pepr 0.51.6 → 0.52.0-nightly.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/build.d.ts +2 -2
- package/dist/cli/build.d.ts.map +1 -1
- package/dist/cli/build.helpers.d.ts +1 -1
- package/dist/cli/build.helpers.d.ts.map +1 -1
- package/dist/cli/crd/create.d.ts +0 -1
- package/dist/cli/crd/create.d.ts.map +1 -1
- package/dist/cli/crd/generate.d.ts.map +1 -1
- package/dist/cli/crd/index.d.ts +2 -2
- package/dist/cli/crd/index.d.ts.map +1 -1
- package/dist/cli/deploy.d.ts +3 -3
- package/dist/cli/deploy.d.ts.map +1 -1
- package/dist/cli/dev.d.ts +2 -2
- package/dist/cli/dev.d.ts.map +1 -1
- package/dist/cli/format/index.d.ts +2 -2
- package/dist/cli/format/index.d.ts.map +1 -1
- package/dist/cli/init/index.d.ts +2 -2
- package/dist/cli/init/index.d.ts.map +1 -1
- package/dist/cli/init/templates.d.ts +13 -12
- package/dist/cli/init/templates.d.ts.map +1 -1
- package/dist/cli/init/walkthrough.d.ts.map +1 -1
- package/dist/cli/kfc.d.ts +2 -2
- package/dist/cli/kfc.d.ts.map +1 -1
- package/dist/cli/monitor.d.ts +2 -2
- package/dist/cli/monitor.d.ts.map +1 -1
- package/dist/cli/update/index.d.ts +2 -2
- package/dist/cli/update/index.d.ts.map +1 -1
- package/dist/cli/uuid.d.ts +2 -2
- package/dist/cli/uuid.d.ts.map +1 -1
- package/dist/cli.js +304 -204
- package/dist/controller.js +1 -1
- package/dist/lib/assets/assets.d.ts +13 -2
- package/dist/lib/assets/assets.d.ts.map +1 -1
- package/dist/lib/assets/deploy.d.ts.map +1 -1
- package/dist/lib/assets/{envrionment.d.ts → environment.d.ts} +1 -1
- package/dist/lib/assets/environment.d.ts.map +1 -0
- package/dist/lib/assets/helm.d.ts +4 -3
- package/dist/lib/assets/helm.d.ts.map +1 -1
- package/dist/lib/assets/{pods.d.ts → k8sObjects.d.ts} +4 -2
- package/dist/lib/assets/k8sObjects.d.ts.map +1 -0
- package/dist/lib/assets/networking.d.ts +0 -2
- package/dist/lib/assets/networking.d.ts.map +1 -1
- package/dist/lib/assets/yaml/generateAllYaml.d.ts +8 -3
- package/dist/lib/assets/yaml/generateAllYaml.d.ts.map +1 -1
- package/dist/lib/assets/yaml/overridesFile.d.ts +4 -1
- package/dist/lib/assets/yaml/overridesFile.d.ts.map +1 -1
- package/package.json +20 -20
- package/src/cli/build.helpers.ts +26 -14
- package/src/cli/build.ts +37 -47
- package/src/cli/crd/create.ts +15 -20
- package/src/cli/crd/generate.ts +9 -6
- package/src/cli/crd/index.ts +2 -2
- package/src/cli/deploy.ts +16 -16
- package/src/cli/dev.ts +8 -8
- package/src/cli/format/index.ts +5 -4
- package/src/cli/init/index.ts +12 -9
- package/src/cli/init/walkthrough.ts +2 -4
- package/src/cli/kfc.ts +17 -13
- package/src/cli/monitor.ts +2 -2
- package/src/cli/update/index.ts +11 -11
- package/src/cli/uuid.ts +2 -2
- package/src/cli.ts +2 -2
- package/src/lib/assets/assets.ts +81 -22
- package/src/lib/assets/deploy.ts +26 -12
- package/src/lib/assets/helm.ts +37 -3
- package/src/lib/assets/{pods.ts → k8sObjects.ts} +69 -22
- package/src/lib/assets/networking.ts +0 -52
