pepr 0.40.1 → 0.42.1

package/dist/sdk/sdk.d.ts

@@ -1,15 +1,14 @@
 import { PeprValidateRequest } from "../lib/validate-request";
 import { PeprMutateRequest } from "../lib/mutate-request";
-import { V1OwnerReference } from "@kubernetes/client-node";
-import { GenericKind } from "kubernetes-fluent-client";
-import { kind } from "kubernetes-fluent-client";
+import { V1OwnerReference, V1Container } from "@kubernetes/client-node";
+import { GenericKind, kind } from "kubernetes-fluent-client";
 /**
  * Returns all containers in a pod
  * @param request the request/pod to get the containers from
  * @param containerType the type of container to get
  * @returns the list of containers in the pod
  */
-export declare function containers(request: PeprValidateRequest<kind.Pod> | PeprMutateRequest<kind.Pod>, containerType?: "containers" | "initContainers" | "ephemeralContainers"): import("@kubernetes/client-node").V1Container[];
+export declare function containers(request: PeprValidateRequest<kind.Pod> | PeprMutateRequest<kind.Pod>, containerType?: "containers" | "initContainers" | "ephemeralContainers"): V1Container[];
 /**
  * Write a K8s event for a CRD
  *

package/dist/sdk/sdk.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sdk.d.ts","sourceRoot":"","sources":["../../src/sdk/sdk.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAO,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAGrD;;;;;GAKG;AACH,wBAAgB,UAAU,CACxB,OAAO,EAAE,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,EACpE,aAAa,CAAC,EAAE,YAAY,GAAG,gBAAgB,GAAG,qBAAqB,mDAgBxE;AAED;;;;;;;;;GASG;AACH,wBAAsB,UAAU,CAC9B,EAAE,EAAE,WAAW,EACf,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAC9B,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,EACnB,kBAAkB,EAAE,MAAM,EAC1B,iBAAiB,EAAE,MAAM,iBAwB1B;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,cAAc,EAAE,WAAW,EAC3B,kBAAkB,CAAC,EAAE,OAAO,EAC5B,UAAU,CAAC,EAAE,OAAO,GACnB,gBAAgB,EAAE,CAcpB;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,UAYhD"}
+{"version":3,"file":"sdk.d.ts","sourceRoot":"","sources":["../../src/sdk/sdk.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACxE,OAAO,EAAE,WAAW,EAAO,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAElE;;;;;GAKG;AACH,wBAAgB,UAAU,CACxB,OAAO,EAAE,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,EACpE,aAAa,CAAC,EAAE,YAAY,GAAG,gBAAgB,GAAG,qBAAqB,GACtE,WAAW,EAAE,CAef;AAED;;;;;;;;;GASG;AAEH,wBAAsB,UAAU,CAC9B,EAAE,EAAE,WAAW,EACf,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAC9B,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,EACnB,kBAAkB,EAAE,MAAM,EAC1B,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,IAAI,CAAC,CAqBf;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,cAAc,EAAE,WAAW,EAC3B,kBAAkB,CAAC,EAAE,OAAO,EAC5B,UAAU,CAAC,EAAE,OAAO,GACnB,gBAAgB,EAAE,CAcpB;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAYzD"}

package/package.json

@@ -15,7 +15,7 @@
     "!src/**/*.test.ts",
     "!dist/**/*.test.d.ts*"
   ],
-  "version": "0.40.1",
+  "version": "0.42.1",
   "main": "dist/lib.js",
   "types": "dist/lib.d.ts",
   "scripts": {
@@ -41,12 +41,12 @@
   },
   "dependencies": {
     "@types/ramda": "0.30.2",
-    "express": "4.21.1",
+    "express": "4.21.2",
     "fast-json-patch": "3.1.1",
     "follow-redirects": "1.15.9",
     "http-status-codes": "^2.3.0",
     "json-pointer": "^0.6.2",
-    "kubernetes-fluent-client": "3.3.4",
+    "kubernetes-fluent-client": "3.3.7",
     "pino": "9.5.0",
     "pino-pretty": "13.0.0",
     "prom-client": "15.1.3",
@@ -69,8 +69,8 @@
     "husky": "^9.1.6",
     "jest": "29.7.0",
     "js-yaml": "^4.1.0",
-    "nock": "^13.5.4",
-    "ts-jest": "29.2.5"
+    "ts-jest": "29.2.5",
+    "undici": "^7.0.1"
   },
   "peerDependencies": {
     "@types/prompts": "2.4.9",

