pepr 0.49.0-nightly.0 → 0.49.0-nightly.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +50 -22
- package/dist/controller.js +1 -1
- package/dist/lib/assets/helm.d.ts.map +1 -1
- package/dist/lib/assets/yaml/overridesFile.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cli/crd/generate.ts +2 -2
- package/src/lib/assets/helm.ts +28 -1
- package/src/lib/assets/yaml/overridesFile.ts +1 -0
package/dist/cli.js
CHANGED
|
@@ -1481,7 +1481,7 @@ var require_stringify = __commonJS({
|
|
|
1481
1481
|
props.push(doc.directives.tagString(tag));
|
|
1482
1482
|
return props.join(" ");
|
|
1483
1483
|
}
|
|
1484
|
-
function
|
|
1484
|
+
function stringify2(item, ctx, onComment, onChompKeep) {
|
|
1485
1485
|
if (identity.isPair(item))
|
|
1486
1486
|
return item.toString(ctx, onComment, onChompKeep);
|
|
1487
1487
|
if (identity.isAlias(item)) {
|
|
@@ -1511,7 +1511,7 @@ var require_stringify = __commonJS({
|
|
|
1511
1511
|
${ctx.indent}${str}`;
|
|
1512
1512
|
}
|
|
1513
1513
|
exports2.createStringifyContext = createStringifyContext;
|
|
1514
|
-
exports2.stringify =
|
|
1514
|
+
exports2.stringify = stringify2;
|
|
1515
1515
|
}
|
|
1516
1516
|
});
|
|
1517
1517
|
|
|
@@ -1521,7 +1521,7 @@ var require_stringifyPair = __commonJS({
|
|
|
1521
1521
|
"use strict";
|
|
1522
1522
|
var identity = require_identity();
|
|
1523
1523
|
var Scalar = require_Scalar();
|
|
1524
|
-
var
|
|
1524
|
+
var stringify2 = require_stringify();
|
|
1525
1525
|
var stringifyComment = require_stringifyComment();
|
|
1526
1526
|
function stringifyPair({ key, value }, ctx, onComment, onChompKeep) {
|
|
1527
1527
|
const { allNullValues, doc, indent, indentStep, options: { commentString, indentSeq, simpleKeys } } = ctx;
|
|
@@ -1543,7 +1543,7 @@ var require_stringifyPair = __commonJS({
|
|
|
1543
1543
|
});
|
|
1544
1544
|
let keyCommentDone = false;
|
|
1545
1545
|
let chompKeep = false;
|
|
1546
|
-
let str =
|
|
1546
|
+
let str = stringify2.stringify(key, ctx, () => keyCommentDone = true, () => chompKeep = true);
|
|
1547
1547
|
if (!explicitKey && !ctx.inFlow && str.length > 1024) {
|
|
1548
1548
|
if (simpleKeys)
|
|
1549
1549
|
throw new Error("With simple keys, single line scalar must not span more than 1024 characters");
|
|
@@ -1595,7 +1595,7 @@ ${indent}:`;
|
|
|
1595
1595
|
ctx.indent = ctx.indent.substring(2);
|
|
1596
1596
|
}
|
|
1597
1597
|
let valueCommentDone = false;
|
|
1598
|
-
const valueStr =
|
|
1598
|
+
const valueStr = stringify2.stringify(value, ctx, () => valueCommentDone = true, () => chompKeep = true);
|
|
1599
1599
|
let ws = " ";
|
|
1600
1600
|
if (keyComment || vsb || vcb) {
|
|
1601
1601
|
ws = vsb ? "\n" : "";
|
|
@@ -1733,7 +1733,7 @@ var require_addPairToJSMap = __commonJS({
|
|
|
1733
1733
|
"use strict";
|
|
1734
1734
|
var log = require_log();
|
|
1735
1735
|
var merge = require_merge();
|
|
1736
|
-
var
|
|
1736
|
+
var stringify2 = require_stringify();
|
|
1737
1737
|
var identity = require_identity();
|
|
1738
1738
|
var toJS = require_toJS();
|
|
1739
1739
|
function addPairToJSMap(ctx, map, { key, value }) {
|
|
@@ -1769,7 +1769,7 @@ var require_addPairToJSMap = __commonJS({
|
|
|
1769
1769
|
if (typeof jsKey !== "object")
|
|
1770
1770
|
return String(jsKey);
|
|
1771
1771
|
if (identity.isNode(key) && ctx?.doc) {
|
|
1772
|
-
const strCtx =
|
|
1772
|
+
const strCtx = stringify2.createStringifyContext(ctx.doc, {});
|
|
1773
1773
|
strCtx.anchors = /* @__PURE__ */ new Set();
|
|
1774
1774
|
for (const node of ctx.anchors.keys())
|
|
1775
1775
|
strCtx.anchors.add(node.anchor);
|
|
@@ -1836,12 +1836,12 @@ var require_stringifyCollection = __commonJS({
|
|
|
1836
1836
|
"node_modules/yaml/dist/stringify/stringifyCollection.js"(exports2) {
|
|
1837
1837
|
"use strict";
|
|
1838
1838
|
var identity = require_identity();
|
|
1839
|
-
var
|
|
1839
|
+
var stringify2 = require_stringify();
|
|
1840
1840
|
var stringifyComment = require_stringifyComment();
|
|
1841
1841
|
function stringifyCollection(collection, ctx, options) {
|
|
1842
1842
|
const flow = ctx.inFlow ?? collection.flow;
|
|
1843
|
-
const
|
|
1844
|
-
return
|
|
1843
|
+
const stringify3 = flow ? stringifyFlowCollection : stringifyBlockCollection;
|
|
1844
|
+
return stringify3(collection, ctx, options);
|
|
1845
1845
|
}
|
|
1846
1846
|
function stringifyBlockCollection({ comment, items }, ctx, { blockItemPrefix, flowChars, itemIndent, onChompKeep, onComment }) {
|
|
1847
1847
|
