pepr 0.46.2 → 0.46.3

package/dist/{src/runtime → runtime}/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../src/runtime/controller.ts"],"names":[],"mappings":""}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/runtime/controller.ts"],"names":[],"mappings":""}

package/dist/sdk/heredoc.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"heredoc.d.ts","sourceRoot":"","sources":["../../src/sdk/heredoc.ts"],"names":[],"mappings":"AAGA,wBAAgB,OAAO,CAAC,OAAO,EAAE,oBAAoB,EAAE,GAAG,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAgClF"}

package/dist/sdk/sdk.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sdk.d.ts","sourceRoot":"","sources":["../../src/sdk/sdk.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACxE,OAAO,EAAE,WAAW,EAAO,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAElE;;;;;GAKG;AACH,wBAAgB,UAAU,CACxB,OAAO,EAAE,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,EACpE,aAAa,CAAC,EAAE,YAAY,GAAG,gBAAgB,GAAG,qBAAqB,GACtE,WAAW,EAAE,CAef;AAED;;;;;;;;;GASG;AAEH,wBAAsB,UAAU,CAC9B,EAAE,EAAE,WAAW,EACf,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAC9B,OAAO,EAAE;IACP,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;CAC3B,GACA,OAAO,CAAC,IAAI,CAAC,CAuBf;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,cAAc,EAAE,WAAW,EAC3B,kBAAkB,CAAC,EAAE,OAAO,EAC5B,UAAU,CAAC,EAAE,OAAO,GACnB,gBAAgB,EAAE,CAcpB;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAYzD"}

package/package.json

@@ -15,7 +15,7 @@
     "!src/**/*.test.ts",
     "!dist/**/*.test.d.ts*"
   ],
-  "version": "0.46.2",
+  "version": "0.46.3",
   "main": "dist/lib.js",
   "types": "dist/lib.d.ts",
   "scripts": {
@@ -24,7 +24,7 @@
     "prebuild": "rm -fr dist/* && npm run gen-data-json",
     "build": "tsc && node build.mjs && npm pack",
     "build:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev .",
-    "build:image:unicorn": "npm run build && docker buildx build -f Dockerfile --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.js) .",
+    "build:image:unicorn": "npm run build && docker buildx build --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.mjs) .",
     "set:version": "node scripts/set-version.js",
     "test": "npm run test:unit && npm run test:journey && npm run test:journey-wasm",
     "test:unit": "npm run gen-data-json && jest src --coverage --detectOpenHandles --coverageDirectory=./coverage --testPathIgnorePatterns='cosign.e2e.test.ts'",
@@ -37,19 +37,19 @@
     "test:journey-wasm:unicorn": "npm run test:journey:k3d && npm run build && npm run test:journey:image:unicorn && npm run test:journey:run-wasm",
     "test:journey:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0' --wait && kubectl rollout status deployment -n kube-system",
     "test:journey:image": "docker buildx build --output type=docker --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev",
-    "test:journey:image:unicorn": "docker buildx build -f Dockerfile --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.js) . && k3d image import pepr:dev -c pepr-dev",
+    "test:journey:image:unicorn": "docker buildx build --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.mjs) . && k3d image import pepr:dev -c pepr-dev",
     "test:journey:run": "jest --detectOpenHandles journey/entrypoint.test.ts && npm run test:journey:upgrade",
     "test:journey:run-wasm": "jest --detectOpenHandles journey/entrypoint-wasm.test.ts",
     "test:journey:upgrade": "npm run test:journey:k3d && npm run test:journey:image && jest --detectOpenHandles journey/pepr-upgrade.test.ts",
-    "format:check": "eslint src && prettier src --check",
-    "format:fix": "eslint src --fix && prettier src --write",
+    "format:check": "eslint src && prettier --config .prettierrc src --check",
+    "format:fix": "eslint src --fix && prettier --config .prettierrc src --write",
     "prepare": "if [ \"$NODE_ENV\" != 'production' ]; then husky; fi"
   },
   "dependencies": {
     "@types/ramda": "0.30.2",
     "express": "4.21.2",
     "fast-json-patch": "3.1.1",
-    "follow-redirects": "1.15.9",
+    "heredoc": "^1.3.1",
     "http-status-codes": "^2.3.0",
     "json-pointer": "^0.6.2",
     "kubernetes-fluent-client": "3.4.5",
@@ -62,18 +62,14 @@
   "devDependencies": {
     "@commitlint/cli": "19.8.0",
     "@commitlint/config-conventional": "19.8.0",
-    "@eslint/eslintrc": "^3.3.0",
-    "@eslint/js": "^9.21.0",
     "@fast-check/jest": "^2.0.1",
     "@jest/globals": "29.7.0",
     "@types/eslint": "9.6.1",
-    "@types/express": "5.0.0",
-    "@types/follow-redirects": "1.14.4",
+    "@types/express": "5.0.1",
     "@types/json-pointer": "^1.0.34",
     "@types/node": "22.x.x",
     "@types/node-forge": "1.3.11",
     "@types/uuid": "10.0.0",
-    "eslint": "^9.21.0",
     "fast-check": "^4.0.0",
     "globals": "^16.0.0",
     "husky": "^9.1.6",
@@ -81,7 +77,6 @@
     "js-yaml": "^4.1.0",
     "shellcheck": "^3.0.0",
     "ts-jest": "29.2.6",
-    "typescript-eslint": "^8.26.0",
     "undici": "^7.0.1"
   },
   "overrides": {