- package/src/lib/assets/yaml/generateAllYaml.ts +38 -11
- package/src/lib/assets/yaml/overridesFile.ts +6 -1
- package/src/templates/tsconfig.module.json +2 -2
- package/dist/cli/root.d.ts +0 -5
- package/dist/cli/root.d.ts.map +0 -1
- package/dist/lib/assets/envrionment.d.ts.map +0 -1
- package/dist/lib/assets/pods.d.ts.map +0 -1
- package/src/cli/root.ts +0 -12
- /package/src/lib/assets/{envrionment.ts → environment.ts} +0 -0
package/src/lib/assets/deploy.ts
CHANGED
|
@@ -6,10 +6,17 @@ import { promises as fs } from "fs";
|
|
|
6
6
|
import { K8s, kind } from "kubernetes-fluent-client";
|
|
7
7
|
import { V1PolicyRule as PolicyRule } from "@kubernetes/client-node";
|
|
8
8
|
|
|
9
|
-
import { Assets } from "./assets";
|
|
9
|
+
import { Assets, isAdmission, norWatchOrAdmission } from "./assets";
|
|
10
10
|
import Log from "../telemetry/logger";
|
|
11
|
-
import { apiPathSecret,
|
|
12
|
-
import {
|
|
11
|
+
import { apiPathSecret, tlsSecret } from "./networking";
|
|
12
|
+
import {
|
|
13
|
+
getDeployment,
|
|
14
|
+
service,
|
|
15
|
+
watcherService,
|
|
16
|
+
getModuleSecret,
|
|
17
|
+
getNamespace,
|
|
18
|
+
getWatcher,
|
|
19
|
+
} from "./k8sObjects";
|
|
13
20
|
import {
|
|
14
21
|
clusterRole,
|
|
15
22
|
clusterRoleBinding,
|
|
@@ -148,9 +155,19 @@ async function setupController(
|
|
|
148
155
|
const mod = getModuleSecret(name, code, hash);
|
|
149
156
|
await K8s(kind.Secret).Apply(mod, { force });
|
|
150
157
|
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
158
|
+
if (isAdmission(assets.capabilities) || norWatchOrAdmission(assets.capabilities)) {
|
|
159
|
+
const svc = service(name, assets);
|
|
160
|
+
if (svc) {
|
|
161
|
+
Log.info("Applying controller service");
|
|
162
|
+
await K8s(kind.Service).Apply(svc, { force });
|
|
163
|
+
}
|
|
164
|
+
|
|
165
|
+
const dep = getDeployment(assets, hash, assets.buildTimestamp);
|
|
166
|
+
if (dep) {
|
|
167
|
+
Log.info("Applying deployment");
|
|
168
|
+
await K8s(kind.Deployment).Apply(dep, { force });
|
|
169
|
+
}
|
|
170
|
+
}
|
|
154
171
|
|
|
155
172
|
Log.info("Applying TLS secret");
|
|
156
173
|
const tls = tlsSecret(name, assets.tls);
|
|
@@ -159,10 +176,6 @@ async function setupController(
|
|
|
159
176
|
Log.info("Applying API path secret");
|
|
160
177
|
const apiPath = apiPathSecret(name, assets.apiPath);
|
|
161
178
|
await K8s(kind.Secret).Apply(apiPath, { force });
|
|
162
|
-
|
|
163
|
-
Log.info("Applying deployment");
|
|
164
|
-
const dep = getDeployment(assets, hash, assets.buildTimestamp);
|
|
165
|
-
await K8s(kind.Deployment).Apply(dep, { force });
|
|
166
179
|
}
|
|
167
180
|
|
|
168
181
|
// Setup the watcher deployment and service
|
|
@@ -172,9 +185,10 @@ async function setupWatcher(assets: Assets, hash: string, force: boolean): Promi
|
|
|
172
185
|
if (watchDeployment) {
|
|
173
186
|
Log.info("Applying watcher deployment");
|
|
174
187