const { indent, options: { commentString } } = ctx;
|
|
@@ -1866,7 +1866,7 @@ var require_stringifyCollection = __commonJS({
|
|
|
1866
1866
|
}
|
|
1867
1867
|
}
|
|
1868
1868
|
chompKeep = false;
|
|
1869
|
-
let str2 =
|
|
1869
|
+
let str2 = stringify2.stringify(item, itemCtx, () => comment2 = null, () => chompKeep = true);
|
|
1870
1870
|
if (comment2)
|
|
1871
1871
|
str2 += stringifyComment.lineComment(str2, itemIndent, commentString(comment2));
|
|
1872
1872
|
if (chompKeep && comment2)
|
|
@@ -1933,7 +1933,7 @@ ${indent}${line}` : "\n";
|
|
|
1933
1933
|
}
|
|
1934
1934
|
if (comment)
|
|
1935
1935
|
reqNewline = true;
|
|
1936
|
-
let str =
|
|
1936
|
+
let str = stringify2.stringify(item, itemCtx, () => comment = null);
|
|
1937
1937
|
if (i < items.length - 1)
|
|
1938
1938
|
str += ",";
|
|
1939
1939
|
if (comment)
|
|
@@ -3288,7 +3288,7 @@ var require_stringifyDocument = __commonJS({
|
|
|
3288
3288
|
"node_modules/yaml/dist/stringify/stringifyDocument.js"(exports2) {
|
|
3289
3289
|
"use strict";
|
|
3290
3290
|
var identity = require_identity();
|
|
3291
|
-
var
|
|
3291
|
+
var stringify2 = require_stringify();
|
|
3292
3292
|
var stringifyComment = require_stringifyComment();
|
|
3293
3293
|
function stringifyDocument(doc, options) {
|
|
3294
3294
|
const lines = [];
|
|
@@ -3303,7 +3303,7 @@ var require_stringifyDocument = __commonJS({
|
|
|
3303
3303
|
}
|
|
3304
3304
|
if (hasDirectives)
|
|
3305
3305
|
lines.push("---");
|
|
3306
|
-
const ctx =
|
|
3306
|
+
const ctx = stringify2.createStringifyContext(doc, options);
|
|
3307
3307
|
const { commentString } = ctx.options;
|
|
3308
3308
|
if (doc.commentBefore) {
|
|
3309
3309
|
if (lines.length !== 1)
|
|
@@ -3325,7 +3325,7 @@ var require_stringifyDocument = __commonJS({
|
|
|
3325
3325
|
contentComment = doc.contents.comment;
|
|
3326
3326
|
}
|
|
3327
3327
|
const onChompKeep = contentComment ? void 0 : () => chompKeep = true;
|
|
3328
|
-
let body =
|
|
3328
|
+
let body = stringify2.stringify(doc.contents, ctx, () => contentComment = null, onChompKeep);
|
|
3329
3329
|
if (contentComment)
|
|
3330
3330
|
body += stringifyComment.lineComment(body, "", commentString(contentComment));
|
|
3331
3331
|
if ((body[0] === "|" || body[0] === ">") && lines[lines.length - 1] === "---") {
|
|
@@ -3333,7 +3333,7 @@ var require_stringifyDocument = __commonJS({
|
|
|
3333
3333
|
} else
|
|
3334
3334
|
lines.push(body);
|
|
3335
3335
|
} else {
|
|
3336
|
-
lines.push(
|
|
3336
|
+
lines.push(stringify2.stringify(doc.contents, ctx));
|
|
3337
3337
|
}
|
|
3338
3338
|
if (doc.directives?.docEnd) {
|
|
3339
3339
|
if (doc.comment) {
|
|
@@ -5463,7 +5463,7 @@ var require_cst_scalar = __commonJS({
|
|
|
5463
5463
|
var require_cst_stringify = __commonJS({
|
|
5464
5464
|
"node_modules/yaml/dist/parse/cst-stringify.js"(exports2) {
|
|
5465
5465
|
"use strict";
|
|
5466
|
-
var
|
|
5466
|
+
var stringify2 = (cst) => "type" in cst ? stringifyToken(cst) : stringifyItem(cst);
|
|
5467
5467
|
function stringifyToken(token) {
|
|
5468
5468
|
switch (token.type) {
|
|
5469
5469
|
case "block-scalar": {
|
|
@@ -5516,7 +5516,7 @@ var require_cst_stringify = __commonJS({
|
|
|
5516
5516
|
res += stringifyToken(value);
|
|
5517
5517
|
return res;
|
|
5518
5518
|
}
|
|
5519
|
-
exports2.stringify =
|
|
5519
|
+
exports2.stringify = stringify2;
|
|
5520
5520
|
}
|
|
5521
5521
|
});
|
|
5522
5522
|
|
|
@@ -7229,7 +7229,7 @@ var require_public_api = __commonJS({
|
|
|
7229
7229
|
}
|
|
7230
7230
|
return doc.toJS(Object.assign({ reviver: _reviver }, options));
|
|
7231
7231
|
}
|
|
7232
|
-
function
|
|
7232
|
+
function stringify2(value, replacer, options) {
|
|
7233
7233
|
let _replacer = null;
|
|
7234
7234
|
if (typeof replacer === "function" || Array.isArray(replacer)) {
|
|
7235
7235
|
_replacer = replacer;
|
|
@@ -7254,7 +7254,7 @@ var require_public_api = __commonJS({
|
|
|
7254
7254
|
exports2.parse = parse;
|
|
7255
7255
|
exports2.parseAllDocuments = parseAllDocuments;
|
|
7256
7256
|
exports2.parseDocument = parseDocument;
|
|
7257
|
-
exports2.stringify =
|
|
7257
|
+
exports2.stringify = stringify2;
|
|
7258
7258
|
}
|
|
7259
7259
|
});
|
|
7260
7260
|
|
|
@@ -7529,7 +7529,13 @@ function watcherDeployTemplate(buildTimestamp) {
|
|
|
7529
7529
|
terminationGracePeriodSeconds: {{ .Values.watcher.terminationGracePeriodSeconds }}
|
|
7530
7530
|
serviceAccountName: {{ .Values.uuid }}
|
|
7531
7531
|
securityContext:
|
|
7532
|
-
{{- toYaml .Values.