package/src/cli/build.helpers.ts

@@ -1,3 +1,15 @@
+import { createDirectoryIfNotExists } from "../lib/filesystemService";
+import { sanitizeResourceName } from "../sdk/sdk";
+import { createDockerfile } from "../lib/included-files";
+import { execSync } from "child_process";
+import { CapabilityExport } from "../lib/types";
+import { validateCapabilityNames } from "../lib/helpers";
+import { BuildOptions, BuildResult, context, BuildContext } from "esbuild";
+import { Assets } from "../lib/assets";
+import { resolve } from "path";
+import { promises as fs } from "fs";
+
+export type Reloader = (opts: BuildResult<BuildOptions>) => void | Promise<void>;
 /**
  * Determine the RBAC mode based on the CLI options and the module's config
  * @param opts CLI options
@@ -26,3 +38,171 @@ export function determineRbacMode(
   // if nothing is defined return admin, else return scoped
   return cfg.pepr.rbacMode || "admin";
 }
+
+/**
+ * Handle the custom output directory
+ * @param outputDir the desired output directory
+ * @returns The desired output directory or the default one
+ */
+
+export async function handleCustomOutputDir(outputDir: string): Promise<string> {
+  const defaultOutputDir = "dist";
+  if (outputDir) {
+    try {
+      await createDirectoryIfNotExists(outputDir);
+      return outputDir;
+    } catch (error) {
+      console.error(`Error creating output directory: ${error.message}`);
+      process.exit(1);
+    }
+  }
+  return defaultOutputDir;
+}
+
+/**
+ * Check if the image is from Iron Bank and return the correct image
+ * @param registry The registry of the image
+ * @param image The image to check
+ * @param peprVersion The version of the PEPR controller
+ * @returns The image string
+ * @example
+ */
+export function checkIronBankImage(registry: string, image: string, peprVersion: string): string {
+  return registry === "Iron Bank"
+    ? `registry1.dso.mil/ironbank/opensource/defenseunicorns/pepr/controller:v${peprVersion}`
+    : image;
+}
+
+/**
+ * Check if the image pull secret is a valid Kubernetes name
+ * @param imagePullSecret
+ * @returns boolean
+ */
+export function validImagePullSecret(imagePullSecretName: string): void {
+  if (imagePullSecretName) {
+    const error = "Invalid imagePullSecret. Please provide a valid name as defined in RFC 1123.";
+    if (sanitizeResourceName(imagePullSecretName) !== imagePullSecretName) {
+      // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names
+      console.error(error);
+      process.exit(1);
+    }
+  }
+}
+
+/**
+ * Constraint to majke sure customImage and registry are not both used
+ * @param customImage
+ * @param registry
+ * @returns
+ */
+export function handleCustomImage(customImage: string, registry: string): string {
+  let defaultImage = "";
+  if (customImage) {
+    if (registry) {
+      console.error(`Custom Image and registry cannot be used together.`);
+      process.exit(1);
+    }
+    defaultImage = customImage;
+  }
+  return defaultImage;
+}
+
+/**
+ * Creates and pushes a custom image for WASM or any other included files
+ * @param includedFiles
+ * @param peprVersion
+ * @param description
+ * @param image
+ */
+export async function handleCustomImageBuild(
+  includedFiles: string[],
+  peprVersion: string,
+  description: string,
+  image: string,
+): Promise<void> {
+  if (includedFiles.length > 0) {
+    await createDockerfile(peprVersion, description, includedFiles);
+    execSync(`docker build --tag ${image} -f Dockerfile.controller .`, {
+      stdio: "inherit",
+    });
+    execSync(`docker push ${image}`, { stdio: "inherit" });
+  }
+}
+
+/**
+ * Disables embedding of deployment files into output module
+ * @param embed
+ * @param path
+ * @returns
+ */
+export function handleEmbedding(embed: boolean, path: string): void {
+  if (!embed) {
+    console.info(`✅ Module built successfully at ${path}`);
+    return;
+  }
+}
+
+/**
+ * Check if the capability names are valid
+ * @param capabilities The capabilities to check
+ */
+export function handleValidCapabilityNames(capabilities: CapabilityExport[]): void {
+  try {
+    // wait for capabilities to be loaded and test names
+    validateCapabilityNames(capabilities);
+  } catch (e) {
+    console.error(`Error loading capability:`, e);
+    process.exit(1);
+  }
+}
+
+/**
+ * Watch for changes in the module
+ * @param ctxCfg The build options
+ * @param reloader The reloader function
+ * @returns The build context
+ */
+export async function watchForChanges(
+  ctxCfg: BuildOptions,
+  reloader: Reloader | undefined,
+): Promise<BuildContext<BuildOptions>> {
+  const ctx = await context(ctxCfg);
+
+  // If the reloader function is defined, watch the module for changes
+  if (reloader) {
+    await ctx.watch();
+  } else {
+    // Otherwise, just build the module once
+    await ctx.rebuild();
+    await ctx.dispose();
+  }
+
+  return ctx;
+}
+
+export async function generateYamlAndWriteToDisk(obj: {
+  uuid: string;
+  imagePullSecret: string;
+  outputDir: string;
+  assets: Assets;
+  zarf: string;
+}): Promise<void> {
+  const { uuid, imagePullSecret, outputDir, assets, zarf } = obj;
+  const yamlFile = `pepr-module-${uuid}.yaml`;
+  const chartPath = `${uuid}-chart`;
+  const yamlPath = resolve(outputDir, yamlFile);
+  const yaml = await assets.allYaml(imagePullSecret);
+  const zarfPath = resolve(outputDir, "zarf.yaml");
+
+  let localZarf = "";
+  if (zarf === "chart") {
+    localZarf = assets.zarfYamlChart(chartPath);
+  } else {
+    localZarf = assets.zarfYaml(yamlFile);
+  }
+  await fs.writeFile(yamlPath, yaml);
+  await fs.writeFile(zarfPath, localZarf);
+
+  await assets.generateHelmChart(outputDir);
+  console.info(`✅ K8s resource for the module saved to ${yamlPath}`);
+}

