pepr 0.51.6 → 0.52.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/build.d.ts +2 -2
- package/dist/cli/build.d.ts.map +1 -1
- package/dist/cli/build.helpers.d.ts +1 -1
- package/dist/cli/build.helpers.d.ts.map +1 -1
- package/dist/cli/crd/create.d.ts +0 -1
- package/dist/cli/crd/create.d.ts.map +1 -1
- package/dist/cli/crd/generate.d.ts.map +1 -1
- package/dist/cli/crd/index.d.ts +2 -2
- package/dist/cli/crd/index.d.ts.map +1 -1
- package/dist/cli/deploy.d.ts +3 -3
- package/dist/cli/deploy.d.ts.map +1 -1
- package/dist/cli/dev.d.ts +2 -2
- package/dist/cli/dev.d.ts.map +1 -1
- package/dist/cli/format/index.d.ts +2 -2
- package/dist/cli/format/index.d.ts.map +1 -1
- package/dist/cli/init/index.d.ts +2 -2
- package/dist/cli/init/index.d.ts.map +1 -1
- package/dist/cli/init/templates.d.ts +13 -12
- package/dist/cli/init/templates.d.ts.map +1 -1
- package/dist/cli/init/walkthrough.d.ts.map +1 -1
- package/dist/cli/kfc.d.ts +2 -2
- package/dist/cli/kfc.d.ts.map +1 -1
- package/dist/cli/monitor.d.ts +2 -2
- package/dist/cli/monitor.d.ts.map +1 -1
- package/dist/cli/update/index.d.ts +2 -2
- package/dist/cli/update/index.d.ts.map +1 -1
- package/dist/cli/uuid.d.ts +2 -2
- package/dist/cli/uuid.d.ts.map +1 -1
- package/dist/cli.js +296 -204
- package/dist/controller.js +1 -1
- package/dist/lib/assets/assets.d.ts +13 -2
- package/dist/lib/assets/assets.d.ts.map +1 -1
- package/dist/lib/assets/deploy.d.ts.map +1 -1
- package/dist/lib/assets/{envrionment.d.ts → environment.d.ts} +1 -1
- package/dist/lib/assets/environment.d.ts.map +1 -0
- package/dist/lib/assets/helm.d.ts +4 -3
- package/dist/lib/assets/helm.d.ts.map +1 -1
- package/dist/lib/assets/{pods.d.ts → k8sObjects.d.ts} +4 -2
- package/dist/lib/assets/k8sObjects.d.ts.map +1 -0
- package/dist/lib/assets/networking.d.ts +0 -2
- package/dist/lib/assets/networking.d.ts.map +1 -1
- package/dist/lib/assets/yaml/generateAllYaml.d.ts +8 -3
- package/dist/lib/assets/yaml/generateAllYaml.d.ts.map +1 -1
- package/dist/lib/assets/yaml/overridesFile.d.ts +4 -1
- package/dist/lib/assets/yaml/overridesFile.d.ts.map +1 -1
- package/package.json +19 -19
- package/src/cli/build.helpers.ts +26 -14
- package/src/cli/build.ts +37 -47
- package/src/cli/crd/create.ts +15 -20
- package/src/cli/crd/generate.ts +9 -6
- package/src/cli/crd/index.ts +2 -2
- package/src/cli/deploy.ts +16 -16
- package/src/cli/dev.ts +8 -8
- package/src/cli/format/index.ts +5 -4
- package/src/cli/init/index.ts +12 -9
- package/src/cli/init/walkthrough.ts +2 -4
- package/src/cli/kfc.ts +17 -13
- package/src/cli/monitor.ts +2 -2
- package/src/cli/update/index.ts +11 -11
- package/src/cli/uuid.ts +2 -2
- package/src/cli.ts +2 -2
- package/src/lib/assets/assets.ts +81 -22
- package/src/lib/assets/deploy.ts +26 -12
- package/src/lib/assets/helm.ts +31 -3
- package/src/lib/assets/{pods.ts → k8sObjects.ts} +69 -22
- package/src/lib/assets/networking.ts +0 -52
- package/src/lib/assets/yaml/generateAllYaml.ts +38 -11
- package/src/lib/assets/yaml/overridesFile.ts +4 -1
- package/src/templates/tsconfig.module.json +2 -2
- package/dist/cli/root.d.ts +0 -5
- package/dist/cli/root.d.ts.map +0 -1
- package/dist/lib/assets/envrionment.d.ts.map +0 -1
- package/dist/lib/assets/pods.d.ts.map +0 -1
- package/src/cli/root.ts +0 -12
- /package/src/lib/assets/{envrionment.ts → environment.ts} +0 -0
package/dist/cli.js
CHANGED
|
@@ -7500,8 +7500,9 @@ function chartYaml(name2, description) {
|
|
|
7500
7500
|
appVersion: "1.16.0"
|
|
7501
7501
|
`;
|
|
7502
7502
|
}
|
|
7503
|
-
function watcherDeployTemplate(buildTimestamp) {
|
|
7503
|
+
function watcherDeployTemplate(buildTimestamp, type) {
|
|
7504
7504
|
return `
|
|
7505
|
+
{{- if .Values.${type}.enabled }}
|
|
7505
7506
|
apiVersion: apps/v1
|
|
7506
7507
|
kind: Deployment
|
|
7507
7508
|
metadata:
|
|
@@ -7593,10 +7594,12 @@ function watcherDeployTemplate(buildTimestamp) {
|
|
|
7593
7594
|
{{- if .Values.watcher.extraVolumes }}
|
|
7594
7595
|
{{- toYaml .Values.watcher.extraVolumes | nindent 8 }}
|
|
7595
7596
|
{{- end }}
|
|
7597
|
+
{{- end }}
|
|
7596
7598
|
`;
|
|
7597
7599
|
}
|
|
7598
|
-
function admissionDeployTemplate(buildTimestamp) {
|
|
7600
|
+
function admissionDeployTemplate(buildTimestamp, type) {
|
|
7599
7601
|
return `
|
|
7602
|
+
{{- if .Values.${type}.enabled }}
|
|
7600
7603
|
apiVersion: apps/v1
|
|
7601
7604
|
kind: Deployment
|
|
7602
7605
|
metadata:
|
|
@@ -7708,6 +7711,7 @@ function admissionDeployTemplate(buildTimestamp) {
|
|
|
7708
7711
|
{{- if .Values.admission.extraVolumes }}
|
|
7709
7712
|
{{- toYaml .Values.admission.extraVolumes | nindent 8 }}
|
|
7710
7713
|
{{- end }}
|
|
7714
|
+
{{- end }}
|
|
7711
7715
|
`;
|
|
7712
7716
|
}
|
|
7713
7717
|
function serviceMonitorTemplate(name2, type) {
|
|
@@ -7737,6 +7741,27 @@ function serviceMonitorTemplate(name2, type) {
|
|
|
7737
7741
|
{{- end }}
|
|
7738
7742
|
`;
|
|
7739
7743
|
}
|
|
7744
|
+
function serviceTemplate(name2, type) {
|
|
7745
|
+
const svcName = type === "admission" ? name2 : `${name2}-${type}`;
|
|
7746
|
+
return `
|
|
7747
|
+
{{- if .Values.${type}.enabled }}
|
|
7748
|
+
apiVersion: v1
|
|
7749
|
+
kind: Service
|
|
7750
|
+
metadata:
|
|
7751
|
+
name: ${svcName}
|
|
7752
|
+
namespace: pepr-system
|
|
7753
|
+
labels:
|
|
7754
|
+
pepr.dev/controller: ${type}
|
|
7755
|
+
spec:
|
|
7756
|
+
selector:
|
|
7757
|
+
app: ${svcName}
|
|
7758
|
+
pepr.dev/controller: ${type}
|
|
7759
|
+
ports:
|
|
7760
|
+
- port: 443
|
|
7761
|
+
targetPort: 3000
|
|
7762
|
+
{{- end }}
|
|
7763
|
+
`;
|
|
7764
|
+
}
|
|
7740
7765
|
|
|
7741
7766
|
// src/lib/filesystemService.ts
|
|
7742
7767
|
var import_fs = require("fs");
|
|
@@ -7752,7 +7777,7 @@ async function createDirectoryIfNotExists(path4) {
|
|
|
7752
7777
|
}
|
|
7753
7778
|
}
|
|
7754
7779
|
|
|
7755
|
-
// src/lib/assets/
|
|
7780
|
+
// src/lib/assets/environment.ts
|
|
7756
7781
|
function genEnv(config, watchMode = false, ignoreWatchMode = false) {
|
|
7757
7782
|
const noWatchDef = {
|
|
7758
7783
|
PEPR_PRETTY_LOG: "false",
|
|
@@ -8090,7 +8115,7 @@ function resolveIgnoreNamespaces(ignoredNSConfig = []) {
|
|
|
8090
8115
|
}
|
|
8091
8116
|
|
|
8092
8117
|
// src/lib/assets/yaml/overridesFile.ts
|
|
8093
|
-
async function overridesFile({ hash, name: name2, image, config, apiPath, capabilities }, path4, imagePullSecrets) {
|
|
8118
|
+
async function overridesFile({ hash, name: name2, image, config, apiPath, capabilities }, path4, imagePullSecrets, controllerType = { admission: true, watcher: true }) {
|
|
8094
8119
|
const rbacOverrides = clusterRole(name2, capabilities, config.rbacMode, config.rbac).rules;
|
|
8095
8120
|
const overrides = {
|
|
8096
8121
|
imagePullSecrets,
|
|
@@ -8110,6 +8135,7 @@ async function overridesFile({ hash, name: name2, image, config, apiPath, capabi
|
|
|
8110
8135
|
},
|
|
8111
8136
|
uuid: name2,
|
|
8112
8137
|
admission: {
|
|
8138
|
+
enabled: controllerType.admission === true ? true : false,
|
|
8113
8139
|
antiAffinity: false,
|
|
8114
8140
|
terminationGracePeriodSeconds: 5,
|
|
8115
8141
|
failurePolicy: config.onError === "reject" ? "Fail" : "Ignore",
|
|
@@ -8179,6 +8205,7 @@ async function overridesFile({ hash, name: name2, image, config, apiPath, capabi
|
|
|
8179
8205
|
}
|
|
8180
8206
|
},
|
|
8181
8207
|
watcher: {
|
|
8208
|
+
enabled: controllerType.watcher === true ? true : false,
|
|
8182
8209
|
terminationGracePeriodSeconds: 5,
|
|
8183
8210
|
env: genEnv(config, true, true),
|
|
8184
8211
|
envFrom: [],
|
|
@@ -8386,58 +8413,36 @@ function tlsSecret(name2, tls) {
|
|
|
8386
8413
|
}
|
|
8387
8414
|
};
|
|
8388
8415
|
}
|
|
8389
|
-
|
|
8390
|
-
|
|
8391
|
-
|
|
8392
|
-
|
|
8393
|
-
|
|
8394
|
-
|
|
8395
|
-
|
|
8396
|
-
|
|
8397
|
-
|
|
8398
|
-
|
|
8399
|
-
|
|
8400
|
-
|
|
8401
|
-
selector: {
|
|
8402
|
-
app: name2,
|
|
8403
|
-
"pepr.dev/controller": "admission"
|
|
8404
|
-
},
|
|
8405
|
-
ports: [
|
|
8406
|
-
{
|
|
8407
|
-
port: 443,
|
|
8408
|
-
targetPort: 3e3
|
|
8409
|
-
}
|
|
8410
|
-
]
|
|
8416
|
+
|
|
8417
|
+
// src/lib/assets/assets.ts
|
|
8418
|
+
function norWatchOrAdmission(capabilities) {
|
|
8419
|
+
return !isAdmission(capabilities) && !isWatcher(capabilities);
|
|
8420
|
+
}
|
|
8421
|
+
function isAdmission(capabilities) {
|
|
8422
|
+
for (const capability of capabilities) {
|
|
8423
|
+
const admissionBindings = capability.bindings.filter(
|
|
8424
|
+
(binding) => binding.isFinalize || binding.isMutate || binding.isValidate
|
|
8425
|
+
);
|
|
8426
|
+
if (admissionBindings.length > 0) {
|
|
8427
|
+
return true;
|
|
8411
8428
|
}
|
|
8412
|
-
}
|
|
8429
|
+
}
|
|
8430
|
+
return false;
|
|
8413
8431
|
}
|
|
8414
|
-
function
|
|
8415
|
-
|
|
8416
|
-
|
|
8417
|
-
|
|
8418
|
-
metadata: {
|
|
8419
|
-
name: `${name2}-watcher`,
|
|
8420
|
-
namespace: "pepr-system",
|
|
8421
|
-
labels: {
|
|
8422
|
-
"pepr.dev/controller": "watcher"
|
|
8423
|
-
}
|
|
8424
|
-
},
|
|
8425
|
-
spec: {
|
|
8426
|
-
selector: {
|
|
8427
|
-
app: `${name2}-watcher`,
|
|
8428
|
-
"pepr.dev/controller": "watcher"
|
|
8429
|
-
