pepr 0.1.28 → 0.1.30

package/dist/src/lib/k8s/tls.js

@@ -1,4 +1,10 @@
-import forge from "node-forge";
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.genTLS = void 0;
+const node_forge_1 = __importDefault(require("node-forge"));
 const caName = "Pepr Ephemeral CA";
 /**
  * Generates a self-signed CA and server certificate with Subject Alternative Names (SANs) for the K8s webhook.
@@ -6,9 +12,9 @@ const caName = "Pepr Ephemeral CA";
  * @param {string} name - The name to use for the server certificate's Common Name and SAN DNS entry.
  * @returns {TLSOut} - An object containing the Base64-encoded CA, server certificate, and server private key.
  */
-export function genTLS(name) {
+function genTLS(name) {
     // Generate a new CA key pair and create a self-signed CA certificate
-    const caKeys = forge.pki.rsa.generateKeyPair(2048);
+    const caKeys = node_forge_1.default.pki.rsa.generateKeyPair(2048);
     const caCert = genCert(caKeys, caName, [{ name: "commonName", value: caName }]);
     caCert.setExtensions([
         {
@@ -25,16 +31,16 @@ export function genTLS(name) {
         },
     ]);
     // Generate a new server key pair and create a server certificate signed by the CA
-    const serverKeys = forge.pki.rsa.generateKeyPair(2048);
+    const serverKeys = node_forge_1.default.pki.rsa.generateKeyPair(2048);
     const serverCert = genCert(serverKeys, name, caCert.subject.attributes);
     // Sign both certificates with the CA private key
-    caCert.sign(caKeys.privateKey, forge.md.sha256.create());
-    serverCert.sign(caKeys.privateKey, forge.md.sha256.create());
+    caCert.sign(caKeys.privateKey, node_forge_1.default.md.sha256.create());
+    serverCert.sign(caKeys.privateKey, node_forge_1.default.md.sha256.create());
     // Convert the keys and certificates to PEM format
     const pem = {
-        ca: forge.pki.certificateToPem(caCert),
-        crt: forge.pki.certificateToPem(serverCert),
-        key: forge.pki.privateKeyToPem(serverKeys.privateKey),
+        ca: node_forge_1.default.pki.certificateToPem(caCert),
+        crt: node_forge_1.default.pki.certificateToPem(serverCert),
+        key: node_forge_1.default.pki.privateKeyToPem(serverKeys.privateKey),
     };
     // Base64-encode the PEM strings
     const ca = Buffer.from(pem.ca).toString("base64");
@@ -42,8 +48,9 @@ export function genTLS(name) {
     const crt = Buffer.from(pem.crt).toString("base64");
     return { ca, key, crt, pem };
 }
+exports.genTLS = genTLS;
 function genCert(key, name, issuer) {
-    const crt = forge.pki.createCertificate();
+    const crt = node_forge_1.default.pki.createCertificate();
     crt.publicKey = key.publicKey;
     crt.serialNumber = "01";
     crt.validity.notBefore = new Date();

package/dist/src/lib/k8s/types.js

@@ -1,9 +1,12 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-export var Operation;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Operation = void 0;
+var Operation;
 (function (Operation) {
     Operation["CREATE"] = "CREATE";
     Operation["UPDATE"] = "UPDATE";
     Operation["DELETE"] = "DELETE";
     Operation["CONNECT"] = "CONNECT";
-})(Operation || (Operation = {}));
+})(Operation = exports.Operation || (exports.Operation = {}));

