pepr 0.6.1 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +132 -75
- package/dist/controller.js +1 -1
- package/dist/lib/capability.d.ts.map +1 -1
- package/dist/lib/controller.d.ts.map +1 -1
- package/dist/lib/filter.d.ts.map +1 -1
- package/dist/lib/k8s/kinds.d.ts.map +1 -1
- package/dist/lib/k8s/types.d.ts +2 -0
- package/dist/lib/k8s/types.d.ts.map +1 -1
- package/dist/lib/k8s/webhook.d.ts +5 -4
- package/dist/lib/k8s/webhook.d.ts.map +1 -1
- package/dist/lib/module.d.ts.map +1 -1
- package/dist/lib/types.d.ts +3 -2
- package/dist/lib/types.d.ts.map +1 -1
- package/dist/lib.js +17 -8
- package/dist/lib.js.map +3 -3
- package/package.json +1 -1
- package/src/lib/capability.ts +1 -0
- package/src/lib/controller.ts +9 -7
- package/src/lib/filter.ts +2 -2
- package/src/lib/k8s/kinds.ts +2 -0
- package/src/lib/k8s/types.ts +2 -0
- package/src/lib/k8s/webhook.ts +120 -26
- package/src/lib/module.ts +7 -1
- package/src/lib/types.ts +2 -1
package/dist/cli.js
CHANGED
|
@@ -91,14 +91,17 @@ var banner = `\x1B[107;40m\x1B[38;5;016m \x1B[38;5;016m \x1B[38;5;016m \x1B[38;5
|
|
|
91
91
|
\x1B[0m`;
|
|
92
92
|
|
|
93
93
|
// src/cli/build.ts
|
|
94
|
+
var import_child_process2 = require("child_process");
|
|
94
95
|
var import_esbuild = require("esbuild");
|
|
95
|
-
var
|
|
96
|
+
var import_fs3 = require("fs");
|
|
96
97
|
var import_path = require("path");
|
|
97
|
-
var import_child_process = require("child_process");
|
|
98
98
|
|
|
99
99
|
// src/lib/k8s/webhook.ts
|
|
100
100
|
var import_client_node = require("@kubernetes/client-node");
|
|
101
|
+
var import_child_process = require("child_process");
|
|
101
102
|
var import_crypto = __toESM(require("crypto"));
|
|
103
|
+
var import_fs = require("fs");
|
|
104
|
+
var import_ramda = require("ramda");
|
|
102
105
|
var import_zlib = require("zlib");
|
|
103
106
|
|
|
104
107
|
// src/lib/logger.ts
|
|
@@ -187,6 +190,14 @@ if (process.env.LOG_LEVEL) {
|
|
|
187
190
|
}
|
|
188
191
|
var logger_default = Log;
|
|
189
192
|
|
|
193
|
+
// src/lib/types.ts
|
|
194
|
+
var ErrorBehavior = /* @__PURE__ */ ((ErrorBehavior2) => {
|
|
195
|
+
ErrorBehavior2["ignore"] = "ignore";
|
|
196
|
+
ErrorBehavior2["audit"] = "audit";
|
|
197
|
+
ErrorBehavior2["reject"] = "reject";
|
|
198
|
+
return ErrorBehavior2;
|
|
199
|
+
})(ErrorBehavior || {});
|
|
200
|
+
|
|
190
201
|
// src/lib/k8s/tls.ts
|
|
191
202
|
var import_node_forge = __toESM(require("node-forge"));
|
|
192
203
|
var caName = "Pepr Ephemeral CA";
|
|
@@ -338,7 +349,63 @@ var Webhook = class {
|
|
|
338
349
|
}
|
|
339
350
|
};
|
|
340
351
|
}
|
|
341
|
-
|
|
352
|
+
generateWebhookRules(path) {
|
|
353
|
+
return new Promise((resolve4, reject) => {
|
|
354
|
+
const rules = [];
|
|
355
|
+
const defaultRule = {
|
|
356
|
+
apiGroups: ["*"],
|
|
357
|
+
apiVersions: ["*"],
|
|
358
|
+
operations: ["CREATE", "UPDATE", "DELETE"],
|
|
359
|
+
resources: ["*/*"]
|
|
360
|
+
};
|
|
361
|
+
const program2 = (0, import_child_process.fork)(path, {
|
|
362
|
+
env: {
|
|
363
|
+
...process.env,
|
|
364
|
+
LOG_LEVEL: "warn",
|
|
365
|
+
PEPR_MODE: "build"
|
|
366
|
+
}
|
|
367
|
+
});
|
|
368
|
+
program2.on("message", (message) => {
|
|
369
|
+
const { capabilities } = message.valueOf();
|
|
370
|
+
for (const capability of capabilities) {
|
|
371
|
+
logger_default.info(`Module ${this.config.uuid} has capability: ${capability._name}`);
|
|
372
|
+
const { _bindings } = capability;
|
|
373
|
+
for (const binding of _bindings) {
|
|
374
|
+
const { event, kind } = binding;
|
|
375
|
+
const operations = [];
|
|
376
|
+
if (event === "CREATEORUPDATE" /* CreateOrUpdate */) {
|
|
377
|
+
operations.push("CREATE" /* Create */, "UPDATE" /* Update */);
|
|
378
|
+
} else {
|
|
379
|
+
operations.push(event);
|
|
380
|
+
}
|
|
381
|
+