},
|
|
8430
|
-
ports: [
|
|
8431
|
-
{
|
|
8432
|
-
port: 443,
|
|
8433
|
-
targetPort: 3e3
|
|
8434
|
-
}
|
|
8435
|
-
]
|
|
8432
|
+
function isWatcher(capabilities) {
|
|
8433
|
+
for (const capability of capabilities) {
|
|
8434
|
+
if (capability.hasSchedule) {
|
|
8435
|
+
return true;
|
|
8436
8436
|
}
|
|
8437
|
-
|
|
8437
|
+
const watcherBindings = capability.bindings.filter(
|
|
8438
|
+
(binding) => binding.isFinalize || binding.isWatch || binding.isQueue
|
|
8439
|
+
);
|
|
8440
|
+
if (watcherBindings.length > 0) {
|
|
8441
|
+
return true;
|
|
8442
|
+
}
|
|
8443
|
+
}
|
|
8444
|
+
return false;
|
|
8438
8445
|
}
|
|
8439
|
-
|
|
8440
|
-
// src/lib/assets/assets.ts
|
|
8441
8446
|
var Assets = class {
|
|
8442
8447
|
name;
|
|
8443
8448
|
tls;
|
|
@@ -8469,7 +8474,7 @@ var Assets = class {
|
|
|
8469
8474
|
}
|
|
8470
8475
|
zarfYaml = (zarfYamlGenerator, path4) => zarfYamlGenerator(this, path4, "manifests");
|
|
8471
8476
|
zarfYamlChart = (zarfYamlGenerator, path4) => zarfYamlGenerator(this, path4, "charts");
|
|
8472
|
-
allYaml = async (yamlGenerationFunction,
|
|
8477
|
+
allYaml = async (yamlGenerationFunction, getControllerManifests, imagePullSecret) => {
|
|
8473
8478
|
this.capabilities = await loadCapabilities(this.path);
|
|
8474
8479
|
for (const capability of this.capabilities) {
|
|
8475
8480
|
namespaceComplianceValidator(capability, this.alwaysIgnore?.namespaces);
|
|
@@ -8483,16 +8488,30 @@ var Assets = class {
|
|
|
8483
8488
|
const code = await import_fs3.promises.readFile(this.path);
|
|
8484
8489
|
const moduleHash = import_crypto.default.createHash("sha256").update(code).digest("hex");
|
|
8485
8490
|
const deployments = {
|
|
8486
|
-
|
|
8487
|
-
|
|
8491
|
+
admission: getControllerManifests.getDeploymentFunction(
|
|
8492
|
+
this,
|
|
8493
|
+
moduleHash,
|
|
8494
|
+
this.buildTimestamp,
|
|
8495
|
+
imagePullSecret
|
|
8496
|
+
),
|
|
8497
|
+
watch: getControllerManifests.getWatcherFunction(
|
|
8498
|
+
this,
|
|
8499
|
+
moduleHash,
|
|
8500
|
+
this.buildTimestamp,
|
|
8501
|
+
imagePullSecret
|
|
8502
|
+
)
|
|
8488
8503
|
};
|
|
8489
|
-
|
|
8504
|
+
const services = {
|
|
8505
|
+
admission: getControllerManifests.getServiceFunction(this.name, this),
|
|
8506
|
+
watch: getControllerManifests.getWatcherServiceFunction(this.name, this)
|
|
8507
|
+
};
|
|
8508
|
+
return yamlGenerationFunction(this, deployments, services);
|
|
8490
8509
|
};
|
|
8491
8510
|
writeWebhookFiles = async (validateWebhook, mutateWebhook, helm) => {
|
|
8492
8511
|
if (validateWebhook || mutateWebhook) {
|
|
8493
8512
|
await import_fs3.promises.writeFile(
|
|
8494
8513
|
helm.files.admissionDeploymentYaml,
|
|
8495
|
-
dedent(admissionDeployTemplate(this.buildTimestamp))
|
|
8514
|
+
dedent(admissionDeployTemplate(this.buildTimestamp, "admission"))
|
|
8496
8515
|
);
|
|
8497
8516
|
await import_fs3.promises.writeFile(
|
|
8498
8517
|
helm.files.admissionServiceMonitorYaml,
|
|
@@ -8531,8 +8550,14 @@ var Assets = class {
|
|
|
8531
8550
|
() => dedent(chartYaml(this.config.uuid, this.config.description || ""))
|
|
8532
8551
|
],
|
|
8533
8552
|
[helm.files.namespaceYaml, () => dedent(namespaceTemplate())],
|
|
8534
|
-
[
|
|
8535
|
-
|
|
8553
|
+
[
|
|
8554
|
+
helm.files.watcherServiceYaml,
|
|
8555
|
+
() => dedent(serviceTemplate(this.name, "watcher"))
|
|
8556
|
+
],
|
|
8557
|
+
[
|
|
8558
|
+
helm.files.admissionServiceYaml,
|
|
8559
|
+
() => dedent(serviceTemplate(this.name, "admission"))
|
|
8560
|
+
],
|
|
8536
8561
|
[helm.files.tlsSecretYaml, () => toYaml(tlsSecret(this.name, this.tls))],
|
|
8537
8562
|
[
|
|
8538
8563
|
helm.files.apiPathSecretYaml,
|
|
@@ -8557,7 +8582,10 @@ var Assets = class {
|
|
|
8557
8582
|
apiPath: this.apiPath,
|
|
8558
8583
|
capabilities: this.capabilities
|
|
8559
8584
|
};
|
|
8560
|
-
await overridesFile(overrideData, helm.files.valuesYaml, this.imagePullSecrets
|
|
8585
|
+
await overridesFile(overrideData, helm.files.valuesYaml, this.imagePullSecrets, {
|
|
8586
|
+
admission: isAdmission(this.capabilities) || norWatchOrAdmission(this.capabilities),
|
|
8587
|
+
watcher: isWatcher(this.capabilities)
|
|
8588
|
+
});
|
|
8561
8589
|
const webhooks = {
|
|
8562
8590
|
mutate: await webhookGeneratorFunction(
|
|
8563
8591
|
this,
|
|
@@ -8575,7 +8603,7 @@ var Assets = class {
|
|
|
8575
8603
|
if (watchDeployment) {
|
|
8576
8604
|
await import_fs3.promises.writeFile(
|
|
8577
8605
|
helm.files.watcherDeploymentYaml,
|
|
8578
|
-
dedent(watcherDeployTemplate(this.buildTimestamp))
|
|
8606
|
+
dedent(watcherDeployTemplate(this.buildTimestamp, "watcher"))
|
|
8579
8607
|
);
|
|
8580
8608
|
await import_fs3.promises.writeFile(
|
|
8581
8609
|
helm.files.watcherServiceMonitorYaml,
|
|
@@ -8822,8 +8850,8 @@ var tsconfig_module_default = {
|
|
|
8822
8850
|
emitDeclarationOnly: true,
|
|
8823
8851
|
esModuleInterop: true,
|
|
8824
8852
|
lib: ["ES2022"],
|
|
8825
|
-
module: "
|
|
8826
|
-
moduleResolution: "
|
|
8853
|
+
module: "NodeNext",
|
|
8854
|
+
moduleResolution: "NodeNext",
|
|
8827
8855
|
outDir: "dist",
|
|
8828
8856
|
resolveJsonModule: true,
|
|
8829
8857
|
rootDir: ".",
|
|
@@ -8839,7 +8867,7 @@ var gitIgnore = "# Ignore node_modules and Pepr build artifacts\nnode_modules\nd
|
|
|
8839
8867
|
var readmeMd = '# Pepr Module\n\nThis is a Pepr Module. [Pepr](https://github.com/defenseunicorns/pepr) is a type-safe Kubernetes middleware system.\n\nThe `capabilities` directory contains all the capabilities for this module. By default,\na capability is a single typescript file in the format of `capability-name.ts` that is\nimported in the root `pepr.ts` file as `import { HelloPepr } from "./capabilities/hello-pepr";`.\nBecause this is typescript, you can organize this however you choose, e.g. creating a sub-folder\nper-capability or common logic in shared files or folders.\n\nExample Structure:\n\n```text\nModule Root\n\u251C\u2500\u2500 package.json\n\u251C\u2500\u2500 pepr.ts\n\u2514\u2500\u2500 capabilities\n \u251C\u2500\u2500 example-one.ts\n \u251C\u2500\u2500 example-three.ts\n \u2514\u2500\u2500 example-two.ts\n```\n';
|
|
8840
8868
|
var peprTS = 'import { PeprModule } from "pepr";\n// cfg loads your pepr configuration from package.json\nimport cfg from "./package.json";\n\n// HelloPepr is a demo capability that is included with Pepr. Comment or delete the line below to remove it.\nimport { HelloPepr } from "./capabilities/hello-pepr";\n\n/**\n * This is the main entrypoint for this Pepr module. It is run when the module is started.\n * This is where you register your Pepr configurations and capabilities.\n */\nnew PeprModule(cfg, [\n // "HelloPepr" is a demo capability that is included with Pepr. Comment or delete the line below to remove it.\n HelloPepr,\n\n // Your additional capabilities go here\n]);\n';
|
|
8841
8869
|
var helloPeprTS = 'import {\n Capability,\n K8s,\n Log,\n PeprMutateRequest,\n RegisterKind,\n a,\n fetch,\n fetchStatus,\n kind,\n} from "pepr";\nimport { MockAgent, setGlobalDispatcher } from "undici";\n\n/**\n * The HelloPepr Capability is an example capability to demonstrate some general concepts of Pepr.\n * To test this capability you run `pepr dev`and then run the following command:\n * `kubectl apply -f capabilities/hello-pepr.samples.yaml`\n */\nexport const HelloPepr = new Capability({\n name: "hello-pepr",\n description: "A simple example capability to show how things work.",\n namespaces: ["pepr-demo", "pepr-demo-2"],\n});\n\n// Use the \'When\' function to create a new action, use \'Store\' to persist data\nconst { When, Store } = HelloPepr;\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Namespace) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action removes the label `remove-me` when a Namespace is created.\n * Note we don\'t need to specify the namespace here, because we\'ve already specified\n * it in the Capability definition above.\n */\nWhen(a.Namespace)\n .IsCreated()\n .Mutate(ns => ns.RemoveLabel("remove-me"));\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Watch Action with K8s SSA (Namespace) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action watches for the `pepr-demo-2` namespace to be created, then creates a ConfigMap with\n * the name `pepr-ssa-demo` and adds the namespace UID to the ConfigMap data. Because Pepr uses\n * server-side apply for this operation, the ConfigMap will be created or updated if it already exists.\n */\nWhen(a.Namespace)\n .IsCreated()\n .WithName("pepr-demo-2")\n .Watch(async ns => {\n Log.info("Namespace pepr-demo-2 was created.");\n\n try {\n // Apply the ConfigMap using K8s server-side apply\n await K8s(kind.ConfigMap).Apply({\n metadata: {\n name: "pepr-ssa-demo",\n namespace: "pepr-demo-2",\n },\n data: {\n "ns-uid": ns.metadata.uid,\n },\n });\n } catch (error) {\n // You can use the Log object to log messages to the Pepr controller pod\n Log.error(error, "Failed to apply ConfigMap using server-side apply.");\n }\n\n // You can share data between actions using the Store, including between different types of actions\n Store.setItem("watch-data", "This data was stored by a Watch Action.");\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 1) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This is a single action. They can be in the same file or put imported from other files.