pepr 0.31.1 → 0.32.0

package/dist/lib/types.d.ts

@@ -1,192 +0,0 @@
-import { GenericClass, GroupVersionKind, KubernetesObject } from "kubernetes-fluent-client";
-import { WatchAction } from "kubernetes-fluent-client/dist/fluent/types";
-import { PeprMutateRequest } from "./mutate-request";
-import { PeprValidateRequest } from "./validate-request";
-/**
- * Specifically for parsing logs in monitor mode
- */
-export interface ResponseItem {
-    uid?: string;
-    allowed: boolean;
-    status: {
-        message: string;
-    };
-}
-/**
- * Recursively make all properties in T optional.
- */
-export type DeepPartial<T> = {
-    [P in keyof T]?: T[P] extends object ? DeepPartial<T[P]> : T[P];
-};
-/**
- * The type of Kubernetes mutating webhook event that the action is registered for.
- */
-export declare enum Event {
-    Create = "CREATE",
-    Update = "UPDATE",
-    Delete = "DELETE",
-    CreateOrUpdate = "CREATEORUPDATE",
-    Any = "*"
-}
-export interface CapabilityCfg {
-    /**
-     * The name of the capability. This should be unique.
-     */
-    name: string;
-    /**
-     * A description of the capability and what it does.
-     */
-    description: string;
-    /**
-     * List of namespaces that this capability applies to, if empty, applies to all namespaces (cluster-wide).
-     * This does not supersede the `alwaysIgnore` global configuration.
-     */
-    namespaces?: string[];
-}
-export interface CapabilityExport extends CapabilityCfg {
-    bindings: Binding[];
-    hasSchedule: boolean;
-}
-export type WhenSelector<T extends GenericClass> = {
-    /** Register an action to be executed when a Kubernetes resource is created or updated. */
-    IsCreatedOrUpdated: () => BindingAll<T>;
-    /** Register an action to be executed when a Kubernetes resource is created. */
-    IsCreated: () => BindingAll<T>;
-    /** Register ann action to be executed when a Kubernetes resource is updated. */
-    IsUpdated: () => BindingAll<T>;
-    /** Register an action to be executed when a Kubernetes resource is deleted. */
-    IsDeleted: () => BindingAll<T>;
-};
-export type Binding = {
-    event: Event;
-    isMutate?: boolean;
-    isValidate?: boolean;
-    isWatch?: boolean;
-    isQueue?: boolean;
-    readonly model: GenericClass;
-    readonly kind: GroupVersionKind;
-    readonly filters: {
-        name: string;
-        namespaces: string[];
-        labels: Record<string, string>;
-        annotations: Record<string, string>;
-    };
-    readonly mutateCallback?: MutateAction<GenericClass, InstanceType<GenericClass>>;
-    readonly validateCallback?: ValidateAction<GenericClass, InstanceType<GenericClass>>;
-    readonly watchCallback?: WatchAction<GenericClass, InstanceType<GenericClass>>;
-};
-export type BindingFilter<T extends GenericClass> = CommonActionChain<T> & {
-    /**
-     * Only apply the action if the resource has the specified label. If no value is specified, the label must exist.
-     * Note multiple calls to this method will result in an AND condition. e.g.
-     *
-     * ```ts
-     * When(a.Deployment)
-     *   .IsCreated()
-     *   .WithLabel("foo", "bar")
-     *   .WithLabel("baz", "qux")
-     *   .Mutate(...)
-     * ```
-     *
-     * Will only apply the action if the resource has both the `foo=bar` and `baz=qux` labels.
-     *
-     * @param key
-     * @param value
-     */
-    WithLabel: (key: string, value?: string) => BindingFilter<T>;
-    /**
-     * Only apply the action if the resource has the specified annotation. If no value is specified, the annotation must exist.
-     * Note multiple calls to this method will result in an AND condition. e.g.
-     *
-     * ```ts
-     * When(a.Deployment)
-     *   .IsCreated()
-     *   .WithAnnotation("foo", "bar")
-     *   .WithAnnotation("baz", "qux")
-     *   .Mutate(...)
-     * ```
-     *
-     * Will only apply the action if the resource has both the `foo=bar` and `baz=qux` annotations.
-     *
-     * @param key
-     * @param value
-     */
-    WithAnnotation: (key: string, value?: string) => BindingFilter<T>;
-};
-export type BindingWithName<T extends GenericClass> = BindingFilter<T> & {
-    /** Only apply the action if the resource name matches the specified name. */
-    WithName: (name: string) => BindingFilter<T>;
-};
-export type BindingAll<T extends GenericClass> = BindingWithName<T> & {
-    /** Only apply the action if the resource is in one of the specified namespaces.*/
-    InNamespace: (...namespaces: string[]) => BindingWithName<T>;
-};
-export type CommonActionChain<T extends GenericClass> = MutateActionChain<T> & {
-    /**
-     * Create a new MUTATE action with the specified callback function and previously specified
-     * filters.
-     *
-     * @since 0.13.0
-     *
-     * @param action The action to be executed when the Kubernetes resource is processed by the AdmissionController.
-     */
-    Mutate: (action: MutateAction<T, InstanceType<T>>) => MutateActionChain<T>;
-};
-export type ValidateActionChain<T extends GenericClass> = {
-    /**
-     * Establish a watcher for the specified resource. The callback function will be executed after the admission controller has
-     * processed the resource and the request has been persisted to the cluster.
-     *
-     * **Beta Function**: This method is still in early testing and edge cases may still exist.
-     *
-     * @since 0.14.0
-     *
-     * @param action
-     * @returns
-     */
-    Watch: (action: WatchAction<T, InstanceType<T>>) => void;
-    /**
-     * Establish a reconcile for the specified resource. The callback function will be executed after the admission controller has
-     * processed the resource and the request has been persisted to the cluster.
-     *
-     * **Beta Function**: This method is still in early testing and edge cases may still exist.
-     *
-     * @since 0.14.0
-     *
-     * @param action
-     * @returns
-     */
-    Reconcile: (action: WatchAction<T, InstanceType<T>>) => void;
-};
-export type MutateActionChain<T extends GenericClass> = ValidateActionChain<T> & {
-    /**
-     * Create a new VALIDATE action with the specified callback function and previously specified
-     * filters. Return the `request.Approve()` or `Request.Deny()` methods to approve or deny the request:
-     *
-     * @since 0.13.0
-     *
-     * @example
-     * ```ts
-     * When(a.Deployment)
-     *  .IsCreated()
-     *  .Validate(request => {
-     *    if (request.HasLabel("foo")) {
-     *     return request.Approve();
-     *    }
-     *
-     *   return request.Deny("Deployment must have label foo");
-     * });
-     * ```
-     *
-     * @param action The action to be executed when the Kubernetes resource is processed by the AdmissionController.
-     */
-    Validate: (action: ValidateAction<T, InstanceType<T>>) => ValidateActionChain<T>;
-};
-export type MutateAction<T extends GenericClass, K extends KubernetesObject = InstanceType<T>> = (req: PeprMutateRequest<K>) => Promise<void> | void | Promise<PeprMutateRequest<K>> | PeprMutateRequest<K>;
-export type ValidateAction<T extends GenericClass, K extends KubernetesObject = InstanceType<T>> = (req: PeprValidateRequest<K>) => Promise<ValidateActionResponse> | ValidateActionResponse;
-export type ValidateActionResponse = {
-    allowed: boolean;
-    statusCode?: number;
-    statusMessage?: string;
-};
-//# sourceMappingURL=types.d.ts.map