package/src/lib/assets/assets.ts

@@ -110,16 +110,28 @@ export class Assets {
     helm: Record<string, Record<string, string>>,
   ): Promise<void> => {
     if (validateWebhook || mutateWebhook) {
-      await fs.writeFile(helm.files.admissionDeploymentYaml, dedent(admissionDeployTemplate(this.buildTimestamp)));
-      await fs.writeFile(helm.files.admissionServiceMonitorYaml, dedent(serviceMonitorTemplate("admission")));
+      await fs.writeFile(
+        helm.files.admissionDeploymentYaml,
+        dedent(admissionDeployTemplate(this.buildTimestamp)),
+      );
+      await fs.writeFile(
+        helm.files.admissionServiceMonitorYaml,
+        dedent(serviceMonitorTemplate("admission")),
+      );
     }
 
     if (mutateWebhook) {
-      await fs.writeFile(helm.files.mutationWebhookYaml, createWebhookYaml(this.name, this.config, mutateWebhook));
+      await fs.writeFile(
+        helm.files.mutationWebhookYaml,
+        createWebhookYaml(this.name, this.config, mutateWebhook),
+      );
     }
 
     if (validateWebhook) {
-      await fs.writeFile(helm.files.validationWebhookYaml, createWebhookYaml(this.name, this.config, validateWebhook));
+      await fs.writeFile(
+        helm.files.validationWebhookYaml,
+        createWebhookYaml(this.name, this.config, validateWebhook),
+      );
     }
   };
 
@@ -144,18 +156,27 @@ export class Assets {
       const moduleHash = crypto.createHash("sha256").update(code).digest("hex");
 
       const pairs: [string, () => string][] = [
-        [helm.files.chartYaml, (): string => dedent(chartYaml(this.config.uuid, this.config.description || ""))],
+        [
+          helm.files.chartYaml,
+          (): string => dedent(chartYaml(this.config.uuid, this.config.description || "")),
+        ],
         [helm.files.namespaceYaml, (): string => dedent(namespaceTemplate())],
         [helm.files.watcherServiceYaml, (): string => toYaml(watcherService(this.name))],
         [helm.files.admissionServiceYaml, (): string => toYaml(service(this.name))],
         [helm.files.tlsSecretYaml, (): string => toYaml(tlsSecret(this.name, this.tls))],
-        [helm.files.apiPathSecretYaml, (): string => toYaml(apiPathSecret(this.name, this.apiPath))],
+        [
+          helm.files.apiPathSecretYaml,
+          (): string => toYaml(apiPathSecret(this.name, this.apiPath)),
+        ],
         [helm.files.storeRoleYaml, (): string => toYaml(storeRole(this.name))],
         [helm.files.storeRoleBindingYaml, (): string => toYaml(storeRoleBinding(this.name))],
         [helm.files.clusterRoleYaml, (): string => dedent(clusterRoleTemplate())],
         [helm.files.clusterRoleBindingYaml, (): string => toYaml(clusterRoleBinding(this.name))],
         [helm.files.serviceAccountYaml, (): string => toYaml(serviceAccount(this.name))],
-        [helm.files.moduleSecretYaml, (): string => toYaml(getModuleSecret(this.name, code, moduleHash))],
+        [
+          helm.files.moduleSecretYaml,
+          (): string => toYaml(getModuleSecret(this.name, code, moduleHash)),
+        ],
       ];
       await Promise.all(pairs.map(async ([file, content]) => await fs.writeFile(file, content())));
 