\n * In this example, when a ConfigMap is created with the name `example-1`, then add a label and annotation.\n *\n * Equivalent to manually running:\n * `kubectl label configmap example-1 pepr=was-here`\n * `kubectl annotate configmap example-1 pepr.dev=annotations-work-too`\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .WithName("example-1")\n .Mutate(request => {\n request.SetLabel("pepr", "was-here").SetAnnotation("pepr.dev", "annotations-work-too");\n\n // Use the Store to persist data between requests and Pepr controller pods\n Store.setItem("example-1", "was-here");\n\n // This data is written asynchronously and can be read back via `Store.getItem()` or `Store.subscribe()`\n Store.setItem("example-1-data", JSON.stringify(request.Raw.data));\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate & Validate Actions (CM Example 2) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This combines 3 different types of actions: \'Mutate\', \'Validate\', and \'Watch\'. The order\n * of the actions is required, but each action is optional. In this example, when a ConfigMap is created\n * with the name `example-2`, then add a label and annotation, validate that the ConfigMap has the label\n * `pepr`, and log the request.\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .WithName("example-2")\n .Mutate(request => {\n // This Mutate Action will mutate the request before it is persisted to the cluster\n\n // Use `request.Merge()` to merge the new data with the existing data\n request.Merge({\n metadata: {\n labels: {\n pepr: "was-here",\n },\n annotations: {\n "pepr.dev": "annotations-work-too",\n },\n },\n });\n })\n .Validate(request => {\n // This Validate Action will validate the request before it is persisted to the cluster\n\n // Approve the request if the ConfigMap has the label \'pepr\'\n if (request.HasLabel("pepr")) {\n return request.Approve();\n }\n\n // Otherwise, deny the request with an error message (optional)\n return request.Deny("ConfigMap must have label \'pepr\'");\n })\n .Watch((cm, phase) => {\n // This Watch Action will watch the ConfigMap after it has been persisted to the cluster\n Log.info(cm, `ConfigMap was ${phase} with the name example-2`);\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 2a) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action shows a simple validation that will deny any ConfigMap that has the\n * annotation `evil`. Note that the `Deny()` function takes an optional second parameter that is a\n * user-defined status code to return.\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .Validate(request => {\n if (request.HasAnnotation("evil")) {\n return request.Deny("No evil CM annotations allowed.", 400);\n }\n\n return request.Approve();\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 3) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action combines different styles. Unlike the previous actions, this one will look\n * for any ConfigMap in the `pepr-demo` namespace that has the label `change=by-label` during either\n * CREATE or UPDATE. Note that all conditions added such as `WithName()`, `WithLabel()`, `InNamespace()`,\n * are ANDs so all conditions must be true for the request to be processed.\n */\nWhen(a.ConfigMap)\n .IsCreatedOrUpdated()\n .WithLabel("change", "by-label")\n .Mutate(request => {\n // The K8s object e are going to mutate\n const cm = request.Raw;\n\n // Get the username and uid of the K8s request\n const { username, uid } = request.Request.userInfo;\n\n // Store some data about the request in the configmap\n cm.data["username"] = username;\n cm.data["uid"] = uid;\n\n // You can still mix other ways of making changes too\n request.SetAnnotation("pepr.dev", "making-waves");\n });\n\n// This action validates the label `change=by-label` is deleted\nWhen(a.ConfigMap)\n .IsDeleted()\n .WithLabel("change", "by-label")\n .Validate(request => {\n // Log and then always approve the request\n Log.info("CM with label \'change=by-label\' was deleted.");\n return request.Approve();\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 4) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action show how you can use the `Mutate()` function without an inline function.\n * This is useful if you want to keep your actions small and focused on a single task,\n * or if you want to reuse the same function in multiple actions.\n */\nWhen(a.ConfigMap).IsCreated().WithName("example-4").Mutate(example4Cb);\n\n// This function uses the complete type definition, but is not required.\nfunction example4Cb(cm: PeprMutateRequest<a.ConfigMap>): void {\n cm.SetLabel("pepr.dev/first", "true");\n cm.SetLabel("pepr.dev/second", "true");\n cm.SetLabel("pepr.dev/third", "true");\n}\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 4a) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This is the same as Example 4, except this only operates on a CM in the `pepr-demo-2` namespace.\n * Note because the Capability defines namespaces, the namespace specified here must be one of those.\n * Alternatively, you can remove the namespace from the Capability definition and specify it here.\n */\nWhen(a.ConfigMap).IsCreated().InNamespace("pepr-demo-2").WithName("example-4a").Mutate(example4Cb);\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (CM Example 5) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This action is a bit more complex. It will look for any ConfigMap in the `pepr-demo`\n * namespace that has the label `chuck-norris` during CREATE. When it finds one, it will fetch a\n * random Chuck Norris joke from the API and add it to the ConfigMap. This is a great example of how\n * you can use Pepr to make changes to your K8s objects based on external data.\n *\n * Note the use of the `async` keyword. This is required for any action that uses `await` or `fetch()`.\n *\n * Also note we are passing a type to the `fetch()` function. This is optional, but it will help you\n * avoid mistakes when working with the data returned from the API. You can also use the `as` keyword to\n * cast the data returned from the API.\n *\n * These are equivalent:\n * ```ts\n * const joke = await fetch<TheChuckNorrisJoke>("https://icanhazdadjoke.com/");\n * const joke = await fetch("https://icanhazdadjoke.com/") as TheChuckNorrisJoke;\n * ```\n *\n * Alternatively, you can drop the type completely:\n *\n * ```ts\n * fetch("https://icanhazdadjoke.com")\n * ```\n */\ninterface TheChuckNorrisJoke {\n id: string;\n joke: string;\n status: number;\n}\n\nWhen(a.ConfigMap)\n .IsCreatedOrUpdated()\n .WithLabel("chuck-norris")\n .Mutate(cm => cm.SetLabel("got-jokes", "true"))\n .Watch(async cm => {\n const jokeURL = "https://icanhazdadjoke.com";\n\n const mockAgent: MockAgent = new MockAgent();\n setGlobalDispatcher(mockAgent);\n const mockClient = mockAgent.get(jokeURL);\n mockClient.intercept({ path: "/", method: "GET" }).reply(\n 200,\n {\n id: "R7UfaahVfFd",\n joke: "Funny joke goes here.",\n status: 200,\n },\n {\n headers: {\n "Content-Type": "application/json; charset=utf-8",\n },\n },\n );\n\n // Try/catch is not needed as a response object will always be returned\n const response = await fetch<TheChuckNorrisJoke>(jokeURL, {\n headers: {\n Accept: "application/json",\n },\n });\n\n // Instead, check the `response.ok` field\n if (response.ok) {\n const { joke } = response.data;\n // Add Joke to the Store\n await Store.setItemAndWait(jokeURL, joke);\n // Add the Chuck Norris joke to the configmap\n try {\n await K8s(kind.ConfigMap).Apply({\n metadata: {\n name: cm.metadata.name,\n namespace: cm.metadata.namespace,\n },\n data: {\n "chuck-says": Store.getItem(jokeURL),\n },\n });\n } catch (error) {\n Log.error(error, "Failed to apply ConfigMap using server-side apply.", {\n cm,\n });\n }\n }\n\n // You can also assert on different HTTP response codes\n if (response.status === fetchStatus.NOT_FOUND) {\n // Do something else\n return;\n }\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Secret Base64 Handling) *\n * ---------------------------------------------------------------------------------------------------\n *\n * The K8s JS client provides incomplete support for base64 encoding/decoding handling for secrets,\n * unlike the GO client. To make this less painful, Pepr automatically handles base64 encoding/decoding\n * secret data before and after the action is executed.\n */\nWhen(a.Secret)\n .IsCreated()\n .WithName("secret-1")\n .Mutate(request => {\n const secret = request.Raw;\n\n // This will be encoded at the end of all processing back to base64: "Y2hhbmdlLXdpdGhvdXQtZW5jb2Rpbmc="\n secret.data.magic = "change-without-encoding";\n\n // You can modify the data directly, and it will be encoded at the end of all processing\n secret.data.example += " - modified by Pepr";\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Untyped Custom Resource) *\n * ---------------------------------------------------------------------------------------------------\n *\n * Out of the box, Pepr supports all the standard Kubernetes objects. However, you can also create\n * your own types. This is useful if you are working with an Operator that creates custom resources.