pepr 0.1.31 → 0.1.33
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +13 -12
- package/dist/package.json +2 -2
- package/dist/src/cli/init/templates.js +7 -5
- package/dist/src/lib/controller.js +1 -5
- package/dist/src/lib/processor.js +4 -2
- package/package.json +2 -2
- package/cli.ts +0 -3
package/README.md
CHANGED
|
@@ -18,6 +18,8 @@ Capabilities are logical groupings of actions, which are the atomic units of cha
|
|
|
18
18
|
|
|
19
19
|
Imagine Pepr as a smart home system where different devices communicate with each other. Pepr provides instructions, simplifying the management of the smart home. The project enables both expert and novice capability authors to improve management and interactions within the Kubernetes environment, making its features accessible to everyone.
|
|
20
20
|
|
|
21
|
+
https://user-images.githubusercontent.com/882485/230895880-c5623077-f811-4870-bb9f-9bb8e5edc118.mp4
|
|
22
|
+
|
|
21
23
|
## Concepts
|
|
22
24
|
|
|
23
25
|
### Module
|
|
@@ -26,7 +28,7 @@ A module is the top-level collection of capabilities. It is a single, complete T
|
|
|
26
28
|
|
|
27
29
|
### Capability
|
|
28
30
|
|
|
29
|
-
A capability is set of related CapabilityActions that work together to achieve a specific transformation or operation on Kubernetes resources. Capabilities are user-defined and can include one or more CapabilityActions. They are defined within a Pepr module and can be used in both MutatingWebhookConfigurations and ValidatingWebhookConfigurations. A Capability can have a specific scope, such as mutating or validating, and can be reused in multiple Pepr modules.
|
|
31
|
+
A capability is set of related CapabilityActions that work together to achieve a specific transformation or operation on Kubernetes resources. Capabilities are user-defined and can include one or more CapabilityActions. They are defined within a Pepr module and can be used in both MutatingWebhookConfigurations and ValidatingWebhookConfigurations. A Capability can have a specific scope, such as mutating or validating, and can be reused in multiple Pepr modules.
|
|
30
32
|
|
|
31
33
|
### CapabilityAction
|
|
32
34
|
|
|
@@ -36,26 +38,22 @@ For example, a CapabilityAction could be responsible for adding a specific label
|
|
|
36
38
|
|
|
37
39
|
## Example
|
|
38
40
|
|
|
39
|
-
Define a new capability:
|
|
40
|
-
|
|
41
|
-
```
|
|
42
|
-
pepr new hello-world -d demo
|
|
43
|
-
```
|
|
41
|
+
Define a new capability can be done via [VSCode Snippet](https://code.visualstudio.com/docs/editor/userdefinedsnippets): create a file `capabilities/your-capability-name.ts` and then type `create` in the file, a suggestion should prompt you to generate the content from there.
|
|
44
42
|
|
|
45
|
-
|
|
43
|
+
https://user-images.githubusercontent.com/882485/230897379-0bb57dff-9832-479f-8733-79e103703135.mp4
|
|
46
44
|
|
|
47
|
-
|
|
45
|
+
Alternatively, you can use the `pepr new <capability-name>` command to this:
|
|
48
46
|
|
|
49
|
-
```
|
|
50
|
-
|
|
47
|
+
```
|
|
48
|
+
pepr new hello-world
|
|
51
49
|
```
|
|
52
50
|
|
|
53
|
-
|
|
51
|
+
This will create a new file called `capabilities/hello-world.ts` with the following contents:
|
|
54
52
|
|
|
55
53
|
```typescript
|
|
56
54
|
import { Capability, a } from "pepr";
|
|
57
55
|
|
|
58
|
-
const
|
|
56
|
+
export const HelloWorld = new Capability({
|
|
59
57
|
// The unique name of the capability
|
|
60
58
|
name: "hello-world",
|
|
61
59
|
// A short description of the capability
|
|
@@ -63,6 +61,9 @@ const { When } = new Capability({
|
|
|
63
61
|
// Limit what namespaces the capability can be used in (optional)
|
|
64
62
|
namespaces: [],
|
|
65
63
|
});
|
|
64
|
+
|
|
65
|
+
// Use the 'When' function to create a new Capability Action
|
|
66
|
+
const { When } = HelloWorld;
|
|
66
67
|
```
|
|
67
68
|
|
|
68
69
|
Next, we need to define some actions to perform when specific Kubernetes resources are created, updated or deleted in the cluster. Pepr provides a set of actions that can be used to react to Kubernetes resources, such as `a.Pod`, `a.Deployment`, `a.CronJob`, etc. These actions can be chained together to create complex conditions, such as `a.Pod.IsCreated().InNamespace("default")` or `a.Deployment.IsUpdated().WithLabel("changeme=true")`. Below is an example of a capability that reacts to the creation of a Deployment resource:
|
package/dist/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pepr",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.33",
|
|
4
4
|
"description": "Kubernetes application engine",
|
|
5
5
|
"author": "Defense Unicorns",
|
|
6
6
|
"homepage": "https://github.com/defenseunicorns/pepr",
|
|
@@ -32,7 +32,7 @@
