pepr 0.42.2 → 0.42.3

package/dist/controller.js

@@ -51,7 +51,7 @@ if (process.env.LOG_LEVEL) {
 var logger_default = Log;
 
 // src/templates/data.json
-var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!dist/**/*.test.d.ts*"], version: "0.42.2", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { ci: "npm ci", "gen-data-json": "node hack/build-template-data.js", prebuild: "rm -fr dist/* && npm run gen-data-json", version: "node scripts/set-version.js", build: "tsc && node build.mjs && npm pack", "build:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev .", test: "npm run test:unit && npm run test:journey", "test:unit": "npm run gen-data-json && jest src --coverage --detectOpenHandles --coverageDirectory=./coverage --testPathIgnorePatterns='cosign.e2e.test.ts'", "test:journey": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run", "test:journey:prep": "if [ ! -d ./pepr-upgrade-test ]; then git clone https://github.com/defenseunicorns/pepr-upgrade-test.git ; fi", "test:journey-wasm": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run-wasm", "test:journey:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0' --wait && kubectl rollout status deployment -n kube-system", "test:journey:image": "docker buildx build --output type=docker --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:journey:run": "jest --detectOpenHandles journey/entrypoint.test.ts && npm run test:journey:prep && npm run test:journey:upgrade", "test:journey:run-wasm": "jest --detectOpenHandles journey/entrypoint-wasm.test.ts", "test:journey:upgrade": "npm run test:journey:k3d && npm run test:journey:image && jest --detectOpenHandles journey/pepr-upgrade.test.ts", "format:check": "eslint src && prettier src --check", "format:fix": "eslint src --fix && prettier src --write", prepare: `if [ "$NODE_ENV" != 'production' ]; then husky; fi` }, dependencies: { "@types/ramda": "0.30.2", express: "4.21.2", "fast-json-patch": "3.1.1", "follow-redirects": "1.15.9", "http-status-codes": "^2.3.0", "json-pointer": "^0.6.2", "kubernetes-fluent-client": "3.3.7", pino: "9.6.0", "pino-pretty": "13.0.0", "prom-client": "15.1.3", ramda: "0.30.1", sigstore: "3.0.0" }, devDependencies: { "@commitlint/cli": "19.6.1", "@commitlint/config-conventional": "19.6.0", "@fast-check/jest": "^2.0.1", "@jest/globals": "29.7.0", "@types/eslint": "9.6.1", "@types/express": "5.0.0", "@types/follow-redirects": "1.14.4", "@types/json-pointer": "^1.0.34", "@types/node": "22.x.x", "@types/node-forge": "1.3.11", "@types/uuid": "10.0.0", "fast-check": "^3.19.0", husky: "^9.1.6", jest: "29.7.0", "js-yaml": "^4.1.0", "ts-jest": "29.2.5", undici: "^7.0.1" }, peerDependencies: { "@typescript-eslint/eslint-plugin": "7.18.0", "@typescript-eslint/parser": "7.18.0", "@types/prompts": "2.4.9", eslint: "8.57.0", commander: "12.1.0", esbuild: "0.24.0", "node-forge": "1.3.1", prettier: "3.4.2", prompts: "2.4.2", typescript: "^5.3.3", uuid: "11.0.3" } };
+var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!dist/**/*.test.d.ts*"], version: "0.42.3", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { ci: "npm ci", "gen-data-json": "node hack/build-template-data.js", prebuild: "rm -fr dist/* && npm run gen-data-json", version: "node scripts/set-version.js", build: "tsc && node build.mjs && npm pack", "build:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev .", test: "npm run test:unit && npm run test:journey", "test:unit": "npm run gen-data-json && jest src --coverage --detectOpenHandles --coverageDirectory=./coverage --testPathIgnorePatterns='cosign.e2e.test.ts'", "test:journey": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run", "test:journey:prep": "if [ ! -d ./pepr-upgrade-test ]; then git clone https://github.com/defenseunicorns/pepr-upgrade-test.git ; fi", "test:journey-wasm": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run-wasm", "test:journey:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0' --wait && kubectl rollout status deployment -n kube-system", "test:journey:image": "docker buildx build --output type=docker --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:journey:run": "jest --detectOpenHandles journey/entrypoint.test.ts && npm run test:journey:prep && npm run test:journey:upgrade", "test:journey:run-wasm": "jest --detectOpenHandles journey/entrypoint-wasm.test.ts", "test:journey:upgrade": "npm run test:journey:k3d && npm run test:journey:image && jest --detectOpenHandles journey/pepr-upgrade.test.ts", "format:check": "eslint src && prettier src --check", "format:fix": "eslint src --fix && prettier src --write", prepare: `if [ "$NODE_ENV" != 'production' ]; then husky; fi` }, dependencies: { "@types/ramda": "0.30.2", express: "4.21.2", "fast-json-patch": "3.1.1", "follow-redirects": "1.15.9", "http-status-codes": "^2.3.0", "json-pointer": "^0.6.2", "kubernetes-fluent-client": "3.3.7", pino: "9.6.0", "pino-pretty": "13.0.0", "prom-client": "15.1.3", ramda: "0.30.1", sigstore: "3.0.0" }, devDependencies: { "@commitlint/cli": "19.6.1", "@commitlint/config-conventional": "19.6.0", "@fast-check/jest": "^2.0.1", "@jest/globals": "29.7.0", "@types/eslint": "9.6.1", "@types/express": "5.0.0", "@types/follow-redirects": "1.14.4", "@types/json-pointer": "^1.0.34", "@types/node": "22.x.x", "@types/node-forge": "1.3.11", "@types/uuid": "10.0.0", "fast-check": "^3.19.0", husky: "^9.1.6", jest: "29.7.0", "js-yaml": "^4.1.0", "ts-jest": "29.2.5", undici: "^7.0.1" }, peerDependencies: { "@typescript-eslint/eslint-plugin": "7.18.0", "@typescript-eslint/parser": "7.18.0", "@types/prompts": "2.4.9", eslint: "8.57.0", commander: "12.1.0", esbuild: "0.24.0", "node-forge": "1.3.1", prettier: "3.4.2", prompts: "2.4.2", typescript: "^5.3.3", uuid: "11.0.3" } };
 