@@ -170,16 +191,30 @@ export class Assets {
       await overridesFile(overrideData, helm.files.valuesYaml, this.imagePullSecrets);
 
       const webhooks = {
-        mutate: await webhookGeneratorFunction(this, WebhookType.MUTATE, this.config.webhookTimeout),
-        validate: await webhookGeneratorFunction(this, WebhookType.VALIDATE, this.config.webhookTimeout),
+        mutate: await webhookGeneratorFunction(
+          this,
+          WebhookType.MUTATE,
+          this.config.webhookTimeout,
+        ),
+        validate: await webhookGeneratorFunction(
+          this,
+          WebhookType.VALIDATE,
+          this.config.webhookTimeout,
+        ),
       };
 
       await this.writeWebhookFiles(webhooks.validate, webhooks.mutate, helm);
 
       const watchDeployment = getWatcher(this, moduleHash, this.buildTimestamp);
       if (watchDeployment) {
-        await fs.writeFile(helm.files.watcherDeploymentYaml, dedent(watcherDeployTemplate(this.buildTimestamp)));
-        await fs.writeFile(helm.files.watcherServiceMonitorYaml, dedent(serviceMonitorTemplate("watcher")));
+        await fs.writeFile(
+          helm.files.watcherDeploymentYaml,
+          dedent(watcherDeployTemplate(this.buildTimestamp)),
+        );
+        await fs.writeFile(
+          helm.files.watcherServiceMonitorYaml,
+          dedent(serviceMonitorTemplate("watcher")),
+        );
       }
     } catch (err) {
       console.error(`Error generating helm chart: ${err.message}`);

package/src/lib/assets/defaultTestObjects.ts

@@ -35,7 +35,12 @@ export const createMockBinding = (
   kindDetails: { group?: string; version?: string; kind?: string; plural?: string } = {},
   options: { isWatch?: boolean; event?: Event; isFinalize?: boolean } = {},
 ): Binding => {
-  const { group = "pepr.dev", version = "v1", kind = "peprstore", plural = "peprstores" } = kindDetails;
+  const {
+    group = "pepr.dev",
+    version = "v1",
+    kind = "peprstore",
+    plural = "peprstores",
+  } = kindDetails;
 
   const { isWatch = false, event = Event.CREATE, isFinalize } = options;
 
@@ -63,7 +68,13 @@ export const createMockCapability = (
 export const mockCapabilities: CapabilityExport[] = [
   createMockCapability(),
   createMockCapability(
-    [createMockRbacRule(["apiextensions.k8s.io"], ["customresourcedefinitions"], ["patch", "create"])],
+    [
+      createMockRbacRule(
+        ["apiextensions.k8s.io"],
+        ["customresourcedefinitions"],
+        ["patch", "create"],
+      ),
+    ],
     [
       createMockBinding(
         {

package/src/lib/assets/deploy.ts

@@ -10,13 +10,22 @@ import { Assets } from "./assets";
 import Log from "../telemetry/logger";
 import { apiPathSecret, service, tlsSecret, watcherService } from "./networking";
 import { getDeployment, getModuleSecret, getNamespace, getWatcher } from "./pods";
-import { clusterRole, clusterRoleBinding, serviceAccount, storeRole, storeRoleBinding } from "./rbac";
+import {
+  clusterRole,
+  clusterRoleBinding,
+  serviceAccount,
+  storeRole,
+  storeRoleBinding,
+} from "./rbac";
 import { peprStoreCRD } from "./store";
 import { webhookConfigGenerator } from "./webhooks";
 import { CapabilityExport, ImagePullSecret } from "../types";
 import { WebhookType } from "../enums";
 