const resource = kind.plural || `${kind.kind.toLowerCase()}s`;
|
|
382
|
+
rules.push({
|
|
383
|
+
apiGroups: [kind.group],
|
|
384
|
+
apiVersions: [kind.version || "*"],
|
|
385
|
+
operations,
|
|
386
|
+
resources: [resource]
|
|
387
|
+
});
|
|
388
|
+
}
|
|
389
|
+
}
|
|
390
|
+
});
|
|
391
|
+
program2.on("exit", (code) => {
|
|
392
|
+
if (code !== 0) {
|
|
393
|
+
reject(new Error(`Child process exited with code ${code}`));
|
|
394
|
+
} else {
|
|
395
|
+
if (rules.length < 1) {
|
|
396
|
+
resolve4([defaultRule]);
|
|
397
|
+
} else {
|
|
398
|
+
const reducedRules = (0, import_ramda.uniqWith)(import_ramda.equals, rules);
|
|
399
|
+
resolve4(reducedRules);
|
|
400
|
+
}
|
|
401
|
+
}
|
|
402
|
+
});
|
|
403
|
+
program2.on("error", (error) => {
|
|
404
|
+
reject(error);
|
|
405
|
+
});
|
|
406
|
+
});
|
|
407
|
+
}
|
|
408
|
+
async mutatingWebhook(path, timeoutSeconds = 10) {
|
|
342
409
|
const { name } = this;
|
|
343
410
|
const ignore = [peprIgnore];
|
|
344
411
|
if (this.config.alwaysIgnore.namespaces && this.config.alwaysIgnore.namespaces.length > 0) {
|
|
@@ -360,6 +427,7 @@ var Webhook = class {
|
|
|
360
427
|
path: "/mutate"
|
|
361
428
|
};
|
|
362
429
|
}
|
|
430
|
+
const rules = await this.generateWebhookRules(path);
|
|
363
431
|
return {
|
|
364
432
|
apiVersion: "admissionregistration.k8s.io/v1",
|
|
365
433
|
kind: "MutatingWebhookConfiguration",
|
|
@@ -378,15 +446,7 @@ var Webhook = class {
|
|
|
378
446
|
objectSelector: {
|
|
379
447
|
matchExpressions: ignore
|
|
380
448
|
},
|
|
381
|
-
|
|
382
|
-
rules: [
|
|
383
|
-
{
|
|
384
|
-
apiGroups: ["*"],
|
|
385
|
-
apiVersions: ["*"],
|
|
386
|
-
operations: ["CREATE", "UPDATE", "DELETE"],
|
|
387
|
-
resources: ["*/*"]
|
|
388
|
-
}
|
|
389
|
-
],
|
|
449
|
+
rules,
|
|
390
450
|
// @todo: track side effects state
|
|
391
451
|
sideEffects: "None"
|
|
392
452
|
}
|
|
@@ -581,8 +641,10 @@ var Webhook = class {
|
|
|
581
641
|
};
|
|
582
642
|
return (0, import_client_node.dumpYaml)(zarfCfg, { noRefs: true });
|
|
583
643
|
}
|
|
584
|
-
allYaml(
|
|
644
|
+
async allYaml(path) {
|
|
645
|
+
const code = await import_fs.promises.readFile(path);
|
|
585
646
|
const hash = import_crypto.default.createHash("sha256").update(code).digest("hex");
|
|
647
|
+
const webhook = await this.mutatingWebhook(path);
|
|
586
648
|
const resources = [
|
|
587
649
|
this.namespace(),
|
|
588
650
|
this.networkPolicy(),
|
|
@@ -590,23 +652,20 @@ var Webhook = class {
|
|
|
590
652
|
this.clusterRoleBinding(),
|
|
591
653
|
this.serviceAccount(),
|
|
592
654
|
this.tlsSecret(),
|
|
593
|
-
|
|
655
|
+
webhook,
|
|
594
656
|
this.deployment(hash),
|
|
595
657
|
this.service(),
|
|
596
658
|
this.moduleSecret(code, hash)
|
|
597
659
|
];
|
|
598
660
|
return resources.map((r) => (0, import_client_node.dumpYaml)(r, { noRefs: true })).join("---\n");
|
|
599
661
|
}
|
|
600
|
-
async deploy(
|
|
662
|
+
async deploy(path, webhookTimeout) {
|
|
601
663
|
logger_default.info("Establishing connection to Kubernetes");
|
|
602
664
|
const namespace = "pepr-system";
|
|
603
665
|
const kubeConfig = new import_client_node.KubeConfig();
|
|
604
666
|
kubeConfig.loadFromDefault();
|
|
605
667
|
const coreV1Api = kubeConfig.makeApiClient(import_client_node.CoreV1Api);
|
|
606
|
-
const rbacApi = kubeConfig.makeApiClient(import_client_node.RbacAuthorizationV1Api);
|
|
607
|
-
const appsApi = kubeConfig.makeApiClient(import_client_node.AppsV1Api);
|
|
608
668
|
const admissionApi = kubeConfig.makeApiClient(import_client_node.AdmissionregistrationV1Api);
|
|
609
|
-
const networkApi = kubeConfig.makeApiClient(import_client_node.NetworkingV1Api);
|
|
610
669
|
const ns = this.namespace();
|
|
611
670
|
try {
|
|
612
671
|
logger_default.info("Checking for namespace");
|
|
@@ -616,7 +675,7 @@ var Webhook = class {