package/dist/lib/utils.d.ts

@@ -1,23 +0,0 @@
-/** Test if a string is ascii or not */
-export declare const isAscii: RegExp;
-/**
- * Encode all ascii values in a map to base64
- * @param obj The object to encode
- * @param skip A list of keys to skip encoding
- */
-export declare function convertToBase64Map(obj: {
-    data?: Record<string, string>;
-}, skip: string[]): void;
-/**
- * Decode all ascii values in a map from base64 to utf-8
- * @param obj The object to decode
- * @returns A list of keys that were skipped
- */
-export declare function convertFromBase64Map(obj: {
-    data?: Record<string, string>;
-}): string[];
-/** Decode a base64 string */
-export declare function base64Decode(data: string): string;
-/** Encode a string to base64 */
-export declare function base64Encode(data: string): string;
-//# sourceMappingURL=utils.d.ts.map

package/dist/lib/validate-processor.d.ts

@@ -1,4 +0,0 @@
-import { Capability } from "./capability";
-import { AdmissionRequest, ValidateResponse } from "./k8s";
-export declare function validateProcessor(capabilities: Capability[], req: AdmissionRequest, reqMetadata: Record<string, string>): Promise<ValidateResponse[]>;
-//# sourceMappingURL=validate-processor.d.ts.map