-export async function deployImagePullSecret(imagePullSecret: ImagePullSecret, name: string): Promise<void> {
+export async function deployImagePullSecret(
+  imagePullSecret: ImagePullSecret,
+  name: string,
+): Promise<void> {
   try {
     await K8s(kind.Namespace).Get("pepr-system");
   } catch {
@@ -61,12 +70,18 @@ async function handleWebhookConfiguration(
     Log.info(`Applying ${type} webhook`);
     await K8s(kindMap[type]).Apply(webhookConfig, { force });
   } else {
-    Log.info(`${type.charAt(0).toUpperCase() + type.slice(1)} webhook not needed, removing if it exists`);
+    Log.info(
+      `${type.charAt(0).toUpperCase() + type.slice(1)} webhook not needed, removing if it exists`,
+    );
     await K8s(kindMap[type]).Delete(assets.name);
   }
 }
 
-export async function deployWebhook(assets: Assets, force: boolean, webhookTimeout: number): Promise<void> {
+export async function deployWebhook(
+  assets: Assets,
+  force: boolean,
+  webhookTimeout: number,
+): Promise<void> {
   Log.info("Establishing connection to Kubernetes");
 
   Log.info("Applying pepr-system namespace");
@@ -121,7 +136,12 @@ async function setupRBAC(
   await K8s(kind.RoleBinding).Apply(roleBinding, { force });
 }
 
-async function setupController(assets: Assets, code: Buffer, hash: string, force: boolean): Promise<void> {
+async function setupController(
+  assets: Assets,
+  code: Buffer,
+  hash: string,
+  force: boolean,
+): Promise<void> {
   const { name } = assets;
 
   Log.info("Applying module secret");

package/src/lib/assets/index.ts

@@ -49,10 +49,16 @@ export function createWebhookYaml(
     },
   ];
 
-  return replacements.reduce((updatedYaml, { search, replace }) => replaceString(updatedYaml, search, replace), yaml);
+  return replacements.reduce(
+    (updatedYaml, { search, replace }) => replaceString(updatedYaml, search, replace),
+    yaml,
+  );
 }
 
-export function helmLayout(basePath: string, unique: string): Record<string, Record<string, string>> {
+export function helmLayout(
+  basePath: string,
+  unique: string,
+): Record<string, Record<string, string>> {
   const helm: Record<string, Record<string, string>> = {
     dirs: {
       chart: resolve(`${basePath}/${unique}-chart`),

package/src/lib/assets/pods.ts

@@ -366,7 +366,11 @@ export function getModuleSecret(name: string, data: Buffer, hash: string): kind.
   }
 }
 
-export function genEnv(config: ModuleConfig, watchMode = false, ignoreWatchMode = false): V1EnvVar[] {
+export function genEnv(
+  config: ModuleConfig,
+  watchMode = false,
+  ignoreWatchMode = false,
+): V1EnvVar[] {
   const noWatchDef = {
     PEPR_PRETTY_LOG: "false",
     LOG_LEVEL: config.logLevel || "info",

package/src/lib/assets/webhooks.ts

@@ -15,7 +15,10 @@ import { Binding } from "../types";
 
 export const peprIgnoreNamespaces: string[] = ["kube-system", "pepr-system"];
 
-export const validateRule = (binding: Binding, isMutateWebhook: boolean): V1RuleWithOperations | undefined => {
+export const validateRule = (
+  binding: Binding,
+  isMutateWebhook: boolean,
+): V1RuleWithOperations | undefined => {
   const { event, kind, isMutate, isValidate } = binding;
 
