k3s-deployer 0.1.0

package/src/shared/utils.cjs

@@ -0,0 +1,104 @@
+const fs = require('node:fs/promises');
+const path = require('node:path');
+const crypto = require('node:crypto');
+
+function slugify(value) {
+  return String(value || '')
+    .trim()
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, '-')
+    .replace(/^-+|-+$/g, '')
+    .replace(/--+/g, '-');
+}
+
+function toDatabaseName(value) {
+  return String(value || '')
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, '')
+    .slice(0, 32) || 'appdb';
+}
+
+function hashText(value) {
+  return crypto.createHash('sha1').update(String(value || '')).digest('hex');
+}
+
+async function exists(filePath) {
+  try {
+    await fs.access(filePath);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+async function readIfExists(filePath) {
+  if (!(await exists(filePath))) {
+    return null;
+  }
+  return fs.readFile(filePath, 'utf8');
+}
+
+async function readJsonIfExists(filePath) {
+  const text = await readIfExists(filePath);
+  if (!text) {
+    return null;
+  }
+  return JSON.parse(text);
+}
+
+async function listImmediateDirectories(rootPath) {
+  const entries = await fs.readdir(rootPath, { withFileTypes: true });
+  return entries.filter((entry) => entry.isDirectory()).map((entry) => entry.name);
+}
+
+async function ensureDir(dirPath) {
+  await fs.mkdir(dirPath, { recursive: true });
+}
+
+function shellQuote(value) {
+  return `'${String(value).replace(/'/g, `'\\''`)}'`;
+}
+
+function posixRelative(rootPath, targetPath) {
+  const relative = path.relative(rootPath, targetPath) || '.';
+  return relative.split(path.sep).join(path.posix.sep);
+}
+
+function uniqueBy(items, keyFn) {
+  const map = new Map();
+  for (const item of items) {
+    map.set(keyFn(item), item);
+  }
+  return Array.from(map.values());
+}
+
+function filterPublicEnv(envMap) {
+  return Object.fromEntries(
+    Object.entries(envMap || {}).filter(([key]) =>
+      key.startsWith('VITE_') || key.startsWith('NEXT_PUBLIC_') || key.startsWith('REACT_APP_'),
+    ),
+  );
+}
+
+function deriveHostAddress(target) {
+  if (!target || target.kind === 'local') {
+    return target && target.hostAddress ? target.hostAddress : '127.0.0.1';
+  }
+  return target.hostAddress || target.host;
+}
+
+module.exports = {
+  deriveHostAddress,
+  ensureDir,
+  exists,
+  filterPublicEnv,
+  hashText,
+  listImmediateDirectories,
+  posixRelative,
+  readIfExists,
+  readJsonIfExists,
+  shellQuote,
+  slugify,
+  toDatabaseName,
+  uniqueBy,
+};

package/src/templates/dockerfile.cjs

@@ -0,0 +1,114 @@
+function joinCommand(command) {
+  return Array.isArray(command) ? command.join(' ') : String(command || '');
+}
+
+function renderNodeDockerfile(unit) {
+  const startCommand = joinCommand(unit.build.start || ['npm', 'start']);
+  const buildCommand = unit.build.build ? `RUN ${joinCommand(unit.build.build)}` : '';
+  return `FROM node:22-alpine
+WORKDIR /app
+COPY package*.json ./
+COPY yarn.lock* pnpm-lock.yaml* ./
+RUN npm install -g pnpm yarn >/dev/null 2>&1 || true
+RUN if [ -f yarn.lock ]; then yarn install --frozen-lockfile; elif [ -f pnpm-lock.yaml ]; then pnpm install --frozen-lockfile; else npm install; fi
+COPY . .
+${buildCommand}
+EXPOSE ${unit.port || 3000}
+CMD ${JSON.stringify(['sh', '-lc', startCommand])}
+`;
+}
+
+function renderPythonDockerfile(unit) {
+  const installCommand = joinCommand(unit.build.install);
+  const startCommand = joinCommand(unit.build.start);
+  return `FROM python:3.12-slim
+WORKDIR /app
+COPY requirements.txt ./
+RUN ${installCommand}
+COPY . .