package/dist/src/lib/k8s/upstream.js

@@ -1,3 +1,47 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-export { V1APIService as APIService, V1CertificateSigningRequest as CertificateSigningRequest, V1ConfigMap as ConfigMap, V1ControllerRevision as ControllerRevision, V1CronJob as CronJob, V1CSIDriver as CSIDriver, V1CSIStorageCapacity as CSIStorageCapacity, V1CustomResourceDefinition as CustomResourceDefinition, V1DaemonSet as DaemonSet, V1Deployment as Deployment, V1EndpointSlice as EndpointSlice, V1HorizontalPodAutoscaler as HorizontalPodAutoscaler, V1Ingress as Ingress, V1IngressClass as IngressClass, V1Job as Job, V1LimitRange as LimitRange, V1LocalSubjectAccessReview as LocalSubjectAccessReview, V1MutatingWebhookConfiguration as MutatingWebhookConfiguration, V1Namespace as Namespace, V1NetworkPolicy as NetworkPolicy, V1Node as Node, V1PersistentVolume as PersistentVolume, V1PersistentVolumeClaim as PersistentVolumeClaim, V1Pod as Pod, V1PodDisruptionBudget as PodDisruptionBudget, V1PodTemplate as PodTemplate, V1ReplicaSet as ReplicaSet, V1ReplicationController as ReplicationController, V1ResourceQuota as ResourceQuota, V1RuntimeClass as RuntimeClass, V1Secret as Secret, V1SelfSubjectAccessReview as SelfSubjectAccessReview, V1SelfSubjectRulesReview as SelfSubjectRulesReview, V1Service as Service, V1ServiceAccount as ServiceAccount, V1StatefulSet as StatefulSet, V1StorageClass as StorageClass, V1SubjectAccessReview as SubjectAccessReview, V1TokenReview as TokenReview, V1ValidatingWebhookConfiguration as ValidatingWebhookConfiguration, V1VolumeAttachment as VolumeAttachment, } from "@kubernetes/client-node/dist";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VolumeAttachment = exports.ValidatingWebhookConfiguration = exports.TokenReview = exports.SubjectAccessReview = exports.StorageClass = exports.StatefulSet = exports.ServiceAccount = exports.Service = exports.SelfSubjectRulesReview = exports.SelfSubjectAccessReview = exports.Secret = exports.RuntimeClass = exports.ResourceQuota = exports.ReplicationController = exports.ReplicaSet = exports.PodTemplate = exports.PodDisruptionBudget = exports.Pod = exports.PersistentVolumeClaim = exports.PersistentVolume = exports.Node = exports.NetworkPolicy = exports.Namespace = exports.MutatingWebhookConfiguration = exports.LocalSubjectAccessReview = exports.LimitRange = exports.Job = exports.IngressClass = exports.Ingress = exports.HorizontalPodAutoscaler = exports.EndpointSlice = exports.Deployment = exports.DaemonSet = exports.CustomResourceDefinition = exports.CSIStorageCapacity = exports.CSIDriver = exports.CronJob = exports.ControllerRevision = exports.ConfigMap = exports.CertificateSigningRequest = exports.APIService = void 0;
+var dist_1 = require("@kubernetes/client-node/dist");
+Object.defineProperty(exports, "APIService", { enumerable: true, get: function () { return dist_1.V1APIService; } });
+Object.defineProperty(exports, "CertificateSigningRequest", { enumerable: true, get: function () { return dist_1.V1CertificateSigningRequest; } });
+Object.defineProperty(exports, "ConfigMap", { enumerable: true, get: function () { return dist_1.V1ConfigMap; } });
+Object.defineProperty(exports, "ControllerRevision", { enumerable: true, get: function () { return dist_1.V1ControllerRevision; } });
+Object.defineProperty(exports, "CronJob", { enumerable: true, get: function () { return dist_1.V1CronJob; } });
+Object.defineProperty(exports, "CSIDriver", { enumerable: true, get: function () { return dist_1.V1CSIDriver; } });
+Object.defineProperty(exports, "CSIStorageCapacity", { enumerable: true, get: function () { return dist_1.V1CSIStorageCapacity; } });
+Object.defineProperty(exports, "CustomResourceDefinition", { enumerable: true, get: function () { return dist_1.V1CustomResourceDefinition; } });
+Object.defineProperty(exports, "DaemonSet", { enumerable: true, get: function () { return dist_1.V1DaemonSet; } });
+Object.defineProperty(exports, "Deployment", { enumerable: true, get: function () { return dist_1.V1Deployment; } });