|
|
7532
|
+
{{- toYaml .Values.watcher.securityContext | nindent 8 }}
|
|
7533
|
+
nodeSelector:
|
|
7534
|
+
{{- toYaml .Values.watcher.nodeSelector | nindent 8 }}
|
|
7535
|
+
tolerations:
|
|
7536
|
+
{{- toYaml .Values.watcher.tolerations | nindent 8 }}
|
|
7537
|
+
affinity:
|
|
7538
|
+
{{- toYaml .Values.watcher.affinity | nindent 8 }}
|
|
7533
7539
|
containers:
|
|
7534
7540
|
- name: watcher
|
|
7535
7541
|
image: {{ .Values.watcher.image }}
|
|
@@ -7613,6 +7619,27 @@ function admissionDeployTemplate(buildTimestamp) {
|
|
|
7613
7619
|
app: {{ .Values.uuid }}
|
|
7614
7620
|
pepr.dev/controller: admission
|
|
7615
7621
|
spec:
|
|
7622
|
+
{{- if or .Values.admission.antiAffinity .Values.admission.affinity }}
|
|
7623
|
+
affinity:
|
|
7624
|
+
{{- if .Values.admission.antiAffinity }}
|
|
7625
|
+
podAntiAffinity:
|
|
7626
|
+
requiredDuringSchedulingIgnoredDuringExecution:
|
|
7627
|
+
- labelSelector:
|
|
7628
|
+
matchExpressions:
|
|
7629
|
+
- key: pepr.dev/controller
|
|
7630
|
+
operator: In
|
|
7631
|
+
values:
|
|
7632
|
+
- admission
|
|
7633
|
+
topologyKey: "kubernetes.io/hostname"
|
|
7634
|
+
{{- end }}
|
|
7635
|
+
{{- if .Values.admission.affinity }}
|
|
7636
|
+
{{- toYaml .Values.admission.affinity | nindent 8 }}
|
|
7637
|
+
{{- end }}
|
|
7638
|
+
{{- end }}
|
|
7639
|
+
nodeSelector:
|
|
7640
|
+
{{- toYaml .Values.admission.nodeSelector | nindent 8 }}
|
|
7641
|
+
tolerations:
|
|
7642
|
+
{{- toYaml .Values.admission.tolerations | nindent 8 }}
|
|
7616
7643
|
terminationGracePeriodSeconds: {{ .Values.admission.terminationGracePeriodSeconds }}
|
|
7617
7644
|
priorityClassName: system-node-critical
|
|
7618
7645
|
serviceAccountName: {{ .Values.uuid }}
|
|
@@ -8057,6 +8084,7 @@ async function overridesFile({ hash, name: name2, image, config, apiPath, capabi
|
|
|
8057
8084
|
},
|
|
8058
8085
|
uuid: name2,
|
|
8059
8086
|
admission: {
|
|
8087
|
+
antiAffinity: false,
|
|
8060
8088
|
terminationGracePeriodSeconds: 5,
|
|
8061
8089
|
failurePolicy: config.onError === "reject" ? "Fail" : "Ignore",
|
|
8062
8090
|
webhookTimeout: config.webhookTimeout,
|
|
@@ -8798,7 +8826,7 @@ var gitIgnore = "# Ignore node_modules and Pepr build artifacts\nnode_modules\nd
|
|
|
8798
8826
|
var readmeMd = '# Pepr Module\n\nThis is a Pepr Module. [Pepr](https://github.com/defenseunicorns/pepr) is a type-safe Kubernetes middleware system.\n\nThe `capabilities` directory contains all the capabilities for this module. By default,\na capability is a single typescript file in the format of `capability-name.ts` that is\nimported in the root `pepr.ts` file as `import { HelloPepr } from "./capabilities/hello-pepr";`.\nBecause this is typescript, you can organize this however you choose, e.g. creating a sub-folder\nper-capability or common logic in shared files or folders.\n\nExample Structure:\n\n```\nModule Root\n\u251C\u2500\u2500 package.json\n\u251C\u2500\u2500 pepr.ts\n\u2514\u2500\u2500 capabilities\n \u251C\u2500\u2500 example-one.ts\n \u251C\u2500\u2500 example-three.ts\n \u2514\u2500\u2500 example-two.ts\n```\n';
|
|
8799
8827
|
var peprTS = 'import { PeprModule } from "pepr";\n// cfg loads your pepr configuration from package.json\nimport cfg from "./package.json";\n\n// HelloPepr is a demo capability that is included with Pepr. Comment or delete the line below to remove it.\nimport { HelloPepr } from "./capabilities/hello-pepr";\n\n/**\n * This is the main entrypoint for this Pepr module. It is run when the module is started.\n * This is where you register your Pepr configurations and capabilities.\n */\nnew PeprModule(cfg, [\n // "HelloPepr" is a demo capability that is included with Pepr. Comment or delete the line below to remove it.\n HelloPepr,\n\n // Your additional capabilities go here\n]);\n';
|
|
8800
8828
|
var helloPeprTS = 'import {\n Capability,\n K8s,\n Log,\n PeprMutateRequest,\n RegisterKind,\n a,\n fetch,\n fetchStatus,\n kind,\n} from "pepr";\nimport { MockAgent, setGlobalDispatcher } from "undici";\n\n/**\n * The HelloPepr Capability is an example capability to demonstrate some general concepts of Pepr.\n * To test this capability you run `pepr dev`and then run the following command:\n * `kubectl apply -f capabilities/hello-pepr.samples.yaml`\n */\nexport const HelloPepr = new Capability({\n name: "hello-pepr",\n description: "A simple example capability to show how things work.",\n namespaces: ["pepr-demo", "pepr-demo-2"],\n});\n\n// Use the \'When\' function to create a new action, use \'Store\' to persist data\nconst { When, Store } = HelloPepr;\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Namespace) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action removes the label `remove-me` when a Namespace is created.\n * Note we don\'t need to specify the namespace here, because we\'ve already specified\n * it in the Capability definition above.\n */\nWhen(a.Namespace)\n .IsCreated()\n .Mutate(ns => ns.RemoveLabel("remove-me"));\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Watch Action with K8s SSA (Namespace) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action watches for the `pepr-demo-2` namespace to be created, then creates a ConfigMap with\n * the name `pepr-ssa-demo` and adds the namespace UID to the ConfigMap data. Because Pepr uses\n * server-side apply for this operation, the ConfigMap will be created or updated if it already exists.