package/dist/lib/validate-request.d.ts

@@ -1,55 +0,0 @@
-import { KubernetesObject } from "kubernetes-fluent-client";
-import { AdmissionRequest } from "./k8s";
-import { ValidateActionResponse } from "./types";
-/**
- * The RequestWrapper class provides methods to modify Kubernetes objects in the context
- * of a mutating webhook request.
- */
-export declare class PeprValidateRequest<T extends KubernetesObject> {
-    #private;
-    Raw: T;
-    /**
-     * Provides access to the old resource in the request if available.
-     * @returns The old Kubernetes resource object or null if not available.
-     */
-    get OldResource(): T | undefined;
-    /**
-     * Provides access to the request object.
-     * @returns The request object containing the Kubernetes resource.
-     */
-    get Request(): AdmissionRequest<T>;
-    /**
-     * Creates a new instance of the Action class.
-     * @param input - The request object containing the Kubernetes resource to modify.
-     */
-    constructor(input: AdmissionRequest<T>);
-    /**
-     * Check if a label exists on the Kubernetes resource.
-     *
-     * @param key the label key to check
-     * @returns
-     */
-    HasLabel: (key: string) => boolean;
-    /**
-     * Check if an annotation exists on the Kubernetes resource.
-     *
-     * @param key the annotation key to check
-     * @returns
-     */
-    HasAnnotation: (key: string) => boolean;
-    /**
-     * Create a validation response that allows the request.
-     *
-     * @returns The validation response.
-     */
-    Approve: () => ValidateActionResponse;
-    /**
-     * Create a validation response that denies the request.
-     *
-     * @param statusMessage Optional status message to return to the user.
-     * @param statusCode Optional status code to return to the user.
-     * @returns The validation response.
-     */
-    Deny: (statusMessage?: string, statusCode?: number) => ValidateActionResponse;
-}
-//# sourceMappingURL=validate-request.d.ts.map

package/dist/lib/watch-processor.d.ts

@@ -1,10 +0,0 @@
-import { KubernetesObject, WatchEvent } from "kubernetes-fluent-client";
-import { Capability } from "./capability";
-/**
- * Entrypoint for setting up watches for all capabilities
- *
- * @param capabilities The capabilities to load watches for
- */
-export declare function setupWatch(capabilities: Capability[]): void;
-export declare function logEvent(type: WatchEvent, message?: string, obj?: KubernetesObject): void;
-//# sourceMappingURL=watch-processor.d.ts.map

package/dist/lib.d.ts

@@ -1,11 +0,0 @@
-import { K8s, RegisterKind, kind as a, fetch, fetchStatus, kind } from "kubernetes-fluent-client";
-import * as R from "ramda";
-import { Capability } from "./lib/capability";
-import Log from "./lib/logger";
-import { PeprModule } from "./lib/module";
-import { PeprMutateRequest } from "./lib/mutate-request";
-import * as PeprUtils from "./lib/utils";
-import { PeprValidateRequest } from "./lib/validate-request";
-import * as sdk from "./sdk/sdk";
-export { Capability, K8s, Log, PeprModule, PeprMutateRequest, PeprUtils, PeprValidateRequest, R, RegisterKind, a, fetch, fetchStatus, kind, sdk, };
-//# sourceMappingURL=lib.d.ts.map

package/dist/runtime/controller.d.ts

@@ -1,3 +0,0 @@
-#!/usr/bin/env node
-export {};
-//# sourceMappingURL=controller.d.ts.map

package/dist/sdk/sdk.d.ts

@@ -1,38 +0,0 @@
-import { PeprValidateRequest } from "../lib/validate-request";
-import { PeprMutateRequest } from "../lib/mutate-request";
-import { a } from "../lib";
-import { V1OwnerReference } from "@kubernetes/client-node";
-import { GenericKind } from "kubernetes-fluent-client";
-import { kind } from "kubernetes-fluent-client";
-/**
- * Returns all containers in a pod
- * @param request the request/pod to get the containers from
- * @param containerType the type of container to get
- * @returns the list of containers in the pod
- */
-export declare function containers(request: PeprValidateRequest<a.Pod> | PeprMutateRequest<a.Pod>, containerType?: "containers" | "initContainers" | "ephemeralContainers"): import("@kubernetes/client-node").V1Container[];
-/**
- * Write a K8s event for a CRD
- *
- * @param cr The custom resource to write the event for
- * @param event The event to write, should contain a human-readable message for the event
- * @param eventType The type of event to write, for example "Warning"
- * @param eventReason The reason for the event, for example "ReconciliationFailed"
- * @param reportingComponent The component that is reporting the event, for example "uds.dev/operator"
- * @param reportingInstance The instance of the component that is reporting the event, for example process.env.HOSTNAME
- */
-export declare function writeEvent(cr: GenericKind, event: Partial<kind.CoreEvent>, eventType: string, eventReason: string, reportingComponent: string, reportingInstance: string): Promise<void>;
-/**
- * Get the owner reference for a custom resource
- * @param cr the custom resource to get the owner reference for
- * @returns the owner reference for the custom resource
- */
-export declare function getOwnerRefFrom(cr: GenericKind): V1OwnerReference[];
-/**
- * Sanitize a resource name to make it a valid Kubernetes resource name.
- *
- * @param name the name of the resource to sanitize
- * @returns the sanitized resource name
- */
-export declare function sanitizeResourceName(name: string): string;
-//# sourceMappingURL=sdk.d.ts.map