\n * There are two ways to do this, the first is to use the `When()` function with a `GenericKind`,\n * the second is to create a new class that extends `GenericKind` and use the `RegisterKind()` function.\n *\n * This example shows how to use the `When()` function with a `GenericKind`. Note that you\n * must specify the `group`, `version`, and `kind` of the object (if applicable). This is how Pepr knows\n * if the action should be triggered or not. Since we are using a `GenericKind`,\n * Pepr will not be able to provide any intellisense for the object, so you will need to refer to the\n * Kubernetes API documentation for the object you are working with.\n *\n * You will need to wait for the CRD in `hello-pepr.samples.yaml` to be created, then you can apply\n *\n * ```yaml\n * apiVersion: pepr.dev/v1\n * kind: Unicorn\n * metadata:\n * name: example-1\n * namespace: pepr-demo\n * spec:\n * message: replace-me\n * counter: 0\n * ```\n */\nWhen(a.GenericKind, {\n group: "pepr.dev",\n version: "v1",\n kind: "Unicorn",\n})\n .IsCreated()\n .WithName("example-1")\n .Mutate(request => {\n request.Merge({\n spec: {\n message: "Hello Pepr without type data!",\n counter: Math.random(),\n },\n });\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * Mutate Action (Typed Custom Resource) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This example shows how to use the `RegisterKind()` function to create a new type. This is useful\n * if you are working with an Operator that creates custom resources and you want to have intellisense\n * for the object. Note that you must specify the `group`, `version`, and `kind` of the object (if applicable)\n * as this is how Pepr knows if the action should be triggered or not.\n *\n * Once you register a new Kind with Pepr, you can use the `When()` function with the new Kind. Ideally,\n * you should register custom Kinds at the top of your Capability file or Pepr Module so they are available\n * to all actions, but we are putting it here for demonstration purposes.\n *\n * You will need to wait for the CRD in `hello-pepr.samples.yaml` to be created, then you can apply\n *\n * ```yaml\n * apiVersion: pepr.dev/v1\n * kind: Unicorn\n * metadata:\n * name: example-2\n * namespace: pepr-demo\n * spec:\n * message: replace-me\n * counter: 0\n * ```*\n */\nclass UnicornKind extends a.GenericKind {\n spec: {\n /**\n * JSDoc comments can be added to explain more details about the field.\n *\n * @example\n * ```ts\n * request.Raw.spec.message = "Hello Pepr!";\n * ```\n * */\n message: string;\n counter: number;\n };\n}\n\nRegisterKind(UnicornKind, {\n group: "pepr.dev",\n version: "v1",\n kind: "Unicorn",\n});\n\nWhen(UnicornKind)\n .IsCreated()\n .WithName("example-2")\n .Mutate(request => {\n request.Merge({\n spec: {\n message: "Hello Pepr with type data!",\n counter: Math.random(),\n },\n });\n });\n\n/**\n * A callback function that is called once the Pepr Store is fully loaded.\n */\nStore.onReady(data => {\n Log.info(data, "Pepr Store Ready");\n});\n';
|
|
8842
|
-
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!src/fixtures/**", "!dist/**/*.test.d.ts*"], version: "0.
|
|
8870
|
+
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, files: ["/dist", "/src", "!src/**/*.test.ts", "!src/fixtures/**", "!dist/**/*.test.d.ts*"], version: "0.52.0", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { build: "tsc -p config/tsconfig.root.json && node build.mjs && npm pack", "build:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev .", "build:image:unicorn": "npm run build && docker buildx build --output type=docker --tag pepr/private:dev $(node scripts/read-unicorn-build-args.mjs) .", ci: "npm ci", "format:check": "npm run format:src && npm run format:tests && npm run format:markdown && npm run format:integration && npm run format:prettier -- --check", "format:fix": "npm run format:src -- --fix && npm run format:markdown -- --fix && npm run format:integration -- --fix && npm run format:prettier -- --write", "format:integration": "eslint --config config/eslint.integration.config.mjs integration/cli integration/helpers", "format:markdown": 'npx -y markdownlint-cli --config config/.markdownlint.json --ignore adr --ignore integration/testroot --ignore pepr-test-module --ignore node_modules "**/*.md"', "format:prettier": "prettier --config config/.prettierrc src integration/cli/**/*.ts integration/helpers/**/*.ts", "format:src": "eslint --config config/eslint.root.config.mjs 'src/**/*.ts' --ignore-pattern '**/*.test.ts' --ignore-pattern 'src/templates/**'", "format:tests": "eslint --config config/eslint.test.config.mjs 'src/**/*.test.ts'", "gen-data-json": "node hack/build-template-data.js", prebuild: "rm -fr dist/* && npm run gen-data-json", prepare: `if [ "$NODE_ENV" != 'production' ]; then husky; fi`, "set:version": "node scripts/set-version.js", test: "npm run test:unit && npm run test:journey && npm run test:journey-wasm", "test:artifacts": "npm run build && vitest run src/build-artifact.test.ts", "test:docs": "vitest run --config=config/vitest.integration.config.ts integration/cli/docs/*.test.ts", "test:integration": "npm run test:integration:prep && npm run test:integration:run", "test:integration:prep": "./integration/prep.sh", "test:integration:run": "vitest run --config=config/vitest.integration.config.ts integration", "test:journey": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run", "test:journey-wasm": "npm run test:journey:k3d && npm run build && npm run test:journey:image && npm run test:journey:run-wasm", "test:journey-wasm:unicorn": "npm run test:journey:k3d && npm run build && npm run test:journey:image:unicorn && npm run test:journey:run-wasm", "test:journey:image": "npm run build && docker buildx build --output type=docker --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:journey:image:unicorn": "npm run build && docker buildx build --output type=docker --tag pepr/private:dev $(node scripts/read-unicorn-build-args.mjs) . && k3d image import pepr/private:dev -c pepr-dev", "test:journey:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0' --wait && kubectl rollout status deployment -n kube-system", "test:journey:run": "vitest run --config=config/vitest.journey.config.ts journey/entrypoint.test.ts", "test:journey:run-wasm": "vitest run --config=config/vitest.journey.config.ts journey/entrypoint-wasm.test.ts", "test:journey:unicorn": "npm run test:journey:k3d && npm run test:journey:image:unicorn && npm run test:journey:run", "test:unit": "npm run gen-data-json && NODE_OPTIONS=--no-deprecation vitest --config config/vitest.root.config.ts run --coverage", "test:upgrade:unicorn": "npm run test:journey:k3d && npm run test:journey:image:unicorn && vitest run integration/cluster/upgrade.test.ts", "test:upgrade:upstream": "npm run test:journey:k3d && npm run test:journey:image && vitest run integration/cluster/upgrade.test.ts" }, dependencies: { "@types/ramda": "0.30.2", commander: "14.0.0", express: "5.1.0", "fast-json-patch": "3.1.1", heredoc: "^1.3.1", "http-status-codes": "^2.3.0", "json-pointer": "^0.6.2", "kubernetes-fluent-client": "3.8.1", pino: "9.7.0", "pino-pretty": "13.0.0", "prom-client": "15.1.3", ramda: "0.31.3", sigstore: "3.1.0", "ts-morph": "^26.0.0" }, devDependencies: { "@commitlint/cli": "19.8.1", "@commitlint/config-conventional": "19.8.1", "@fast-check/vitest": "^0.2.1", "@types/eslint": "9.6.1", "@types/express": "5.0.3", "@types/json-pointer": "^1.0.34", "@types/node": "24.x.x", "@types/node-forge": "1.3.13", "@types/uuid": "10.0.0", "@types/ws": "^8.18.1", "@vitest/coverage-v8": "^3.2.3", "fast-check": "^4.0.0", globals: "^16.0.0", husky: "^9.1.6", "js-yaml": "^4.1.0", shellcheck: "^3.0.0", tsx: "^4.20.3", undici: "^7.0.1", vitest: "^3.2.3" }, overrides: { glob: "^9.0.0" }, peerDependencies: { "@types/prompts": "2.4.9", "@typescript-eslint/eslint-plugin": "8.33.0", "@typescript-eslint/parser": "8.33.0", esbuild: "0.25.5", eslint: "^9.26.0", "node-forge": "1.3.1", prettier: "3.5.3", prompts: "2.4.2", typescript: "5.8.3", uuid: "11.1.0" } };
|
|
8843
8871
|
|
|
8844
8872
|
// src/cli/init/utils.ts
|
|
8845
8873
|
var import_fs4 = require("fs");
|
|
@@ -9038,12 +9066,12 @@ async function peprFormat(validateOnly) {
|
|
|
9038
9066
|
const formatter = await eslint2.loadFormatter("stylish");
|
|
9039
9067
|
const resultText = await formatter.format(results, {});
|
|
9040
9068
|
if (resultText) {
|
|
9041
|
-
|
|
9069
|
+
logger_default.info(resultText);
|
|
9042
9070
|
}
|
|
9043
9071
|
if (!validateOnly) {
|
|
9044
9072
|
await import_eslint.ESLint.outputFixes(results);
|
|
9045
9073
|
}
|
|
9046
|
-
hasFailure = await formatWithPrettier(results, validateOnly);