+Object.defineProperty(exports, "EndpointSlice", { enumerable: true, get: function () { return dist_1.V1EndpointSlice; } });
+Object.defineProperty(exports, "HorizontalPodAutoscaler", { enumerable: true, get: function () { return dist_1.V1HorizontalPodAutoscaler; } });
+Object.defineProperty(exports, "Ingress", { enumerable: true, get: function () { return dist_1.V1Ingress; } });
+Object.defineProperty(exports, "IngressClass", { enumerable: true, get: function () { return dist_1.V1IngressClass; } });
+Object.defineProperty(exports, "Job", { enumerable: true, get: function () { return dist_1.V1Job; } });
+Object.defineProperty(exports, "LimitRange", { enumerable: true, get: function () { return dist_1.V1LimitRange; } });
+Object.defineProperty(exports, "LocalSubjectAccessReview", { enumerable: true, get: function () { return dist_1.V1LocalSubjectAccessReview; } });
+Object.defineProperty(exports, "MutatingWebhookConfiguration", { enumerable: true, get: function () { return dist_1.V1MutatingWebhookConfiguration; } });
+Object.defineProperty(exports, "Namespace", { enumerable: true, get: function () { return dist_1.V1Namespace; } });
+Object.defineProperty(exports, "NetworkPolicy", { enumerable: true, get: function () { return dist_1.V1NetworkPolicy; } });
+Object.defineProperty(exports, "Node", { enumerable: true, get: function () { return dist_1.V1Node; } });
+Object.defineProperty(exports, "PersistentVolume", { enumerable: true, get: function () { return dist_1.V1PersistentVolume; } });
+Object.defineProperty(exports, "PersistentVolumeClaim", { enumerable: true, get: function () { return dist_1.V1PersistentVolumeClaim; } });
+Object.defineProperty(exports, "Pod", { enumerable: true, get: function () { return dist_1.V1Pod; } });
+Object.defineProperty(exports, "PodDisruptionBudget", { enumerable: true, get: function () { return dist_1.V1PodDisruptionBudget; } });
+Object.defineProperty(exports, "PodTemplate", { enumerable: true, get: function () { return dist_1.V1PodTemplate; } });
+Object.defineProperty(exports, "ReplicaSet", { enumerable: true, get: function () { return dist_1.V1ReplicaSet; } });
+Object.defineProperty(exports, "ReplicationController", { enumerable: true, get: function () { return dist_1.V1ReplicationController; } });
+Object.defineProperty(exports, "ResourceQuota", { enumerable: true, get: function () { return dist_1.V1ResourceQuota; } });
+Object.defineProperty(exports, "RuntimeClass", { enumerable: true, get: function () { return dist_1.V1RuntimeClass; } });
+Object.defineProperty(exports, "Secret", { enumerable: true, get: function () { return dist_1.V1Secret; } });
+Object.defineProperty(exports, "SelfSubjectAccessReview", { enumerable: true, get: function () { return dist_1.V1SelfSubjectAccessReview; } });
+Object.defineProperty(exports, "SelfSubjectRulesReview", { enumerable: true, get: function () { return dist_1.V1SelfSubjectRulesReview; } });
+Object.defineProperty(exports, "Service", { enumerable: true, get: function () { return dist_1.V1Service; } });
+Object.defineProperty(exports, "ServiceAccount", { enumerable: true, get: function () { return dist_1.V1ServiceAccount; } });
+Object.defineProperty(exports, "StatefulSet", { enumerable: true, get: function () { return dist_1.V1StatefulSet; } });
+Object.defineProperty(exports, "StorageClass", { enumerable: true, get: function () { return dist_1.V1StorageClass; } });
+Object.defineProperty(exports, "SubjectAccessReview", { enumerable: true, get: function () { return dist_1.V1SubjectAccessReview; } });
+Object.defineProperty(exports, "TokenReview", { enumerable: true, get: function () { return dist_1.V1TokenReview; } });
+Object.defineProperty(exports, "ValidatingWebhookConfiguration", { enumerable: true, get: function () { return dist_1.V1ValidatingWebhookConfiguration; } });
+Object.defineProperty(exports, "VolumeAttachment", { enumerable: true, get: function () { return dist_1.V1VolumeAttachment; } });