 // src/lib/k8s.ts
 var import_kubernetes_fluent_client = require("kubernetes-fluent-client");

package/dist/lib/assets/assets.d.ts

@@ -0,0 +1,27 @@
+import { CapabilityExport } from "../types";
+import { ModuleConfig } from "../core/module";
+import { TLSOut } from "../tls";
+import { WebhookIgnore } from "../k8s";
+import { V1MutatingWebhookConfiguration, V1ValidatingWebhookConfiguration } from "@kubernetes/client-node/dist/gen";
+export declare class Assets {
+    readonly config: ModuleConfig;
+    readonly path: string;
+    readonly host?: string | undefined;
+    readonly name: string;
+    readonly tls: TLSOut;
+    readonly apiToken: string;
+    readonly alwaysIgnore: WebhookIgnore;
+    capabilities: CapabilityExport[];
+    image: string;
+    buildTimestamp: string;
+    hash: string;
+    constructor(config: ModuleConfig, path: string, host?: string | undefined);
+    setHash: (hash: string) => void;
+    deploy: (force: boolean, webhookTimeout?: number) => Promise<void>;
+    zarfYaml: (path: string) => string;
+    zarfYamlChart: (path: string) => string;
+    allYaml: (imagePullSecret?: string) => Promise<string>;
+    writeWebhookFiles: (validateWebhook: V1MutatingWebhookConfiguration | V1ValidatingWebhookConfiguration | null, mutateWebhook: V1MutatingWebhookConfiguration | V1ValidatingWebhookConfiguration | null, helm: Record<string, Record<string, string>>) => Promise<void>;
+    generateHelmChart: (basePath: string) => Promise<void>;
+}
+//# sourceMappingURL=assets.d.ts.map

package/dist/lib/assets/assets.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"assets.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/assets.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAU,MAAM,QAAQ,CAAC;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAoBvC,OAAO,EAAE,8BAA8B,EAAE,gCAAgC,EAAE,MAAM,kCAAkC,CAAC;AAEpH,qBAAa,MAAM;IAYf,QAAQ,CAAC,MAAM,EAAE,YAAY;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM;IACrB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM;IAbxB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,YAAY,EAAG,aAAa,CAAC;IACtC,YAAY,EAAG,gBAAgB,EAAE,CAAC;IAElC,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;gBAGF,MAAM,EAAE,YAAY,EACpB,IAAI,EAAE,MAAM,EACZ,IAAI,CAAC,EAAE,MAAM,YAAA;IAcxB,OAAO,SAAU,MAAM,KAAG,IAAI,CAE5B;IAEF,MAAM,UAAiB,OAAO,mBAAmB,MAAM,KAAG,OAAO,CAAC,IAAI,CAAC,CAGrE;IAEF,QAAQ,SAAU,MAAM,KAAG,MAAM,CAA+D;IAEhG,aAAa,SAAU,MAAM,KAAG,MAAM,CAAoE;IAE1G,OAAO,qBAA4B,MAAM,KAAG,OAAO,CAAC,MAAM,CAAC,CAgCzD;IAEF,iBAAiB,oBACE,8BAA8B,GAAG,gCAAgC,GAAG,IAAI,iBAC1E,8BAA8B,GAAG,gCAAgC,GAAG,IAAI,QACjF,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,KAC3C,OAAO,CAAC,IAAI,CAAC,CAad;IAEF,iBAAiB,aAAoB,MAAM,KAAG,OAAO,CAAC,IAAI,CAAC,CAsDzD;CACH"}

package/dist/lib/assets/deploy.d.ts

@@ -1,4 +1,4 @@
-import { Assets } from ".";
+import { Assets } from "./assets";
 import { ImagePullSecret } from "../types";
 export declare function deployImagePullSecret(imagePullSecret: ImagePullSecret, name: string): Promise<void>;
 export declare function deploy(assets: Assets, force: boolean, webhookTimeout?: number): Promise<void>;

