pepr 0.1.26 → 0.1.28

package/src/lib/capability.ts

@@ -1,150 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { modelToGroupVersionKind } from "./k8s";
-import logger from "./logger";
-import {
-  BindToAction,
-  Binding,
-  BindingFilter,
-  BindingWithName,
-  CapabilityAction,
-  CapabilityCfg,
-  DeepPartial,
-  Event,
-  GenericClass,
-  HookPhase,
-  WhenSelector,
-} from "./types";
-
-/**
- * A capability is a unit of functionality that can be registered with the Pepr runtime.
- */
-export class Capability implements CapabilityCfg {
-  private _name: string;
-  private _description: string;
-  private _namespaces?: string[] | undefined;
-
-  // Currently everything is considered a mutation
-  private _mutateOrValidate = HookPhase.mutate;
-
-  private _bindings: Binding[] = [];
-
-  get bindings(): Binding[] {
-    return this._bindings;
-  }
-
-  get name() {
-    return this._name;
-  }
-
-  get description() {
-    return this._description;
-  }
-
-  get namespaces() {
-    return this._namespaces || [];
-  }
-
-  get mutateOrValidate() {
-    return this._mutateOrValidate;
-  }
-
-  constructor(cfg: CapabilityCfg) {
-    this._name = cfg.name;
-    this._description = cfg.description;
-    this._namespaces = cfg.namespaces;
-    logger.info(`Capability ${this._name} registered`);
-    logger.debug(cfg);
-  }
-
-  /**
-   * The When method is used to register a capability action to be executed when a Kubernetes resource is
-   * processed by Pepr. The action will be executed if the resource matches the specified kind and any
-   * filters that are applied.
-   *
-   * @param model if using a custom KubernetesObject not available in `a.*`, specify the GroupVersionKind
-   * @returns
-   */
-  When = <T extends GenericClass>(model: T): WhenSelector<T> => {
-    const binding: Binding = {
-      // If the kind is not specified, use the default KubernetesObject
-      kind: modelToGroupVersionKind(model.name),
-      filters: {
-        name: "",
-        namespaces: [],
-        labels: {},
-        annotations: {},
-      },
-      callback: () => null,
-    };
-
-    const prefix = `${this._name}: ${model.name}`;
-
-    logger.info(`Binding created`, prefix);
-
-    const Then = (cb: CapabilityAction<T>): BindToAction<T> => {
-      logger.info(`Binding action created`, prefix);
-      logger.debug(cb.toString(), prefix);
-      // Push the binding to the list of bindings for this capability as a new BindingAction
-      // with the callback function to preserve
-      this._bindings.push({
-        ...binding,
-        callback: cb,
-      });
-
-      // Now only allow adding actions to the same binding
-      return { Then };
-    };
-
-    const ThenSet = (merge: DeepPartial<InstanceType<T>>): BindToAction<T> => {
-      // Add the new action to the binding
-      Then(req => req.Merge(merge));
-
-      return { Then };
-    };
-
-    function InNamespace(...namespaces: string[]): BindingWithName<T> {
-      logger.debug(`Add namespaces filter ${namespaces}`, prefix);
-      binding.filters.namespaces.push(...namespaces);
-      return { WithLabel, WithAnnotation, WithName, Then, ThenSet };
-    }
-
-    function WithName(name: string): BindingFilter<T> {
-      logger.debug(`Add name filter ${name}`, prefix);
-      binding.filters.name = name;
-      return { WithLabel, WithAnnotation, Then, ThenSet };
-    }
-
-    function WithLabel(key: string, value = ""): BindingFilter<T> {
-      logger.debug(`Add label filter ${key}=${value}`, prefix);
-      binding.filters.labels[key] = value;
-      return { WithLabel, WithAnnotation, Then, ThenSet };
-    }
-
-    const WithAnnotation = (key: string, value = ""): BindingFilter<T> => {
-      logger.debug(`Add annotation filter ${key}=${value}`, prefix);
-      binding.filters.annotations[key] = value;
-      return { WithLabel, WithAnnotation, Then, ThenSet };
-    };
-
-    const bindEvent = (event: Event) => {
-      binding.event = event;
-      return {
-        InNamespace,
-        Then,
-        ThenSet,
-        WithAnnotation,
-        WithLabel,
-        WithName,
-      };
-    };
-
-    return {
-      IsCreatedOrUpdated: () => bindEvent(Event.CreateOrUpdate),
-      IsCreated: () => bindEvent(Event.Create),
-      IsUpdated: () => bindEvent(Event.Update),
-      IsDeleted: () => bindEvent(Event.Delete),
-    };
-  };
-}

