npm - pepr - Versions diffs - 0.37.2 → 0.37.3 - Mend

pepr 0.37.2 → 0.37.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/fixtures/loader.d.ts +0 -1
package/dist/fixtures/loader.d.ts.map +1 -1
package/dist/lib/assets/pods.d.ts +1 -1
package/dist/lib/assets/pods.d.ts.map +1 -1
package/dist/lib/capability.d.ts +1 -2
package/dist/lib/capability.d.ts.map +1 -1
package/dist/lib/filter.test.d.ts +1 -1
package/dist/lib/filter.test.d.ts.map +1 -1
package/dist/sdk/sdk.d.ts +1 -1
package/dist/sdk/sdk.d.ts.map +1 -1
package/package.json +3 -3
package/dist/cli.js +0 -3208
package/dist/controller.js +0 -302
package/dist/lib.js +0 -2193
package/dist/lib.js.map +0 -7

package/dist/controller.js DELETED Viewed

@@ -1,302 +0,0 @@
-#!/usr/bin/env node
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-// src/runtime/controller.ts
-var import_child_process = require("child_process");
-var import_crypto = __toESM(require("crypto"));
-var import_fs = __toESM(require("fs"));
-var import_zlib = require("zlib");
-var import_kubernetes_fluent_client4 = require("kubernetes-fluent-client");
-// src/lib/logger.ts
-var import_pino = require("pino");
-var isPrettyLog = process.env.PEPR_PRETTY_LOGS === "true";
-var pretty = {
-  target: "pino-pretty",
-  options: {
-    colorize: true
-  }
-};
-var transport = isPrettyLog ? pretty : void 0;
-var pinoTimeFunction = process.env.PINO_TIME_STAMP === "iso" ? () => import_pino.stdTimeFunctions.isoTime() : () => import_pino.stdTimeFunctions.epochTime();
-var Log = (0, import_pino.pino)({
-  transport,
-  timestamp: pinoTimeFunction
-});
-if (process.env.LOG_LEVEL) {
-  Log.level = process.env.LOG_LEVEL;
-}
-var logger_default = Log;
-// src/templates/data.json
-var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src"], version: "0.37.2", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { ci: "npm ci", "gen-data-json": "node hack/build-template-data.js", prebuild: "rm -fr dist/* && npm run gen-data-json", version: "node scripts/set-version.js", build: "tsc && node build.mjs && npm pack", "build:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev .", test: "npm run test:unit && npm run test:journey", "test:unit": "npm run gen-data-json && jest src --coverage --detectOpenHandles --coverageDirectory=./coverage", "test:journey": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run", "test:journey:prep": "if [ ! -d ./pepr-upgrade-test ]; then git clone https://github.com/defenseunicorns/pepr-upgrade-test.git ; fi", "test:journey-wasm": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run-wasm", "test:journey:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0' --wait && kubectl rollout status deployment -n kube-system", "test:journey:image": "docker buildx build --output type=docker --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:journey:run": "jest --detectOpenHandles journey/entrypoint.test.ts && npm run test:journey:prep && npm run test:journey:upgrade", "test:journey:run-wasm": "jest --detectOpenHandles journey/entrypoint-wasm.test.ts", "test:journey:upgrade": "npm run test:journey:k3d && npm run test:journey:image && jest --detectOpenHandles journey/pepr-upgrade.test.ts", "format:check": "eslint src && prettier src --check", "format:fix": "eslint src --fix && prettier src --write", prepare: `if [ "$NODE_ENV" != 'production' ]; then husky; fi` }, dependencies: { "@types/ramda": "0.30.2", express: "4.21.0", "fast-json-patch": "3.1.1", "json-pointer": "^0.6.2", "kubernetes-fluent-client": "3.0.4", pino: "9.4.0", "pino-pretty": "11.2.2", "prom-client": "15.1.3", ramda: "0.30.1" }, devDependencies: { "@commitlint/cli": "19.5.0", "@commitlint/config-conventional": "19.5.0", "@fast-check/jest": "^2.0.1", "@jest/globals": "29.7.0", "@types/eslint": "9.6.1", "@types/express": "5.0.0", "@types/json-pointer": "^1.0.34", "@types/node": "22.x.x", "@types/node-forge": "1.3.11", "@types/uuid": "10.0.0", "fast-check": "^3.19.0", jest: "29.7.0", "js-yaml": "^4.1.0", nock: "^13.5.4", "ts-jest": "29.2.5", husky: "^9.1.6" }, peerDependencies: { "@typescript-eslint/eslint-plugin": "7.18.0", "@typescript-eslint/parser": "7.18.0", commander: "12.1.0", esbuild: "0.23.0", eslint: "8.57.0", "node-forge": "1.3.1", prettier: "3.3.3", "@types/prompts": "2.4.9", prompts: "2.4.2", typescript: "5.3.3", uuid: "10.0.0" } };
-// src/lib/k8s.ts
-var import_kubernetes_fluent_client = require("kubernetes-fluent-client");
-var PeprStore = class extends import_kubernetes_fluent_client.GenericKind {
-};
-var peprStoreGVK = {
-  kind: "PeprStore",
-  version: "v1",
-  group: "pepr.dev"
-};
-(0, import_kubernetes_fluent_client.RegisterKind)(PeprStore, peprStoreGVK);
-// src/lib/assets/store.ts
-var { group, version, kind } = peprStoreGVK;
-var singular = kind.toLocaleLowerCase();
-var plural = `${singular}s`;
-var name = `${plural}.${group}`;
-var peprStoreCRD = {
-  apiVersion: "apiextensions.k8s.io/v1",
-  kind: "CustomResourceDefinition",
-  metadata: {
-    name
-  },
-  spec: {
-    group,
-    versions: [
-      {
-        // typescript doesn't know this is really already set, which is kind of annoying
-        name: version || "v1",
-        served: true,
-        storage: true,
-        schema: {
-          openAPIV3Schema: {
-            type: "object",
-            properties: {
-              data: {
-                type: "object",
-                additionalProperties: {
-                  type: "string"
-                }
-              }
-            }
-          }
-        }
-      }
-    ],
-    scope: "Namespaced",
-    names: {
-      plural,
-      singular,
-      kind
-    }
-  }
-};
-// src/lib/helpers.ts
-var import_kubernetes_fluent_client3 = require("kubernetes-fluent-client");
-// src/sdk/sdk.ts
-var import_kubernetes_fluent_client2 = require("kubernetes-fluent-client");
-// src/lib/adjudicators.ts
-var import_ramda = require("ramda");
-var declaredOperation = (0, import_ramda.pipe)((request) => request?.operation, (0, import_ramda.defaultTo)(""));
-var declaredGroup = (0, import_ramda.pipe)((request) => request?.kind?.group, (0, import_ramda.defaultTo)(""));
-var declaredVersion = (0, import_ramda.pipe)((request) => request?.kind?.version, (0, import_ramda.defaultTo)(""));
-var declaredKind = (0, import_ramda.pipe)((request) => request?.kind?.kind, (0, import_ramda.defaultTo)(""));
-var declaredUid = (0, import_ramda.pipe)((request) => request?.uid, (0, import_ramda.defaultTo)(""));
-var carriesDeletionTimestamp = (0, import_ramda.pipe)((obj) => !!obj.metadata?.deletionTimestamp, (0, import_ramda.defaultTo)(false));
-var missingDeletionTimestamp = (0, import_ramda.complement)(carriesDeletionTimestamp);
-var carriedName = (0, import_ramda.pipe)((obj) => obj?.metadata?.name, (0, import_ramda.defaultTo)(""));
-var carriesName = (0, import_ramda.pipe)(carriedName, (0, import_ramda.equals)(""), import_ramda.not);
-var missingName = (0, import_ramda.complement)(carriesName);
-var carriedNamespace = (0, import_ramda.pipe)((obj) => obj?.metadata?.namespace, (0, import_ramda.defaultTo)(""));