package/dist/src/lib/k8s/webhook.js

@@ -1,15 +1,21 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-import { AdmissionregistrationV1Api, AppsV1Api, CoreV1Api, KubeConfig, NetworkingV1Api, RbacAuthorizationV1Api, dumpYaml, } from "@kubernetes/client-node";
-import { gzipSync } from "zlib";
-import Log from "../logger";
-import { genTLS } from "./tls";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Webhook = void 0;
+const client_node_1 = require("@kubernetes/client-node");
+const zlib_1 = require("zlib");
+const logger_1 = __importDefault(require("../logger"));
+const tls_1 = require("./tls");
 const peprIgnore = {
     key: "pepr.dev",
     operator: "NotIn",
     values: ["ignore"],
 };
-export class Webhook {
+class Webhook {
     get tls() {
         return this._tls;
     }
@@ -19,7 +25,7 @@ export class Webhook {
         this.name = `pepr-${config.uuid}`;
         this.image = `ghcr.io/defenseunicorns/pepr/controller:${config.version}`;
         // Generate the ephemeral tls things
-        this._tls = genTLS(this.host || `${this.name}.pepr-system.svc`);
+        this._tls = (0, tls_1.genTLS)(this.host || `${this.name}.pepr-system.svc`);
     }
     /** Generate the pepr-system namespace */
     namespace() {
@@ -302,7 +308,7 @@ export class Webhook {
     }
     moduleSecret(data) {
         // Compress the data
-        const compressed = gzipSync(data);
+        const compressed = (0, zlib_1.gzipSync)(data);
         return {
             apiVersion: "v1",
             kind: "Secret",
@@ -340,7 +346,7 @@ export class Webhook {
                 },
             ],
         };
-        return dumpYaml(zarfCfg, { noRefs: true });
+        return (0, client_node_1.dumpYaml)(zarfCfg, { noRefs: true });
     }
     allYaml(code) {
         const resources = [
@@ -356,85 +362,85 @@ export class Webhook {
             this.moduleSecret(code),
         ];
         // Convert the resources to a single YAML string
-        return resources.map(r => dumpYaml(r, { noRefs: true })).join("---\n");
+        return resources.map(r => (0, client_node_1.dumpYaml)(r, { noRefs: true })).join("---\n");
     }
     async deploy(code) {
-        Log.info("Establishing connection to Kubernetes");
+        logger_1.default.info("Establishing connection to Kubernetes");
         const namespace = "pepr-system";
         // Deploy the resources using the k8s API
-        const kubeConfig = new KubeConfig();
+        const kubeConfig = new client_node_1.KubeConfig();
         kubeConfig.loadFromDefault();
-        const coreV1Api = kubeConfig.makeApiClient(CoreV1Api);
-        const rbacApi = kubeConfig.makeApiClient(RbacAuthorizationV1Api);
-        const appsApi = kubeConfig.makeApiClient(AppsV1Api);
-        const admissionApi = kubeConfig.makeApiClient(AdmissionregistrationV1Api);
-        const networkApi = kubeConfig.makeApiClient(NetworkingV1Api);
+        const coreV1Api = kubeConfig.makeApiClient(client_node_1.CoreV1Api);
+        const rbacApi = kubeConfig.makeApiClient(client_node_1.RbacAuthorizationV1Api);
+        const appsApi = kubeConfig.makeApiClient(client_node_1.AppsV1Api);
+        const admissionApi = kubeConfig.makeApiClient(client_node_1.AdmissionregistrationV1Api);
+        const networkApi = kubeConfig.makeApiClient(client_node_1.NetworkingV1Api);
         const ns = this.namespace();
         try {
-            Log.info("Checking for namespace");
+            logger_1.default.info("Checking for namespace");
             await coreV1Api.readNamespace(namespace);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Creating namespace");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Creating namespace");
             await coreV1Api.createNamespace(ns);
         }
         const netpol = this.networkPolicy();
         try {
-            Log.info("Checking for network policy");
+            logger_1.default.info("Checking for network policy");
             await networkApi.readNamespacedNetworkPolicy(netpol.metadata.name, namespace);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Creating network policy");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Creating network policy");
             await networkApi.createNamespacedNetworkPolicy(namespace, netpol);
         }
         const wh = this.mutatingWebhook();
         try {
-            Log.info("Creating mutating webhook");
+            logger_1.default.info("Creating mutating webhook");