package/src/lib/controller.ts

@@ -1,92 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import express from "express";
-import fs from "fs";
-import https from "https";
-import { ModuleConfig } from "./types";
-import { Capability } from "./capability";
-import { processor } from "./processor";
-
-// Load SSL certificate and key
-const options = {
-  key: fs.readFileSync(process.env.SSL_KEY_PATH || "/etc/certs/tls.key"),
-  cert: fs.readFileSync(process.env.SSL_CERT_PATH || "/etc/certs/tls.crt"),
-};
-
-export class Controller {
-  private readonly app = express();
-
-  constructor(private readonly config: ModuleConfig, private readonly capabilities: Capability[]) {
-    // Middleware for logging requests
-    this.app.use(this.logger);
-
-    // Middleware for parsing JSON
-    this.app.use(express.json());
-
-    // Health check endpoint
-    this.app.get("/healthz", this.healthz);
-
-    // Mutate endpoint
-    this.app.post("/mutate", this.mutate);
-  }
-
-  /** Start the webhook server */
-  public startServer = (port: number) => {
-    // Create HTTPS server
-    https.createServer(options, this.app).listen(port, () => {
-      console.log(`Server listening on port ${port}`);
-    });
-  };
-
-  private logger = (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    const startTime = Date.now();
-
-    res.on("finish", () => {
-      const now = new Date().toISOString();
-      const elapsedTime = Date.now() - startTime;
-      const message = `[${now}] ${req.method} ${req.originalUrl} - ${res.statusCode} - ${elapsedTime} ms\n`;
-
-      res.statusCode >= 400 ? console.error(message) : console.info(message);
-    });
-
-    next();
-  };
-
-  private healthz = (req: express.Request, res: express.Response) => {
-    try {
-      res.send("OK");
-    } catch (err) {
-      console.error(err);
-      res.status(500).send("Internal Server Error");
-    }
-  };
-
-  private mutate = (req: express.Request, res: express.Response) => {
-    try {
-      const name = req.body?.request?.name || "";
-      const namespace = req.body?.request?.namespace || "";
-      const gvk = req.body?.request?.kind || { group: "", version: "", kind: "" };
-
-      console.log(`Mutate request: ${gvk.group}/${gvk.version}/${gvk.kind}`);
-      name && console.log(`                ${namespace}/${name}\n`);
-
-      // @todo: make this actually do something
-      const response = processor(this.config, this.capabilities, req.body.request);
-      console.debug(response);
-
-      // Send a no prob bob response
-      res.send({
-        apiVersion: "admission.k8s.io/v1",
-        kind: "AdmissionReview",
-        response: {
-          uid: req.body.request.uid,
-          allowed: true,
-        },
-      });
-    } catch (err) {
-      console.error(err);
-      res.status(500).send("Internal Server Error");
-    }
-  };
-}

package/src/lib/filter.ts

@@ -1,52 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { Request } from "./k8s";
-import logger from "./logger";
-import { Binding } from "./types";
-
-/**
- * shouldSkipRequest determines if a request should be skipped based on the binding filters.
- *
- * @param binding the capability action binding
- * @param req the incoming request
- * @returns
- */
-export function shouldSkipRequest(binding: Binding, req: Request) {
-  const { group, kind, version } = binding.kind;
-  const { namespaces, labels, annotations } = binding.filters;
-  const { metadata } = req.object;
-
-  if (kind !== req.kind.kind) {
-    return true;
-  }
-
-  if (group && group !== req.kind.group) {
-    return true;
-  }
-
-  if (version && version !== req.kind.version) {
-    return true;
-  }
-
-  if (namespaces.length && !namespaces.includes(req.namespace || "")) {
-    logger.debug("Namespace does not match");
-    return true;
-  }
-
-  for (const [key, value] of Object.entries(labels)) {
-    if (metadata?.labels?.[key] !== value) {
-      logger.debug(`${metadata?.labels?.[key]} does not match ${value}`);
-      return true;
-    }
-  }
-
-  for (const [key, value] of Object.entries(annotations)) {
-    if (metadata?.annotations?.[key] !== value) {
-      logger.debug(`${metadata?.annotations?.[key]} does not match ${value}`);
-      return true;
-    }
-  }
-
-  return false;
-}