   // Skip invalid bindings based on webhook type
@@ -54,7 +57,10 @@ export function resolveIgnoreNamespaces(ignoredNSConfig: string[] = []): string[
   return namespaces.filter(ns => ns.length > 0);
 }
 
-export async function generateWebhookRules(assets: Assets, isMutateWebhook: boolean): Promise<V1RuleWithOperations[]> {
+export async function generateWebhookRules(
+  assets: Assets,
+  isMutateWebhook: boolean,
+): Promise<V1RuleWithOperations[]> {
   const { config, capabilities } = assets;
 
   const rules = capabilities.flatMap(capability => {
@@ -76,7 +82,10 @@ export async function webhookConfigGenerator(
   const ignore: V1LabelSelectorRequirement[] = [];
 
   const { name, tls, config, apiPath, host } = assets;
-  const ignoreNS = concat(peprIgnoreNamespaces, resolveIgnoreNamespaces(config?.alwaysIgnore?.namespaces));
+  const ignoreNS = concat(
+    peprIgnoreNamespaces,
+    resolveIgnoreNamespaces(config?.alwaysIgnore?.namespaces),
+  );
 
   // Add any namespaces to ignore
   if (ignoreNS) {

package/src/lib/assets/yaml/generateAllYaml.ts

@@ -5,7 +5,13 @@ import crypto from "crypto";
 import { Assets } from "../assets";
 import { WebhookType } from "../../enums";
 import { apiPathSecret, service, tlsSecret, watcherService } from "../networking";
-import { clusterRole, clusterRoleBinding, serviceAccount, storeRole, storeRoleBinding } from "../rbac";
+import {
+  clusterRole,
+  clusterRoleBinding,
+  serviceAccount,
+  storeRole,
+  storeRoleBinding,
+} from "../rbac";
 import { dumpYaml, V1Deployment } from "@kubernetes/client-node";
 import { getModuleSecret, getNamespace } from "../pods";
 import { promises as fs } from "fs";
@@ -35,7 +41,11 @@ export async function generateAllYaml(assets: Assets, deployments: deployments):
 
   const webhooks = {
     mutate: await webhookConfigGenerator(assets, WebhookType.MUTATE, assets.config.webhookTimeout),
-    validate: await webhookConfigGenerator(assets, WebhookType.VALIDATE, assets.config.webhookTimeout),
+    validate: await webhookConfigGenerator(
+      assets,
+      WebhookType.VALIDATE,
+      assets.config.webhookTimeout,
+    ),
   };
 
   // Add webhooks and watch deployment if they exist

package/src/lib/controller/index.ts

@@ -84,7 +84,9 @@ export class Controller {
   /** Start the webhook server */
   startServer = (port: number): void => {
     if (this.#running) {
-      throw new Error("Cannot start Pepr module: Pepr module was not instantiated with deferStart=true");
+      throw new Error(
+        "Cannot start Pepr module: Pepr module was not instantiated with deferStart=true",
+      );
     }
 
     // Load SSL certificate and key
@@ -96,7 +98,8 @@ export class Controller {
     // Get the API path if not in watch mode
     if (!isWatchMode()) {
       // Get the API path from the environment variable or the mounted secret
-      this.#path = process.env.PEPR_API_PATH || fs.readFileSync("/app/api-path/value").toString().trim();
+      this.#path =
+        process.env.PEPR_API_PATH || fs.readFileSync("/app/api-path/value").toString().trim();
       Log.info(`Using API path: ${this.#path}`);
 
       if (!this.#path) {
@@ -223,7 +226,10 @@ export class Controller {
         };
 
         const reqMetadata = { uid: request.uid, namespace, name };
-        Log.info({ ...reqMetadata, gvk, operation: request.operation, admissionKind }, "Incoming request");
+        Log.info(
+          { ...reqMetadata, gvk, operation: request.operation, admissionKind },
+          "Incoming request",
+        );
         Log.debug({ ...reqMetadata, request }, "Incoming request body");
 