\n */\nWhen(a.Namespace)\n .IsCreated()\n .WithName("pepr-demo-2")\n .Watch(async ns => {\n Log.info("Namespace pepr-demo-2 was created.");\n\n try {\n // Apply the ConfigMap using K8s server-side apply\n await K8s(kind.ConfigMap).Apply({\n metadata: {\n name: "pepr-ssa-demo",\n namespace: "pepr-demo-2",\n },\n data: {\n "ns-uid": ns.metadata.uid,\n },\n });\n } catch (error) {\n // You can use the Log object to log messages to the Pepr controller pod\n Log.error(error, "Failed to apply ConfigMap using server-side apply.");\n }\n\n // You can share data between actions using the Store, including between different types of actions\n Store.setItem("watch-data", "This data was stored by a Watch Action.");\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 1) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This is a single action. They can be in the same file or put imported from other files.\n * In this example, when a ConfigMap is created with the name `example-1`, then add a label and annotation.\n *\n * Equivalent to manually running:\n * `kubectl label configmap example-1 pepr=was-here`\n * `kubectl annotate configmap example-1 pepr.dev=annotations-work-too`\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .WithName("example-1")\n .Mutate(request => {\n request.SetLabel("pepr", "was-here").SetAnnotation("pepr.dev", "annotations-work-too");\n\n // Use the Store to persist data between requests and Pepr controller pods\n Store.setItem("example-1", "was-here");\n\n // This data is written asynchronously and can be read back via `Store.getItem()` or `Store.subscribe()`\n Store.setItem("example-1-data", JSON.stringify(request.Raw.data));\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate & Validate Actions (CM Example 2) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This combines 3 different types of actions: \'Mutate\', \'Validate\', and \'Watch\'. The order\n * of the actions is required, but each action is optional. In this example, when a ConfigMap is created\n * with the name `example-2`, then add a label and annotation, validate that the ConfigMap has the label\n * `pepr`, and log the request.\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .WithName("example-2")\n .Mutate(request => {\n // This Mutate Action will mutate the request before it is persisted to the cluster\n\n // Use `request.Merge()` to merge the new data with the existing data\n request.Merge({\n metadata: {\n labels: {\n pepr: "was-here",\n },\n annotations: {\n "pepr.dev": "annotations-work-too",\n },\n },\n });\n })\n .Validate(request => {\n // This Validate Action will validate the request before it is persisted to the cluster\n\n // Approve the request if the ConfigMap has the label \'pepr\'\n if (request.HasLabel("pepr")) {\n return request.Approve();\n }\n\n // Otherwise, deny the request with an error message (optional)\n return request.Deny("ConfigMap must have label \'pepr\'");\n })\n .Watch((cm, phase) => {\n // This Watch Action will watch the ConfigMap after it has been persisted to the cluster\n Log.info(cm, `ConfigMap was ${phase} with the name example-2`);\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 2a) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action shows a simple validation that will deny any ConfigMap that has the\n * annotation `evil`. Note that the `Deny()` function takes an optional second parameter that is a\n * user-defined status code to return.\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .Validate(request => {\n if (request.HasAnnotation("evil")) {\n return request.Deny("No evil CM annotations allowed.", 400);\n }\n\n return request.Approve();\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 3) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action combines different styles. Unlike the previous actions, this one will look\n * for any ConfigMap in the `pepr-demo` namespace that has the label `change=by-label` during either\n * CREATE or UPDATE. Note that all conditions added such as `WithName()`, `WithLabel()`, `InNamespace()`,\n * are ANDs so all conditions must be true for the request to be processed.\n */\nWhen(a.ConfigMap)\n .IsCreatedOrUpdated()\n .WithLabel("change", "by-label")\n .Mutate(request => {\n // The K8s object e are going to mutate\n const cm = request.Raw;\n\n // Get the username and uid of the K8s request\n const { username, uid } = request.Request.userInfo;\n\n // Store some data about the request in the configmap\n cm.data["username"] = username;\n cm.data["uid"] = uid;\n\n // You can still mix other ways of making changes too\n request.SetAnnotation("pepr.dev", "making-waves");\n });\n\n// This action validates the label `change=by-label` is deleted\nWhen(a.ConfigMap)\n .IsDeleted()\n .WithLabel("change", "by-label")\n .Validate(request => {\n // Log and then always approve the request\n Log.info("CM with label \'change=by-label\' was deleted.");\n return request.Approve();\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 4) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action show how you can use the `Mutate()` function without an inline function.\n * This is useful if you want to keep your actions small and focused on a single task,\n * or if you want to reuse the same function in multiple actions.\n */\nWhen(a.ConfigMap).IsCreated().WithName("example-4").Mutate(example4Cb);\n\n// This function uses the complete type definition, but is not required.\nfunction example4Cb(cm: PeprMutateRequest<a.ConfigMap>) {\n cm.SetLabel("pepr.dev/first", "true");\n cm.SetLabel("pepr.dev/second", "true");\n cm.SetLabel("pepr.dev/third", "true");\n}\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 4a) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This is the same as Example 4, except this only operates on a CM in the `pepr-demo-2` namespace.\n * Note because the Capability defines namespaces, the namespace specified here must be one of those.