package/src/cli/build.ts

@@ -1,24 +1,34 @@
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
 
-import { execSync, execFileSync } from "child_process";
-import { BuildOptions, BuildResult, analyzeMetafile, context } from "esbuild";
+import { execFileSync } from "child_process";
+import { BuildOptions, BuildResult, analyzeMetafile } from "esbuild";
 import { promises as fs } from "fs";
 import { basename, dirname, extname, resolve } from "path";
-import { createDockerfile } from "../lib/included-files";
 import { Assets } from "../lib/assets";
 import { dependencies, version } from "./init/templates";
 import { RootCmd } from "./root";
-import { peprFormat } from "./format";
 import { Option } from "commander";
-import { createDirectoryIfNotExists, validateCapabilityNames, parseTimeout } from "../lib/helpers";
-import { sanitizeResourceName } from "../sdk/sdk";
-import { determineRbacMode } from "./build.helpers";
+import { parseTimeout } from "../lib/helpers";
+import { peprFormat } from "./format";
+import {
+  watchForChanges,
+  determineRbacMode,
+  handleEmbedding,
+  handleCustomOutputDir,
+  handleValidCapabilityNames,
+  handleCustomImage,
+  handleCustomImageBuild,
+  checkIronBankImage,
+  validImagePullSecret,
+  generateYamlAndWriteToDisk,
+} from "./build.helpers";
+
 const peprTS = "pepr.ts";
 let outputDir: string = "dist";
 export type Reloader = (opts: BuildResult<BuildOptions>) => void | Promise<void>;
 
-export default function (program: RootCmd) {
+export default function (program: RootCmd): void {
   program
     .command("build")
     .description("Build a Pepr Module for deployment")
@@ -72,13 +82,7 @@ export default function (program: RootCmd) {
     )
     .action(async opts => {
       // assign custom output directory if provided
-      if (opts.outputDir) {
-        outputDir = opts.outputDir;
-        createDirectoryIfNotExists(outputDir).catch(error => {
-          console.error(`Error creating output directory: ${error.message}`);
-          process.exit(1);
-        });
-      }
+      outputDir = await handleCustomOutputDir(opts.outputDir);
 
       // Build the module
       const buildModuleResult = await buildModule(undefined, opts.entryPoint, opts.embed);
@@ -87,16 +91,7 @@ export default function (program: RootCmd) {
         // Files to include in controller image for WASM support
         const { includedFiles } = cfg.pepr;
 
-        let image: string = "";
-
-        // Build Kubernetes manifests with custom image
-        if (opts.customImage) {
-          if (opts.registry) {
-            console.error(`Custom Image and registry cannot be used together.`);
-            process.exit(1);
-          }
-          image = opts.customImage;
-        }
+        let image = handleCustomImage(opts.customImage, opts.registry);
 
         // Check if there is a custom timeout defined
         if (opts.timeout !== undefined) {
@@ -110,25 +105,14 @@ export default function (program: RootCmd) {
           image = `${opts.registryInfo}/custom-pepr-controller:${cfg.pepr.peprVersion}`;
 