|
|
9074
|
+
hasFailure = hasFailure || await formatWithPrettier(results, validateOnly);
|
|
9047
9075
|
return !hasFailure;
|
|
9048
9076
|
} catch (e) {
|
|
9049
9077
|
console.error(`Error formatting module:`, e);
|
|
@@ -9078,7 +9106,7 @@ var import_fs9 = require("fs");
|
|
|
9078
9106
|
var import_crypto2 = __toESM(require("crypto"));
|
|
9079
9107
|
var import_client_node4 = require("@kubernetes/client-node");
|
|
9080
9108
|
|
|
9081
|
-
// src/lib/assets/
|
|
9109
|
+
// src/lib/assets/k8sObjects.ts
|
|
9082
9110
|
var import_zlib = require("zlib");
|
|
9083
9111
|
function getNamespace(namespaceLabels) {
|
|
9084
9112
|
if (namespaceLabels) {
|
|
@@ -9101,20 +9129,11 @@ function getNamespace(namespaceLabels) {
|
|
|
9101
9129
|
}
|
|
9102
9130
|
}
|
|
9103
9131
|
function getWatcher(assets, hash, buildTimestamp, imagePullSecret) {
|
|
9104
|
-
const { name: name2, image,
|
|
9105
|
-
|
|
9106
|
-
const app = `${name2}-watcher`;
|
|
9107
|
-
const bindings = [];
|
|
9108
|
-
for (const capability of capabilities) {
|
|
9109
|
-
if (capability.hasSchedule) {
|
|
9110
|
-
hasSchedule = true;
|
|
9111
|
-
}
|
|
9112
|
-
const watchers = capability.bindings.filter((binding) => binding.isWatch);
|
|
9113
|
-
bindings.push(...watchers);
|
|
9114
|
-
}
|
|
9115
|
-
if (bindings.length < 1 && !hasSchedule) {
|
|
9132
|
+
const { name: name2, image, config } = assets;
|
|
9133
|
+
if (!isWatcher(assets.capabilities)) {
|
|
9116
9134
|
return null;
|
|
9117
9135
|
}
|
|
9136
|
+
const app = `${name2}-watcher`;
|
|
9118
9137
|
const deploy = {
|
|
9119
9138
|
apiVersion: "apps/v1",
|
|
9120
9139
|
kind: "Deployment",
|
|
@@ -9247,6 +9266,9 @@ function getWatcher(assets, hash, buildTimestamp, imagePullSecret) {
|
|
|
9247
9266
|
function getDeployment(assets, hash, buildTimestamp, imagePullSecret) {
|
|
9248
9267
|
const { name: name2, image, config } = assets;
|
|
9249
9268
|
const app = name2;
|
|
9269
|
+
if (!isAdmission(assets.capabilities) && !norWatchOrAdmission(assets.capabilities)) {
|
|
9270
|
+
return null;
|
|
9271
|
+
}
|
|
9250
9272
|
const deploy = {
|
|
9251
9273
|
apiVersion: "apps/v1",
|
|
9252
9274
|
kind: "Deployment",
|
|
@@ -9407,6 +9429,62 @@ function getModuleSecret(name2, data, hash) {
|
|
|
9407
9429
|
};
|
|
9408
9430
|
}
|
|
9409
9431
|
}
|
|
9432
|
+
function service(name2, assets) {
|
|
9433
|
+
if (!isAdmission(assets.capabilities) && !norWatchOrAdmission(assets.capabilities)) {
|
|
9434
|
+
return null;
|
|
9435
|
+
}
|
|
9436
|
+
return {
|
|
9437
|
+
apiVersion: "v1",
|
|
9438
|
+
kind: "Service",
|
|
9439
|
+
metadata: {
|
|
9440
|
+
name: name2,
|
|
9441
|
+
namespace: "pepr-system",
|
|
9442
|
+
labels: {
|
|
9443
|
+
"pepr.dev/controller": "admission"
|
|
9444
|
+
}
|
|
9445
|
+
},
|
|
9446
|
+
spec: {
|
|
9447
|
+
selector: {
|
|
9448
|
+
app: name2,
|
|
9449
|
+
"pepr.dev/controller": "admission"
|
|
9450
|
+
},
|
|
9451
|
+
ports: [
|
|
9452
|
+
{
|
|
9453
|
+
port: 443,
|
|
9454
|
+
targetPort: 3e3
|
|
9455
|
+
}
|
|
9456
|
+
]
|
|
9457
|
+
}
|
|
9458
|
+
};
|
|
9459
|
+
}
|
|
9460
|
+
function watcherService(name2, assets) {
|
|
9461
|
+
if (!isWatcher(assets.capabilities)) {
|
|
9462
|
+
return null;
|
|
9463
|
+
}
|
|
9464
|
+
return {
|
|
9465
|
+
apiVersion: "v1",
|
|
9466
|
+
kind: "Service",
|
|
9467
|
+
metadata: {
|
|
9468
|
+
name: `${name2}-watcher`,
|
|
9469
|
+
namespace: "pepr-system",
|
|
9470
|
+
labels: {
|
|
9471
|
+
"pepr.dev/controller": "watcher"
|
|
9472
|
+
}
|
|
9473
|
+
},
|
|
9474
|
+
spec: {
|
|
9475
|
+
selector: {
|
|
9476
|
+
app: `${name2}-watcher`,
|
|
9477
|
+
"pepr.dev/controller": "watcher"
|
|
9478
|
+
},
|
|
9479
|
+
ports: [
|
|
9480
|
+
{
|
|
9481
|
+
port: 443,
|
|
9482
|
+
targetPort: 3e3
|
|
9483
|
+
}
|
|
9484
|
+
]
|
|
9485
|
+
}
|
|
9486
|
+
};
|
|
9487
|
+
}
|
|
9410
9488
|
|
|
9411
9489
|
// src/lib/assets/yaml/generateAllYaml.ts
|
|
9412
9490
|
var import_fs8 = require("fs");
|
|
@@ -9495,24 +9573,37 @@ async function webhookConfigGenerator(assets, mutateOrValidate, timeoutSeconds =
|
|
|
9495
9573
|
}
|
|
9496
9574
|
|
|
9497
9575
|
// src/lib/assets/yaml/generateAllYaml.ts
|
|
9498
|
-
|
|
9576
|
+
function pushControllerManifests(resources, deployments, services) {
|
|
9577
|
+
if (deployments.watch) {
|
|
9578
|
+
resources.push(deployments.watch);
|
|
9579
|
+
}
|
|
9580
|
+
if (deployments.admission) {
|
|
9581
|
+
resources.push(deployments.admission);
|
|
9582
|
+
}
|
|
9583
|
+
if (services.admission) {
|
|
9584
|
+
resources.push(services.admission);
|
|
9585
|
+
}
|
|
9586
|
+
if (services.watch) {
|
|
9587
|
+
resources.push(services.watch);
|
|
9588
|
+
}
|
|
9589
|
+
return resources;
|
|
9590
|
+
}
|
|
9591
|
+
async function generateAllYaml(assets, deployments, services) {
|
|
9499
9592
|
const { name: name2, tls, apiPath, path: path4, config } = assets;
|
|
9500
9593
|
const code = await import_fs8.promises.readFile(path4);
|
|
9501
9594
|
const hash = import_crypto2.default.createHash("sha256").update(code).digest("hex");
|
|
9502
|
-
|
|
9595
|
+
let resources = [
|
|
9503
9596
|
getNamespace(assets.config.customLabels?.namespace),
|
|
9504
9597
|
clusterRole(name2, assets.capabilities, config.rbacMode, config.rbac),
|
|
9505
9598
|
clusterRoleBinding(name2),
|
|
9506
9599
|
serviceAccount(name2),
|
|
9507
9600
|
apiPathSecret(name2, apiPath),
|
|
9508
9601
|
tlsSecret(name2, tls),
|
|
9509
|
-
deployments.default,
|
|
9510
|
-
service(name2),
|
|
9511
|
-
watcherService(name2),
|
|
9512
9602
|
getModuleSecret(name2, code, hash),
|
|
9513
9603
|
storeRole(name2),
|
|
9514
9604
|
storeRoleBinding(name2)
|
|
9515
9605
|
];
|
|
9606
|
+
resources = pushControllerManifests(resources, deployments, services);
|
|
9516
9607
|
const webhooks = {
|
|
9517
9608
|
mutate: await webhookConfigGenerator(assets, "mutate" /* MUTATE */, assets.config.webhookTimeout),
|
|
9518
9609
|
validate: await webhookConfigGenerator(
|
|
@@ -9521,7 +9612,7 @@ async function generateAllYaml(assets, deployments) {
|
|
|
9521
9612
|
assets.config.webhookTimeout
|
|
9522
9613
|
)
|
|
9523
9614
|
};
|
|
9524
|
-
const additionalResources = [webhooks.mutate, webhooks.validate
|
|
9615
|
+
const additionalResources = [webhooks.mutate, webhooks.validate].filter(
|
|
9525
9616
|
(resource) => resource !== null && resource !== void 0
|
|
9526
9617
|
);
|
|
9527
9618
|
resources.push(...additionalResources);
|
|
@@ -9585,18 +9676,15 @@ function determineRbacMode(opts, cfg) {
|
|
|
9585
9676
|
}
|
|
9586
9677
|
return cfg.pepr.rbacMode || "admin";
|
|
9587
9678
|
}
|
|
9588
|
-
async function
|
|
9589
|
-
|
|
9590
|
-
|
|
9591
|
-
|
|
9592
|
-
|
|
9593
|
-
|
|
9594
|
-
|
|
9595
|
-
|
|
9596
|
-
process.exit(1);
|
|
9597
|
-
}
|
|
9679
|
+
async function createOutputDirectory(outputDir2) {
|
|
9680
|
+
try {
|
|
9681
|
+
const dir = outputDir2 === "" ? "dist" : outputDir2;
|
|
9682
|
+
await createDirectoryIfNotExists(dir);
|
|
9683
|
+
return dir;
|
|
9684
|
+
} catch (error) {
|
|
9685
|
+
console.error(`Error creating output directory: ${error.message}`);
|
|
9686
|
+
process.exit(1);
|
|
9598
9687
|
}
|
|
9599
|
-
return defaultOutputDir;
|
|
9600
9688
|
}
|
|
9601
9689
|
function checkIronBankImage(registry, image, peprVersion) {
|
|
9602
9690
|
return registry === "Iron Bank" ? `registry1.dso.mil/ironbank/opensource/defenseunicorns/pepr/controller:v${peprVersion}` : image;
|
|
@@ -9643,7 +9731,16 @@ async function generateYamlAndWriteToDisk(obj) {
|
|
|
9643
9731
|
const chartPath = `${uuid}-chart`;
|
|
9644
9732
|
const yamlPath = (0, import_path3.resolve)(outputDir2, yamlFile);
|
|
9645
9733
|
try {
|
|
9646
|
-
const yaml = await assets.allYaml(
|
|
9734
|
+
const yaml = await assets.allYaml(
|
|
9735
|
+
generateAllYaml,
|
|
9736
|
+
{
|
|
9737
|
+
getDeploymentFunction: getDeployment,
|
|
9738
|
+
getWatcherFunction: getWatcher,
|
|
9739
|
+
getServiceFunction: service,
|
|
9740
|
+
getWatcherServiceFunction: watcherService
|
|
9741
|
+
},
|
|
9742
|
+
imagePullSecret
|
|
9743
|
+
);
|
|
9647
9744
|
const zarfPath = (0, import_path3.resolve)(outputDir2, "zarf.yaml");
|
|
9648
9745
|
let localZarf = "";
|
|
9649
9746
|
if (zarf === "chart") {
|
|
@@ -9654,7 +9751,7 @@ async function generateYamlAndWriteToDisk(obj) {
|
|
|
9654
9751
|
await import_fs9.promises.writeFile(yamlPath, yaml);
|
|
9655
9752
|
await import_fs9.promises.writeFile(zarfPath, localZarf);
|
|
9656
9753
|
await assets.generateHelmChart(webhookConfigGenerator, getWatcher, getModuleSecret, outputDir2);
|
|
9657
|
-
console.info(
|
|
9754
|
+
console.info(`K8s resource for the module saved to ${yamlPath}`);
|
|
9658
9755
|
} catch (error) {
|
|
9659
9756
|
console.error(`Error generating YAML: ${error}`);
|
|
9660
9757
|
process.exit(1);
|
|
@@ -9665,48 +9762,42 @@ async function generateYamlAndWriteToDisk(obj) {
|
|
|
9665
9762
|
var peprTS2 = "pepr.ts";
|
|
9666
9763
|
var outputDir = "dist";
|
|
9667
9764
|
function build_default(program2) {
|
|
9668
|
-
program2.command("build").description("Build a Pepr Module for deployment").