package/dist/lib/assets/deploy.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"deploy.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/deploy.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,CAAC;AAO3B,OAAO,EAAoB,eAAe,EAAE,MAAM,UAAU,CAAC;AAE7D,wBAAsB,qBAAqB,CAAC,eAAe,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA0BzG;AACD,wBAAsB,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA8CnG"}
+{"version":3,"file":"deploy.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/deploy.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAOlC,OAAO,EAAoB,eAAe,EAAE,MAAM,UAAU,CAAC;AAE7D,wBAAsB,qBAAqB,CAAC,eAAe,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA0BzG;AACD,wBAAsB,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA8CnG"}

package/dist/lib/assets/index.d.ts

@@ -1,25 +1,6 @@
+import { kind } from "kubernetes-fluent-client";
 import { ModuleConfig } from "../core/module";
-import { TLSOut } from "../tls";
-import { CapabilityExport } from "../types";
-import { WebhookIgnore } from "../k8s";
-export declare class Assets {
-    readonly config: ModuleConfig;
-    readonly path: string;
-    readonly host?: string | undefined;
-    readonly name: string;
-    readonly tls: TLSOut;
-    readonly apiToken: string;
-    readonly alwaysIgnore: WebhookIgnore;
-    capabilities: CapabilityExport[];
-    image: string;
-    buildTimestamp: string;
-    hash: string;
-    constructor(config: ModuleConfig, path: string, host?: string | undefined);
-    setHash: (hash: string) => void;
-    deploy: (force: boolean, webhookTimeout?: number) => Promise<void>;
-    zarfYaml: (path: string) => string;
-    zarfYamlChart: (path: string) => string;
-    allYaml: (imagePullSecret?: string) => Promise<string>;
-    generateHelmChart: (basePath: string) => Promise<void>;
-}
+export declare function toYaml(obj: any): string;
+export declare function createWebhookYaml(name: string, config: ModuleConfig, webhookConfiguration: kind.MutatingWebhookConfiguration | kind.ValidatingWebhookConfiguration): string;
+export declare function helmLayout(basePath: string, unique: string): Record<string, Record<string, string>>;
 //# sourceMappingURL=index.d.ts.map

package/dist/lib/assets/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/index.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAU,MAAM,QAAQ,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAoFvC,qBAAa,MAAM;IAYf,QAAQ,CAAC,MAAM,EAAE,YAAY;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM;IACrB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM;IAbxB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,YAAY,EAAG,aAAa,CAAC;IACtC,YAAY,EAAG,gBAAgB,EAAE,CAAC;IAElC,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;gBAGF,MAAM,EAAE,YAAY,EACpB,IAAI,EAAE,MAAM,EACZ,IAAI,CAAC,EAAE,MAAM,YAAA;IAcxB,OAAO,SAAU,MAAM,KAAG,IAAI,CAE5B;IAEF,MAAM,UAAiB,OAAO,mBAAmB,MAAM,KAAG,OAAO,CAAC,IAAI,CAAC,CAGrE;IAEF,QAAQ,SAAU,MAAM,KAAG,MAAM,CAAyB;IAE1D,aAAa,SAAU,MAAM,KAAG,MAAM,CAA8B;IAEpE,OAAO,qBAA4B,MAAM,KAAG,OAAO,CAAC,MAAM,CAAC,CAQzD;IAGF,iBAAiB,aAAoB,MAAM,KAAG,OAAO,CAAC,IAAI,CAAC,CAyDzD;CACH"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAGhD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAG9C,wBAAgB,MAAM,CAAC,GAAG,EAAE,GAAG,GAAG,MAAM,CAEvC;AAED,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,YAAY,EACpB,oBAAoB,EAAE,IAAI,CAAC,4BAA4B,GAAG,IAAI,CAAC,8BAA8B,GAC5F,MAAM,CAWR;AAED,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAsCnG"}

package/dist/lib/assets/pods.d.ts

@@ -1,6 +1,6 @@
 import { KubernetesObject, V1EnvVar } from "@kubernetes/client-node";
 import { kind } from "kubernetes-fluent-client";
-import { Assets } from ".";
+import { Assets } from "./assets";
 import { ModuleConfig } from "../core/module";
 /** Generate the pepr-system namespace */
 export declare function getNamespace(namespaceLabels?: Record<string, string>): KubernetesObject;

package/dist/lib/assets/pods.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"pods.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/pods.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACrE,OAAO,EAAE,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAGhD,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,CAAC;AAC3B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAG9C,yCAAyC;AACzC,wBAAgB,YAAY,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,gBAAgB,CAmBvF;AAED,wBAAgB,UAAU,CACxB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,cAAc,EAAE,MAAM,EACtB,eAAe,CAAC,EAAE,MAAM,GACvB,IAAI,CAAC,UAAU,GAAG,IAAI,CAyJxB;AAED,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,cAAc,EAAE,MAAM,EACtB,eAAe,CAAC,EAAE,MAAM,GACvB,IAAI,CAAC,UAAU,CA+IjB;AAED,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC,MAAM,CAuBrF;AAED,wBAAgB,MAAM,CAAC,MAAM,EAAE,YAAY,EAAE,SAAS,UAAQ,EAAE,eAAe,UAAQ,GAAG,QAAQ,EAAE,CAkBnG"}
+{"version":3,"file":"pods.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/pods.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACrE,OAAO,EAAE,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAGhD,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAClC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAG9C,yCAAyC;AACzC,wBAAgB,YAAY,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,gBAAgB,CAmBvF;AAED,wBAAgB,UAAU,CACxB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,cAAc,EAAE,MAAM,EACtB,eAAe,CAAC,EAAE,MAAM,GACvB,IAAI,CAAC,UAAU,GAAG,IAAI,CAyJxB;AAED,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,cAAc,EAAE,MAAM,EACtB,eAAe,CAAC,EAAE,MAAM,GACvB,IAAI,CAAC,UAAU,CA+IjB;AAED,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC,MAAM,CAuBrF;AAED,wBAAgB,MAAM,CAAC,MAAM,EAAE,YAAY,EAAE,SAAS,UAAQ,EAAE,eAAe,UAAQ,GAAG,QAAQ,EAAE,CAkBnG"}