             await admissionApi.createMutatingWebhookConfiguration(wh);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating mutating webhook");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating mutating webhook");
             await admissionApi.deleteMutatingWebhookConfiguration(wh.metadata.name);
             await admissionApi.createMutatingWebhookConfiguration(wh);
         }
         const crb = this.clusterRoleBinding();
         try {
-            Log.info("Creating cluster role binding");
+            logger_1.default.info("Creating cluster role binding");
             await rbacApi.createClusterRoleBinding(crb);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating cluster role binding");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating cluster role binding");
             await rbacApi.deleteClusterRoleBinding(crb.metadata.name);
             await rbacApi.createClusterRoleBinding(crb);
         }
         const cr = this.clusterRole();
         try {
-            Log.info("Creating cluster role");
+            logger_1.default.info("Creating cluster role");
             await rbacApi.createClusterRole(cr);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating  the cluster role");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating  the cluster role");
             try {
                 await rbacApi.deleteClusterRole(cr.metadata.name);
                 await rbacApi.createClusterRole(cr);
             }
             catch (e) {
-                Log.debug(e.body);
+                logger_1.default.debug(e.body);
             }
         }
         const sa = this.serviceAccount();
         try {
-            Log.info("Creating service account");
+            logger_1.default.info("Creating service account");
             await coreV1Api.createNamespacedServiceAccount(namespace, sa);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating service account");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating service account");
             await coreV1Api.deleteNamespacedServiceAccount(sa.metadata.name, namespace);
             await coreV1Api.createNamespacedServiceAccount(namespace, sa);
         }
@@ -444,47 +450,48 @@ export class Webhook {
         }
         const mod = this.moduleSecret(code);
         try {
-            Log.info("Creating module secret");
+            logger_1.default.info("Creating module secret");
             await coreV1Api.createNamespacedSecret(namespace, mod);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating module secret");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating module secret");
             await coreV1Api.deleteNamespacedSecret(mod.metadata.name, namespace);
             await coreV1Api.createNamespacedSecret(namespace, mod);
         }
         const svc = this.service();
         try {
-            Log.info("Creating service");
+            logger_1.default.info("Creating service");
             await coreV1Api.createNamespacedService(namespace, svc);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating service");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating service");
             await coreV1Api.deleteNamespacedService(svc.metadata.name, namespace);
             await coreV1Api.createNamespacedService(namespace, svc);
         }
         const tls = this.tlsSecret();
         try {
-            Log.info("Creating TLS secret");
+            logger_1.default.info("Creating TLS secret");
             await coreV1Api.createNamespacedSecret(namespace, tls);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating TLS secret");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating TLS secret");
             await coreV1Api.deleteNamespacedSecret(tls.metadata.name, namespace);
             await coreV1Api.createNamespacedSecret(namespace, tls);
         }
         const dep = this.deployment();
         try {
-            Log.info("Creating deployment");
+            logger_1.default.info("Creating deployment");
             await appsApi.createNamespacedDeployment(namespace, dep);
         }
         catch (e) {
-            Log.debug(e.body);
-            Log.info("Removing and re-creating deployment");
+            logger_1.default.debug(e.body);
+            logger_1.default.info("Removing and re-creating deployment");
             await appsApi.deleteNamespacedDeployment(dep.metadata.name, namespace);
             await appsApi.createNamespacedDeployment(namespace, dep);
         }
     }
 }
+exports.Webhook = Webhook;

