pepr 0.28.3 → 0.28.5

package/package.json

@@ -9,7 +9,7 @@
   "engines": {
     "node": ">=18.0.0"
   },
-  "version": "0.28.3",
+  "version": "0.28.5",
   "main": "dist/lib.js",
   "types": "dist/lib.d.ts",
   "scripts": {
@@ -32,19 +32,19 @@
   },
   "dependencies": {
     "@types/ramda": "0.29.11",
-    "express": "4.18.3",
+    "express": "4.19.1",
     "fast-json-patch": "3.1.1",
-    "kubernetes-fluent-client": "2.2.3",
+    "kubernetes-fluent-client": "2.3.0",
     "pino": "8.19.0",
-    "pino-pretty": "10.3.1",
+    "pino-pretty": "11.0.0",
     "prom-client": "15.1.0",
     "ramda": "0.29.1"
   },
   "devDependencies": {
-    "@commitlint/cli": "19.1.0",
+    "@commitlint/cli": "19.2.1",
     "@commitlint/config-conventional": "19.1.0",
     "@jest/globals": "29.7.0",
-    "@types/eslint": "8.56.5",
+    "@types/eslint": "8.56.6",
     "@types/express": "4.17.21",
     "@types/node": "18.x.x",
     "@types/node-forge": "1.3.11",

package/src/lib/assets/pods.ts

@@ -341,17 +341,13 @@ export function moduleSecret(name: string, data: Buffer, hash: string): kind.Sec
 }
 
 function genEnv(config: ModuleConfig, watchMode = false): V1EnvVar[] {
-  const env = [
-    { name: "PEPR_WATCH_MODE", value: watchMode ? "true" : "false" },
-    { name: "PEPR_PRETTY_LOG", value: "false" },
-    { name: "LOG_LEVEL", value: config.logLevel || "debug" },
-  ];
-
-  if (config.env) {
-    for (const [name, value] of Object.entries(config.env)) {
-      env.push({ name, value });
-    }
-  }
+  const def = {
+    PEPR_WATCH_MODE: watchMode ? "true" : "false",
+    PEPR_PRETTY_LOG: "false",
+    LOG_LEVEL: config.logLevel || "info",
+  };
+  const cfg = config.env || {};
+  const env = Object.entries({ ...def, ...cfg }).map(([name, value]) => ({ name, value }));
 
   return env;
 }

package/src/lib/assets/yaml.ts

@@ -32,7 +32,7 @@ export async function overridesFile({ hash, name, image, config, apiToken }: Ass
       env: [
         { name: "PEPR_WATCH_MODE", value: "false" },
         { name: "PEPR_PRETTY_LOG", value: "false" },
-        { name: "LOG_LEVEL", value: "debug" },
+        { name: "LOG_LEVEL", value: "info" },
       ],
       image,
       annotations: {
@@ -77,7 +77,7 @@ export async function overridesFile({ hash, name, image, config, apiToken }: Ass
       env: [
         { name: "PEPR_WATCH_MODE", value: "true" },
         { name: "PEPR_PRETTY_LOG", value: "false" },
-        { name: "LOG_LEVEL", value: "debug" },
+        { name: "LOG_LEVEL", value: "info" },
       ],
       image,
       annotations: {

package/src/lib/controller/index.ts

@@ -235,7 +235,7 @@ export class Controller {
         responseList.map(res => {
           this.#afterHook && this.#afterHook(res);
           // Log the response
-          Log.debug({ ...reqMetadata, res }, "Check response");
+          Log.info({ ...reqMetadata, res }, "Check response");
         });
 
         let kubeAdmissionResponse: ValidateResponse[] | MutateResponse | ResponseItem;

package/src/lib/filter.ts

@@ -16,6 +16,7 @@ export function shouldSkipRequest(binding: Binding, req: AdmissionRequest, capab
   const { group, kind, version } = binding.kind || {};
   const { namespaces, labels, annotations, name } = binding.filters || {};
   const operation = req.operation.toUpperCase();
+  const uid = req.uid;
   // Use the old object if the request is a DELETE operation
   const srcObject = operation === Operation.DELETE ? req.oldObject : req.object;
   const { metadata } = srcObject || {};
@@ -65,7 +66,7 @@ export function shouldSkipRequest(binding: Binding, req: AdmissionRequest, capab
       label = binding.watchCallback!.name;
     }
 