\n * Alternatively, you can remove the namespace from the Capability definition and specify it here.\n */\nWhen(a.ConfigMap).IsCreated().InNamespace("pepr-demo-2").WithName("example-4a").Mutate(example4Cb);\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 5) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action is a bit more complex. It will look for any ConfigMap in the `pepr-demo`\n * namespace that has the label `chuck-norris` during CREATE. When it finds one, it will fetch a\n * random Chuck Norris joke from the API and add it to the ConfigMap. This is a great example of how\n * you can use Pepr to make changes to your K8s objects based on external data.\n *\n * Note the use of the `async` keyword. This is required for any action that uses `await` or `fetch()`.\n *\n * Also note we are passing a type to the `fetch()` function. This is optional, but it will help you\n * avoid mistakes when working with the data returned from the API. You can also use the `as` keyword to\n * cast the data returned from the API.\n *\n * These are equivalent:\n * ```ts\n * const joke = await fetch<TheChuckNorrisJoke>("https://icanhazdadjoke.com/");\n * const joke = await fetch("https://icanhazdadjoke.com/") as TheChuckNorrisJoke;\n * ```\n *\n * Alternatively, you can drop the type completely:\n *\n * ```ts\n * fetch("https://icanhazdadjoke.com")\n * ```\n */\ninterface TheChuckNorrisJoke {\n id: string;\n joke: string;\n status: number;\n}\n\nWhen(a.ConfigMap)\n .IsCreatedOrUpdated()\n .WithLabel("chuck-norris")\n .Mutate(cm => cm.SetLabel("got-jokes", "true"))\n .Watch(async cm => {\n const jokeURL = "https://icanhazdadjoke.com";\n\n const mockAgent: MockAgent = new MockAgent();\n setGlobalDispatcher(mockAgent);\n const mockClient = mockAgent.get(jokeURL);\n mockClient.intercept({ path: "/", method: "GET" }).reply(\n 200,\n {\n id: "R7UfaahVfFd",\n joke: "Funny joke goes here.",\n status: 200,\n },\n {\n headers: {\n "Content-Type": "application/json; charset=utf-8",\n },\n },\n );\n\n // Try/catch is not needed as a response object will always be returned\n const response = await fetch<TheChuckNorrisJoke>(jokeURL, {\n headers: {\n Accept: "application/json",\n },\n });\n\n // Instead, check the `response.ok` field\n if (response.ok) {\n const { joke } = response.data;\n // Add Joke to the Store\n await Store.setItemAndWait(jokeURL, joke);\n // Add the Chuck Norris joke to the configmap\n try {\n await K8s(kind.ConfigMap).Apply({\n metadata: {\n name: cm.metadata.name,\n namespace: cm.metadata.namespace,\n },\n data: {\n "chuck-says": Store.getItem(jokeURL),\n },\n });\n } catch (error) {\n Log.error(error, "Failed to apply ConfigMap using server-side apply.", {\n cm,\n });\n }\n }\n\n // You can also assert on different HTTP response codes\n if (response.status === fetchStatus.NOT_FOUND) {\n // Do something else\n return;\n }\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Secret Base64 Handling) *\n * ---------------------------------------------------------------------------------------------------\n *\n * The K8s JS client provides incomplete support for base64 encoding/decoding handling for secrets,\n * unlike the GO client. To make this less painful, Pepr automatically handles base64 encoding/decoding\n * secret data before and after the action is executed.\n */\nWhen(a.Secret)\n .IsCreated()\n .WithName("secret-1")\n .Mutate(request => {\n const secret = request.Raw;\n\n // This will be encoded at the end of all processing back to base64: "Y2hhbmdlLXdpdGhvdXQtZW5jb2Rpbmc="\n secret.data.magic = "change-without-encoding";\n\n // You can modify the data directly, and it will be encoded at the end of all processing\n secret.data.example += " - modified by Pepr";\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Untyped Custom Resource) *\n * ---------------------------------------------------------------------------------------------------\n *\n * Out of the box, Pepr supports all the standard Kubernetes objects. However, you can also create\n * your own types. This is useful if you are working with an Operator that creates custom resources.\n * There are two ways to do this, the first is to use the `When()` function with a `GenericKind`,\n * the second is to create a new class that extends `GenericKind` and use the `RegisterKind()` function.\n *\n * This example shows how to use the `When()` function with a `GenericKind`. Note that you\n * must specify the `group`, `version`, and `kind` of the object (if applicable). This is how Pepr knows\n * if the action should be triggered or not. Since we are using a `GenericKind`,\n * Pepr will not be able to provide any intellisense for the object, so you will need to refer to the\n * Kubernetes API documentation for the object you are working with.\n *\n * You will need to wait for the CRD in `hello-pepr.samples.yaml` to be created, then you can apply\n *\n * ```yaml\n * apiVersion: pepr.dev/v1\n * kind: Unicorn\n * metadata:\n * name: example-1\n * namespace: pepr-demo\n * spec:\n * message: replace-me\n * counter: 0\n * ```\n */\nWhen(a.GenericKind, {\n group: "pepr.dev",\n version: "v1",\n kind: "Unicorn",\n})\n .IsCreated()\n .WithName("example-1")\n .Mutate(request => {\n request.Merge({\n spec: {\n message: "Hello Pepr without type data!",\n counter: Math.random(),\n },\n });\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Typed Custom Resource) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This example shows how to use the `RegisterKind()` function to create a new type. This is useful\n * if you are working with an Operator that creates custom resources and you want to have intellisense\n * for the object. Note that you must specify the `group`, `version`, and `kind` of the object (if applicable)\n * as this is how Pepr knows if the action should be triggered or not.