package/dist/lib/assets/webhooks.d.ts

@@ -1,6 +1,6 @@
 import { V1RuleWithOperations } from "@kubernetes/client-node";
 import { kind } from "kubernetes-fluent-client";
-import { Assets } from ".";
+import { Assets } from "./assets";
 export declare function generateWebhookRules(assets: Assets, isMutateWebhook: boolean): Promise<V1RuleWithOperations[]>;
 export declare function webhookConfig(assets: Assets, mutateOrValidate: "mutate" | "validate", timeoutSeconds?: number): Promise<kind.MutatingWebhookConfiguration | kind.ValidatingWebhookConfiguration | null>;
 //# sourceMappingURL=webhooks.d.ts.map

package/dist/lib/assets/webhooks.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"webhooks.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/webhooks.ts"],"names":[],"mappings":"AAGA,OAAO,EAGL,oBAAoB,EACrB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAGhD,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,CAAC;AAoC3B,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC,CAYpH;AAED,wBAAsB,aAAa,CACjC,MAAM,EAAE,MAAM,EACd,gBAAgB,EAAE,QAAQ,GAAG,UAAU,EACvC,cAAc,SAAK,GAClB,OAAO,CAAC,IAAI,CAAC,4BAA4B,GAAG,IAAI,CAAC,8BAA8B,GAAG,IAAI,CAAC,CAkEzF"}
+{"version":3,"file":"webhooks.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/webhooks.ts"],"names":[],"mappings":"AAGA,OAAO,EAGL,oBAAoB,EACrB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAGhD,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AA8BlC,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC,CAYpH;AAED,wBAAsB,aAAa,CACjC,MAAM,EAAE,MAAM,EACd,gBAAgB,EAAE,QAAQ,GAAG,UAAU,EACvC,cAAc,SAAK,GAClB,OAAO,CAAC,IAAI,CAAC,4BAA4B,GAAG,IAAI,CAAC,8BAA8B,GAAG,IAAI,CAAC,CA+DzF"}

package/dist/lib/assets/yaml.d.ts

@@ -1,6 +1,32 @@
-import { Assets } from ".";
-export declare function overridesFile({ hash, name, image, config, apiToken, capabilities }: Assets, path: string): Promise<void>;
-export declare function zarfYaml({ name, image, config }: Assets, path: string): string;
-export declare function zarfYamlChart({ name, image, config }: Assets, path: string): string;
-export declare function allYaml(assets: Assets, imagePullSecret?: string): Promise<string>;
+import { V1Deployment, V1MutatingWebhookConfiguration, V1ValidatingWebhookConfiguration } from "@kubernetes/client-node";
+import { ModuleConfig } from "../core/module";
+import { CapabilityExport } from "../types";
+import { TLSOut } from "../tls";
+type CommonOverrideValues = {
+    apiToken: string;
+    capabilities: CapabilityExport[];
+    config: ModuleConfig;
+    hash: string;
+    name: string;
+};
+type ChartOverrides = CommonOverrideValues & {
+    image: string;
+};
+type ResourceOverrides = CommonOverrideValues & {
+    path: string;
+    tls: TLSOut;
+};
+export declare function overridesFile({ hash, name, image, config, apiToken, capabilities }: ChartOverrides, path: string): Promise<void>;
+export declare function generateZarfYaml(name: string, image: string, config: ModuleConfig, path: string): string;
+export declare function generateZarfYamlChart(name: string, image: string, config: ModuleConfig, path: string): string;
+type webhooks = {
+    validate: V1ValidatingWebhookConfiguration | null;
+    mutate: V1MutatingWebhookConfiguration | null;
+};
+type deployments = {
+    default: V1Deployment;
+    watch: V1Deployment | null;
+};
+export declare function generateAllYaml(webhooks: webhooks, deployments: deployments, assets: ResourceOverrides): Promise<string>;
+export {};
 //# sourceMappingURL=yaml.d.ts.map