|
|
|
32
32
|
"prettier": "npx prettier src --check",
|
|
33
33
|
"prettier:fix": "npm run prettier -- --write",
|
|
34
34
|
"prepublishOnly": "rm -fr dist/* && npm run lint:fix && npm run prettier:fix && npm run test && npm run build",
|
|
35
|
-
"e2e-dev-setup": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev",
|
|
35
|
+
"e2e-dev-setup": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0'",
|
|
36
36
|
"e2e-dev": "npm run build && docker buildx build --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev && node dist/pepr-cli.js deploy -f -i pepr:dev"
|
|
37
37
|
},
|
|
38
38
|
"dependencies": {
|
|
@@ -24,7 +24,7 @@ new PeprModule(cfg, [
|
|
|
24
24
|
HelloPepr,
|
|
25
25
|
|
|
26
26
|
// Your additional capabilities go here
|
|
27
|
-
]);
|
|
27
|
+
]);
|
|
28
28
|
`,
|
|
29
29
|
};
|
|
30
30
|
}
|
|
@@ -134,8 +134,8 @@ Module Root
|
|
|
134
134
|
`,
|
|
135
135
|
};
|
|
136
136
|
exports.samplesYaml = {
|
|
137
|
-
path: "samples.yaml",
|
|
138
|
-
data:
|
|
137
|
+
path: "hello-pepr.samples.yaml",
|
|
138
|
+
data: [
|
|
139
139
|
{
|
|
140
140
|
apiVersion: "v1",
|
|
141
141
|
kind: "Namespace",
|
|
@@ -179,7 +179,9 @@ exports.samplesYaml = {
|
|
|
179
179
|
key: "ex-3-val",
|
|
180
180
|
},
|
|
181
181
|
},
|
|
182
|
-
]
|
|
182
|
+
]
|
|
183
|
+
.map(r => (0, client_node_1.dumpYaml)(r, { noRefs: true }))
|
|
184
|
+
.join("---\n"),
|
|
183
185
|
};
|
|
184
186
|
exports.helloPeprTS = {
|
|
185
187
|
path: "hello-pepr.ts",
|
|
@@ -188,7 +190,7 @@ exports.helloPeprTS = {
|
|
|
188
190
|
/**
|
|
189
191
|
* The HelloPepr is an example capability to demonstrate some general concepts of Pepr.
|
|
190
192
|
* To test this capability you can run \`pepr dev\` and then run the following command:
|
|
191
|
-
* \`kubectl apply -f capabilities/hello-pepr
|
|
193
|
+
* \`kubectl apply -f capabilities/hello-pepr.samples.yaml\`
|
|
192
194
|
*/
|
|
193
195
|
export const HelloPepr = new Capability({
|
|
194
196
|
name: "hello-pepr",
|
|
@@ -53,17 +53,13 @@ class Controller {
|
|
|
53
53
|
const gvk = req.body?.request?.kind || { group: "", version: "", kind: "" };
|
|
54
54
|
console.log(`Mutate request: ${gvk.group}/${gvk.version}/${gvk.kind}`);
|
|
55
55
|
name && console.log(` ${namespace}/${name}\n`);
|
|
56
|
-
// @todo: make this actually do something
|
|
57
56
|
const response = (0, processor_1.processor)(this.config, this.capabilities, req.body.request);
|
|
58
57
|
console.debug(response);
|
|
59
58
|
// Send a no prob bob response
|
|
60
59
|
res.send({
|
|
61
60
|
apiVersion: "admission.k8s.io/v1",
|
|
62
61
|
kind: "AdmissionReview",
|
|
63
|
-
response
|
|
64
|
-
uid: req.body.request.uid,
|
|
65
|
-
allowed: true,
|
|
66
|
-
},
|
|
62
|
+
response,
|
|
67
63
|
});
|
|
68
64
|
}
|
|
69
65
|
catch (err) {
|
|
@@ -14,7 +14,6 @@ function processor(config, capabilities, req) {
|
|
|
14
14
|
const wrapped = new request_1.RequestWrapper(req);
|
|
15
15
|
const response = {
|
|
16
16
|
uid: req.uid,
|
|
17
|
-
patchType: "JSONPatch",
|
|
18
17
|
warnings: [],
|
|
19
18
|
allowed: false,
|
|
20
19
|
};
|
|
@@ -61,7 +60,10 @@ function processor(config, capabilities, req) {
|
|
|
61
60
|
const patches = (0, fast_json_patch_1.compare)(req.object, wrapped.Raw);
|
|
62
61
|
// Only add the patch if there are patches to apply
|
|
63
62
|
if (patches.length > 0) {
|
|
64
|
-
response.
|
|
63
|
+
response.patchType = "JSONPatch";
|
|
64
|
+
// Webhook must be base64-encoded
|
|
65
|
+
// https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#response
|
|
66
|
+
response.patch = Buffer.from(JSON.stringify(patches)).toString("base64");
|
|
65
67
|
}
|
|
66
68
|
// Remove the warnings array if it's empty
|
|
67
69
|
if (response.warnings.length < 1) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pepr",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.33",
|
|
4
4
|
"description": "Kubernetes application engine",
|
|
5
5
|
"author": "Defense Unicorns",
|
|
6
6
|
"homepage": "https://github.com/defenseunicorns/pepr",
|
|
@@ -32,7 +32,7 @@
|
|
|
32
32
|
"prettier": "npx prettier src --check",
|
|
33
33
|
"prettier:fix": "npm run prettier -- --write",
|
|
34
34
|
"prepublishOnly": "rm -fr dist/* && npm run lint:fix && npm run prettier:fix && npm run test && npm run build",
|
|
35
|
-
"e2e-dev-setup": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev",
|
|
35
|
+
"e2e-dev-setup": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0'",
|
|
36
36
|
"e2e-dev": "npm run build && docker buildx build --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev && node dist/pepr-cli.js deploy -f -i pepr:dev"
|
|
37
37
|
},
|
|
38
38
|
"dependencies": {
|
package/cli.ts
DELETED