npm - pepr - Versions diffs - 0.2.9 → 0.3.0-rc0 - Mend

pepr 0.2.9 → 0.3.0-rc0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/README.md +10 -3
package/dist/fixtures/data/cm1.json +75 -0
package/dist/fixtures/data/deployment1.json +170 -0
package/dist/fixtures/data/ns1.json +72 -0
package/dist/fixtures/data/pod1.json +271 -0
package/dist/fixtures/data/pod2.json +257 -0
package/dist/fixtures/data/svc1.json +100 -0
package/dist/fixtures/loader.js +60 -0
package/dist/package.json +23 -41
package/dist/src/cli/build.js +3 -1
package/dist/src/cli/dev.js +31 -19
package/dist/src/cli/index.js +1 -0
package/dist/src/cli/init/index.js +3 -1
package/dist/src/cli/init/templates.js +3 -2
package/dist/src/cli/init/utils.js +1 -1
package/dist/src/cli/init/utils.test.js +29 -0
package/dist/src/cli/init/walkthrough.js +1 -1
package/dist/src/cli/init/walkthrough.test.js +21 -0
package/dist/src/cli/run.js +17 -17
package/dist/src/cli/update.js +3 -1
package/dist/src/lib/capability.js +1 -1
package/dist/src/lib/controller.js +9 -1
package/dist/src/lib/fetch.js +39 -6
package/dist/src/lib/fetch.test.js +98 -0
package/dist/src/lib/filter.test.js +208 -0
package/dist/src/lib/k8s/kinds.test.js +296 -0
package/dist/src/lib/k8s/webhook.js +22 -22
package/dist/src/lib/logger.test.js +64 -0
package/dist/src/lib/processor.js +4 -1
package/{dist/index.d.ts → index.ts} +21 -3
package/package.json +23 -41
package/src/lib/capability.ts +158 -0
package/src/lib/controller.ts +127 -0
package/src/lib/fetch.test.ts +115 -0
package/src/lib/fetch.ts +75 -0
package/src/lib/filter.test.ts +231 -0
package/src/lib/filter.ts +87 -0
package/{dist/src/lib/k8s/index.d.ts → src/lib/k8s/index.ts} +6 -0
package/src/lib/k8s/kinds.test.ts +333 -0
package/src/lib/k8s/kinds.ts +489 -0
package/src/lib/k8s/tls.ts +90 -0
package/src/lib/k8s/types.ts +183 -0
package/src/lib/k8s/upstream.ts +49 -0
package/src/lib/k8s/webhook.ts +547 -0
package/src/lib/logger.test.ts +80 -0
package/src/lib/logger.ts +136 -0
package/src/lib/module.ts +63 -0
package/src/lib/processor.ts +98 -0
package/src/lib/request.ts +140 -0
package/src/lib/types.ts +211 -0
package/dist/cli.d.ts +0 -2
package/dist/cli.js +0 -4
package/dist/run.d.ts +0 -2
package/dist/run.js +0 -4
package/dist/src/cli/banner.d.ts +0 -1
package/dist/src/cli/build.d.ts +0 -7
package/dist/src/cli/capability.d.ts +0 -2
package/dist/src/cli/deploy.d.ts +0 -2
package/dist/src/cli/dev.d.ts +0 -2
package/dist/src/cli/index.d.ts +0 -1
package/dist/src/cli/init/index.d.ts +0 -2
package/dist/src/cli/init/templates.d.ts +0 -94
package/dist/src/cli/init/utils.d.ts +0 -20
package/dist/src/cli/init/walkthrough.d.ts +0 -7
package/dist/src/cli/root.d.ts +0 -4
package/dist/src/cli/run.d.ts +0 -1
package/dist/src/cli/test.d.ts +0 -2
package/dist/src/cli/update.d.ts +0 -2
package/dist/src/lib/capability.d.ts +0 -28
package/dist/src/lib/controller.d.ts +0 -17
package/dist/src/lib/fetch.d.ts +0 -23
package/dist/src/lib/filter.d.ts +0 -10
package/dist/src/lib/k8s/kinds.d.ts +0 -11
package/dist/src/lib/k8s/tls.d.ts +0 -17
package/dist/src/lib/k8s/types.d.ts +0 -147
package/dist/src/lib/k8s/upstream.d.ts +0 -3
package/dist/src/lib/k8s/webhook.d.ts +0 -34
package/dist/src/lib/logger.d.ts +0 -55
package/dist/src/lib/module.d.ts +0 -32
package/dist/src/lib/processor.d.ts +0 -4
package/dist/src/lib/request.d.ts +0 -77
package/dist/src/lib/types.d.ts +0 -187