         // Run the before hook if it exists

package/src/lib/core/capability.ts

@@ -206,7 +206,16 @@ export class Capability implements CapabilityExport {
 
     const bindings = this.#bindings;
     const prefix = `${this.#name}: ${model.name}`;
-    const commonChain = { WithLabel, WithAnnotation, WithDeletionTimestamp, Mutate, Validate, Watch, Reconcile, Alias };
+    const commonChain = {
+      WithLabel,
+      WithAnnotation,
+      WithDeletionTimestamp,
+      Mutate,
+      Validate,
+      Watch,
+      Reconcile,
+      Alias,
+    };
 
     type CommonChainType = typeof commonChain;
     type ExtendedCommonChainType = CommonChainType & {
@@ -240,7 +249,9 @@ export class Capability implements CapabilityExport {
           ...binding,
           isValidate: true,
           validateCallback: async (req, logger = aliasLogger) => {
-            Log.info(`Executing validate action with alias: ${binding.alias || "no alias provided"}`);
+            Log.info(
+              `Executing validate action with alias: ${binding.alias || "no alias provided"}`,
+            );
             return await validateCallback(req, logger);
           },
         });
@@ -262,7 +273,9 @@ export class Capability implements CapabilityExport {
           ...binding,
           isMutate: true,
           mutateCallback: async (req, logger = aliasLogger) => {
-            Log.info(`Executing mutation action with alias: ${binding.alias || "no alias provided"}`);
+            Log.info(
+              `Executing mutation action with alias: ${binding.alias || "no alias provided"}`,
+            );
             await mutateCallback(req, logger);
           },
         });
@@ -277,7 +290,9 @@ export class Capability implements CapabilityExport {
         log("Watch Action", watchCallback.toString());
 
         // Create the child logger and cast it to the expected type
-        const aliasLogger = Log.child({ alias: binding.alias || "no alias provided" }) as typeof Log;
+        const aliasLogger = Log.child({
+          alias: binding.alias || "no alias provided",
+        }) as typeof Log;
 
         // Push the binding to the list of bindings for this capability as a new BindingAction
         // with the callback function to preserve
@@ -298,7 +313,9 @@ export class Capability implements CapabilityExport {
         log("Reconcile Action", reconcileCallback.toString());
 
         // Create the child logger and cast it to the expected type
-        const aliasLogger = Log.child({ alias: binding.alias || "no alias provided" }) as typeof Log;
+        const aliasLogger = Log.child({
+          alias: binding.alias || "no alias provided",
+        }) as typeof Log;
 
         // Push the binding to the list of bindings for this capability as a new BindingAction
         // with the callback function to preserve
@@ -307,7 +324,9 @@ export class Capability implements CapabilityExport {
           isWatch: true,
           isQueue: true,
           watchCallback: async (update, phase, logger = aliasLogger) => {
-            Log.info(`Executing reconcile action with alias: ${binding.alias || "no alias provided"}`);
+            Log.info(
+              `Executing reconcile action with alias: ${binding.alias || "no alias provided"}`,
+            );
             await reconcileCallback(update, phase, logger);
           },
         });
@@ -340,8 +359,13 @@ export class Capability implements CapabilityExport {
           isWatch: true,
           isFinalize: true,
           event: Event.UPDATE,
-          finalizeCallback: async (update: InstanceType<T>, logger = aliasLogger): Promise<boolean | void> => {
-            Log.info(`Executing finalize action with alias: ${binding.alias || "no alias provided"}`);
+          finalizeCallback: async (
+            update: InstanceType<T>,
+            logger = aliasLogger,
+          ): Promise<boolean | void> => {
+            Log.info(
+              `Executing finalize action with alias: ${binding.alias || "no alias provided"}`,
+            );
             return await finalizeCallback(update, logger);
           },
         };