|
|
|
616
675
|
logger_default.info("Creating namespace");
|
|
617
676
|
await coreV1Api.createNamespace(ns);
|
|
618
677
|
}
|
|
619
|
-
const wh = this.mutatingWebhook(webhookTimeout);
|
|
678
|
+
const wh = await this.mutatingWebhook(path, webhookTimeout);
|
|
620
679
|
try {
|
|
621
680
|
logger_default.info("Creating mutating webhook");
|
|
622
681
|
await admissionApi.createMutatingWebhookConfiguration(wh);
|
|
@@ -629,18 +688,22 @@ var Webhook = class {
|
|
|
629
688
|
if (this.host) {
|
|
630
689
|
return;
|
|
631
690
|
}
|
|
632
|
-
if (!
|
|
691
|
+
if (!path) {
|
|
633
692
|
throw new Error("No code provided");
|
|
634
693
|
}
|
|
694
|
+
const code = await import_fs.promises.readFile(path);
|
|
635
695
|
const hash = import_crypto.default.createHash("sha256").update(code).digest("hex");
|
|
636
|
-
const
|
|
696
|
+
const appsApi = kubeConfig.makeApiClient(import_client_node.AppsV1Api);
|
|
697
|
+
const rbacApi = kubeConfig.makeApiClient(import_client_node.RbacAuthorizationV1Api);
|
|
698
|
+
const networkApi = kubeConfig.makeApiClient(import_client_node.NetworkingV1Api);
|
|
699
|
+
const networkPolicy = this.networkPolicy();
|
|
637
700
|
try {
|
|
638
701
|
logger_default.info("Checking for network policy");
|
|
639
|
-
await networkApi.readNamespacedNetworkPolicy(
|
|
702
|
+
await networkApi.readNamespacedNetworkPolicy(networkPolicy.metadata?.name ?? "", namespace);
|
|
640
703
|
} catch (e) {
|
|
641
704
|
logger_default.debug(e instanceof import_client_node.HttpError ? e.body : e);
|
|
642
705
|
logger_default.info("Creating network policy");
|
|
643
|
-
await networkApi.createNamespacedNetworkPolicy(namespace,
|
|
706
|
+
await networkApi.createNamespacedNetworkPolicy(namespace, networkPolicy);
|
|
644
707
|
}
|
|
645
708
|
const crb = this.clusterRoleBinding();
|
|
646
709
|
try {
|
|
@@ -908,7 +971,7 @@ var gitIgnore = "# Ignore node_modules and Pepr build artifacts\nnode_modules\nd
|
|
|
908
971
|
var readmeMd = '# Pepr Module\n\nThis is a Pepr Module. [Pepr](https://github.com/defenseunicorns/pepr) is a Kubernetes transformation system\nwritten in Typescript.\n\nThe `capabilities` directory contains all the capabilities for this module. By default,\na capability is a single typescript file in the format of `capability-name.ts` that is\nimported in the root `pepr.ts` file as `import { HelloPepr } from "./capabilities/hello-pepr";`.\nBecause this is typescript, you can organize this however you choose, e.g. creating a sub-folder\nper-capability or common logic in shared files or folders.\n\nExample Structure:\n\n```\nModule Root\n\u251C\u2500\u2500 package.json\n\u251C\u2500\u2500 pepr.ts\n\u2514\u2500\u2500 capabilities\n \u251C\u2500\u2500 example-one.ts\n \u251C\u2500\u2500 example-three.ts\n \u2514\u2500\u2500 example-two.ts\n```\n';
|
|
909
972
|
var peprTS = 'import { PeprModule } from "pepr";\n// cfg loads your pepr configuration from package.json\nimport cfg from "./package.json";\n\n// HelloPepr is a demo capability that is included with Pepr. Comment or delete the line below to remove it.\nimport { HelloPepr } from "./capabilities/hello-pepr";\n\n/**\n * This is the main entrypoint for this Pepr module. It is run when the module is started.\n * This is where you register your Pepr configurations and capabilities.\n */\nnew PeprModule(cfg, [\n // "HelloPepr" is a demo capability that is included with Pepr. Comment or delete the line below to remove it.\n HelloPepr,\n\n // Your additional capabilities go here\n]);\n';
|
|
910
973
|