|
|
9669
|
-
"-
|
|
9670
|
-
|
|
9765
|
+
program2.command("build").description("Build a Pepr Module for deployment").addOption(
|
|
9766
|
+
new import_commander.Option("-M, --rbac-mode <mode>", "Override module config and set RBAC mode.").choices([
|
|
9767
|
+
"admin",
|
|
9768
|
+
"scoped"
|
|
9769
|
+
])
|
|
9671
9770
|
).addOption(
|
|
9672
9771
|
new import_commander.Option(
|
|
9673
|
-
"-
|
|
9674
|
-
"
|
|
9675
|
-
).conflicts(["registryInfo", "registry"])
|
|
9676
|
-
).addOption(
|
|
9677
|
-
new import_commander.Option(
|
|
9678
|
-
"-r, --registry-info [<registry>/<username>]",
|
|
9679
|
-
"Provide the image registry and username for building and pushing a custom WASM container. Requires authentication. Builds and pushes `'registry/username/custom-pepr-controller:<current-version>'`."
|
|
9772
|
+
"-I, --registry-info <registry/username>",
|
|
9773
|
+
"Provide the image registry and username for building and pushing a custom WASM container. Requires authentication. Conflicts with --custom-image and --registry. Builds and pushes `'<registry/username>/custom-pepr-controller:<current-version>'`."
|
|
9680
9774
|
).conflicts(["customImage", "registry"])
|
|
9681
|
-
).option("-
|
|
9682
|
-
|
|
9683
|
-
|
|
9684
|
-
|
|
9775
|
+
).option("-P, --with-pull-secret <name>", "Use image pull secret for controller Deployment.", "").addOption(
|
|
9776
|
+
new import_commander.Option(
|
|
9777
|
+
"-c, --custom-name <name>",
|
|
9778
|
+
"Set name for zarf component and service monitors in helm charts."
|
|
9779
|
+
)
|
|
9780
|
+
).option("-e, --entry-point <file>", "Specify the entry point file to build with.", peprTS2).addOption(
|
|
9781
|
+
new import_commander.Option(
|
|
9782
|
+
"-i, --custom-image <image>",
|
|
9783
|
+
"Specify a custom image with version for deployments. Conflicts with --registry-info and --registry. Example: 'docker.io/username/custom-pepr-controller:v1.0.0'"
|
|
9784
|
+
).conflicts(["registryInfo", "registry"])
|
|
9685
9785
|
).option(
|
|
9686
|
-
"--
|
|
9687
|
-
"
|
|
9688
|
-
|
|
9689
|
-
).addOption(
|
|
9786
|
+
"-n, --no-embed",
|
|
9787
|
+
"Disable embedding of deployment files into output module. Useful when creating library modules intended solely for reuse/distribution via NPM."
|
|
9788
|
+
).option("-o, --output <directory>", "Set output directory.", "dist").addOption(
|
|
9690
9789
|
new import_commander.Option(
|
|
9691
|
-
"--registry <GitHub|Iron Bank>",
|
|
9692
|
-
"Container registry: Choose container registry for deployment manifests.
|
|
9790
|
+
"-r, --registry <GitHub|Iron Bank>",
|
|
9791
|
+
"Container registry: Choose container registry for deployment manifests. Conflicts with --custom-image and --registry-info."
|
|
9693
9792
|
).conflicts(["customImage", "registryInfo"]).choices(["GitHub", "Iron Bank"])
|
|
9793
|
+
).option(
|
|
9794
|
+
"-t, --timeout <seconds>",
|
|
9795
|
+
"How long the API server should wait for a webhook to respond before treating the call as a failure.",
|
|
9796
|
+
parseTimeout
|
|
9694
9797
|
).addOption(
|
|
9695
|
-
new import_commander.Option(
|
|
9696
|
-
"-z, --zarf [manifest|chart]",
|
|
9697
|
-
"Zarf package type: manifest, chart (default: manifest)"
|
|
9698
|
-
).choices(["manifest", "chart"]).default("manifest")
|
|
9699
|
-
).addOption(
|
|
9700
|
-
new import_commander.Option("--rbac-mode [admin|scoped]", "Rbac Mode: admin, scoped (default: admin)").choices(
|
|
9701
|
-
["admin", "scoped"]
|
|
9702
|
-
)
|
|
9703
|
-
).addOption(
|
|
9704
|
-
new import_commander.Option(
|
|
9705
|
-
"--custom-name [name]",
|
|
9706
|
-
"Specify a custom name for zarf component and service monitors in helm charts."
|
|
9707
|
-
)
|
|
9798
|
+
new import_commander.Option("-z, --zarf <manifest|chart>", "Set Zarf package type").choices(["manifest", "chart"]).default("manifest")
|
|
9708
9799
|
).action(async (opts) => {
|
|
9709
|
-
outputDir = await
|
|
9800
|
+
outputDir = await createOutputDirectory(opts.output);
|
|
9710
9801
|
const buildModuleResult = await buildModule(void 0, opts.entryPoint, opts.embed);
|
|
9711
9802
|
const { cfg, path: path4 } = buildModuleResult;
|
|
9712
9803
|
if (opts.customName) {
|
|
@@ -9731,7 +9822,7 @@ function build_default(program2) {
|
|
|
9731
9822
|
);
|
|
9732
9823
|
}
|
|
9733
9824
|
if (!opts.embed) {
|
|
9734
|
-
console.info(
|
|
9825
|
+
console.info(`Module built successfully at ${path4}`);
|
|
9735
9826
|
return;
|
|
9736
9827
|
}
|
|
9737
9828
|
const assets = new Assets(
|
|
@@ -9816,7 +9907,7 @@ async function buildModule(reloader, entryPoint = peprTS2, embed = true) {
|
|
|
9816
9907
|
setup(build) {
|
|
9817
9908
|
build.onEnd(async (r) => {
|
|
9818
9909
|
if (r?.metafile) {
|
|
9819
|
-
console.
|
|
9910
|
+
console.info(await (0, import_esbuild2.analyzeMetafile)(r.metafile));
|
|
9820
9911
|
}
|
|
9821
9912
|
if (reloader) {
|
|
9822
9913
|
await reloader(r);
|
|
@@ -9849,7 +9940,7 @@ function handleModuleBuildError(e) {
|
|
|
9849
9940
|
if (!e.stdout) process.exit(1);
|
|
9850
9941
|
const out = e.stdout.toString();
|
|
9851
9942
|
const err = e.stderr.toString();
|
|
9852
|
-
console.
|
|
9943
|
+
console.info(out);
|
|
9853
9944
|
console.error(err);
|
|
9854
9945
|
if (out.includes("Types have separate declarations of a private property '_name'.")) {
|
|
9855
9946
|
const pgkErrMatch = /error TS2322: .*? 'import\("\/.*?\/node_modules\/(.*?)\/node_modules/g;
|
|
@@ -9876,7 +9967,7 @@ function handleModuleBuildError(e) {
|
|
|
9876
9967
|
async function checkFormat() {
|
|
9877
9968
|
const validFormat = await peprFormat(true);
|
|
9878
9969
|
if (!validFormat) {
|
|
9879
|
-
console.
|
|
9970
|
+
console.info(
|
|
9880
9971
|
"\x1B[33m%s\x1B[0m",
|
|
9881
9972
|
"Formatting errors were found. The build will continue, but you may want to run `npx pepr format` to address any issues."