\n *\n * Once you register a new Kind with Pepr, you can use the `When()` function with the new Kind. Ideally,\n * you should register custom Kinds at the top of your Capability file or Pepr Module so they are available\n * to all actions, but we are putting it here for demonstration purposes.\n *\n * You will need to wait for the CRD in `hello-pepr.samples.yaml` to be created, then you can apply\n *\n * ```yaml\n * apiVersion: pepr.dev/v1\n * kind: Unicorn\n * metadata:\n * name: example-2\n * namespace: pepr-demo\n * spec:\n * message: replace-me\n * counter: 0\n * ```*\n */\nclass UnicornKind extends a.GenericKind {\n spec: {\n /**\n * JSDoc comments can be added to explain more details about the field.\n *\n * @example\n * ```ts\n * request.Raw.spec.message = "Hello Pepr!";\n * ```\n * */\n message: string;\n counter: number;\n };\n}\n\nRegisterKind(UnicornKind, {\n group: "pepr.dev",\n version: "v1",\n kind: "Unicorn",\n});\n\nWhen(UnicornKind)\n .IsCreated()\n .WithName("example-2")\n .Mutate(request => {\n request.Merge({\n spec: {\n message: "Hello Pepr with type data!",\n counter: Math.random(),\n },\n });\n });\n\n/**\n * A callback function that is called once the Pepr Store is fully loaded.\n */\nStore.onReady(data => {\n Log.info(data, "Pepr Store Ready");\n});\n';
|
|
8801
|
-
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!src/fixtures/**", "!dist/**/*.test.d.ts*"], version: "0.49.0-nightly.
|
|
8829
|
+
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!src/fixtures/**", "!dist/**/*.test.d.ts*"], version: "0.49.0-nightly.2", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { ci: "npm ci", "gen-data-json": "node hack/build-template-data.js", prebuild: "rm -fr dist/* && npm run gen-data-json", build: "tsc && node build.mjs && npm pack", "build:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev .", "build:image:unicorn": "npm run build && docker buildx build --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.mjs) .", "set:version": "node scripts/set-version.js", test: "npm run test:unit && npm run test:journey && npm run test:journey-wasm", "test:artifacts": "npm run build && jest src/build-artifact.test.ts", "test:integration": "npm run test:integration:prep && npm run test:integration:run", "test:integration:prep": "./integration/prep.sh", "test:integration:run": "jest --maxWorkers=4 integration", "test:journey": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run", "test:journey-wasm": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run-wasm", "test:journey-wasm:unicorn": "npm run test:journey:k3d && npm run build && npm run test:journey:image:unicorn && npm run test:journey:run-wasm", "test:journey:image": "docker buildx build --output type=docker --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:journey:image:unicorn": "npm run build && docker buildx build --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.mjs) . && k3d image import pepr:dev -c pepr-dev", "test:journey:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0' --wait && kubectl rollout status deployment -n kube-system", "test:journey:run": "jest --detectOpenHandles journey/entrypoint.test.ts && npm run test:journey:upgrade", "test:journey:run-wasm": "jest --detectOpenHandles journey/entrypoint-wasm.test.ts", "test:journey:unicorn": "npm run test:journey:k3d && npm run test:journey:image:unicorn && npm run test:journey:run", "test:journey:upgrade": "npm run test:journey:k3d && npm run test:journey:image && jest --detectOpenHandles journey/pepr-upgrade.test.ts", "test:unit": "npm run gen-data-json && jest src --coverage --detectOpenHandles --coverageDirectory=./coverage --testPathIgnorePatterns='build-artifact.test.ts'", "format:check": "eslint src && prettier --config .prettierrc src --check", "format:fix": "eslint src --fix && prettier --config .prettierrc src --write", prepare: `if [ "$NODE_ENV" != 'production' ]; then husky; fi` }, dependencies: { "@types/ramda": "0.30.2", express: "5.1.0", "fast-json-patch": "3.1.1", heredoc: "^1.3.1", "http-status-codes": "^2.3.0", "json-pointer": "^0.6.2", "kubernetes-fluent-client": "3.5.2", pino: "9.6.0", "pino-pretty": "13.0.0", "prom-client": "15.1.3", ramda: "0.30.1", sigstore: "3.1.0", "ts-morph": "^25.0.1" }, devDependencies: { "@commitlint/cli": "19.8.0", "@commitlint/config-conventional": "19.8.0", "@fast-check/jest": "^2.0.1", "@jest/globals": "29.7.0", "@types/eslint": "9.6.1", "@types/express": "5.0.1", "@types/json-pointer": "^1.0.34", "@types/node": "22.x.x", "@types/node-forge": "1.3.11", "@types/uuid": "10.0.0", "fast-check": "^4.0.0", globals: "^16.0.0", husky: "^9.1.6", jest: "29.7.0", "js-yaml": "^4.1.0", shellcheck: "^3.0.0", "ts-jest": "29.3.2", undici: "^7.0.1" }, overrides: { glob: "^9.0.0" }, peerDependencies: { "@types/prompts": "2.4.9", "@typescript-eslint/eslint-plugin": "8.23.0", "@typescript-eslint/parser": "8.23.0", commander: "13.1.0", esbuild: "0.25.0", eslint: "8.57.0", "node-forge": "1.3.1", prettier: "3.4.2", prompts: "2.4.2", typescript: "5.7.3", uuid: "11.0.5" } };
|
|
8802
8830
|
|
|
8803
8831
|
// src/cli/init/utils.ts
|
|
8804
8832
|
var import_fs4 = require("fs");
|
package/dist/controller.js
CHANGED
|
@@ -51,7 +51,7 @@ if (process.env.LOG_LEVEL) {
|
|
|
51
51
|
var logger_default = Log;
|
|
52
52
|
|
|
53
53
|
// src/templates/data.json
|
|
54
|
-
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!src/fixtures/**", "!dist/**/*.test.d.ts*"], version: "0.49.0-nightly.