+EXPOSE ${unit.port || 8000}
+CMD ${JSON.stringify(['sh', '-lc', startCommand])}
+`;
+}
+
+function renderSpringDockerfile(unit) {
+  const buildCommand = joinCommand(unit.build.build);
+  const startCommand = joinCommand(unit.build.start);
+  return `FROM maven:3.9-eclipse-temurin-21 AS build
+WORKDIR /app
+COPY . .
+RUN ${buildCommand}
+FROM eclipse-temurin:21-jre
+WORKDIR /app
+COPY --from=build /app/target/*.jar /app/app.jar
+COPY --from=build /app/build/libs/*.jar /app/app.jar
+EXPOSE ${unit.port || 8080}
+CMD ${JSON.stringify(['sh', '-lc', startCommand.replace('$(find target build/libs -name "*.jar" | head -n 1)', '/app/app.jar')])}
+`;
+}
+
+function renderGoDockerfile(unit) {
+  const buildCommand = joinCommand(unit.build.build);
+  return `FROM golang:1.23 AS build
+WORKDIR /app
+COPY go.mod go.sum* ./
+RUN go mod download
+COPY . .
+RUN ${buildCommand}
+FROM alpine:3.20
+WORKDIR /app
+COPY --from=build /app/app /app/app
+EXPOSE ${unit.port || 8080}
+CMD ["./app"]
+`;
+}
+
+function renderRustDockerfile(unit) {
+  return `FROM rust:1.82 AS build
+WORKDIR /app
+COPY . .
+RUN cargo build --release
+FROM debian:bookworm-slim
+WORKDIR /app
+COPY --from=build /app/target/release /app/target/release
+EXPOSE ${unit.port || 3000}
+CMD ["sh", "-lc", ${JSON.stringify(joinCommand(unit.build.start))}]
+`;
+}
+
+function renderRubyDockerfile(unit) {
+  return `FROM ruby:3.3
+WORKDIR /app
+COPY Gemfile Gemfile.lock* ./
+RUN bundle install
+COPY . .
+EXPOSE ${unit.port || 3000}
+CMD ${JSON.stringify(['sh', '-lc', joinCommand(unit.build.start)])}
+`;
+}
+
+function createGeneratedDockerfile(unit) {
+  if (['react', 'nextjs', 'vue', 'angular', 'nestjs'].includes(unit.framework)) {
+    return renderNodeDockerfile(unit);
+  }
+  if (unit.framework === 'django') {
+    return renderPythonDockerfile(unit);
+  }
+  if (unit.framework === 'springboot') {
+    return renderSpringDockerfile(unit);
+  }
+  if (['gin', 'echo', 'fiber'].includes(unit.framework)) {
+    return renderGoDockerfile(unit);
+  }
+  if (['axum', 'actix-web'].includes(unit.framework)) {
+    return renderRustDockerfile(unit);
+  }
+  if (['rails', 'sinatra'].includes(unit.framework)) {
+    return renderRubyDockerfile(unit);
+  }
+  throw new Error(`Unsupported Dockerfile generation for ${unit.framework}`);
+}
+
+module.exports = {
+  createGeneratedDockerfile,
+};

package/src/templates/manifests.cjs

@@ -0,0 +1,291 @@
+function yamlValue(value) {
+  return JSON.stringify(String(value));
+}
+
+function renderKeyValueBlock(entries, indent) {
+  return Object.entries(entries)
+    .map(([key, value]) => `${' '.repeat(indent)}${key}: ${yamlValue(value)}`)
+    .join('\n');
+}
+
+function createSecretManifest(name, namespace, envMap) {
+  if (!envMap || Object.keys(envMap).length === 0) {
+    return null;
+  }
+  const encoded = Object.fromEntries(
+    Object.entries(envMap).map(([key, value]) => [key, Buffer.from(String(value)).toString('base64')]),
+  );
+  return `apiVersion: v1
+kind: Secret
+metadata:
+  name: ${name}
+  namespace: ${namespace}
+type: Opaque
+data:
+${renderKeyValueBlock(encoded, 2)}
+`;
+}
+
+function createConfigMapManifest(name, namespace, envMap) {
+  if (!envMap || Object.keys(envMap).length === 0) {
+    return null;
+  }
+  return `apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: ${name}
+  namespace: ${namespace}
+data:
+${renderKeyValueBlock(envMap, 2)}
+`;