|
|
9882
9973
|
);
|
|
@@ -10027,26 +10118,34 @@ async function setupController(assets, code, hash, force) {
|
|
|
10027
10118
|
logger_default.info("Applying module secret");
|
|
10028
10119
|
const mod = getModuleSecret(name2, code, hash);
|
|
10029
10120
|
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Secret).Apply(mod, { force });
|
|
10030
|
-
|
|
10031
|
-
|
|
10032
|
-
|
|
10121
|
+
if (isAdmission(assets.capabilities) || norWatchOrAdmission(assets.capabilities)) {
|
|
10122
|
+
const svc = service(name2, assets);
|
|
10123
|
+
if (svc) {
|
|
10124
|
+
logger_default.info("Applying controller service");
|
|
10125
|
+
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Service).Apply(svc, { force });
|
|
10126
|
+
}
|
|
10127
|
+
const dep = getDeployment(assets, hash, assets.buildTimestamp);
|
|
10128
|
+
if (dep) {
|
|
10129
|
+
logger_default.info("Applying deployment");
|
|
10130
|
+
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Deployment).Apply(dep, { force });
|
|
10131
|
+
}
|
|
10132
|
+
}
|
|
10033
10133
|
logger_default.info("Applying TLS secret");
|
|
10034
10134
|
const tls = tlsSecret(name2, assets.tls);
|
|
10035
10135
|
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Secret).Apply(tls, { force });
|
|
10036
10136
|
logger_default.info("Applying API path secret");
|
|
10037
10137
|
const apiPath = apiPathSecret(name2, assets.apiPath);
|
|
10038
10138
|
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Secret).Apply(apiPath, { force });
|
|
10039
|
-
logger_default.info("Applying deployment");
|
|
10040
|
-
const dep = getDeployment(assets, hash, assets.buildTimestamp);
|
|
10041
|
-
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Deployment).Apply(dep, { force });
|
|
10042
10139
|
}
|
|
10043
10140
|
async function setupWatcher(assets, hash, force) {
|
|
10044
10141
|
const watchDeployment = getWatcher(assets, hash, assets.buildTimestamp);
|
|
10045
10142
|
if (watchDeployment) {
|
|
10046
10143
|
logger_default.info("Applying watcher deployment");
|
|
10047
10144
|
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Deployment).Apply(watchDeployment, { force });
|
|
10145
|
+
}
|
|
10146
|
+
const watchSvc = watcherService(assets.name, assets);
|
|
10147
|
+
if (watchSvc) {
|
|
10048
10148
|
logger_default.info("Applying watcher service");
|
|
10049
|
-
const watchSvc = watcherService(assets.name);
|
|
10050
10149
|
await (0, import_kubernetes_fluent_client3.K8s)(import_kubernetes_fluent_client3.kind.Service).Apply(watchSvc, { force });
|
|
10051
10150
|
}
|
|
10052
10151
|
}
|
|
@@ -10113,7 +10212,7 @@ function validateImagePullSecretDetails(details) {
|
|
|
10113
10212
|
if (missing.length > 0) {
|
|
10114
10213
|
return {
|
|
10115
10214
|
valid: false,
|
|
10116
|
-
error: `Error: Must provide ${missing.join(", ")} when providing --
|
|
10215
|
+
error: `Error: Must provide ${missing.join(", ")} when providing --pull-secret`
|
|
10117
10216
|
};
|
|
10118
10217
|
}
|
|
10119
10218
|
return { valid: true };
|
|
@@ -10134,15 +10233,15 @@ function generateImagePullSecret(details) {
|
|
|
10134
10233
|
};
|
|
10135
10234
|
}
|
|
10136
10235
|
async function getUserConfirmation(opts) {
|
|
10137
|
-
if (opts.
|
|
10236
|
+
if (opts.yes) {
|
|
10138
10237
|
return true;
|
|
10139
10238
|
}
|
|
10140
|
-
const
|
|
10239
|
+
const confirmation = await (0, import_prompts.default)({
|
|
10141
10240
|
type: "confirm",
|
|
10142
|
-
name: "
|
|
10241
|
+
name: "yes",
|
|
10143
10242
|
message: "This will remove and redeploy the module. Continue?"
|
|
10144
10243
|
});
|
|
10145
|
-
return
|
|
10244
|
+
return confirmation.yes ? true : false;
|
|
10146
10245
|
}
|
|
10147
10246
|
async function buildAndDeployModule(image, force) {
|
|
10148
10247
|
const builtModule = await buildModule();
|
|
@@ -10170,7 +10269,7 @@ async function buildAndDeployModule(image, force) {
|
|
|
10170
10269
|
}
|
|
10171
10270
|
}
|
|
10172
10271
|
function deploy_default(program2) {
|
|
10173
|
-
program2.command("deploy").description("Deploy a Pepr Module").option("-
|
|
10272
|
+
program2.command("deploy").description("Deploy a Pepr Module").option("-E, --docker-email <email>", "Email for Docker registry.").option("-P, --docker-password <password>", "Password for Docker registry.").option("-S, --docker-server <server>", "Docker server address.").option("-U, --docker-username <username>", "Docker registry username.").option("-f, --force", "Force deploy the module, override manager field.").option("-i, --image <image>", "Override the image tag.").option("-p, --pull-secret <name>", "Deploy imagePullSecret for Controller private registry.").option("-y, --yes", "Skip confirmation prompts.").action(async (opts) => {
|
|
10174
10273
|
const valResp = validateImagePullSecretDetails(opts);
|
|
10175
10274
|
if (!valResp.valid) {
|
|
10176
10275
|
console.error(valResp.error);
|
|
@@ -10202,14 +10301,14 @@ var import_child_process4 = require("child_process");
|
|
|
10202
10301
|
var import_kubernetes_fluent_client5 = require("kubernetes-fluent-client");
|
|
10203
10302
|
var import_fs12 = require("fs");
|
|
10204
10303
|
function dev_default(program2) {
|
|
10205
|
-
program2.command("dev").description("Setup a local webhook development environment").option("-
|
|
10206
|
-
if (!opts.
|
|
10304
|
+
program2.command("dev").description("Setup a local webhook development environment").option("-H, --host <host>", "Host to listen on", "host.k3d.internal").option("-y, --yes", "Skip confirmation prompt").action(async (opts) => {
|
|
10305
|
+
if (!opts.yes) {
|
|
10207
10306
|
const confirm2 = await (0, import_prompts2.default)({
|
|
10208
10307
|
type: "confirm",
|
|
10209
|
-
name: "
|
|
10308
|
+
name: "yes",
|
|
10210
10309
|
message: "This will remove and redeploy the module. Continue?"
|
|
10211
10310
|
});
|
|
10212
|
-
if (!confirm2.
|
|
10311
|
+
if (!confirm2.yes) {
|
|
10213
10312
|
process.exitCode = 0;
|
|
10214
10313
|
return;
|
|
10215
10314
|
}
|
|
@@ -10492,7 +10591,7 @@ async function setErrorBehavior(errorBehavior) {
|
|
|
10492
10591
|
async function confirm(dirName, packageJSON2, peprTSPath, skipPrompt) {
|
|
10493
10592
|
const confirmationPrompt = {
|
|
10494
10593
|
type: "confirm",
|
|
10495
|
-
name: "
|
|
10594
|
+
name: "yes",
|
|
10496
10595
|
message: "Create the new Pepr module?"
|
|
10497
10596
|
};
|
|
10498
10597
|
const confirmationMessage = `To be generated:
|
|
@@ -10515,17 +10614,20 @@ ${packageJSON2.print.replace(/^/gm, " \u2502 ")}
|
|
|
10515
10614
|
} else {
|
|
10516
10615
|
console.log(confirmationMessage);
|
|
10517
10616
|
const confirm2 = await (0, import_prompts3.default)([confirmationPrompt]);
|
|
10518
|
-
const shouldCreateModule = confirm2.
|
|
10617
|
+
const shouldCreateModule = confirm2.yes === "y" || confirm2.yes === "yes" || confirm2.yes === true ? true : false;
|
|
10519
10618
|
return shouldCreateModule;
|
|
10520
10619
|
}
|
|
10521
10620
|
}
|
|
10522
10621
|
|
|
10523
10622
|
// src/cli/init/index.ts
|
|
10623
|
+
var import_commander2 = require("commander");
|
|
10524
10624
|
function init_default(program2) {
|
|
10525
10625
|
let response = {};
|
|
10526
10626
|
let pkgOverride = "";
|
|
10527
|
-
program2.command("init").description("Initialize a new Pepr Module").option("
|
|
10528
|
-
"--
|
|
10627
|
+
program2.command("init").description("Initialize a new Pepr Module").option("-d, --description <string>", "Explain the purpose of the new module.").addOption(
|
|
10628
|
+
new import_commander2.Option("-e, --error-behavior <behavior>", "Set an error behavior.").choices(ErrorList)
|
|
10629
|
+
).option("-n, --name <string>", "Set the name of the new module.").option("-s, --skip-post-init", "Skip npm install, git init, and VSCode launch.").option(
|
|
10630
|
+
"-u, --uuid <string>",
|
|
10529
10631
|
"Unique identifier for your module with a max length of 36 characters.",
|
|
10530
10632
|
(uuid) => {
|
|
10531
10633
|
if (uuid.length > UUID_LENGTH_LIMIT) {
|
|
@@ -10533,7 +10635,7 @@ function init_default(program2) {
|
|
|
10533
10635
|
}
|
|
10534
10636
|
return uuid.toLocaleLowerCase();
|
|
10535
10637
|
}
|
|
10536
|
-
).hook("preAction", async (thisCommand) => {
|
|
10638
|
+
).option("-y, --yes", "Skip verification prompt when creating a new module.").hook("preAction", async (thisCommand) => {
|
|
10537
10639
|
if (process.env.TEST_MODE === "true") {
|
|
10538
10640
|
import_prompts4.default.inject([
|
|
10539
10641
|
"pepr-test-module",
|
|
@@ -10551,7 +10653,7 @@ function init_default(program2) {
|
|
|
10551
10653
|
}).action(async (opts) => {
|
|
10552
10654
|
const dirName = sanitizeName(response.name);
|
|
10553
10655
|
const packageJSON2 = genPkgJSON(response, pkgOverride);
|
|
10554
|
-
const confirmed = await confirm(dirName, packageJSON2, peprTSTemplate.path, opts.
