pepr 0.13.4 → 0.14.1

package/journey/pepr-deploy.ts

@@ -1,174 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { describe, expect, it } from "@jest/globals";
-import { execSync, spawnSync } from "child_process";
-import { resolve } from "path";
-
-import { cwd } from "./entrypoint.test";
-import {
-  createOrReplaceConfigMap,
-  deleteConfigMap,
-  waitForConfigMap,
-  waitForDeploymentReady,
-  waitForNamespace,
-  waitForSecret,
-} from "./k8s";
-
-export function peprDeploy() {
-  it("should deploy the Pepr controller into the test cluster", async () => {
-    execSync("npx pepr deploy -i pepr:dev --confirm", { cwd, stdio: "inherit" });
-
-    // Wait for the deployment to be ready
-    await waitForDeploymentReady("pepr-system", "pepr-static-test");
-  });
-
-  cleanupSamples();
-
-  describe("should ignore resources not defined in the capability namespace", testIgnore);
-
-  it("should perform validation of resources applied to the test cluster", testValidate);
-
-  describe("should perform mutation of resources applied to the test cluster", testMutate);
-
-  cleanupSamples();
-}
-
-function cleanupSamples() {
-  try {
-    // Remove the sample yaml for the HelloPepr capability
-    execSync("kubectl delete -f hello-pepr.samples.yaml --ignore-not-found", {
-      cwd: resolve(cwd, "capabilities"),
-      stdio: "inherit",
-    });
-
-    deleteConfigMap("default", "example-1");
-    deleteConfigMap("default", "example-evil-cm");
-  } catch (e) {
-    // Ignore errors
-  }
-}
-
-function testIgnore() {
-  it("should ignore resources not in the capability namespaces during mutation", async () => {
-    const cm = await createOrReplaceConfigMap({
-      apiVersion: "v1",
-      kind: "ConfigMap",
-      metadata: { name: "example-1", namespace: "default" },
-    });
-    expect(cm.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBeUndefined();
-    expect(cm.metadata?.annotations?.["pepr.dev"]).toBeUndefined();
-    expect(cm.metadata?.labels?.["pepr"]).toBeUndefined();
-  });
-
-  it("should ignore resources not in the capability namespaces during validation", async () => {
-    const cm = await createOrReplaceConfigMap({
-      apiVersion: "v1",
-      kind: "ConfigMap",
-      metadata: {
-        name: "example-evil-cm",
-        namespace: "default",
-        annotations: {
-          evil: "true",
-        },
-      },
-    });
-    expect(cm.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBeUndefined();
-    expect(cm.metadata?.annotations?.["pepr.dev"]).toBeUndefined();
-    expect(cm.metadata?.labels?.["pepr"]).toBeUndefined();
-  });
-}
-async function testValidate() {
-  // Apply the sample yaml for the HelloPepr capability
-  const applyOut = spawnSync("kubectl apply -f hello-pepr.samples.yaml", {
-    shell: true, // Run command in a shell
-    encoding: "utf-8", // Encode result as string
-    cwd: resolve(cwd, "capabilities"),
-  });
-
-  const { stderr, status } = applyOut;
-
-  // Validation should return an error
-  expect(status).toBe(1);
-
-  // Check if the expected lines are in the output
-  const expected = [
-    `Error from server: error when creating "hello-pepr.samples.yaml": `,
-    `admission webhook "pepr-static-test.pepr.dev" denied the request: `,
-    `No evil CM annotations allowed.\n`,
-  ].join("");
-  expect(stderr).toMatch(expected);
-}
-
-function testMutate() {
-  it("should mutate the namespace", async () => {
-    // Wait for the namespace to be created
-    const ns = await waitForNamespace("pepr-demo");
-
-    // Check if the namespace has the correct labels and annotations
-    expect(ns.metadata?.labels).toEqual({
-      "keep-me": "please",
-      "kubernetes.io/metadata.name": "pepr-demo",
-    });
-    expect(ns.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-  });
-
-  it("should mutate example-1", async () => {
-    const cm1 = await waitForConfigMap("pepr-demo", "example-1");
-    expect(cm1.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-    expect(cm1.metadata?.annotations?.["pepr.dev"]).toBe("annotations-work-too");
-    expect(cm1.metadata?.labels?.["pepr"]).toBe("was-here");
-  });
-
-  it("should mutate example-2", async () => {
-    const cm2 = await waitForConfigMap("pepr-demo", "example-2");
-    expect(cm2.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-    expect(cm2.metadata?.annotations?.["pepr.dev"]).toBe("annotations-work-too");
-    expect(cm2.metadata?.labels?.["pepr"]).toBe("was-here");
-  });
-
-  it("should mutate example-3", async () => {
-    const cm3 = await waitForConfigMap("pepr-demo", "example-3");
-
-    expect(cm3.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-    expect(cm3.metadata?.annotations?.["pepr.dev"]).toBe("making-waves");
-    expect(cm3.data).toEqual({ key: "ex-3-val", username: "system:admin" });
-  });
-
-  it("should mutate example-4", async () => {
-    const cm4 = await waitForConfigMap("pepr-demo", "example-4");
-    expect(cm4.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-    expect(cm4.metadata?.labels?.["pepr.dev/first"]).toBe("true");
-    expect(cm4.metadata?.labels?.["pepr.dev/second"]).toBe("true");
-    expect(cm4.metadata?.labels?.["pepr.dev/third"]).toBe("true");
-  });
-
-  it("should mutate example-4a", async () => {
-    const cm4a = await waitForConfigMap("pepr-demo-2", "example-4a");
-    expect(cm4a.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-    expect(cm4a.metadata?.labels?.["pepr.dev/first"]).toBe("true");
-    expect(cm4a.metadata?.labels?.["pepr.dev/second"]).toBe("true");
-    expect(cm4a.metadata?.labels?.["pepr.dev/third"]).toBe("true");
-  });
-
-  it("should mutate example-5", async () => {
-    const cm5 = await waitForConfigMap("pepr-demo", "example-5");
-
-    expect(cm5.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-    expect(cm5.data?.["chuck-says"]).toBeTruthy();
-  });
-
-  it("should mutate secret-1", async () => {
-    const s1 = await waitForSecret("pepr-demo", "secret-1");
-
-    expect(s1.metadata?.annotations?.["static-test.pepr.dev/hello-pepr"]).toBe("succeeded");
-    expect(s1.data?.["example"]).toBe("dW5pY29ybiBtYWdpYyAtIG1vZGlmaWVkIGJ5IFBlcHI=");
-    expect(s1.data?.["magic"]).toBe("Y2hhbmdlLXdpdGhvdXQtZW5jb2Rpbmc=");
-    expect(s1.data?.["binary-data"]).toBe(
-      "iCZQUg8xYucNUqD+8lyl2YcKjYYygvTtiDSEV9b9WKUkxSSLFJTgIWMJ9GcFFYs4T9JCdda51u74jfq8yHzRuEASl60EdTS/NfWgIIFTGqcNRfqMw+vgpyTMmCyJVaJEDFq6AA==",
-    );
-    expect(s1.data?.["ascii-with-white-space"]).toBe(
-      "VGhpcyBpcyBzb21lIHJhbmRvbSB0ZXh0OgoKICAgIC0gd2l0aCBsaW5lIGJyZWFrcwogICAgLSBhbmQgdGFicw==",
-    );
-  });
-}