-    logger.debug(`${type} binding (${label}) does not match request namespace "${req.namespace}"`);
+    logger.debug({ uid }, `${type} binding (${label}) does not match request namespace "${req.namespace}"`);
 
     return true;
   }
@@ -76,13 +77,13 @@ export function shouldSkipRequest(binding: Binding, req: AdmissionRequest, capab
 
     // First check if the label exists
     if (!testKey) {
-      logger.debug(`Label ${key} does not exist`);
+      logger.debug({ uid }, `Label ${key} does not exist`);
       return true;
     }
 
     // Then check if the value matches, if specified
     if (value && testKey !== value) {
-      logger.debug(`${testKey} does not match ${value}`);
+      logger.debug({ uid }, `${testKey} does not match ${value}`);
       return true;
     }
   }
@@ -93,13 +94,13 @@ export function shouldSkipRequest(binding: Binding, req: AdmissionRequest, capab
 
     // First check if the annotation exists
     if (!testKey) {
-      logger.debug(`Annotation ${key} does not exist`);
+      logger.debug({ uid }, `Annotation ${key} does not exist`);
       return true;
     }
 
     // Then check if the value matches, if specified
     if (value && testKey !== value) {
-      logger.debug(`${testKey} does not match ${value}`);
+      logger.debug({ uid }, `${testKey} does not match ${value}`);
       return true;
     }
   }

package/src/lib/queue.ts

@@ -46,28 +46,37 @@ export class Queue<K extends KubernetesObject> {
    */
   async #dequeue() {
     // If there is a pending promise, do nothing
-    if (this.#pendingPromise) return false;
+    if (this.#pendingPromise) {
+      Log.debug("Pending promise, not dequeuing");
+      return false;
+    }
 
     // Take the next element from the queue
     const element = this.#queue.shift();
 
     // If there is no element, do nothing
-    if (!element) return false;
+    if (!element) {
+      Log.debug("No element, not dequeuing");
+      return false;
+    }
 
     try {
       // Set the pending promise flag to avoid concurrent reconciliations
       this.#pendingPromise = true;
 
-      // Reconcile the webapp
+      // Reconcile the element
       if (this.#reconcile) {
+        Log.debug(`Reconciling ${element.item.metadata!.name}`);
         await this.#reconcile(element.item);
       }
 
       element.resolve();
     } catch (e) {
+      Log.debug(`Error reconciling ${element.item.metadata!.name}`, { error: e });
       element.reject(e);
     } finally {
       // Reset the pending promise flag
+      Log.debug("Resetting pending promise and dequeuing");
       this.#pendingPromise = false;
 
       // After the element is reconciled, dequeue the next element

package/src/lib/watch-processor.ts

@@ -1,7 +1,5 @@
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-
-import { createHash } from "crypto";
 import { K8s, WatchCfg, WatchEvent } from "kubernetes-fluent-client";
 import { WatchPhase } from "kubernetes-fluent-client/dist/fluent/types";
 import { Queue } from "./queue";
@@ -12,8 +10,6 @@ import { Watcher } from "kubernetes-fluent-client/dist/fluent/watch";
 import { GenericClass } from "kubernetes-fluent-client";
 import { filterMatcher } from "./helpers";
 
-const store: Record<string, string> = {};
-
 export function setupWatch(capabilities: Capability[]) {
   capabilities.map(capability =>
     capability.bindings
@@ -86,10 +82,6 @@ async function runBinding(binding: Binding, capabilityNamespaces: string[]) {
     }, watchCfg);
   }
 
-  // Create a unique cache ID for this watch binding in case multiple bindings are watching the same resource
-  const cacheSuffix = createHash("sha224").update(binding.watchCallback!.toString()).digest("hex").substring(0, 5);
-  const cacheID = [watcher.getCacheID(), cacheSuffix].join("-");
-
   // If failure continues, log and exit
   watcher.events.on(WatchEvent.GIVE_UP, err => {
     Log.error(err, "Watch failed after 5 attempts, giving up");
@@ -98,12 +90,6 @@ async function runBinding(binding: Binding, capabilityNamespaces: string[]) {
 
   // Start the watch
   try {
-    const resourceVersion = store[cacheID];
-    if (resourceVersion) {
-      Log.debug(`Starting watch ${binding.model.name} from version ${resourceVersion}`);
-      watcher.resourceVersion = resourceVersion;
-    }
-
     await watcher.start();
   } catch (err) {
     Log.error(err, "Error starting watch");