package/dist/lib/assets/yaml.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"yaml.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/yaml.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,CAAC;AAQ3B,wBAAsB,aAAa,CACjC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE,MAAM,EAC7D,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,IAAI,CAAC,CAyJf;AACD,wBAAgB,QAAQ,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CA0B9E;AAED,wBAAgB,aAAa,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CA2BnF;AAED,wBAAsB,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAwCvF"}
+{"version":3,"file":"yaml.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/yaml.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,YAAY,EACZ,8BAA8B,EAC9B,gCAAgC,EACjC,MAAM,yBAAyB,CAAC;AAMjC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,KAAK,oBAAoB,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,gBAAgB,EAAE,CAAC;IACjC,MAAM,EAAE,YAAY,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,KAAK,cAAc,GAAG,oBAAoB,GAAG;IAC3C,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,KAAK,iBAAiB,GAAG,oBAAoB,GAAG;IAC9C,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAGF,wBAAsB,aAAa,CACjC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE,cAAc,EACrE,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,IAAI,CAAC,CAyJf;AACD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CA0BxG;AAED,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CA2B7G;AAED,KAAK,QAAQ,GAAG;IAAE,QAAQ,EAAE,gCAAgC,GAAG,IAAI,CAAC;IAAC,MAAM,EAAE,8BAA8B,GAAG,IAAI,CAAA;CAAE,CAAC;AACrH,KAAK,WAAW,GAAG;IAAE,OAAO,EAAE,YAAY,CAAC;IAAC,KAAK,EAAE,YAAY,GAAG,IAAI,CAAA;CAAE,CAAC;AAEzE,wBAAsB,eAAe,CACnC,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,iBAAiB,GACxB,OAAO,CAAC,MAAM,CAAC,CAiCjB"}

package/package.json

@@ -15,7 +15,7 @@
     "!src/**/*.test.ts",
     "!dist/**/*.test.d.ts*"
   ],
-  "version": "0.42.2",
+  "version": "0.42.3",
   "main": "dist/lib.js",
   "types": "dist/lib.d.ts",
   "scripts": {

package/src/cli/build.helpers.ts

@@ -5,7 +5,7 @@ import { execSync } from "child_process";
 import { CapabilityExport } from "../lib/types";
 import { validateCapabilityNames } from "../lib/helpers";
 import { BuildOptions, BuildResult, context, BuildContext } from "esbuild";
-import { Assets } from "../lib/assets";
+import { Assets } from "../lib/assets/assets";
 import { resolve } from "path";
 import { promises as fs } from "fs";
 

package/src/cli/build.ts

@@ -5,7 +5,7 @@ import { execFileSync } from "child_process";
 import { BuildOptions, BuildResult, analyzeMetafile } from "esbuild";
 import { promises as fs } from "fs";
 import { basename, dirname, extname, resolve } from "path";
-import { Assets } from "../lib/assets";
+import { Assets } from "../lib/assets/assets";
 import { dependencies, version } from "./init/templates";
 import { RootCmd } from "./root";
 import { Option } from "commander";

package/src/cli/deploy.ts

@@ -3,7 +3,7 @@
 
 import prompt from "prompts";
 
-import { Assets } from "../lib/assets";
+import { Assets } from "../lib/assets/assets";
 import { buildModule } from "./build";
 import { RootCmd } from "./root";
 import { validateCapabilityNames } from "../lib/helpers";

package/src/cli/dev.ts

@@ -5,7 +5,7 @@ import { ChildProcess, fork } from "child_process";
 import { promises as fs } from "fs";
 import prompt from "prompts";
 import { validateCapabilityNames } from "../lib/helpers";
-import { Assets } from "../lib/assets";
+import { Assets } from "../lib/assets/assets";
 import { buildModule, loadModule } from "./build";
 import { RootCmd } from "./root";
 import { K8s, kind } from "kubernetes-fluent-client";