package/dist/src/lib/logger.js

@@ -1,15 +1,18 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Logger = exports.LogLevel = void 0;
 /**
  * Enumeration representing different logging levels.
  */
-export var LogLevel;
+var LogLevel;
 (function (LogLevel) {
     LogLevel[LogLevel["debug"] = 0] = "debug";
     LogLevel[LogLevel["info"] = 1] = "info";
     LogLevel[LogLevel["warn"] = 2] = "warn";
     LogLevel[LogLevel["error"] = 3] = "error";
-})(LogLevel || (LogLevel = {}));
+})(LogLevel = exports.LogLevel || (exports.LogLevel = {}));
 var ConsoleColors;
 (function (ConsoleColors) {
     ConsoleColors["Reset"] = "\u001B[0m";
@@ -39,7 +42,7 @@ var ConsoleColors;
 /**
  * Simple logger class that logs messages at different log levels.
  */
-export class Logger {
+class Logger {
     /**
      * Create a new logger instance.
      * @param logLevel - The minimum log level to log messages for.
@@ -113,4 +116,5 @@ export class Logger {
         return color + text + ConsoleColors.Reset;
     }
 }
-export default new Logger(LogLevel.info);
+exports.Logger = Logger;
+exports.default = new Logger(LogLevel.info);

package/dist/src/lib/module.js

@@ -1,21 +1,27 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-import R from "ramda";
-import { Controller } from "./controller";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PeprModule = void 0;
+const ramda_1 = __importDefault(require("ramda"));
+const controller_1 = require("./controller");
 const alwaysIgnore = {
     namespaces: ["kube-system", "pepr-system"],
     labels: [{ "pepr.dev": "ignore" }],
 };
-export class PeprModule {
+class PeprModule {
     /**
      * Create a new Pepr runtime
      *
      * @param config The configuration for the Pepr runtime
      */
     constructor({ description, pepr }, capabilities = [], deferStart = false) {
-        const config = R.mergeDeepWith(R.concat, pepr, alwaysIgnore);
+        const config = ramda_1.default.mergeDeepWith(ramda_1.default.concat, pepr, alwaysIgnore);
         config.description = description;
-        this._controller = new Controller(config, capabilities);
+        this._controller = new controller_1.Controller(config, capabilities);
         if (!deferStart) {
             this.start();
         }
@@ -30,3 +36,4 @@ export class PeprModule {
         this._controller.startServer(port);
     }
 }
+exports.PeprModule = PeprModule;

package/dist/src/lib/processor.js

@@ -1,27 +1,33 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-import { compare } from "fast-json-patch";
-import { shouldSkipRequest } from "./filter";
-import logger from "./logger";
-import { RequestWrapper } from "./request";
-export function processor(config, capabilities, req) {
-    const wrapped = new RequestWrapper(req);
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processor = void 0;
+const fast_json_patch_1 = require("fast-json-patch");
+const filter_1 = require("./filter");
+const logger_1 = __importDefault(require("./logger"));
+const request_1 = require("./request");
+function processor(config, capabilities, req) {
+    const wrapped = new request_1.RequestWrapper(req);
     const response = {
         uid: req.uid,
         patchType: "JSONPatch",
         warnings: [],
         allowed: false,
     };
-    logger.info(`Processing '${req.uid}' for '${req.kind.kind}' '${req.name}'`);
+    logger_1.default.info(`Processing '${req.uid}' for '${req.kind.kind}' '${req.name}'`);
     for (const { name, bindings } of capabilities) {
         const prefix = `${req.uid} ${req.name}: ${name}`;
-        logger.info(`Processing capability ${name}`, prefix);
+        logger_1.default.info(`Processing capability ${name}`, prefix);
         for (const action of bindings) {
             // Continue to the next action without doing anything if this one should be skipped
-            if (shouldSkipRequest(action, req)) {
+            if ((0, filter_1.shouldSkipRequest)(action, req)) {
                 continue;
             }
-            logger.info(`Processing matched action ${action.kind.kind}`, prefix);
+            logger_1.default.info(`Processing matched action ${action.kind.kind}`, prefix);
             // Add annotations to the request to indicate that the capability started processing
             // this will allow tracking of failed mutations that were permitted to continue
             const { metadata } = wrapped.Raw;
@@ -38,12 +44,12 @@ export function processor(config, capabilities, req) {
                 response.warnings.push(`Action failed: ${e}`);
                 // If errors are not allowed, note the failure in the Reponse
                 if (config.onError) {
-                    logger.error(`Action failed: ${e}`, prefix);
+                    logger_1.default.error(`Action failed: ${e}`, prefix);
                     response.result = "Pepr module configured to reject on error";
                     return response;
                 }
                 else {
-                    logger.warn(`Action failed: ${e}`, prefix);
+                    logger_1.default.warn(`Action failed: ${e}`, prefix);
                     metadata.annotations[identifier] = "warning";
                 }
             }
@@ -52,7 +58,7 @@ export function processor(config, capabilities, req) {
     // If we've made it this far, the request is allowed
     response.allowed = true;
     // Compare the original request to the modified request to get the patches
-    const patches = compare(req.object, wrapped.Raw);
+    const patches = (0, fast_json_patch_1.compare)(req.object, wrapped.Raw);
     // Only add the patch if there are patches to apply
     if (patches.length > 0) {
         response.patch = JSON.stringify(patches);
@@ -61,6 +67,7 @@ export function processor(config, capabilities, req) {
     if (response.warnings.length < 1) {
         delete response.warnings;
     }
-    logger.debug(patches);
+    logger_1.default.debug(patches);
     return response;
 }
+exports.processor = processor;