-var carriesNamespace = (0, import_ramda.pipe)(carriedNamespace, (0, import_ramda.equals)(""), import_ramda.not);
-var carriedAnnotations = (0, import_ramda.pipe)((obj) => obj?.metadata?.annotations, (0, import_ramda.defaultTo)({}));
-var carriesAnnotations = (0, import_ramda.pipe)(carriedAnnotations, (0, import_ramda.equals)({}), import_ramda.not);
-var carriedLabels = (0, import_ramda.pipe)((obj) => obj?.metadata?.labels, (0, import_ramda.defaultTo)({}));
-var carriesLabels = (0, import_ramda.pipe)(carriedLabels, (0, import_ramda.equals)({}), import_ramda.not);
-var definesDeletionTimestamp = (0, import_ramda.pipe)((binding) => binding?.filters?.deletionTimestamp, (0, import_ramda.defaultTo)(false));
-var ignoresDeletionTimestamp = (0, import_ramda.complement)(definesDeletionTimestamp);
-var definedName = (0, import_ramda.pipe)((binding) => binding?.filters?.name, (0, import_ramda.defaultTo)(""));
-var definesName = (0, import_ramda.pipe)(definedName, (0, import_ramda.equals)(""), import_ramda.not);
-var ignoresName = (0, import_ramda.complement)(definesName);
-var definedNameRegex = (0, import_ramda.pipe)((binding) => binding?.filters?.regexName, (0, import_ramda.defaultTo)(""));
-var definesNameRegex = (0, import_ramda.pipe)(definedNameRegex, (0, import_ramda.equals)(""), import_ramda.not);
-var definedNamespaces = (0, import_ramda.pipe)((binding) => binding?.filters?.namespaces, (0, import_ramda.defaultTo)([]));
-var definesNamespaces = (0, import_ramda.pipe)(definedNamespaces, (0, import_ramda.equals)([]), import_ramda.not);
-var definedNamespaceRegexes = (0, import_ramda.pipe)((binding) => binding?.filters?.regexNamespaces, (0, import_ramda.defaultTo)([]));
-var definesNamespaceRegexes = (0, import_ramda.pipe)(definedNamespaceRegexes, (0, import_ramda.equals)([]), import_ramda.not);
-var definedAnnotations = (0, import_ramda.pipe)((binding) => binding?.filters?.annotations, (0, import_ramda.defaultTo)({}));
-var definesAnnotations = (0, import_ramda.pipe)(definedAnnotations, (0, import_ramda.equals)({}), import_ramda.not);
-var definedLabels = (0, import_ramda.pipe)((binding) => binding?.filters?.labels, (0, import_ramda.defaultTo)({}));
-var definesLabels = (0, import_ramda.pipe)(definedLabels, (0, import_ramda.equals)({}), import_ramda.not);
-var definedEvent = (0, import_ramda.pipe)((binding) => binding?.event, (0, import_ramda.defaultTo)(""));
-var definesDelete = (0, import_ramda.pipe)(definedEvent, (0, import_ramda.equals)("DELETE" /* DELETE */));
-var definedGroup = (0, import_ramda.pipe)((binding) => binding?.kind?.group, (0, import_ramda.defaultTo)(""));
-var definesGroup = (0, import_ramda.pipe)(definedGroup, (0, import_ramda.equals)(""), import_ramda.not);
-var definedVersion = (0, import_ramda.pipe)((binding) => binding?.kind?.version, (0, import_ramda.defaultTo)(""));
-var definesVersion = (0, import_ramda.pipe)(definedVersion, (0, import_ramda.equals)(""), import_ramda.not);
-var definedKind = (0, import_ramda.pipe)((binding) => binding?.kind?.kind, (0, import_ramda.defaultTo)(""));
-var definesKind = (0, import_ramda.pipe)(definedKind, (0, import_ramda.equals)(""), import_ramda.not);
-var definedCategory = (0, import_ramda.pipe)((binding) => {
-  return binding.isFinalize ? "Finalize" : binding.isWatch ? "Watch" : binding.isMutate ? "Mutate" : binding.isValidate ? "Validate" : "";
-});
-var definedCallback = (0, import_ramda.pipe)((binding) => {
-  return binding.isFinalize ? binding.finalizeCallback : binding.isWatch ? binding.watchCallback : binding.isMutate ? binding.mutateCallback : binding.isValidate ? binding.validateCallback : null;