package/src/lib/assets/assets.ts

@@ -0,0 +1,176 @@
+import crypto from "crypto";
+import { CapabilityExport } from "../types";
+import { ModuleConfig } from "../core/module";
+import { TLSOut, genTLS } from "../tls";
+import { WebhookIgnore } from "../k8s";
+import {
+  chartYaml,
+  namespaceTemplate,
+  clusterRoleTemplate,
+  admissionDeployTemplate,
+  serviceMonitorTemplate,
+  watcherDeployTemplate,
+} from "./helm";
+import { createDirectoryIfNotExists } from "../filesystemService";
+import { deploy } from "./deploy";
+import { getDeployment, getModuleSecret, getWatcher } from "./pods";
+import { helmLayout, createWebhookYaml, toYaml } from "./index";
+import { loadCapabilities } from "./loader";
+import { namespaceComplianceValidator, dedent } from "../helpers";
+import { storeRole, storeRoleBinding, clusterRoleBinding, serviceAccount } from "./rbac";
+import { watcherService, service, tlsSecret, apiTokenSecret } from "./networking";
+import { webhookConfig } from "./webhooks";
+import { generateZarfYaml, generateZarfYamlChart, generateAllYaml, overridesFile } from "./yaml";
+import { promises as fs } from "fs";
+import { V1MutatingWebhookConfiguration, V1ValidatingWebhookConfiguration } from "@kubernetes/client-node/dist/gen";
+
+export class Assets {
+  readonly name: string;
+  readonly tls: TLSOut;
+  readonly apiToken: string;
+  readonly alwaysIgnore!: WebhookIgnore;
+  capabilities!: CapabilityExport[];
+
+  image: string;
+  buildTimestamp: string;
+  hash: string;
+
+  constructor(
+    readonly config: ModuleConfig,
+    readonly path: string,
+    readonly host?: string,
+  ) {
+    this.name = `pepr-${config.uuid}`;
+    this.buildTimestamp = `${Date.now()}`;
+    this.alwaysIgnore = config.alwaysIgnore;
+    this.image = `ghcr.io/defenseunicorns/pepr/controller:v${config.peprVersion}`;
+    this.hash = "";
+    // Generate the ephemeral tls things
+    this.tls = genTLS(this.host || `${this.name}.pepr-system.svc`);
+
+    // Generate the api token for the controller / webhook
+    this.apiToken = crypto.randomBytes(32).toString("hex");
+  }
+
+  setHash = (hash: string): void => {
+    this.hash = hash;
+  };
+
+  deploy = async (force: boolean, webhookTimeout?: number): Promise<void> => {
+    this.capabilities = await loadCapabilities(this.path);
+    await deploy(this, force, webhookTimeout);
+  };
+
+  zarfYaml = (path: string): string => generateZarfYaml(this.name, this.image, this.config, path);
+
+  zarfYamlChart = (path: string): string => generateZarfYamlChart(this.name, this.image, this.config, path);
+
+  allYaml = async (imagePullSecret?: string): Promise<string> => {
+    this.capabilities = await loadCapabilities(this.path);
+    // give error if namespaces are not respected
+    for (const capability of this.capabilities) {
+      namespaceComplianceValidator(capability, this.alwaysIgnore?.namespaces);
+    }
+
+    const webhooks = {
+      mutate: await webhookConfig(this, "mutate", this.config.webhookTimeout),
+      validate: await webhookConfig(this, "validate", this.config.webhookTimeout),
+    };
+
+    const code = await fs.readFile(this.path);
+
+    // Generate a hash of the code
+    this.hash = crypto.createHash("sha256").update(code).digest("hex");
+
+    const deployments = {
+      default: getDeployment(this, this.hash, this.buildTimestamp, imagePullSecret),
+      watch: getWatcher(this, this.hash, this.buildTimestamp, imagePullSecret),
+    };
+
+    const assetsInputs = {
+      apiToken: this.apiToken,
+      capabilities: this.capabilities,
+      config: this.config,
+      hash: this.hash,
+      name: this.name,
+      path: this.path,
+      tls: this.tls,
+    };
+    return generateAllYaml(webhooks, deployments, assetsInputs);
+  };
+
+  writeWebhookFiles = async (
+    validateWebhook: V1MutatingWebhookConfiguration | V1ValidatingWebhookConfiguration | null,
+    mutateWebhook: V1MutatingWebhookConfiguration | V1ValidatingWebhookConfiguration | null,
+    helm: Record<string, Record<string, string>>,
+  ): Promise<void> => {
+    if (validateWebhook || mutateWebhook) {
+      await fs.writeFile(helm.files.admissionDeploymentYaml, dedent(admissionDeployTemplate(this.buildTimestamp)));
+      await fs.writeFile(helm.files.admissionServiceMonitorYaml, dedent(serviceMonitorTemplate("admission")));
+    }
+
+    if (mutateWebhook) {
+      await fs.writeFile(helm.files.mutationWebhookYaml, createWebhookYaml(this.name, this.config, mutateWebhook));
+    }
+
+    if (validateWebhook) {
+      await fs.writeFile(helm.files.validationWebhookYaml, createWebhookYaml(this.name, this.config, validateWebhook));
+    }
+  };
+
+  generateHelmChart = async (basePath: string): Promise<void> => {
+    const helm = helmLayout(basePath, this.config.uuid);
+
+    try {
+      await Promise.all(
+        Object.values(helm.dirs)
+          .sort((l, r) => l.split("/").length - r.split("/").length)
+          .map(async dir => await createDirectoryIfNotExists(dir)),
+      );
+
+      const code = await fs.readFile(this.path);
+
+      const pairs: [string, () => string][] = [
+        [helm.files.chartYaml, (): string => dedent(chartYaml(this.config.uuid, this.config.description || ""))],
+        [helm.files.namespaceYaml, (): string => dedent(namespaceTemplate())],
+        [helm.files.watcherServiceYaml, (): string => toYaml(watcherService(this.name))],
+        [helm.files.admissionServiceYaml, (): string => toYaml(service(this.name))],
+        [helm.files.tlsSecretYaml, (): string => toYaml(tlsSecret(this.name, this.tls))],
+        [helm.files.apiTokenSecretYaml, (): string => toYaml(apiTokenSecret(this.name, this.apiToken))],
+        [helm.files.storeRoleYaml, (): string => toYaml(storeRole(this.name))],
+        [helm.files.storeRoleBindingYaml, (): string => toYaml(storeRoleBinding(this.name))],
+        [helm.files.clusterRoleYaml, (): string => dedent(clusterRoleTemplate())],
+        [helm.files.clusterRoleBindingYaml, (): string => toYaml(clusterRoleBinding(this.name))],
+        [helm.files.serviceAccountYaml, (): string => toYaml(serviceAccount(this.name))],
+        [helm.files.moduleSecretYaml, (): string => toYaml(getModuleSecret(this.name, code, this.hash))],
+      ];
+      await Promise.all(pairs.map(async ([file, content]) => await fs.writeFile(file, content())));
+
+      const overrideData = {
+        hash: this.hash,
+        name: this.name,
+        image: this.image,
+        config: this.config,
+        apiToken: this.apiToken,
+        capabilities: this.capabilities,
+      };
+      await overridesFile(overrideData, helm.files.valuesYaml);
+
+      const [mutateWebhook, validateWebhook] = await Promise.all([
+        webhookConfig(this, "mutate", this.config.webhookTimeout),
+        webhookConfig(this, "validate", this.config.webhookTimeout),
+      ]);
+
+      await this.writeWebhookFiles(validateWebhook, mutateWebhook, helm);
+
+      const watchDeployment = getWatcher(this, this.hash, this.buildTimestamp);
+      if (watchDeployment) {
+        await fs.writeFile(helm.files.watcherDeploymentYaml, dedent(watcherDeployTemplate(this.buildTimestamp)));
+        await fs.writeFile(helm.files.watcherServiceMonitorYaml, dedent(serviceMonitorTemplate("watcher")));
+      }
+    } catch (err) {
+      console.error(`Error generating helm chart: ${err.message}`);
+      process.exit(1);
+    }
+  };
+}