package/src/lib/core/module.ts

@@ -21,7 +21,11 @@ export class PeprModule {
    * @param capabilities The capabilities to be loaded into the Pepr runtime
    * @param opts Options for the Pepr runtime
    */
-  constructor({ description, pepr }: PackageJSON, capabilities: Capability[] = [], opts: PeprModuleOptions = {}) {
+  constructor(
+    { description, pepr }: PackageJSON,
+    capabilities: Capability[] = [],
+    opts: PeprModuleOptions = {},
+  ) {
     const config: ModuleConfig = clone(pepr);
     config.description = description;
 

package/src/lib/core/storage.ts

@@ -169,7 +169,9 @@ export class Storage implements PeprStore {
       // If promise has not resolved before MAX_WAIT_TIME reject
       record.timeout = setTimeout(() => {
         record.unsubscribe!();
-        return reject(`MAX_WAIT_TIME elapsed: Key ${key} still seen after ${MAX_WAIT_TIME / 1000}s`);
+        return reject(
+          `MAX_WAIT_TIME elapsed: Key ${key} still seen after ${MAX_WAIT_TIME / 1000}s`,
+        );
       }, MAX_WAIT_TIME);
 
       record.unsubscribe = this.subscribe(data => {

package/src/lib/deploymentChecks.ts

@@ -29,7 +29,9 @@ export async function checkDeploymentStatus(namespace: string): Promise<boolean>
 }
 
 // wait for all deployments in the pepr-system namespace to be ready
-export async function namespaceDeploymentsReady(namespace: string = "pepr-system"): Promise<true | undefined> {
+export async function namespaceDeploymentsReady(
+  namespace: string = "pepr-system",
+): Promise<true | undefined> {
   Log.info(`Checking ${namespace} deployments status...`);
   let ready = false;
   while (!ready) {

package/src/lib/filter/adjudicators/admissionRequest.ts

@@ -22,4 +22,7 @@ export const declaredKind = pipe(
   (request: AdmissionRequest<KubernetesObject>): string => request?.kind?.kind,
   defaultTo(""),
 );
-export const declaredUid = pipe((request: AdmissionRequest<KubernetesObject>): string => request?.uid, defaultTo(""));
+export const declaredUid = pipe(
+  (request: AdmissionRequest<KubernetesObject>): string => request?.uid,
+  defaultTo(""),
+);

package/src/lib/filter/adjudicators/binding.ts

@@ -27,13 +27,22 @@ export const definesNameRegex = pipe(definedNameRegex, equals(""), not);
 export const definedNamespaces = pipe(binding => binding?.filters?.namespaces, defaultTo([]));
 export const definesNamespaces = pipe(definedNamespaces, equals([]), not);
 
-export const definedNamespaceRegexes = pipe(binding => binding?.filters?.regexNamespaces, defaultTo([]));
+export const definedNamespaceRegexes = pipe(
+  binding => binding?.filters?.regexNamespaces,
+  defaultTo([]),
+);
 export const definesNamespaceRegexes = pipe(definedNamespaceRegexes, equals([]), not);
 
-export const definedAnnotations = pipe((binding: Partial<Binding>) => binding?.filters?.annotations, defaultTo({}));
+export const definedAnnotations = pipe(
+  (binding: Partial<Binding>) => binding?.filters?.annotations,
+  defaultTo({}),
+);
 export const definesAnnotations = pipe(definedAnnotations, equals({}), not);
 
-export const definedLabels = pipe((binding: Partial<Binding>) => binding?.filters?.labels, defaultTo({}));
+export const definedLabels = pipe(
+  (binding: Partial<Binding>) => binding?.filters?.labels,
+  defaultTo({}),
+);
 export const definesLabels = pipe(definedLabels, equals({}), not);
 
 export const definedEvent = (binding: Binding): Event => {
@@ -82,4 +91,8 @@ export const definedCallback = (binding: Partial<Binding>): DefinedCallbackRetur
     binding.isValidate ? binding.validateCallback :
     null;
 };
-export const definedCallbackName = pipe(definedCallback, defaultTo({ name: "" }), callback => callback.name);
+export const definedCallbackName = pipe(
+  definedCallback,
+  defaultTo({ name: "" }),
+  callback => callback.name,
+);