-});
-var definedCallbackName = (0, import_ramda.pipe)(definedCallback, (0, import_ramda.defaultTo)({ name: "" }), (cb) => cb.name);
-var mismatchedDeletionTimestamp = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesDeletionTimestamp),
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(1), missingDeletionTimestamp)
-]);
-var mismatchedName = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesName),
-  (0, import_ramda.pipe)((bnd, obj) => definedName(bnd) !== carriedName(obj))
-]);
-var mismatchedNameRegex = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesNameRegex),
-  (0, import_ramda.pipe)((bnd, obj) => new RegExp(definedNameRegex(bnd)).test(carriedName(obj)), import_ramda.not)
-]);
-var bindsToKind = (0, import_ramda.curry)(
-  (0, import_ramda.allPass)([(0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definedKind, (0, import_ramda.equals)(""), import_ramda.not), (0, import_ramda.pipe)((bnd, knd) => definedKind(bnd) === knd)])
-);
-var bindsToNamespace = (0, import_ramda.curry)((0, import_ramda.pipe)(bindsToKind(import_ramda.__, "Namespace")));
-var misboundNamespace = (0, import_ramda.allPass)([bindsToNamespace, definesNamespaces]);
-var mismatchedNamespace = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesNamespaces),
-  (0, import_ramda.pipe)((bnd, obj) => definedNamespaces(bnd).includes(carriedNamespace(obj)), import_ramda.not)
-]);
-var mismatchedNamespaceRegex = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesNamespaceRegexes),
-  (0, import_ramda.pipe)(
-    (bnd, obj) => (0, import_ramda.pipe)(
-      (0, import_ramda.any)((rex) => new RegExp(rex).test(carriedNamespace(obj))),
-      import_ramda.not
-    )(definedNamespaceRegexes(bnd))
-  )
-]);
-var metasMismatch = (0, import_ramda.pipe)(
-  (defined, carried) => {
-    const result = { defined, carried, unalike: {} };
-    result.unalike = Object.entries(result.defined).map(([key, val]) => {
-      const keyMissing = !Object.hasOwn(result.carried, key);
-      const noValue = !val;
-      const valMissing = !result.carried[key];
-      const valDiffers = result.carried[key] !== result.defined[key];
-      return keyMissing ? { [key]: val } : noValue ? {} : valMissing ? { [key]: val } : valDiffers ? { [key]: val } : {};
-    }).reduce((acc, cur) => ({ ...acc, ...cur }), {});
-    return result.unalike;
-  },
-  (unalike) => Object.keys(unalike).length > 0
-);
-var mismatchedAnnotations = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesAnnotations),
-  (0, import_ramda.pipe)((bnd, obj) => metasMismatch(definedAnnotations(bnd), carriedAnnotations(obj)))
-]);
-var mismatchedLabels = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesLabels),
-  (0, import_ramda.pipe)((bnd, obj) => metasMismatch(definedLabels(bnd), carriedLabels(obj)))
-]);
-var uncarryableNamespace = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), import_ramda.length, (0, import_ramda.gt)(import_ramda.__, 0)),
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(1), carriesNamespace),
-  (0, import_ramda.pipe)((nss, obj) => nss.includes(carriedNamespace(obj)), import_ramda.not)
-]);
-var carriesIgnoredNamespace = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), import_ramda.length, (0, import_ramda.gt)(import_ramda.__, 0)),
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(1), carriesNamespace),
-  (0, import_ramda.pipe)((nss, obj) => nss.includes(carriedNamespace(obj)))
-]);
-var unbindableNamespaces = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), import_ramda.length, (0, import_ramda.gt)(import_ramda.__, 0)),