package/journey/pepr-dev.ts

@@ -1,155 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { afterAll, expect, it } from "@jest/globals";
-import { KubeConfig } from "@kubernetes/client-node";
-import { ChildProcessWithoutNullStreams, spawn } from "child_process";
-import { Agent } from "https";
-import { RequestInit } from "node-fetch";
-
-import { fetch } from "../src/lib/fetch";
-import { cwd } from "./entrypoint.test";
-
-const kc = new KubeConfig();
-kc.loadFromDefault();
-
-let expectedLines = [
-  "Establishing connection to Kubernetes",
-  "Capability hello-pepr registered",
-  "Mutate Action configured for CREATE",
-  "Validate Action configured for CREATE",
-  "Server listening on port 3000",
-];
-
-export function peprDev() {
-  let cmd: ChildProcessWithoutNullStreams;
-  let success = false;
-
-  it("should start the Pepr dev server", () => {
-    cmd = spawn("npx", ["pepr", "dev", "--confirm"], { cwd });
-
-    // This command should not exit on its own
-    cmd.on("close", code => {
-      if (!success) {
-        throw new Error(`Command exited with code ${code}`);
-      }
-    });
-
-    // Log stderr
-    cmd.stderr.on("data", data => {
-      if (!success) {
-        console.error(`stderr: ${data}`);
-      }
-    });
-
-    // Reject on error
-    cmd.on("error", error => {
-      if (!success) {
-        throw error;
-      }
-    });
-  });
-
-  it("should be properly configured by the test module", done => {
-    cmd.stdout.on("data", (data: Buffer) => {
-      if (success) {
-        return;
-      }
-
-      // Convert buffer to string
-      const strData = data.toString();
-      console.log(strData);
-
-      // Check if any expected lines are found
-      expectedLines = expectedLines.filter(expectedLine => {
-        // Check if the expected line is found in the output, ignoring whitespace
-        return !strData.replace(/\s+/g, " ").includes(expectedLine);
-      });
-
-      // If all expected lines are found, resolve the promise
-      if (expectedLines.length < 1) {
-        // Abort all further processing
-        success = true;
-
-        // Finish the test
-        done();
-      }
-    });
-  });
-
-  it("should protect the controller endpoint with an API token", async () => {
-    await validateAPIKey();
-  });
-
-  it("should expose Prometheus metrics", async () => {
-    const metrics = await validateMetrics();
-    expect(metrics).toMatch("pepr_Validate");
-    expect(metrics).toMatch("pepr_Mutate");
-    expect(metrics).toMatch("pepr_errors");
-    expect(metrics).toMatch("pepr_alerts");
-  });
-
-  afterAll(() => {
-    // Close or destroy the streams
-    if (cmd.stdin) {
-      cmd.stdin.end();
-    }
-    if (cmd.stdout) {
-      cmd.stdout.destroy();
-    }
-    if (cmd.stderr) {
-      cmd.stderr.destroy();
-    }
-
-    // Remove the event listeners
-    cmd.removeAllListeners("close");
-    cmd.removeAllListeners("error");
-
-    // Kill the process
-    cmd.kill(9);
-  });
-}
-
-async function validateAPIKey() {
-  const base = "https://localhost:3000/mutate/";
-
-  const fetchOpts: RequestInit = {
-    agent: new Agent({
-      // Avoid tls issues for self-signed certs
-      rejectUnauthorized: false,
-    }),
-    method: "POST",
-  };
-
-  // Test api token validation
-  const evilToken = await fetch(`${base}evil-token`, fetchOpts);
-
-  // Test for empty api token
-  const emptyToken = await fetch(base, fetchOpts);
-
-  if (evilToken.status !== 401) {
-    throw new Error("Expected evil token to return 401");
-  }
-
-  if (emptyToken.status !== 404) {
-    throw new Error("Expected empty token to return 404");
-  }
-}
-
-async function validateMetrics() {
-  const metricsEndpoint = "https://localhost:3000/metrics";
-
-  const fetchOpts: RequestInit = {
-    agent: new Agent({
-      // Avoid tls issues for self-signed certs
-      rejectUnauthorized: false,
-    }),
-  };
-  const metricsOk = await fetch<string>(metricsEndpoint, fetchOpts);
-
-  if (metricsOk.status !== 200) {
-    throw new Error("Expected metrics ok to return a 200");
-  }
-
-  return metricsOk.data;
-}