|
|
54
|
+
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!src/fixtures/**", "!dist/**/*.test.d.ts*"], version: "0.49.0-nightly.2", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { ci: "npm ci", "gen-data-json": "node hack/build-template-data.js", prebuild: "rm -fr dist/* && npm run gen-data-json", build: "tsc && node build.mjs && npm pack", "build:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev .", "build:image:unicorn": "npm run build && docker buildx build --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.mjs) .", "set:version": "node scripts/set-version.js", test: "npm run test:unit && npm run test:journey && npm run test:journey-wasm", "test:artifacts": "npm run build && jest src/build-artifact.test.ts", "test:integration": "npm run test:integration:prep && npm run test:integration:run", "test:integration:prep": "./integration/prep.sh", "test:integration:run": "jest --maxWorkers=4 integration", "test:journey": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run", "test:journey-wasm": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run-wasm", "test:journey-wasm:unicorn": "npm run test:journey:k3d && npm run build && npm run test:journey:image:unicorn && npm run test:journey:run-wasm", "test:journey:image": "docker buildx build --output type=docker --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:journey:image:unicorn": "npm run build && docker buildx build --output type=docker --tag pepr:dev $(node scripts/read-unicorn-build-args.mjs) . && k3d image import pepr:dev -c pepr-dev", "test:journey:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0' --wait && kubectl rollout status deployment -n kube-system", "test:journey:run": "jest --detectOpenHandles journey/entrypoint.test.ts && npm run test:journey:upgrade", "test:journey:run-wasm": "jest --detectOpenHandles journey/entrypoint-wasm.test.ts", "test:journey:unicorn": "npm run test:journey:k3d && npm run test:journey:image:unicorn && npm run test:journey:run", "test:journey:upgrade": "npm run test:journey:k3d && npm run test:journey:image && jest --detectOpenHandles journey/pepr-upgrade.test.ts", "test:unit": "npm run gen-data-json && jest src --coverage --detectOpenHandles --coverageDirectory=./coverage --testPathIgnorePatterns='build-artifact.test.ts'", "format:check": "eslint src && prettier --config .prettierrc src --check", "format:fix": "eslint src --fix && prettier --config .prettierrc src --write", prepare: `if [ "$NODE_ENV" != 'production' ]; then husky; fi` }, dependencies: { "@types/ramda": "0.30.2", express: "5.1.0", "fast-json-patch": "3.1.1", heredoc: "^1.3.1", "http-status-codes": "^2.3.0", "json-pointer": "^0.6.2", "kubernetes-fluent-client": "3.5.2", pino: "9.6.0", "pino-pretty": "13.0.0", "prom-client": "15.1.3", ramda: "0.30.1", sigstore: "3.1.0", "ts-morph": "^25.0.1" }, devDependencies: { "@commitlint/cli": "19.8.0", "@commitlint/config-conventional": "19.8.0", "@fast-check/jest": "^2.0.1", "@jest/globals": "29.7.0", "@types/eslint": "9.6.1", "@types/express": "5.0.1", "@types/json-pointer": "^1.0.34", "@types/node": "22.x.x", "@types/node-forge": "1.3.11", "@types/uuid": "10.0.0", "fast-check": "^4.0.0", globals: "^16.0.0", husky: "^9.1.6", jest: "29.7.0", "js-yaml": "^4.1.0", shellcheck: "^3.0.0", "ts-jest": "29.3.2", undici: "^7.0.1" }, overrides: { glob: "^9.0.0" }, peerDependencies: { "@types/prompts": "2.4.9", "@typescript-eslint/eslint-plugin": "8.23.0", "@typescript-eslint/parser": "8.23.0", commander: "13.1.0", esbuild: "0.25.0", eslint: "8.57.0", "node-forge": "1.3.1", prettier: "3.4.2", prompts: "2.4.2", typescript: "5.7.3", uuid: "11.0.5" } };
|
|
55
55
|
|
|
56
56
|
// src/lib/k8s.ts
|
|
57
57
|
var import_kubernetes_fluent_client = require("kubernetes-fluent-client");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helm.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/helm.ts"],"names":[],"mappings":"AAGA,wBAAgB,mBAAmB,IAAI,MAAM,CAY5C;AAED,wBAAgB,iBAAiB,IAAI,MAAM,CAe1C;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,CA2BpE;AAED,wBAAgB,qBAAqB,CAAC,cAAc,EAAE,MAAM,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"helm.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/helm.ts"],"names":[],"mappings":"AAGA,wBAAgB,mBAAmB,IAAI,MAAM,CAY5C;AAED,wBAAgB,iBAAiB,IAAI,MAAM,CAe1C;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,CA2BpE;AAED,wBAAgB,qBAAqB,CAAC,cAAc,EAAE,MAAM,GAAG,MAAM,CA8FpE;AAED,wBAAgB,uBAAuB,CAAC,cAAc,EAAE,MAAM,GAAG,MAAM,CAkHtE;AACD,KAAK,cAAc,GAAG,WAAW,GAAG,SAAS,CAAC;AAC9C,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,GAAG,MAAM,CA0BjF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"overridesFile.d.ts","sourceRoot":"","sources":["../../../../src/lib/assets/yaml/overridesFile.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAK7D,MAAM,MAAM,cAAc,GAAG;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,gBAAgB,EAAE,CAAC;IACjC,MAAM,EAAE,YAAY,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAGF,wBAAsB,aAAa,CACjC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,cAAc,EACpE,IAAI,EAAE,MAAM,EACZ,gBAAgB,EAAE,MAAM,EAAE,GACzB,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"overridesFile.d.ts","sourceRoot":"","sources":["../../../../src/lib/assets/yaml/overridesFile.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAK7D,MAAM,MAAM,cAAc,GAAG;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,gBAAgB,EAAE,CAAC;IACjC,MAAM,EAAE,YAAY,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAGF,wBAAsB,aAAa,CACjC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,cAAc,EACpE,IAAI,EAAE,MAAM,EACZ,gBAAgB,EAAE,MAAM,EAAE,GACzB,OAAO,CAAC,IAAI,CAAC,CA4Jf"}
|
package/package.json
CHANGED
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
"!src/fixtures/**",
|
|
17
17
|
"!dist/**/*.test.d.ts*"
|
|
18
18
|
],
|
|
19
|
-
"version": "0.49.0-nightly.