|
await K8s(kind.Deployment).Apply(watchDeployment, { force });
|
|
175
|
-
|
|
188
|
+
}
|
|
189
|
+
const watchSvc = watcherService(assets.name, assets);
|
|
190
|
+
if (watchSvc) {
|
|
176
191
|
Log.info("Applying watcher service");
|
|
177
|
-
const watchSvc = watcherService(assets.name);
|
|
178
192
|
await K8s(kind.Service).Apply(watchSvc, { force });
|
|
179
193
|
}
|
|
180
194
|
}
|
package/src/lib/assets/helm.ts
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
// SPDX-License-Identifier: Apache-2.0
|
|
2
2
|
// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
|
|
3
3
|
|
|
4
|
+
type ControllerType = "admission" | "watcher";
|
|
5
|
+
|
|
4
6
|
export function clusterRoleTemplate(): string {
|
|
5
7
|
return `
|
|
6
8
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
@@ -61,8 +63,9 @@ export function chartYaml(name: string, description?: string): string {
|
|
|
61
63
|
`;
|
|
62
64
|
}
|
|
63
65
|
|
|
64
|
-
export function watcherDeployTemplate(buildTimestamp: string): string {
|
|
66
|
+
export function watcherDeployTemplate(buildTimestamp: string, type: ControllerType): string {
|
|
65
67
|
return `
|
|
68
|
+
{{- if .Values.${type}.enabled }}
|
|
66
69
|
apiVersion: apps/v1
|
|
67
70
|
kind: Deployment
|
|
68
71
|
metadata:
|
|
@@ -90,6 +93,9 @@ export function watcherDeployTemplate(buildTimestamp: string): string {
|
|
|
90
93
|
labels:
|
|
91
94
|
app: {{ .Values.uuid }}-watcher
|
|
92
95
|
pepr.dev/controller: watcher
|
|
96
|
+
{{- if .Values.watcher.podLabels }}
|
|
97
|
+
{{- toYaml .Values.watcher.podLabels | nindent 8 }}
|
|
98
|
+
{{- end }}
|
|
93
99
|
spec:
|
|
94
100
|
terminationGracePeriodSeconds: {{ .Values.watcher.terminationGracePeriodSeconds }}
|
|
95
101
|
serviceAccountName: {{ .Values.uuid }}
|
|
@@ -154,11 +160,13 @@ export function watcherDeployTemplate(buildTimestamp: string): string {
|
|
|
154
160
|
{{- if .Values.watcher.extraVolumes }}
|
|
155
161
|
{{- toYaml .Values.watcher.extraVolumes | nindent 8 }}
|
|
156
162
|
{{- end }}
|
|
163
|
+
{{- end }}
|
|
157
164
|
`;
|
|
158
165
|
}
|
|
159
166
|
|
|
160
|
-
export function admissionDeployTemplate(buildTimestamp: string): string {
|
|
167
|
+
export function admissionDeployTemplate(buildTimestamp: string, type: ControllerType): string {
|
|
161
168
|
return `
|
|
169
|
+
{{- if .Values.${type}.enabled }}
|
|
162
170
|
apiVersion: apps/v1
|
|
163
171
|
kind: Deployment
|
|
164
172
|
metadata:
|
|
@@ -184,6 +192,9 @@ export function admissionDeployTemplate(buildTimestamp: string): string {
|
|
|
184
192
|
labels:
|
|
185
193
|
app: {{ .Values.uuid }}
|
|
186
194
|
pepr.dev/controller: admission
|
|
195
|
+
{{- if .Values.admission.podLabels }}
|
|
196
|
+
{{- toYaml .Values.admission.podLabels | nindent 8 }}
|
|
197
|
+
{{- end }}
|
|
187
198
|
spec:
|
|
188
199
|
{{- if or .Values.admission.antiAffinity .Values.admission.affinity }}
|
|
189
200
|
affinity:
|
|
@@ -270,9 +281,10 @@ export function admissionDeployTemplate(buildTimestamp: string): string {
|
|
|
270
281
|
{{- if .Values.admission.extraVolumes }}
|
|
271
282
|
{{- toYaml .Values.admission.extraVolumes | nindent 8 }}
|
|
272
283
|
{{- end }}
|
|
284
|
+
{{- end }}
|
|
273
285
|
`;
|
|
274
286
|
}
|
|
275
|
-
|
|
287
|
+
|
|
276
288
|
export function serviceMonitorTemplate(name: string, type: ControllerType): string {
|
|
277
289
|
return `
|
|
278
290
|
{{- if .Values.${type}.serviceMonitor.enabled }}
|
|
@@ -300,3 +312,25 @@ export function serviceMonitorTemplate(name: string, type: ControllerType): stri
|
|
|
300
312
|
{{- end }}
|
|
301
313
|
`;
|
|
302
314
|
}
|
|
315
|
+
|
|
316
|
+
export function serviceTemplate(name: string, type: ControllerType): string {
|
|
317
|
+
const svcName = type === "admission" ? name : `${name}-${type}`;
|
|
318
|
+
return `
|
|
319
|
+
{{- if .Values.${type}.enabled }}
|
|
320
|
+
apiVersion: v1
|
|
321
|
+
kind: Service
|
|
322
|
+
metadata:
|
|
323
|
+
name: ${svcName}
|
|
324
|
+
namespace: pepr-system
|
|
325
|
+
labels:
|
|
326
|
+
pepr.dev/controller: ${type}
|
|
327
|
+
spec:
|
|
328
|
+
selector:
|
|
329
|
+
app: ${svcName}
|
|
330
|
+
pepr.dev/controller: ${type}
|
|
331
|
+
ports:
|
|
332
|
+
- port: 443
|
|
333
|
+
targetPort: 3000
|
|
334
|
+
{{- end }}
|
|
335
|
+
`;
|
|
336
|
+
}
|
|
@@ -5,9 +5,8 @@ import { KubernetesObject } from "@kubernetes/client-node";
|
|
|
5
5
|
import { kind } from "kubernetes-fluent-client";
|
|
6
6
|
import { gzipSync } from "zlib";
|
|
7
7
|
import { secretOverLimit } from "../helpers";
|
|
8
|
-
import { Assets } from "./assets";
|
|
9
|
-
import {
|
|
10
|
-
import { genEnv } from "./envrionment";
|
|
8
|
+
import { Assets, isAdmission, isWatcher, norWatchOrAdmission } from "./assets";
|
|
9
|
+
import { genEnv } from "./environment";
|
|
11
10
|
|
|
12
11
|
/** Generate the pepr-system namespace */
|
|
13
12
|
export function getNamespace(namespaceLabels?: Record<string, string>): KubernetesObject {
|
|
@@ -37,27 +36,13 @@ export function getWatcher(
|
|
|
37
36
|
buildTimestamp: string,
|
|
38
37
|
imagePullSecret?: string,
|
|
39
38
|
): kind.Deployment | null {
|
|
40
|
-
const { name, image,
|
|
41
|
-
|
|
42
|
-
let hasSchedule = false;
|
|
43
|
-
|
|
44
|
-
// Append the watcher suffix
|
|
45
|
-
const app = `${name}-watcher`;
|
|
46
|
-
const bindings: Binding[] = [];
|
|
47
|
-
|
|
48
|
-
// Loop through the capabilities and find any Watch Actions
|
|
49
|
-
for (const capability of capabilities) {
|
|
50
|
-
if (capability.hasSchedule) {
|
|
51
|
-
hasSchedule = true;
|
|
52
|
-
}
|
|
53
|
-
const watchers = capability.bindings.filter(binding => binding.isWatch);
|
|
54
|
-
bindings.push(...watchers);
|
|
55
|
-
}
|
|
39
|
+
const { name, image, config } = assets;
|
|
56
40
|
|
|
57
|
-
|
|
58
|
-
if (bindings.length < 1 && !hasSchedule) {
|
|
41
|
+