package/src/lib/assets/deploy.ts

@@ -6,7 +6,7 @@ import { promises as fs } from "fs";
 import { K8s, kind } from "kubernetes-fluent-client";
 import { V1PolicyRule as PolicyRule } from "@kubernetes/client-node";
 
-import { Assets } from ".";
+import { Assets } from "./assets";
 import Log from "../telemetry/logger";
 import { apiTokenSecret, service, tlsSecret, watcherService } from "./networking";
 import { getDeployment, getModuleSecret, getNamespace, getWatcher } from "./pods";

package/src/lib/assets/index.ts

@@ -1,57 +1,35 @@
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors
 
-import crypto from "crypto";
 import { dumpYaml } from "@kubernetes/client-node";
 import { kind } from "kubernetes-fluent-client";
-import { ModuleConfig } from "../core/module";
-import { TLSOut, genTLS } from "../tls";
-import { CapabilityExport } from "../types";
-import { WebhookIgnore } from "../k8s";
-import { deploy } from "./deploy";
-import { loadCapabilities } from "./loader";
-import { allYaml, zarfYaml, overridesFile, zarfYamlChart } from "./yaml";
-import { namespaceComplianceValidator, replaceString } from "../helpers";
-import { dedent } from "../helpers";
+import { replaceString } from "../helpers";
 import { resolve } from "path";
-import {
-  chartYaml,
-  namespaceTemplate,
-  admissionDeployTemplate,
-  watcherDeployTemplate,
-  clusterRoleTemplate,
-  serviceMonitorTemplate,
-} from "./helm";
-import { promises as fs } from "fs";
-import { webhookConfig } from "./webhooks";
-import { apiTokenSecret, service, tlsSecret, watcherService } from "./networking";
-import { getWatcher, getModuleSecret } from "./pods";
-
-import { clusterRoleBinding, serviceAccount, storeRole, storeRoleBinding } from "./rbac";
-import { createDirectoryIfNotExists } from "../filesystemService";
+import { ModuleConfig } from "../core/module";
 
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
-function toYaml(obj: any): string {
+export function toYaml(obj: any): string {
   return dumpYaml(obj, { noRefs: true });
 }
 
-function createWebhookYaml(
-  assets: Assets,
+export function createWebhookYaml(
+  name: string,
+  config: ModuleConfig,
   webhookConfiguration: kind.MutatingWebhookConfiguration | kind.ValidatingWebhookConfiguration,
 ): string {
   const yaml = toYaml(webhookConfiguration);
   return replaceString(
     replaceString(
-      replaceString(yaml, assets.name, "{{ .Values.uuid }}"),
-      assets.config.onError === "reject" ? "Fail" : "Ignore",
+      replaceString(yaml, name, "{{ .Values.uuid }}"),
+      config.onError === "reject" ? "Fail" : "Ignore",
       "{{ .Values.admission.failurePolicy }}",
     ),
-    `${assets.config.webhookTimeout}` || "10",
+    `${config.webhookTimeout}` || "10",
     "{{ .Values.admission.webhookTimeout }}",
   );
 }
 
-function helmLayout(basePath: string, unique: string): Record<string, Record<string, string>> {
+export function helmLayout(basePath: string, unique: string): Record<string, Record<string, string>> {
   const helm: Record<string, Record<string, string>> = {
     dirs: {
       chart: resolve(`${basePath}/${unique}-chart`),
@@ -90,115 +68,3 @@ function helmLayout(basePath: string, unique: string): Record<string, Record<str
 