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(1), definesNamespaces),
-  (0, import_ramda.pipe)((nss, bnd) => (0, import_ramda.difference)(definedNamespaces(bnd), nss), import_ramda.length, (0, import_ramda.equals)(0), import_ramda.not)
-]);
-var misboundDeleteWithDeletionTimestamp = (0, import_ramda.allPass)([definesDelete, definesDeletionTimestamp]);
-var operationMatchesEvent = (0, import_ramda.anyPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(1), (0, import_ramda.equals)("*" /* Any */)),
-  (0, import_ramda.pipe)((op, evt) => op === evt),
-  (0, import_ramda.pipe)((op, evt) => op ? evt.includes(op) : false)
-]);
-var mismatchedEvent = (0, import_ramda.pipe)(
-  (binding, request) => operationMatchesEvent(declaredOperation(request), definedEvent(binding)),
-  import_ramda.not
-);
-var mismatchedGroup = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesGroup),
-  (0, import_ramda.pipe)((binding, request) => definedGroup(binding) !== declaredGroup(request))
-]);
-var mismatchedVersion = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesVersion),
-  (0, import_ramda.pipe)((binding, request) => definedVersion(binding) !== declaredVersion(request))
-]);
-var mismatchedKind = (0, import_ramda.allPass)([
-  (0, import_ramda.pipe)((0, import_ramda.nthArg)(0), definesKind),
-  (0, import_ramda.pipe)((binding, request) => definedKind(binding) !== declaredKind(request))
-]);
-// src/lib/helpers.ts
-var ValidationError = class extends Error {
-};
-function validateHash(expectedHash) {
-  const sha256Regex = /^[a-f0-9]{64}$/i;
-  if (!expectedHash || !sha256Regex.test(expectedHash)) {
-    logger_default.error(`Invalid hash. Expected a valid SHA-256 hash, got ${expectedHash}`);
-    throw new ValidationError("Invalid hash");
-  }
-}
-// src/runtime/controller.ts
-var { version: version2 } = packageJSON;
-function runModule(expectedHash) {
-  const gzPath = `/app/load/module-${expectedHash}.js.gz`;
-  const jsPath = `/app/module-${expectedHash}.js`;
-  logger_default.level = "info";
-  if (!import_fs.default.existsSync(gzPath)) {
-    throw new Error(`File not found: ${gzPath}`);
-  }
-  try {
-    logger_default.info(`Loading module ${gzPath}`);
-    const codeGZ = import_fs.default.readFileSync(gzPath);
-    const code = (0, import_zlib.gunzipSync)(codeGZ);
-    const actualHash = import_crypto.default.createHash("sha256").update(code).digest("hex");
-    if (!import_crypto.default.timingSafeEqual(Buffer.from(expectedHash, "hex"), Buffer.from(actualHash, "hex"))) {
-      throw new Error(`File hash does not match, expected ${expectedHash} but got ${actualHash}`);
-    }
-    logger_default.info(`File hash matches, running module`);
-    import_fs.default.writeFileSync(jsPath, code);
-    (0, import_child_process.fork)(jsPath);
-  } catch (e) {
-    throw new Error(`Failed to decompress module: ${e}`);
-  }
-}
-logger_default.info(`Pepr Controller (v${version2})`);
-var hash = process.argv[2];
-var startup = async () => {
-  try {
-    logger_default.info("Applying the Pepr Store CRD if it doesn't exist");
-    await (0, import_kubernetes_fluent_client4.K8s)(import_kubernetes_fluent_client4.kind.CustomResourceDefinition).Apply(peprStoreCRD, { force: true });
-    validateHash(hash);
-    runModule(hash);
-  } catch (err) {
-    logger_default.error(err, `Error starting Pepr Store CRD`);
-    process.exit(1);
-  }
-};
-startup().catch((err) => logger_default.error(err, `Error starting Pepr Controller`));