if (!isWatcher(assets.capabilities)) {
|
|
59
42
|
return null;
|
|
60
43
|
}
|
|
44
|
+
// Append the watcher suffix
|
|
45
|
+
const app = `${name}-watcher`;
|
|
61
46
|
|
|
62
47
|
const deploy: kind.Deployment = {
|
|
63
48
|
apiVersion: "apps/v1",
|
|
@@ -196,10 +181,14 @@ export function getDeployment(
|
|
|
196
181
|
hash: string,
|
|
197
182
|
buildTimestamp: string,
|
|
198
183
|
imagePullSecret?: string,
|
|
199
|
-
): kind.Deployment {
|
|
184
|
+
): kind.Deployment | null {
|
|
200
185
|
const { name, image, config } = assets;
|
|
201
186
|
const app = name;
|
|
202
187
|
|
|
188
|
+
if (!isAdmission(assets.capabilities) && !norWatchOrAdmission(assets.capabilities)) {
|
|
189
|
+
return null;
|
|
190
|
+
}
|
|
191
|
+
|
|
203
192
|
const deploy: kind.Deployment = {
|
|
204
193
|
apiVersion: "apps/v1",
|
|
205
194
|
kind: "Deployment",
|
|
@@ -364,3 +353,61 @@ export function getModuleSecret(name: string, data: Buffer, hash: string): kind.
|
|
|
364
353
|
};
|
|
365
354
|
}
|
|
366
355
|
}
|
|
356
|
+
|
|
357
|
+
export function service(name: string, assets: Assets): kind.Service | null {
|
|
358
|
+
if (!isAdmission(assets.capabilities) && !norWatchOrAdmission(assets.capabilities)) {
|
|
359
|
+
return null;
|
|
360
|
+
}
|
|
361
|
+
return {
|
|
362
|
+
apiVersion: "v1",
|
|
363
|
+
kind: "Service",
|
|
364
|
+
metadata: {
|
|
365
|
+
name,
|
|
366
|
+
namespace: "pepr-system",
|
|
367
|
+
labels: {
|
|
368
|
+
"pepr.dev/controller": "admission",
|
|
369
|
+
},
|
|
370
|
+
},
|
|
371
|
+
spec: {
|
|
372
|
+
selector: {
|
|
373
|
+
app: name,
|
|
374
|
+
"pepr.dev/controller": "admission",
|
|
375
|
+
},
|
|
376
|
+
ports: [
|
|
377
|
+
{
|
|
378
|
+
port: 443,
|
|
379
|
+
targetPort: 3000,
|
|
380
|
+
},
|
|
381
|
+
],
|
|
382
|
+
},
|
|
383
|
+
};
|
|
384
|
+
}
|
|
385
|
+
|
|
386
|
+
export function watcherService(name: string, assets: Assets): kind.Service | null {
|
|
387
|
+
if (!isWatcher(assets.capabilities)) {
|
|
388
|
+
return null;
|
|
389
|
+
}
|
|
390
|
+
return {
|
|
391
|
+
apiVersion: "v1",
|
|
392
|
+
kind: "Service",
|
|
393
|
+
metadata: {
|
|
394
|
+
name: `${name}-watcher`,
|
|
395
|
+
namespace: "pepr-system",
|
|
396
|
+
labels: {
|
|
397
|
+
"pepr.dev/controller": "watcher",
|
|
398
|
+
},
|
|
399
|
+
},
|
|
400
|
+
spec: {
|
|
401
|
+
selector: {
|
|
402
|
+
app: `${name}-watcher`,
|
|
403
|
+
"pepr.dev/controller": "watcher",
|
|
404
|
+
},
|
|
405
|
+
ports: [
|
|
406
|
+
{
|
|
407
|
+
port: 443,
|
|
408
|
+
targetPort: 3000,
|
|
409
|
+
},
|
|
410
|
+
],
|
|
411
|
+
},
|
|
412
|
+
};
|
|
413
|
+
}
|
|
@@ -35,55 +35,3 @@ export function tlsSecret(name: string, tls: TLSOut): kind.Secret {
|
|
|
35
35
|
},
|
|
36
36
|
};
|
|
37
37
|
}
|
|
38
|
-
|
|
39
|
-
export function service(name: string): kind.Service {
|
|
40
|
-
return {
|
|
41
|
-
apiVersion: "v1",
|
|
42
|
-
kind: "Service",
|
|
43
|
-
metadata: {
|
|
44
|
-
name,
|
|