|
|
10656
|
+
const confirmed = await confirm(dirName, packageJSON2, peprTSTemplate.path, opts.yes);
|
|
10555
10657
|
if (confirmed) {
|
|
10556
10658
|
console.log("Creating new Pepr module...");
|
|
10557
10659
|
try {
|
|
@@ -10642,15 +10744,8 @@ function uuid_default(program2) {
|
|
|
10642
10744
|
});
|
|
10643
10745
|
}
|
|
10644
10746
|
|
|
10645
|
-
// src/cli
|
|
10646
|
-
var
|
|
10647
|
-
var RootCmd = class extends import_commander2.Command {
|
|
10648
|
-
// eslint-disable-next-line class-methods-use-this
|
|
10649
|
-
createCommand(name2) {
|
|
10650
|
-
const cmd = new import_commander2.Command(name2);
|
|
10651
|
-
return cmd;
|
|
10652
|
-
}
|
|
10653
|
-
};
|
|
10747
|
+
// src/cli.ts
|
|
10748
|
+
var import_commander5 = require("commander");
|
|
10654
10749
|
|
|
10655
10750
|
// src/cli/update/index.ts
|
|
10656
10751
|
var import_child_process6 = require("child_process");
|
|
@@ -10658,7 +10753,7 @@ var import_fs14 = __toESM(require("fs"));
|
|
|
10658
10753
|
var import_path6 = require("path");
|
|
10659
10754
|
var import_prompts5 = __toESM(require("prompts"));
|
|
10660
10755
|
function update_default(program2) {
|
|
10661
|
-
program2.command("update").description("Update this Pepr module. Not recommended for prod as it may change files.").option("--skip-template-update", "
|
|
10756
|
+
program2.command("update").description("Update this Pepr module. Not recommended for prod as it may change files.").option("-s, --skip-template-update", "Do not update template files").action(async (opts) => {
|
|
10662
10757
|
if (!opts.skipTemplateUpdate) {
|
|
10663
10758
|
const { confirm: confirm2 } = await (0, import_prompts5.default)({
|
|
10664
10759
|
type: "confirm",
|
|
@@ -10669,7 +10764,7 @@ function update_default(program2) {
|
|
|
10669
10764
|
return;
|
|
10670
10765
|
}
|
|
10671
10766
|
}
|
|
10672
|
-
|
|
10767
|
+
logger_default.info("Updating the Pepr module...");
|
|
10673
10768
|
try {
|
|
10674
10769
|
(0, import_child_process6.execSync)("npm install pepr@latest", {
|
|
10675
10770
|
stdio: "inherit"
|
|
@@ -10679,14 +10774,14 @@ function update_default(program2) {
|
|
|
10679
10774
|
stdio: "inherit"
|
|
10680
10775
|
});
|
|
10681
10776
|
}
|
|
10682
|
-
|
|
10683
|
-
} catch (
|
|
10684
|
-
|
|
10777
|
+
logger_default.info(`\u2705 Module updated successfully`);
|
|
10778
|
+
} catch (error) {
|
|
10779
|
+
logger_default.error(error, `Error updating Pepr module:`);
|
|
10685
10780
|
process.exitCode = 1;
|
|
10686
10781
|
}
|
|
10687
10782
|
});
|
|
10688
10783
|
program2.command("update-templates", { hidden: true }).description("Perform template updates").action(async (opts) => {
|
|
10689
|
-
|
|
10784
|
+
logger_default.info("Updating Pepr config and template files...");
|
|
10690
10785
|
try {
|
|
10691
10786
|
if (!opts.skipTemplateUpdate) {
|
|
10692
10787
|
await write((0, import_path6.resolve)(prettier.path), prettier.data);
|
|
@@ -10703,9 +10798,8 @@ function update_default(program2) {
|
|
|
10703
10798
|
await write(tsPath, helloPepr.data);
|
|
10704
10799
|
}
|
|
10705
10800
|
}
|
|
10706
|
-
|
|
10707
|
-
|
|
10708
|
-
console.error(`Error updating template files:`, e);
|
|
10801
|
+
} catch (error) {
|
|
10802
|
+
logger_default.error(error, `Error updating template files:`);
|
|
10709
10803
|
process.exitCode = 1;
|
|
10710
10804
|
}
|
|
10711
10805
|
});
|
|
@@ -10715,14 +10809,16 @@ function update_default(program2) {
|
|
|
10715
10809
|
var import_child_process7 = require("child_process");
|
|
10716
10810
|
var import_prompts6 = __toESM(require("prompts"));
|
|
10717
10811
|
function kfc_default(program2) {
|
|
10718
|
-
program2.command("kfc [args...]").description("Execute Kubernetes Fluent Client commands").action(async (args) => {
|
|
10719
|
-
|
|
10720
|
-
|
|
10721
|
-
|
|
10722
|
-
|
|
10723
|
-
|
|
10724
|
-
|
|
10725
|
-
|
|
10812
|
+
program2.command("kfc [args...]").description("Execute Kubernetes Fluent Client commands").option("-y, --yes", "Skip confirmation prompt.").action(async (args, options) => {
|
|
10813
|
+
if (!options.yes) {
|
|
10814
|
+
const { confirm: confirm2 } = await (0, import_prompts6.default)({
|
|
10815
|
+
type: "confirm",
|
|
10816
|
+
name: "confirm",
|
|
10817
|
+
message: "For commands that generate files, this may overwrite any previously generated files.\nAre you sure you want to continue?"
|
|
10818
|
+
});
|
|
10819
|
+
if (!confirm2) {
|
|
10820
|
+
return;
|
|
10821
|
+
}
|
|
10726
10822
|
}
|
|
10727
10823
|
try {
|
|
10728
10824
|
if (args.length === 0) {
|
|
@@ -10743,13 +10839,13 @@ function kfc_default(program2) {
|
|
|
10743
10839
|
var import_commander3 = require("commander");
|
|
10744
10840
|
var import_fs15 = require("fs");
|
|
10745
10841
|
var import_path7 = __toESM(require("path"));
|
|
10746
|
-
var create = new import_commander3.Command("create").description("Create a new CRD TypeScript definition").
|
|
10747
|
-
|
|
10748
|
-
|
|
10749
|
-
|
|
10750
|
-
"Namespaced"
|
|
10751
|
-
).option("--
|
|
10752
|
-
console.log("This feature is currently in alpha
|
|
10842
|
+
var create = new import_commander3.Command("create").description("Create a new CRD TypeScript definition").addOption(
|
|
10843
|
+
new import_commander3.Option(
|
|
10844
|
+
"-S, --scope <scope>",
|
|
10845
|
+
"Whether the resulting custom resource is cluster- or namespace-scoped"
|
|
10846
|
+
).choices(["Namespaced", "Cluster"]).default("Namespaced")
|
|
10847
|
+
).option("-d, --domain <domain>", "Optional domain for CRD (e.g. pepr.dev)", "pepr.dev").requiredOption("-g, --group <group>", "API group (e.g. cache)").requiredOption("-k, --kind <kind>", "Kind name (e.g. memcached)").option("-p, --plural <plural>", "Plural name for CRD (e.g. memcacheds)").requiredOption("-s, --short-name <name>", "Short name for CRD (e.g. mc)", "").requiredOption("-v, --version <version>", "API version (e.g. v1alpha1)").action(async ({ group: group2, version: version3, kind: kind8, domain, scope, plural: plural2, shortName }) => {
|
|
10848
|
+
console.log("This feature is currently in alpha.");
|
|
10753
10849
|
const outputDir2 = import_path7.default.resolve(`./api/${version3}`);
|
|
10754
10850
|
await createDirectoryIfNotExists(outputDir2);
|
|
10755
10851
|
await import_fs15.promises.writeFile(
|
|
@@ -10838,12 +10934,6 @@ type ${kind8}StatusCondition = {
|
|
|
10838
10934
|
|
|
10839
10935
|
`;
|
|
10840
10936
|
};
|
|
10841
|
-
function validateScope(value) {
|
|
10842
|
-
if (value !== "Cluster" && value !== "Namespaced") {
|
|
10843
|
-
throw new Error("Scope must be either 'Cluster' or 'Namespaced'");
|
|
10844
|
-
}
|
|
10845
|
-
return value;
|
|
10846
|
-
}
|
|
10847
10937
|
|
|
10848
10938
|
// src/cli/crd/generate.ts
|
|
10849
10939
|
var import_commander4 = require("commander");
|
|
@@ -10865,7 +10955,9 @@ var WarningMessages = {
|
|
|
10865
10955
|
};
|
|
10866
10956
|
|
|
10867
10957
|
// src/cli/crd/generate.ts
|
|
10868
|
-
var generate_default = new import_commander4.Command("generate").description(
|
|
10958
|
+
var generate_default = new import_commander4.Command("generate").description(
|
|
10959
|
+
"Generate CRD manifests from TypeScript definitions stored in 'api/' of the current directory."
|
|
10960
|
+
).option("-o, --output <directory>", "Output directory for generated CRDs", "./crds").action(generateCRDs);
|
|
10869
10961
|
function extractCRDDetails(content, sourceFile) {
|
|
10870
10962
|
const kind8 = extractSingleLineComment(content, "Kind");
|
|
10871
10963
|
const group2 = extractSingleLineComment(content, "Group") ?? "example";
|
|
@@ -10877,7 +10969,7 @@ function extractCRDDetails(content, sourceFile) {
|
|
|
10877
10969
|
return { kind: kind8, plural: plural2, scope, shortNames, fqdn };
|
|
10878
10970
|
}
|
|
10879
10971
|
async function generateCRDs(options) {
|
|
10880
|
-
|
|
10972
|
+
logger_default.warn("This feature is currently in alpha.\n");
|
|
10881
10973
|
const outputDir2 = import_path8.default.resolve(options.output);
|
|
10882
10974
|
await createDirectoryIfNotExists(outputDir2);
|
|
10883
10975
|
const project = new import_ts_morph.Project();
|
|
@@ -10902,12 +10994,12 @@ function processSourceFile(sourceFile, version3, outputDir2) {
|
|
|
10902
10994
|
const content = sourceFile.getFullText();
|
|
10903
10995
|
const { kind: kind8, fqdn, scope, plural: plural2, shortNames } = extractCRDDetails(content, sourceFile);
|
|
10904
10996
|
if (!kind8) {
|
|
10905
|
-
|
|
10997
|
+
logger_default.warn(WarningMessages.MISSING_KIND_COMMENT(sourceFile.getBaseName()));
|
|
10906
10998
|
return;
|
|
10907
10999
|
}
|
|
10908
11000
|
const spec = sourceFile.getInterface(`${kind8}Spec`);
|
|
10909
11001
|
if (!spec) {
|
|
10910
|
-
|
|
11002
|
+
logger_default.warn(WarningMessages.MISSING_INTERFACE(sourceFile.getBaseName(), kind8));
|
|
10911
11003
|
return;
|
|
10912
11004
|
}
|
|
10913
11005
|
const condition = sourceFile.getTypeAlias(`${kind8}StatusCondition`);
|
|
@@ -10925,7 +11017,7 @@ function processSourceFile(sourceFile, version3, outputDir2) {
|
|
|
10925
11017
|
});
|
|
10926
11018
|
const outPath = import_path8.default.join(outputDir2, `${kind8.toLowerCase()}.yaml`);
|
|
10927
11019
|
import_fs16.default.writeFileSync(outPath, (0, import_yaml.stringify)(crd), "utf8");
|
|
10928
|
-
|
|
11020
|
+
logger_default.info(`\u2714 Created ${outPath}`);
|
|
10929
11021
|
}
|
|
10930
11022
|
function extractSingleLineComment(content, label) {
|
|
10931
11023
|
const match = content.match(new RegExp(`//\\s+${label}:\\s+(.*)`));
|
|
@@ -11090,7 +11182,7 @@ function crd_default(program2) {
|
|
|
11090
11182
|
if (process.env.npm_lifecycle_event !== "npx") {
|
|
11091
11183
|
console.info("Pepr should be run via `npx pepr <command>` instead of `pepr <command>`.");
|
|
11092
11184
|
}
|
|
11093
|
-
var program = new
|
|
11185
|
+
var program = new import_commander5.Command();
|
|
11094
11186
|
if (!process.env.PEPR_NODE_WARNINGS) {
|
|
11095
11187
|
process.removeAllListeners("warning");
|
|
11096
11188
|
}
|