package/src/lib/filter/adjudicators/kubernetesObject.ts

@@ -15,7 +15,8 @@ export const carriedKind = pipe(
   defaultTo("not set"),
 );
 export const carriedVersion = pipe(
-  (kubernetesObject: KubernetesObject): string | undefined => kubernetesObject?.metadata?.resourceVersion,
+  (kubernetesObject: KubernetesObject): string | undefined =>
+    kubernetesObject?.metadata?.resourceVersion,
   defaultTo("not set"),
 );
 export const carriedName = pipe(
@@ -40,7 +41,8 @@ export const carriedAnnotations = pipe(
 export const carriesAnnotations = pipe(carriedAnnotations, equals({}), not);
 
 export const carriedLabels = pipe(
-  (kubernetesObject: KubernetesObject): { [key: string]: string } | undefined => kubernetesObject?.metadata?.labels,
+  (kubernetesObject: KubernetesObject): { [key: string]: string } | undefined =>
+    kubernetesObject?.metadata?.labels,
   defaultTo({}),
 );
 export const carriesLabels = pipe(carriedLabels, equals({}), not);

package/src/lib/filter/adjudicators/mismatch.ts

@@ -32,7 +32,12 @@ import {
   carriedNamespace,
   missingDeletionTimestamp,
 } from "./kubernetesObject";
-import { declaredOperation, declaredGroup, declaredVersion, declaredKind } from "./admissionRequest";
+import {
+  declaredOperation,
+  declaredGroup,
+  declaredVersion,
+  declaredKind,
+} from "./admissionRequest";
 import { Event, Operation } from "../../enums";
 import { AdmissionRequest } from "../../common-types";
 
@@ -48,12 +53,20 @@ export const mismatchedName = allPass([
 
 export const mismatchedNameRegex = allPass([
   pipe(nthArg(0), definesNameRegex),
-  pipe((binding, kubernetesObject) => new RegExp(definedNameRegex(binding)).test(carriedName(kubernetesObject)), not),
+  pipe(
+    (binding, kubernetesObject) =>
+      new RegExp(definedNameRegex(binding)).test(carriedName(kubernetesObject)),
+    not,
+  ),
 ]);
 
 export const mismatchedNamespace = allPass([
   pipe(nthArg(0), definesNamespaces),
-  pipe((binding, kubernetesObject) => definedNamespaces(binding).includes(carriedNamespace(kubernetesObject)), not),
+  pipe(
+    (binding, kubernetesObject) =>
+      definedNamespaces(binding).includes(carriedNamespace(kubernetesObject)),
+    not,
+  ),
 ]);
 
 export const mismatchedNamespaceRegex = allPass([
@@ -95,12 +108,16 @@ export const metasMismatch = pipe(
 
 export const mismatchedAnnotations = allPass([
   pipe(nthArg(0), definesAnnotations),
-  pipe((binding, kubernetesObject) => metasMismatch(definedAnnotations(binding), carriedAnnotations(kubernetesObject))),
+  pipe((binding, kubernetesObject) =>
+    metasMismatch(definedAnnotations(binding), carriedAnnotations(kubernetesObject)),
+  ),
 ]);
 
 export const mismatchedLabels = allPass([
   pipe(nthArg(0), definesLabels),
-  pipe((binding, kubernetesObject) => metasMismatch(definedLabels(binding), carriedLabels(kubernetesObject))),
+  pipe((binding, kubernetesObject) =>
+    metasMismatch(definedLabels(binding), carriedLabels(kubernetesObject)),
+  ),
 ]);
 
 export const mismatchedEvent = pipe(
@@ -126,5 +143,7 @@ export const mismatchedKind = allPass([
 export const operationMatchesEvent = anyPass([
   pipe(nthArg(1), equals(Event.ANY)),
   pipe((operation: Operation, event: Event): boolean => operation.valueOf() === event.valueOf()),
-  pipe((operation: Operation, event: Event): boolean => (operation ? event.includes(operation) : false)),
+  pipe((operation: Operation, event: Event): boolean =>
+    operation ? event.includes(operation) : false,
+  ),
 ]);