45
|
-
namespace: "pepr-system",
|
|
46
|
-
labels: {
|
|
47
|
-
"pepr.dev/controller": "admission",
|
|
48
|
-
},
|
|
49
|
-
},
|
|
50
|
-
spec: {
|
|
51
|
-
selector: {
|
|
52
|
-
app: name,
|
|
53
|
-
"pepr.dev/controller": "admission",
|
|
54
|
-
},
|
|
55
|
-
ports: [
|
|
56
|
-
{
|
|
57
|
-
port: 443,
|
|
58
|
-
targetPort: 3000,
|
|
59
|
-
},
|
|
60
|
-
],
|
|
61
|
-
},
|
|
62
|
-
};
|
|
63
|
-
}
|
|
64
|
-
|
|
65
|
-
export function watcherService(name: string): kind.Service {
|
|
66
|
-
return {
|
|
67
|
-
apiVersion: "v1",
|
|
68
|
-
kind: "Service",
|
|
69
|
-
metadata: {
|
|
70
|
-
name: `${name}-watcher`,
|
|
71
|
-
namespace: "pepr-system",
|
|
72
|
-
labels: {
|
|
73
|
-
"pepr.dev/controller": "watcher",
|
|
74
|
-
},
|
|
75
|
-
},
|
|
76
|
-
spec: {
|
|
77
|
-
selector: {
|
|
78
|
-
app: `${name}-watcher`,
|
|
79
|
-
"pepr.dev/controller": "watcher",
|
|
80
|
-
},
|
|
81
|
-
ports: [
|
|
82
|
-
{
|
|
83
|
-
port: 443,
|
|
84
|
-
targetPort: 3000,
|
|
85
|
-
},
|
|
86
|
-
],
|
|
87
|
-
},
|
|
88
|
-
};
|
|
89
|
-
}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
import crypto from "crypto";
|
|
5
5
|
import { Assets } from "../assets";
|
|
6
6
|
import { WebhookType } from "../../enums";
|
|
7
|
-
import { apiPathSecret,
|
|
7
|
+
import { apiPathSecret, tlsSecret } from "../networking";
|
|
8
8
|
import {
|
|
9
9
|
clusterRole,
|
|
10
10
|
clusterRoleBinding,
|
|
@@ -12,33 +12,60 @@ import {
|
|
|
12
12
|
storeRole,
|
|
13
13
|
storeRoleBinding,
|
|
14
14
|
} from "../rbac";
|
|
15
|
-
import { dumpYaml, V1Deployment } from "@kubernetes/client-node";
|
|
16
|
-
import { getModuleSecret, getNamespace } from "../
|
|
15
|
+
import { dumpYaml, V1Deployment, V1Service, KubernetesObject } from "@kubernetes/client-node";
|
|
16
|
+
import { getModuleSecret, getNamespace } from "../k8sObjects";
|
|
17
17
|
import { promises as fs } from "fs";
|
|
18
18
|
import { webhookConfigGenerator } from "../webhooks";
|
|
19
19
|
|
|
20
|
-
type deployments = {
|
|
20
|
+
type deployments = { admission: V1Deployment | null; watch: V1Deployment | null };
|
|
21
|
+
type services = {
|
|
22
|
+
admission: V1Service | null;
|
|
23
|
+
watch: V1Service | null;
|
|
24
|
+
};
|
|
21
25
|
|
|
22
|
-
export
|
|
26
|
+
export function pushControllerManifests(
|
|
27
|
+
resources: KubernetesObject[],
|
|
28
|
+
deployments: deployments,
|
|
29
|
+
services: services,
|
|
30
|
+
): KubernetesObject[] {
|
|
31
|
+
if (deployments.watch) {
|
|
32
|
+
resources.push(deployments.watch);
|
|
33
|
+
}
|
|
34
|
+
if (deployments.admission) {
|
|
35
|
+
resources.push(deployments.admission);
|
|
36
|
+
}
|
|
37
|
+
if (services.admission) {
|
|
38
|
+
resources.push(services.admission);
|
|
39
|
+
}
|
|
40
|
+
if (services.watch) {
|
|
41
|
+
resources.push(services.watch);
|
|
42
|
+
}
|
|
43
|
+
return resources;
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
