
+var config_6 = require("./security/config");
+Object.defineProperty(exports, "vaults", { enumerable: true, get: function () { return config_6.vaults; } });
+__exportStar(require("./security/interfaces"), exports);
+__exportStar(require("./security/security"), exports);
+// storage structure
+// export * from './storage/config';
+var config_7 = require("./storage/config");
+Object.defineProperty(exports, "ST_compartmentId", { enumerable: true, get: function () { return config_7.compartmentId; } });
+var config_8 = require("./storage/config");
+Object.defineProperty(exports, "namespace", { enumerable: true, get: function () { return config_8.namespace; } });
+var config_9 = require("./storage/config");
+Object.defineProperty(exports, "buckets", { enumerable: true, get: function () { return config_9.buckets; } });
+__exportStar(require("./storage/interfaces"), exports);
+__exportStar(require("./storage/storage"), exports);
+//# sourceMappingURL=index.js.map

package/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,mBAAmB;AACnB,kDAAgC;AAChC,sDAAoC;AACpC,kDAAgC;AAChC,oBAAoB;AACpB,mDAAiC;AACjC,uDAAqC;AACrC,oDAAkC;AAClC,iBAAiB;AACjB,mDAAiC;AACjC,uDAAqC;AACrC,oDAAkC;AAClC,6BAA6B;AAC7B,6CAA6C;AAC7C,oDAA4E;AAApE,0GAAA,aAAa,OAAoB;AACzC,oDAAgE;AAAxD,+GAAA,qBAAqB,OAAA;AAC7B,gEAA8C;AAC9C,qEAAmD;AACnD,gBAAgB;AAChB,+CAA6B;AAC7B,mDAAiC;AACjC,4CAA0B;AAC1B,kBAAkB;AAClB,iDAA+B;AAC/B,qDAAmC;AACnC,gDAA8B;AAC9B,oBAAoB;AACpB,oCAAoC;AACpC,2CAAkE;AAA1D,yGAAA,aAAa,OAAmB;AACxC,2CAAsC;AAA9B,8FAAA,IAAI,OAAA;AACZ,uDAAqC;AACrC,oDAAkC;AAClC,gBAAgB;AAChB,+CAA6B;AAC7B,mDAAiC;AACjC,4CAA0B;AAC1B,mBAAmB;AACnB,kDAAgC;AAChC,sDAAoC;AACpC,kDAAgC;AAChC,qDAAmC;AACnC,qBAAqB;AACrB,qCAAqC;AACrC,4CAAoE;AAA5D,0GAAA,aAAa,OAAoB;AACzC,4CAAyC;AAAjC,gGAAA,MAAM,OAAA;AACd,wDAAsC;AACtC,sDAAoC;AACpC,oBAAoB;AACpB,oCAAoC;AACpC,2CAAmE;AAA3D,0GAAA,aAAa,OAAoB;AACzC,2CAA2C;AAAnC,mGAAA,SAAS,OAAA;AACjB,2CAAyC;AAAjC,iGAAA,OAAO,OAAA;AACf,uDAAqC;AACrC,oDAAkC"}

package/istio/config.d.ts

@@ -0,0 +1,2 @@
+import { IstioConfig } from "./interfaces";
+export declare const istioConfig: IstioConfig;

package/istio/config.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.istioConfig = void 0;
+const pulumi = require("@pulumi/pulumi");
+const stack = pulumi.getStack();
+const cfg = new pulumi.Config("deploy");
+const istioCfg = cfg.requireObject("istio");
+exports.istioConfig = {
+    namespace: istioCfg.namespace,
+    chartVersion: istioCfg.chartVersion,
+    lb: istioCfg.lb.map(lb => ({
+        ...lb,
+        subnetName: `${stack}-${lb.subnetName}`
+    })),
+    namespacesToInject: istioCfg.namespacesToInject,
+    cnpgNamespace: istioCfg.cnpgNamespace
+};
+//# sourceMappingURL=config.js.map

package/istio/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/istio/config.ts"],"names":[],"mappings":";;;AAAA,yCAAyC;AAGzC,MAAM,KAAK,GAAW,MAAM,CAAC,QAAQ,EAAE,CAAC;AAExC,MAAM,GAAG,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AAExC,MAAM,QAAQ,GAAG,GAAG,CAAC,aAAa,CAAc,OAAO,CAAC,CAAC;AAE5C,QAAA,WAAW,GAAgB;IACtC,SAAS,EAAE,QAAQ,CAAC,SAAS;IAC7B,YAAY,EAAE,QAAQ,CAAC,YAAY;IACnC,EAAE,EAAE,QAAQ,CAAC,EAAE,CAAC,GAAG,CAAE,EAAE,CAAC,EAAE,CAAC,CAAC;QAC1B,GAAG,EAAE;QACL,UAAU,EAAE,GAAG,KAAK,IAAI,EAAE,CAAC,UAAU,EAAE;KACxC,CAAC,CAAC;IACH,kBAAkB,EAAE,QAAQ,CAAC,kBAAkB;IAC/C,aAAa,EAAE,QAAQ,CAAC,aAAa;CACtC,CAAC"}

package/istio/interfaces.d.ts

@@ -0,0 +1,18 @@
+import * as k8s from "@pulumi/kubernetes";
+export interface IstioLbConfig {
+    name: string;
+    type: "public" | "private";
+    subnetName: string;
+    reservedIpOcid?: string;
+}
+export interface IstioConfig {
+    namespace: string;
+    chartVersion: string;
+    lb: IstioLbConfig[];
+    namespacesToInject: string[];
+    cnpgNamespace: string;
+}
+export interface IIstio {
+    releases: k8s.helm.v3.Release[];
+    gwCRD: k8s.apiextensions.CustomResource[];
+}

package/istio/interfaces.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=interfaces.js.map

package/istio/interfaces.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../src/istio/interfaces.ts"],"names":[],"mappings":""}

package/istio/istio.d.ts

@@ -0,0 +1,24 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as k8s from "@pulumi/kubernetes";
+import * as oci from "@pulumi/oci";
+import { IstioConfig, IIstio } from "./interfaces";
+import { IOkeKubeconfig } from "../oke/interfaces";
+export declare class Istio implements IIstio {
+    private clusters;
+    private subnets;
+    private config;
+    private opts?;
+    releases: k8s.helm.v3.Release[];
+    gwCRD: k8s.apiextensions.CustomResource[];
+    constructor(clusters: pulumi.Output<IOkeKubeconfig[]>, subnets: pulumi.Output<oci.core.Subnet[]>, config: IstioConfig, opts?: pulumi.CustomResourceOptions | undefined);
+    private deploy;
+    private ensureNamespace;
+    private installIstioControlPlane;
+    private applyNamespaceInjection;
+    private createGateways;
+    private applyServiceLoadBalancerAnnotations;
+    private createGatewayCR;
+    private applyMtlsStrict;
+    private findSubnet;
+    private applyCnpgIstioExceptions;
+}