   return helm;
 }
-
-export class Assets {
-  readonly name: string;
-  readonly tls: TLSOut;
-  readonly apiToken: string;
-  readonly alwaysIgnore!: WebhookIgnore;
-  capabilities!: CapabilityExport[];
-
-  image: string;
-  buildTimestamp: string;
-  hash: string;
-
-  constructor(
-    readonly config: ModuleConfig,
-    readonly path: string,
-    readonly host?: string,
-  ) {
-    this.name = `pepr-${config.uuid}`;
-    this.buildTimestamp = `${Date.now()}`;
-    this.alwaysIgnore = config.alwaysIgnore;
-    this.image = `ghcr.io/defenseunicorns/pepr/controller:v${config.peprVersion}`;
-    this.hash = "";
-    // Generate the ephemeral tls things
-    this.tls = genTLS(this.host || `${this.name}.pepr-system.svc`);
-
-    // Generate the api token for the controller / webhook
-    this.apiToken = crypto.randomBytes(32).toString("hex");
-  }
-
-  setHash = (hash: string): void => {
-    this.hash = hash;
-  };
-
-  deploy = async (force: boolean, webhookTimeout?: number): Promise<void> => {
-    this.capabilities = await loadCapabilities(this.path);
-    await deploy(this, force, webhookTimeout);
-  };
-
-  zarfYaml = (path: string): string => zarfYaml(this, path);
-
-  zarfYamlChart = (path: string): string => zarfYamlChart(this, path);
-
-  allYaml = async (imagePullSecret?: string): Promise<string> => {
-    this.capabilities = await loadCapabilities(this.path);
-    // give error if namespaces are not respected
-    for (const capability of this.capabilities) {
-      namespaceComplianceValidator(capability, this.alwaysIgnore?.namespaces);
-    }
-
-    return allYaml(this, imagePullSecret);
-  };
-
-  /* eslint max-statements: ["warn", 21] */
-  generateHelmChart = async (basePath: string): Promise<void> => {
-    const helm = helmLayout(basePath, this.config.uuid);
-
-    try {
-      await Promise.all(
-        Object.values(helm.dirs)
-          .sort((l, r) => l.split("/").length - r.split("/").length)
-          .map(async dir => await createDirectoryIfNotExists(dir)),
-      );
-
-      const code = await fs.readFile(this.path);
-
-      const pairs: [string, () => string][] = [
-        [helm.files.chartYaml, (): string => dedent(chartYaml(this.config.uuid, this.config.description || ""))],
-        [helm.files.namespaceYaml, (): string => dedent(namespaceTemplate())],
-        [helm.files.watcherServiceYaml, (): string => toYaml(watcherService(this.name))],
-        [helm.files.admissionServiceYaml, (): string => toYaml(service(this.name))],
-        [helm.files.tlsSecretYaml, (): string => toYaml(tlsSecret(this.name, this.tls))],
-        [helm.files.apiTokenSecretYaml, (): string => toYaml(apiTokenSecret(this.name, this.apiToken))],
-        [helm.files.storeRoleYaml, (): string => toYaml(storeRole(this.name))],
-        [helm.files.storeRoleBindingYaml, (): string => toYaml(storeRoleBinding(this.name))],
-        [helm.files.clusterRoleYaml, (): string => dedent(clusterRoleTemplate())],
-        [helm.files.clusterRoleBindingYaml, (): string => toYaml(clusterRoleBinding(this.name))],
-        [helm.files.serviceAccountYaml, (): string => toYaml(serviceAccount(this.name))],
-        [helm.files.moduleSecretYaml, (): string => toYaml(getModuleSecret(this.name, code, this.hash))],
-      ];
-      await Promise.all(pairs.map(async ([file, content]) => await fs.writeFile(file, content())));
-
-      await overridesFile(this, helm.files.valuesYaml);
-
-      const [mutateWebhook, validateWebhook] = await Promise.all([
-        webhookConfig(this, "mutate", this.config.webhookTimeout),
-        webhookConfig(this, "validate", this.config.webhookTimeout),
-      ]);
-
-      if (validateWebhook || mutateWebhook) {
-        await fs.writeFile(helm.files.admissionDeploymentYaml, dedent(admissionDeployTemplate(this.buildTimestamp)));
-        await fs.writeFile(helm.files.admissionServiceMonitorYaml, dedent(serviceMonitorTemplate("admission")));
-      }
-
-      if (mutateWebhook) {
-        await fs.writeFile(helm.files.mutationWebhookYaml, createWebhookYaml(this, mutateWebhook));
-      }
-
-      if (validateWebhook) {
-        await fs.writeFile(helm.files.validationWebhookYaml, createWebhookYaml(this, validateWebhook));
-      }
-
-      const watchDeployment = getWatcher(this, this.hash, this.buildTimestamp);
-      if (watchDeployment) {
-        await fs.writeFile(helm.files.watcherDeploymentYaml, dedent(watcherDeployTemplate(this.buildTimestamp)));
-        await fs.writeFile(helm.files.watcherServiceMonitorYaml, dedent(serviceMonitorTemplate("watcher")));
-      }
-    } catch (err) {
-      console.error(`Error generating helm chart: ${err.message}`);
-      process.exit(1);
-    }
-  };
-}

package/src/lib/assets/pods.ts

@@ -5,7 +5,7 @@ import { KubernetesObject, V1EnvVar } from "@kubernetes/client-node";
 import { kind } from "kubernetes-fluent-client";
 import { gzipSync } from "zlib";
 import { secretOverLimit } from "../helpers";
-import { Assets } from ".";
+import { Assets } from "./assets";
 import { ModuleConfig } from "../core/module";
 import { Binding } from "../types";