export async function generateAllYaml(
|
|
47
|
+
assets: Assets,
|
|
48
|
+
deployments: deployments,
|
|
49
|
+
services: services,
|
|
50
|
+
): Promise<string> {
|
|
23
51
|
const { name, tls, apiPath, path, config } = assets;
|
|
24
52
|
const code = await fs.readFile(path);
|
|
25
53
|
const hash = crypto.createHash("sha256").update(code).digest("hex");
|
|
26
54
|
|
|
27
|
-
|
|
55
|
+
let resources = [
|
|
28
56
|
getNamespace(assets.config.customLabels?.namespace),
|
|
29
57
|
clusterRole(name, assets.capabilities, config.rbacMode, config.rbac),
|
|
30
58
|
clusterRoleBinding(name),
|
|
31
59
|
serviceAccount(name),
|
|
32
60
|
apiPathSecret(name, apiPath),
|
|
33
61
|
tlsSecret(name, tls),
|
|
34
|
-
deployments.default,
|
|
35
|
-
service(name),
|
|
36
|
-
watcherService(name),
|
|
37
62
|
getModuleSecret(name, code, hash),
|
|
38
63
|
storeRole(name),
|
|
39
64
|
storeRoleBinding(name),
|
|
40
65
|
];
|
|
41
66
|
|
|
67
|
+
resources = pushControllerManifests(resources, deployments, services);
|
|
68
|
+
|
|
42
69
|
const webhooks = {
|
|
43
70
|
mutate: await webhookConfigGenerator(assets, WebhookType.MUTATE, assets.config.webhookTimeout),
|
|
44
71
|
validate: await webhookConfigGenerator(
|
|
@@ -48,8 +75,8 @@ export async function generateAllYaml(assets: Assets, deployments: deployments):
|
|
|
48
75
|
),
|
|
49
76
|
};
|
|
50
77
|
|
|
51
|
-
// Add webhooks
|
|
52
|
-
const additionalResources = [webhooks.mutate, webhooks.validate
|
|
78
|
+
// Add webhooks if they exist
|
|
79
|
+
const additionalResources = [webhooks.mutate, webhooks.validate].filter(
|
|
53
80
|
resource => resource !== null && resource !== undefined,
|
|
54
81
|
);
|
|
55
82
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { genEnv } from "../
|
|
1
|
+
import { genEnv } from "../environment";
|
|
2
2
|
import { CapabilityExport, ModuleConfig } from "../../types";
|
|
3
3
|
import { dumpYaml } from "@kubernetes/client-node";
|
|
4
4
|
import { clusterRole } from "../rbac";
|
|
@@ -18,6 +18,7 @@ export async function overridesFile(
|
|
|
18
18
|
{ hash, name, image, config, apiPath, capabilities }: ChartOverrides,
|
|
19
19
|
path: string,
|
|
20
20
|
imagePullSecrets: string[],
|
|
21
|
+
controllerType: { admission: boolean; watcher: boolean } = { admission: true, watcher: true },
|
|
21
22
|
): Promise<void> {
|
|
22
23
|
const rbacOverrides = clusterRole(name, capabilities, config.rbacMode, config.rbac).rules;
|
|
23
24
|
|
|
@@ -41,6 +42,7 @@ export async function overridesFile(
|
|
|
41
42
|
},
|
|
42
43
|
uuid: name,
|
|
43
44
|
admission: {
|
|
45
|
+
enabled: controllerType.admission === true ? true : false,
|
|
44
46
|
antiAffinity: false,
|
|
45
47
|
terminationGracePeriodSeconds: 5,
|
|
46
48
|
failurePolicy: config.onError === "reject" ? "Fail" : "Ignore",
|
|
@@ -98,6 +100,7 @@ export async function overridesFile(
|
|
|
98
100
|
},
|
|
99
101
|
},
|
|
100
102