package/dist/src/lib/request.js

@@ -1,11 +1,37 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-import * as R from "ramda";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestWrapper = void 0;
+const R = __importStar(require("ramda"));
 /**
  * The RequestWrapper class provides methods to modify Kubernetes objects in the context
  * of a mutating webhook request.
  */
-export class RequestWrapper {
+class RequestWrapper {
     get PermitSideEffects() {
         return !this._input.dryRun;
     }
@@ -115,3 +141,4 @@ export class RequestWrapper {
         return this.Raw?.metadata?.annotations?.[key] !== undefined;
     }
 }
+exports.RequestWrapper = RequestWrapper;

package/dist/src/lib/types.js

@@ -1,31 +1,34 @@
+"use strict";
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Event = exports.HookPhase = exports.ErrorBehavior = void 0;
 /**
  * The behavior of this module when an error occurs.
  */
-export var ErrorBehavior;
+var ErrorBehavior;
 (function (ErrorBehavior) {
     ErrorBehavior["ignore"] = "ignore";
     ErrorBehavior["audit"] = "audit";
     ErrorBehavior["reject"] = "reject";
-})(ErrorBehavior || (ErrorBehavior = {}));
+})(ErrorBehavior = exports.ErrorBehavior || (exports.ErrorBehavior = {}));
 /**
  * The phase of the Kubernetes admission webhook that the capability is registered for.
  *
  * Currently only `mutate` is supported.
  */
-export var HookPhase;
+var HookPhase;
 (function (HookPhase) {
     HookPhase["mutate"] = "mutate";
     HookPhase["valdiate"] = "validate";
-})(HookPhase || (HookPhase = {}));
+})(HookPhase = exports.HookPhase || (exports.HookPhase = {}));
 /**
  * The type of Kubernetes mutating webhook event ethat the capability action is registered for.
  */
-export var Event;
+var Event;
 (function (Event) {
     Event["Create"] = "create";
     Event["Update"] = "update";
     Event["Delete"] = "delete";
     Event["CreateOrUpdate"] = "createOrUpdate";
-})(Event || (Event = {}));
+})(Event = exports.Event || (exports.Event = {}));

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "pepr",
-  "version": "0.1.28",
+  "version": "0.1.30",
   "description": "Kubernetes application engine",
   "author": "Defense Unicorns",
   "homepage": "https://github.com/defenseunicorns/pepr",
   "license": "Apache-2.0",
-  "bin": "dist/pepr-cli.js",
+  "bin": "dist/cli.js",
   "repository": "defenseunicorns/pepr",
   "engines": {
     "node": ">=18.0.0"