package/src/lib/filter.ts ADDED Viewed

@@ -0,0 +1,87 @@
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
+import { Request } from "./k8s";
+import logger from "./logger";
+import { Binding } from "./types";
+/**
+ * shouldSkipRequest determines if a request should be skipped based on the binding filters.
+ *
+ * @param binding the capability action binding
+ * @param req the incoming request
+ * @returns
+ */
+export function shouldSkipRequest(binding: Binding, req: Request) {
+  const { group, kind, version } = binding.kind || {};
+  const { namespaces, labels, annotations, name } = binding.filters || {};
+  const { metadata } = req.object || {};
+  // Test for matching operation
+  if (binding.event && !binding.event.includes(req.operation)) {
+    return true;
+  }
+  // Test name first, since it's the most specific
+  if (name && name !== req.name) {
+    return true;
+  }
+  // Test for matching kinds
+  if (kind !== req.kind.kind) {
+    return true;
+  }
+  // Test for matching groups
+  if (group && group !== req.kind.group) {
+    return true;
+  }
+  // Test for matching versions
+  if (version && version !== req.kind.version) {
+    return true;
+  }
+  // Test for matching namespaces
+  if (namespaces.length && !namespaces.includes(req.namespace || "")) {
+    logger.debug("Namespace does not match");
+    return true;
+  }
+  // Test for matching labels
+  for (const [key, value] of Object.entries(labels)) {
+    const testKey = metadata?.labels?.[key];
+    // First check if the label exists
+    if (!testKey) {
+      logger.debug(`Label ${key} does not exist`);
+      return true;
+    }
+    // Then check if the value matches, if specified
+    if (value && testKey !== value) {
+      logger.debug(`${testKey} does not match ${value}`);
+      return true;
+    }
+  }
+  // Test for matching annotations
+  for (const [key, value] of Object.entries(annotations)) {
+    const testKey = metadata?.annotations?.[key];
+    // First check if the annotation exists
+    if (!testKey) {
+      logger.debug(`Annotation ${key} does not exist`);
+      return true;
+    }
+    // Then check if the value matches, if specified
+    if (value && testKey !== value) {
+      logger.debug(`${testKey} does not match ${value}`);
+      return true;
+    }
+  }
+  // No failed filters, so we should not skip this request
+  return false;
+}

package/{dist/src/lib/k8s/index.d.ts → src/lib/k8s/index.ts} RENAMED Viewed

@@ -1,5 +1,11 @@
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
+// Export kinds as a single object
 import * as kind from "./upstream";
 /** a is a collection of K8s types to be used within a CapabilityAction: `When(a.Configmap)` */
 export { kind as a };
 export { modelToGroupVersionKind, gvkMap, RegisterKind } from "./kinds";
 export * from "./types";