|
podAnnotations: {},
|
|
103
|
+
podLabels: {},
|
|
101
104
|
nodeSelector: {},
|
|
102
105
|
tolerations: [],
|
|
103
106
|
extraVolumeMounts: [],
|
|
@@ -110,6 +113,7 @@ export async function overridesFile(
|
|
|
110
113
|
},
|
|
111
114
|
},
|
|
112
115
|
watcher: {
|
|
116
|
+
enabled: controllerType.watcher === true ? true : false,
|
|
113
117
|
terminationGracePeriodSeconds: 5,
|
|
114
118
|
env: genEnv(config, true, true),
|
|
115
119
|
envFrom: [],
|
|
@@ -169,6 +173,7 @@ export async function overridesFile(
|
|
|
169
173
|
extraVolumes: [],
|
|
170
174
|
affinity: {},
|
|
171
175
|
podAnnotations: {},
|
|
176
|
+
podLabels: {},
|
|
172
177
|
serviceMonitor: {
|
|
173
178
|
enabled: false,
|
|
174
179
|
labels: {},
|
|
@@ -6,8 +6,8 @@
|
|
|
6
6
|
"emitDeclarationOnly": true,
|
|
7
7
|
"esModuleInterop": true,
|
|
8
8
|
"lib": ["ES2022"],
|
|
9
|
-
"module": "
|
|
10
|
-
"moduleResolution": "
|
|
9
|
+
"module": "NodeNext",
|
|
10
|
+
"moduleResolution": "NodeNext",
|
|
11
11
|
"outDir": "dist",
|
|
12
12
|
"resolveJsonModule": true,
|
|
13
13
|
"rootDir": ".",
|
package/dist/cli/root.d.ts
DELETED
package/dist/cli/root.d.ts.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"root.d.ts","sourceRoot":"","sources":["../../src/cli/root.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,qBAAa,OAAQ,SAAQ,OAAO;IAElC,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;CAIrC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"envrionment.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/envrionment.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,wBAAgB,MAAM,CACpB,MAAM,EAAE,YAAY,EACpB,SAAS,UAAQ,EACjB,eAAe,UAAQ,GACtB,QAAQ,EAAE,CAkBZ"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"pods.d.ts","sourceRoot":"","sources":["../../../src/lib/assets/pods.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,0BAA0B,CAAC;AAGhD,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAIlC,yCAAyC;AACzC,wBAAgB,YAAY,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,gBAAgB,CAmBvF;AAED,wBAAgB,UAAU,CACxB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,cAAc,EAAE,MAAM,EACtB,eAAe,CAAC,EAAE,MAAM,GACvB,IAAI,CAAC,UAAU,GAAG,IAAI,CAyJxB;AAED,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,cAAc,EAAE,MAAM,EACtB,eAAe,CAAC,EAAE,MAAM,GACvB,IAAI,CAAC,UAAU,CA+IjB;AAED,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC,MAAM,CAsBrF"}
|
package/src/cli/root.ts
DELETED
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
// SPDX-License-Identifier: Apache-2.0
|
|
2
|
-
// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
|
|
3
|
-
|
|
4
|
-
import { Command } from "commander";
|
|
5
|
-
|
|
6
|
-
export class RootCmd extends Command {
|
|
7
|
-
// eslint-disable-next-line class-methods-use-this
|
|
8
|
-
createCommand(name: string): Command {
|
|
9
|
-
const cmd = new Command(name);
|
|
10
|
-
return cmd;
|
|
11
|
-
}
|
|
12
|
-
}
|
|
File without changes
|