           // only actually build/push if there are files to include
-          if (includedFiles.length > 0) {
-            await createDockerfile(cfg.pepr.peprVersion, cfg.description, includedFiles);
-            execSync(`docker build --tag ${image} -f Dockerfile.controller .`, {
-              stdio: "inherit",
-            });
-            execSync(`docker push ${image}`, { stdio: "inherit" });
-          }
+          await handleCustomImageBuild(includedFiles, cfg.pepr.peprVersion, cfg.description, image);
         }
 
         // If building without embedding, exit after building
-        if (!opts.embed) {
-          console.info(`✅ Module built successfully at ${path}`);
-          return;
-        }
+        handleEmbedding(opts.embed, path);
 
         // set the image version if provided
-        if (opts.version) {
-          cfg.pepr.peprVersion = opts.version;
-        }
+        opts.version ? (cfg.pepr.peprVersion = opts.version) : null;
 
         // Generate a secret for the module
         const assets = new Assets(
@@ -143,56 +127,22 @@ export default function (program: RootCmd) {
         );
 
         // If registry is set to Iron Bank, use Iron Bank image
-        if (opts?.registry === "Iron Bank") {
-          console.info(
-            `\n\tThis command assumes the latest release. Pepr's Iron Bank image release cycle is dictated by renovate and is typically released a few days after the GitHub release.\n\tAs an alternative you may consider custom --custom-image to target a specific image and version.`,
-          );
-          image = `registry1.dso.mil/ironbank/opensource/defenseunicorns/pepr/controller:v${cfg.pepr.peprVersion}`;
-        }
+        image = checkIronBankImage(opts.registry, image, cfg.pepr.peprVersion);
 
         // if image is a custom image, use that instead of the default
-        if (image !== "") {
-          assets.image = image;
-        }
+        image !== "" ? (assets.image = image) : null;
 
         // Ensure imagePullSecret is valid
-        if (opts.withPullSecret) {
-          if (sanitizeResourceName(opts.withPullSecret) !== opts.withPullSecret) {
-            // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names
-            console.error(
-              "Invalid imagePullSecret. Please provide a valid name as defined in RFC 1123.",
-            );
-            process.exit(1);
-          }
-        }
-
-        const yamlFile = `pepr-module-${uuid}.yaml`;
-        const chartPath = `${uuid}-chart`;
-        const yamlPath = resolve(outputDir, yamlFile);
-        const yaml = await assets.allYaml(opts.withPullSecret);
-
-        try {
-          // wait for capabilities to be loaded and test names
-          validateCapabilityNames(assets.capabilities);
-        } catch (e) {
-          console.error(`Error loading capability:`, e);
-          process.exit(1);
-        }
-
-        const zarfPath = resolve(outputDir, "zarf.yaml");
-
-        let zarf = "";
-        if (opts.zarf === "chart") {
-          zarf = assets.zarfYamlChart(chartPath);
-        } else {
-          zarf = assets.zarfYaml(yamlFile);
-        }
-        await fs.writeFile(yamlPath, yaml);
-        await fs.writeFile(zarfPath, zarf);
-
-        await assets.generateHelmChart(outputDir);
-
-        console.info(`✅ K8s resource for the module saved to ${yamlPath}`);
+        validImagePullSecret(opts.withPullSecret);
+
+        handleValidCapabilityNames(assets.capabilities);
+        await generateYamlAndWriteToDisk({
+          uuid,
+          outputDir,
+          imagePullSecret: opts.withPullSecret,
+          zarf: opts.zarf,
+          assets,
+        });
       }
     });
 }
@@ -251,15 +201,7 @@ export async function buildModule(reloader?: Reloader, entryPoint = peprTS, embe
   try {
     const { cfg, modulePath, path, uuid } = await loadModule(entryPoint);
 
-    const validFormat = await peprFormat(true);
-
-    if (!validFormat) {
-      console.log(
-        "\x1b[33m%s\x1b[0m",
-        "Formatting errors were found. The build will continue, but you may want to run `npx pepr format` to address any issues.",
-      );
-    }
-
+    await checkFormat();
     // Resolve node_modules folder (in support of npm workspaces!)
     const npmRoot = execFileSync("npm", ["root"]).toString().trim();
 
@@ -281,7 +223,7 @@ export async function buildModule(reloader?: Reloader, entryPoint = peprTS, embe
       plugins: [
         {
           name: "reload-server",
-          setup(build) {
+          setup(build): void | Promise<void> {
             build.onEnd(async r => {
               // Print the build size analysis
               if (r?.metafile) {
@@ -321,53 +263,64 @@ export async function buildModule(reloader?: Reloader, entryPoint = peprTS, embe
       ctxCfg.treeShaking = false;
     }
 