package/src/lib/k8s/kinds.test.ts ADDED Viewed

@@ -0,0 +1,333 @@
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
+import test from "ava";
+import { a, modelToGroupVersionKind } from ".";
+test("should return the correct GroupVersionKind for 'a.V1APIService'", t => {
+  const { name } = a.APIService;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "apiregistration.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "APIService");
+});
+test("should return the correct GroupVersionKind for 'a.V1CertificateSigningRequest'", t => {
+  const { name } = a.CertificateSigningRequest;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "certificates.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "CertificateSigningRequest");
+});
+test("should return the correct GroupVersionKind for 'a.V1ConfigMap'", t => {
+  const { name } = a.ConfigMap;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "ConfigMap");
+});
+test("should return the correct GroupVersionKind for 'a.V1ControllerRevision'", t => {
+  const { name } = a.ControllerRevision;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "apps");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "ControllerRevision");
+});
+test("should return the correct GroupVersionKind for 'a.V1CronJob'", t => {
+  const { name } = a.CronJob;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "batch");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "CronJob");
+});
+test("should return the correct GroupVersionKind for 'a.V1CSIDriver'", t => {
+  const { name } = a.CSIDriver;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "storage.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "CSIDriver");
+});
+test("should return the correct GroupVersionKind for 'a.V1CSIStorageCapacity'", t => {
+  const { name } = a.CSIStorageCapacity;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "storage.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "CSIStorageCapacity");
+});
+test("should return the correct GroupVersionKind for 'a.V1CustomResourceDefinition'", t => {
+  const { name } = a.CustomResourceDefinition;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "apiextensions.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "CustomResourceDefinition");
+});
+test("should return the correct GroupVersionKind for 'a.V1DaemonSet'", t => {
+  const { name } = a.DaemonSet;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "apps");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "DaemonSet");
+});
+test("should return the correct GroupVersionKind for 'a.V1Deployment'", t => {
+  const { name } = a.Deployment;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "apps");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Deployment");
+});
+test("should return the correct GroupVersionKind for 'a.V1EndpointSlice'", t => {
+  const { name } = a.EndpointSlice;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "discovery.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "EndpointSlice");
+});
+test("should return the correct GroupVersionKind for 'a.V1HorizontalPodAutoscaler'", t => {
+  const { name } = a.HorizontalPodAutoscaler;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "autoscaling");
+  t.is(gvk.version, "v2");
+  t.is(gvk.kind, "HorizontalPodAutoscaler");
+});
+test("should return the correct GroupVersionKind for 'a.V1Ingress'", t => {
+  const { name } = a.Ingress;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "networking.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Ingress");
+});
+test("should return the correct GroupVersionKind for 'a.V1IngressClass'", t => {
+  const { name } = a.IngressClass;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "networking.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "IngressClass");
+});
+test("should return the correct GroupVersionKind for 'a.V1Job'", t => {
+  const { name } = a.Job;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "batch");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Job");
+});
+test("should return the correct GroupVersionKind for 'a.V1LimitRange'", t => {
+  const { name } = a.LimitRange;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "LimitRange");
+});
+test("should return the correct GroupVersionKind for 'a.V1LocalSubjectAccessReview'", t => {
+  const { name } = a.LocalSubjectAccessReview;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "authorization.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "LocalSubjectAccessReview");
+});
+test("should return the correct GroupVersionKind for 'a.V1MutatingWebhookConfiguration'", t => {
+  const { name } = a.MutatingWebhookConfiguration;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "admissionregistration.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "MutatingWebhookConfiguration");
+});
+test("should return the correct GroupVersionKind for 'a.V1Namespace'", t => {
+  const { name } = a.Namespace;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Namespace");
+});
+test("should return the correct GroupVersionKind for 'a.V1NetworkPolicy'", t => {
+  const { name } = a.NetworkPolicy;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "networking.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "NetworkPolicy");
+});
+test("should return the correct GroupVersionKind for 'a.V1Node'", t => {
+  const { name } = a.Node;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Node");
+});
+test("should return the correct GroupVersionKind for 'a.V1PersistentVolume'", t => {
+  const { name } = a.PersistentVolume;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "PersistentVolume");
+});
+test("should return the correct GroupVersionKind for 'a.V1PersistentVolumeClaim'", t => {
+  const { name } = a.PersistentVolumeClaim;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "PersistentVolumeClaim");
+});
+test("should return the correct GroupVersionKind for 'a.V1Pod'", t => {
+  const { name } = a.Pod;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Pod");
+});
+test("should return the correct GroupVersionKind for 'a.V1PodDisruptionBudget'", t => {
+  const { name } = a.PodDisruptionBudget;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "policy");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "PodDisruptionBudget");
+});
+test("should return the correct GroupVersionKind for 'a.V1PodTemplate'", t => {
+  const { name } = a.PodTemplate;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "PodTemplate");
+});
+test("should return the correct GroupVersionKind for 'a.V1ReplicaSet'", t => {
+  const { name } = a.ReplicaSet;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "apps");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "ReplicaSet");
+});
+test("should return the correct GroupVersionKind for 'a.V1ReplicationController'", t => {
+  const { name } = a.ReplicationController;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "ReplicationController");
+});
+test("should return the correct GroupVersionKind for 'a.V1ResourceQuota'", t => {
+  const { name } = a.ResourceQuota;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "ResourceQuota");
+});
+test("should return the correct GroupVersionKind for 'a.V1RuntimeClass'", t => {
+  const { name } = a.RuntimeClass;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "node.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "RuntimeClass");
+});
+test("should return the correct GroupVersionKind for 'a.V1Secret'", t => {
+  const { name } = a.Secret;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Secret");
+});
+test("should return the correct GroupVersionKind for 'a.V1SelfSubjectAccessReview'", t => {
+  const { name } = a.SelfSubjectAccessReview;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "authorization.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "SelfSubjectAccessReview");
+});
+test("should return the correct GroupVersionKind for 'a.V1SelfSubjectRulesReview'", t => {
+  const { name } = a.SelfSubjectRulesReview;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "authorization.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "SelfSubjectRulesReview");
+});
+test("should return the correct GroupVersionKind for 'a.V1Service'", t => {
+  const { name } = a.Service;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "Service");
+});
+test("should return the correct GroupVersionKind for 'a.V1ServiceAccount'", t => {
+  const { name } = a.ServiceAccount;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "ServiceAccount");
+});
+test("should return the correct GroupVersionKind for 'a.V1StatefulSet'", t => {
+  const { name } = a.StatefulSet;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "apps");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "StatefulSet");
+});
+test("should return the correct GroupVersionKind for 'a.V1StorageClass'", t => {
+  const { name } = a.StorageClass;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "storage.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "StorageClass");
+});
+test("should return the correct GroupVersionKind for 'a.V1SubjectAccessReview'", t => {
+  const { name } = a.SubjectAccessReview;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "authorization.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "SubjectAccessReview");
+});
+test("should return the correct GroupVersionKind for 'a.V1TokenReview'", t => {
+  const { name } = a.TokenReview;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "authentication.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "TokenReview");
+});
+test("should return the correct GroupVersionKind for 'a.V1ValidatingWebhookConfiguration'", t => {
+  const { name } = a.ValidatingWebhookConfiguration;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "admissionregistration.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "ValidatingWebhookConfiguration");
+});
+test("should return the correct GroupVersionKind for 'a.V1VolumeAttachment'", t => {
+  const { name } = a.VolumeAttachment;
+  const gvk = modelToGroupVersionKind(name);
+  t.is(gvk.group, "storage.k8s.io");
+  t.is(gvk.version, "v1");
+  t.is(gvk.kind, "VolumeAttachment");
+});