+}
+
+function createTargetNodePlacement(indent = 6) {
+  const prefix = ' '.repeat(indent);
+  const nested = ' '.repeat(indent + 2);
+  const nestedMore = ' '.repeat(indent + 4);
+  return `${prefix}nodeSelector:
+${nested}k3s-deployer-target: "true"
+${prefix}tolerations:
+${nested}- key: node-role.kubernetes.io/control-plane
+${nestedMore}operator: Exists
+${nestedMore}effect: NoSchedule
+${nested}- key: node-role.kubernetes.io/master
+${nestedMore}operator: Exists
+${nestedMore}effect: NoSchedule`;
+}
+
+function createDeploymentManifest(spec) {
+  const imagePullPolicy =
+    spec.imagePullPolicy ||
+    (/^(localhost|127\.0\.0\.1)(:\d+)?\//.test(spec.image)
+      ? 'IfNotPresent'
+      : 'Always');
+  const envFrom = [];
+  if (spec.secretName) {
+    envFrom.push(
+      `            - secretRef:\n                name: ${spec.secretName}`,
+    );
+  }
+  if (spec.configMapName) {
+    envFrom.push(
+      `            - configMapRef:\n                name: ${spec.configMapName}`,
+    );
+  }
+  const volumeMounts = spec.volumeMountPath
+    ? `          volumeMounts:
+            - name: app-storage
+              mountPath: ${spec.volumeMountPath}`
+    : '';
+  const volumes = spec.volumeClaimName
+    ? `      volumes:
+        - name: app-storage
+          persistentVolumeClaim:
+            claimName: ${spec.volumeClaimName}`
+    : '';
+  return `apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ${spec.name}
+  namespace: ${spec.namespace}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ${spec.name}
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+  template:
+    metadata:
+      labels:
+        app: ${spec.name}
+    spec:
+${createTargetNodePlacement(6)}
+      containers:
+        - name: ${spec.name}
+          image: ${spec.image}
+          imagePullPolicy: ${imagePullPolicy}
+          ports:
+            - containerPort: ${spec.port}
+${envFrom.length ? `          envFrom:\n${envFrom.join('\n')}` : ''}${volumeMounts ? `\n${volumeMounts}` : ''}${volumes ? `\n${volumes}` : ''}
+`;
+}
+
+function createServiceManifest(spec) {
+  const nodePort = spec.nodePort ? `\n      nodePort: ${spec.nodePort}` : '';
+  return `apiVersion: v1
+kind: Service
+metadata:
+  name: ${spec.name}
+  namespace: ${spec.namespace}
+spec:
+  type: ${spec.nodePort ? 'NodePort' : 'ClusterIP'}
+  selector:
+    app: ${spec.targetName || spec.name}
+  ports:
+    - protocol: TCP
+      port: ${spec.port}
+      targetPort: ${spec.targetPort || spec.port}${nodePort}
+`;
+}
+
+function createIngressManifest(spec) {
+  return `apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ${spec.name}
+  namespace: ${spec.namespace}
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    cert-manager.io/cluster-issuer: letsencrypt-production
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "120"
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "120"
+    nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - ${spec.domain}
+      secretName: ${spec.tlsSecretName || `${spec.serviceName}-tls`}
+  rules:
+    - host: ${spec.domain}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: ${spec.serviceName}
+                port:
+                  number: ${spec.servicePort || 80}
+`;
+}
+
+function createPersistentVolumeClaim(name, namespace, size) {
+  return `apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: ${name}