|
|
19
|
+
"version": "0.49.0-nightly.2",
|
|
20
20
|
"main": "dist/lib.js",
|
|
21
21
|
"types": "dist/lib.d.ts",
|
|
22
22
|
"scripts": {
|
|
@@ -54,7 +54,7 @@
|
|
|
54
54
|
"heredoc": "^1.3.1",
|
|
55
55
|
"http-status-codes": "^2.3.0",
|
|
56
56
|
"json-pointer": "^0.6.2",
|
|
57
|
-
"kubernetes-fluent-client": "3.5.
|
|
57
|
+
"kubernetes-fluent-client": "3.5.2",
|
|
58
58
|
"pino": "9.6.0",
|
|
59
59
|
"pino-pretty": "13.0.0",
|
|
60
60
|
"prom-client": "15.1.3",
|
package/src/cli/crd/generate.ts
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
import { Command } from "commander";
|
|
5
5
|
import fs from "fs";
|
|
6
6
|
import path from "path";
|
|
7
|
-
import { stringify
|
|
7
|
+
import { stringify } from "yaml";
|
|
8
8
|
import {
|
|
9
9
|
Project,
|
|
10
10
|
InterfaceDeclaration,
|
|
@@ -109,7 +109,7 @@ export function processSourceFile(
|
|
|
109
109
|
});
|
|
110
110
|
|
|
111
111
|
const outPath = path.join(outputDir, `${kind.toLowerCase()}.yaml`);
|
|
112
|
-
fs.writeFileSync(outPath,
|
|
112
|
+
fs.writeFileSync(outPath, stringify(crd), "utf8");
|
|
113
113
|
console.log(`✔ Created ${outPath}`);
|
|
114
114
|
}
|
|
115
115
|
|
package/src/lib/assets/helm.ts
CHANGED
|
@@ -94,7 +94,13 @@ export function watcherDeployTemplate(buildTimestamp: string): string {
|
|
|
94
94
|
terminationGracePeriodSeconds: {{ .Values.watcher.terminationGracePeriodSeconds }}
|
|
95
95
|
serviceAccountName: {{ .Values.uuid }}
|
|
96
96
|
securityContext:
|
|
97
|
-
{{- toYaml .Values.
|
|
97
|
+
{{- toYaml .Values.watcher.securityContext | nindent 8 }}
|
|
98
|
+
nodeSelector:
|
|
99
|
+
{{- toYaml .Values.watcher.nodeSelector | nindent 8 }}
|
|
100
|
+
tolerations:
|
|
101
|
+
{{- toYaml .Values.watcher.tolerations | nindent 8 }}
|
|
102
|
+
affinity:
|
|
103
|
+
{{- toYaml .Values.watcher.affinity | nindent 8 }}
|
|
98
104
|
containers:
|
|
99
105
|
- name: watcher
|
|
100
106
|
image: {{ .Values.watcher.image }}
|
|
@@ -179,6 +185,27 @@ export function admissionDeployTemplate(buildTimestamp: string): string {
|
|
|
179
185
|
app: {{ .Values.uuid }}
|
|
180
186
|
pepr.dev/controller: admission
|
|
181
187
|
spec:
|
|
188
|
+
{{- if or .Values.admission.antiAffinity .Values.admission.affinity }}
|
|
189
|
+
affinity:
|
|
190
|
+
{{- if .Values.admission.antiAffinity }}
|
|
191
|
+
podAntiAffinity:
|
|
192
|
+
requiredDuringSchedulingIgnoredDuringExecution:
|
|
193
|
+
- labelSelector:
|
|
194
|
+
matchExpressions:
|
|
195
|
+
- key: pepr.dev/controller
|
|
196
|
+
operator: In
|
|
197
|
+
values:
|
|
198
|
+
- admission
|
|
199
|
+
topologyKey: "kubernetes.io/hostname"
|
|
200
|
+
{{- end }}
|
|
201
|
+
{{- if .Values.admission.affinity }}
|
|
202
|
+
{{- toYaml .Values.admission.affinity | nindent 8 }}
|
|
203
|
+
{{- end }}
|
|
204
|
+
{{- end }}
|
|
205
|
+
nodeSelector:
|
|
206
|
+
{{- toYaml .Values.admission.nodeSelector | nindent 8 }}
|
|
207
|
+
tolerations:
|
|
208
|
+
{{- toYaml .Values.admission.tolerations | nindent 8 }}
|
|
182
209
|
terminationGracePeriodSeconds: {{ .Values.admission.terminationGracePeriodSeconds }}
|
|
183
210
|
priorityClassName: system-node-critical
|
|
184
211
|
serviceAccountName: {{ .Values.uuid }}
|