-    const ctx = await context(ctxCfg);
-
-    // If the reloader function is defined, watch the module for changes
-    if (reloader) {
-      await ctx.watch();
-    } else {
-      // Otherwise, just build the module once
-      await ctx.rebuild();
-      await ctx.dispose();
-    }
+    const ctx = await watchForChanges(ctxCfg, reloader);
 
     return { ctx, path, cfg, uuid };
   } catch (e) {
-    console.error(`Error building module:`, e);
+    handleModuleBuildError(e);
+  }
+}
 
-    if (!e.stdout) process.exit(1); // Exit with a non-zero exit code on any other error
+interface BuildModuleResult {
+  stdout?: Buffer;
+  stderr: Buffer;
+}
 
-    const out = e.stdout.toString() as string;
-    const err = e.stderr.toString();
+function handleModuleBuildError(e: BuildModuleResult): void {
+  console.error(`Error building module:`, e);
 
-    console.log(out);
-    console.error(err);
+  if (!e.stdout) process.exit(1); // Exit with a non-zero exit code on any other error
 
-    // Check for version conflicts
-    if (out.includes("Types have separate declarations of a private property '_name'.")) {
-      // Try to find the conflicting package
-      const pgkErrMatch = /error TS2322: .*? 'import\("\/.*?\/node_modules\/(.*?)\/node_modules/g;
-      out.matchAll(pgkErrMatch);
+  const out = e.stdout.toString() as string;
+  const err = e.stderr.toString();
 
-      // Look for package conflict errors
-      const conflicts = [...out.matchAll(pgkErrMatch)];
+  console.log(out);
+  console.error(err);
 
-      // If the regex didn't match, leave a generic error
-      if (conflicts.length < 1) {
-        console.info(
-          `\n\tOne or more imported Pepr Capabilities seem to be using an incompatible version of Pepr.\n\tTry updating your Pepr Capabilities to their latest versions.`,
-          "Version Conflict",
-        );
-      }
+  // Check for version conflicts
+  if (out.includes("Types have separate declarations of a private property '_name'.")) {
+    // Try to find the conflicting package
+    const pgkErrMatch = /error TS2322: .*? 'import\("\/.*?\/node_modules\/(.*?)\/node_modules/g;
+    out.matchAll(pgkErrMatch);
 
-      // Otherwise, loop through each conflicting package and print an error
-      conflicts.forEach(match => {
-        console.info(
-          `\n\tPackage '${match[1]}' seems to be incompatible with your current version of Pepr.\n\tTry updating to the latest version.`,
-          "Version Conflict",
-        );
-      });
+    // Look for package conflict errors
+    const conflicts = [...out.matchAll(pgkErrMatch)];
+
+    // If the regex didn't match, leave a generic error
+    if (conflicts.length < 1) {
+      console.info(
+        `\n\tOne or more imported Pepr Capabilities seem to be using an incompatible version of Pepr.\n\tTry updating your Pepr Capabilities to their latest versions.`,
+        "Version Conflict",
+      );
     }
+
+    // Otherwise, loop through each conflicting package and print an error
+    conflicts.forEach(match => {
+      console.info(
+        `\n\tPackage '${match[1]}' seems to be incompatible with your current version of Pepr.\n\tTry updating to the latest version.`,
+        "Version Conflict",
+      );
+    });
+  }
+}
+
+export async function checkFormat() {
+  const validFormat = await peprFormat(true);
+
+  if (!validFormat) {
+    console.log(
+      "\x1b[33m%s\x1b[0m",
+      "Formatting errors were found. The build will continue, but you may want to run `npx pepr format` to address any issues.",
+    );
   }
 }

package/src/cli/deploy.ts

@@ -6,10 +6,11 @@ import prompt from "prompts";
 import { Assets } from "../lib/assets";
 import { buildModule } from "./build";
 import { RootCmd } from "./root";
-import { validateCapabilityNames, namespaceDeploymentsReady } from "../lib/helpers";
+import { validateCapabilityNames } from "../lib/helpers";
 import { ImagePullSecret } from "../lib/types";
 import { sanitizeName } from "./init/utils";
 import { deployImagePullSecret } from "../lib/assets/deploy";
+import { namespaceDeploymentsReady } from "../lib/deploymentChecks";
 
 export default function (program: RootCmd) {
   program

package/src/cli/init/templates.ts

@@ -58,7 +58,7 @@ export function genPkgJSON(opts: InitOptions, pgkVerOverride?: string) {
     },
     dependencies: {
       pepr: pgkVerOverride || version,
-      nock: "13.5.4",
+      undici: "^7.0.1",
     },
     devDependencies: {
       typescript,