+  namespace: ${namespace}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: ${size}
+`;
+}
+
+function createDatabaseManifests(input) {
+  const manifests = [];
+  const serviceName = `${input.projectSlug}-${input.kind}`;
+
+  if (input.kind === 'sqlite') {
+    manifests.push(createPersistentVolumeClaim(`${serviceName}-pvc`, input.namespace, '1Gi'));
+    return manifests;
+  }
+
+  const pvcKinds = new Set(['postgresql', 'mysql', 'mongodb', 'elasticsearch']);
+  if (pvcKinds.has(input.kind)) {
+    manifests.push(createPersistentVolumeClaim(`${serviceName}-pvc`, input.namespace, '1Gi'));
+  }
+
+  const imageByKind = {
+    postgresql: 'postgres:16',
+    mysql: 'mysql:8.4',
+    mongodb: 'mongo:7',
+    redis: 'redis:7',
+    elasticsearch: 'docker.elastic.co/elasticsearch/elasticsearch:8.15.0',
+  };
+
+  const envLines = [];
+  if (input.kind === 'postgresql') {
+    envLines.push('            - name: POSTGRES_DB\n              value: appdb');
+    envLines.push('            - name: POSTGRES_USER\n              value: app');
+    envLines.push('            - name: POSTGRES_PASSWORD\n              value: apppass');
+  }
+  if (input.kind === 'mysql') {
+    envLines.push('            - name: MYSQL_DATABASE\n              value: appdb');
+    envLines.push('            - name: MYSQL_USER\n              value: app');
+    envLines.push('            - name: MYSQL_PASSWORD\n              value: apppass');
+    envLines.push('            - name: MYSQL_ROOT_PASSWORD\n              value: rootpass');
+  }
+  if (input.kind === 'elasticsearch') {
+    envLines.push('            - name: discovery.type\n              value: single-node');
+    envLines.push('            - name: xpack.security.enabled\n              value: "false"');
+  }
+
+  const ports = {
+    postgresql: 5432,
+    mysql: 3306,
+    mongodb: 27017,
+    redis: 6379,
+    elasticsearch: 9200,
+  };
+
+  const mountPathByKind = {
+    postgresql: '/var/lib/postgresql/data',
+    mysql: '/var/lib/mysql',
+    mongodb: '/data/db',
+    elasticsearch: '/usr/share/elasticsearch/data',
+  };
+
+  const volumeMount = mountPathByKind[input.kind]
+    ? `          volumeMounts:
+            - name: data
+              mountPath: ${mountPathByKind[input.kind]}`
+    : '';
+  const volumes = mountPathByKind[input.kind]
+    ? `      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: ${serviceName}-pvc`
+    : '';
+
+  manifests.push(`apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ${serviceName}
+  namespace: ${input.namespace}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ${serviceName}
+  template:
+    metadata:
+      labels:
+        app: ${serviceName}
+    spec:
+${createTargetNodePlacement(6)}
+      containers:
+        - name: ${serviceName}
+          image: ${imageByKind[input.kind]}
+          ports:
+            - containerPort: ${ports[input.kind]}
+${envLines.length ? `          env:\n${envLines.join('\n')}\n` : ''}${volumeMount ? `${volumeMount}\n` : ''}${volumes ? `${volumes}\n` : ''}`);
+
+  manifests.push(
+    createServiceManifest({
+      name: serviceName,
+      namespace: input.namespace,
+      port: ports[input.kind],
+    }),
+  );
+
+  return manifests;
+}
+
+module.exports = {
+  createConfigMapManifest,
+  createDatabaseManifests,
+  createDeploymentManifest,
+  createIngressManifest,
+  createPersistentVolumeClaim,
+  createSecretManifest,
+  createServiceManifest,
+};