package/journey/pepr-format.ts

@@ -1,13 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { it } from "@jest/globals";
-import { execSync } from "child_process";
-
-import { cwd } from "./entrypoint.test";
-
-export function peprFormat() {
-  it("should format the Pepr project", () => {
-    execSync("npx pepr format", { cwd, stdio: "inherit" });
-  });
-}

package/journey/pepr-init.ts

@@ -1,12 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { it } from "@jest/globals";
-import { execSync } from "child_process";
-
-export function peprInit() {
-  it("should create a new Pepr project", () => {
-    const peprAlias = "file:pepr-0.0.0-development.tgz";
-    execSync(`TEST_MODE=true npx --yes ${peprAlias} init`, { stdio: "inherit" });
-  });
-}

package/src/lib/fetch.ts

@@ -1,76 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { StatusCodes } from "http-status-codes";
-import f, { FetchError, RequestInfo, RequestInit } from "node-fetch";
-import logger from "./logger";
-
-export const fetchRaw = f;
-
-export type FetchResponse<T> = {
-  data: T;
-  ok: boolean;
-  status: number;
-  statusText: string;
-};
-
-/**
- * Perform an async HTTP call and return the parsed JSON response, optionally
- * as a specific type.
- *
- * @example
- * ```ts
- * fetch<string[]>("https://example.com/api/foo");
- * ```
- *
- * @param url The URL or Request object to fetch
- * @param init Additional options for the request
- * @returns
- */
-export async function fetch<T>(url: URL | RequestInfo, init?: RequestInit): Promise<FetchResponse<T>> {
-  let data = undefined as unknown as T;
-  try {
-    logger.debug(init, `Fetching ${url}`);
-
-    const resp = await fetchRaw(url, init);
-    const contentType = resp.headers.get("content-type") || "";
-
-    if (resp.ok) {
-      // Parse the response as JSON if the content type is JSON
-      if (contentType.includes("application/json")) {
-        data = await resp.json();
-      } else {
-        // Otherwise, return however the response was read
-        data = (await resp.text()) as unknown as T;
-      }
-    }
-
-    return {
-      data,
-      ok: resp.ok,
-      status: resp.status,
-      statusText: resp.statusText,
-    };
-  } catch (e) {
-    if (e instanceof FetchError) {
-      logger.debug(`Fetch failed: ${e instanceof Error ? e.message : e}`);
-
-      // Parse the error code from the FetchError or default to 400 (Bad Request)
-      const status = parseInt(e.code || "400");
-
-      return {
-        data,
-        ok: false,
-        status,
-        statusText: e.message,
-      };
-    }
-
-    return {
-      data,
-      ok: false,
-      status: StatusCodes.BAD_REQUEST,
-      statusText: "Unknown error",
-    };
-  }
-}

package/src/lib/k8s/index.ts

@@ -1,14 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-// Export kinds as a single object
-import * as kind from "./upstream";
-/** a is a collection of K8s types to be used within a action: `When(a.Configmap)` */
-export { kind as a };
-
-export { modelToGroupVersionKind, gvkMap, RegisterKind } from "./kinds";
-
-// If the hostname is pepr-static-test-watcher-0, then we are running in watch mode
-export const isWatchMode = process.env.PEPR_WATCH_MODE === "true";
-
-export * from "./types";