var helloPeprTS = 'import {\n Capability,\n PeprRequest,\n RegisterKind,\n a,\n fetch,\n fetchStatus,\n} from "pepr";\n\n/**\n * The HelloPepr Capability is an example capability to demonstrate some general concepts of Pepr.\n * To test this capability you can run `pepr dev` or `npm start` and then run the following command:\n * `kubectl apply -f capabilities/hello-pepr.samples.yaml`\n */\nexport const HelloPepr = new Capability({\n name: "hello-pepr",\n description: "A simple example capability to show how things work.",\n namespaces: ["pepr-demo", "pepr-demo-2"],\n});\n\n// Use the \'When\' function to create a new Capability Action\nconst { When } = HelloPepr;\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (Namespace) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This Capability Action removes the label `remove-me` when a Namespace is created.\n * Note we don\'t need to specify the namespace here, because we\'ve already specified\n * it in the Capability definition above.\n */\nWhen(a.Namespace)\n .IsCreated()\n .Then(ns => ns.RemoveLabel("remove-me"));\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (CM Example 1) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This is a single Capability Action. They can be in the same file or put imported from other files.\n * In this example, when a ConfigMap is created with the name `example-1`, then add a label and annotation.\n *\n * Equivalent to manually running:\n * `kubectl label configmap example-1 pepr=was-here`\n * `kubectl annotate configmap example-1 pepr.dev=annotations-work-too`\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .WithName("example-1")\n .Then(request =>\n request\n .SetLabel("pepr", "was-here")\n .SetAnnotation("pepr.dev", "annotations-work-too")\n );\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (CM Example 2) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This Capability Action does the exact same changes for example-2, except this time it uses\n * the `.ThenSet()` feature. You can stack multiple `.Then()` calls, but only a single `.ThenSet()`\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .WithName("example-2")\n .ThenSet({\n metadata: {\n labels: {\n pepr: "was-here",\n },\n annotations: {\n "pepr.dev": "annotations-work-too",\n },\n },\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (CM Example 3) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This Capability Action combines different styles. Unlike the previous actions, this one will look\n * for any ConfigMap in the `pepr-demo` namespace that has the label `change=by-label` during either\n * CREATE or UPDATE. Note that all conditions added such as `WithName()`, `WithLabel()`, `InNamespace()`,\n * are ANDs so all conditions must be true for the request to be processed.\n */\nWhen(a.ConfigMap)\n .IsCreatedOrUpdated()\n .WithLabel("change", "by-label")\n .Then(request => {\n // The K8s object e are going to mutate\n const cm = request.Raw;\n\n // Get the username and uid of the K8s request\n const { username, uid } = request.Request.userInfo;\n\n // Store some data about the request in the configmap\n cm.data["username"] = username;\n cm.data["uid"] = uid;\n\n // You can still mix other ways of making changes too\n request.SetAnnotation("pepr.dev", "making-waves");\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (CM Example 4) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This Capability Action show how you can use the `Then()` function to make multiple changes to the\n * same object from different functions. This is useful if you want to keep your Capability Actions\n * small and focused on a single task, or if you want to reuse the same function in multiple\n * Capability Actions.\n *\n * Note that the order of the `.Then()` calls matters. The first call will be executed first,\n * then the second, and so on. Also note the functions are not called until the Capability Action\n * is triggered.\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .WithName("example-4")\n .Then(cm => cm.SetLabel("pepr.dev/first", "true"))\n .Then(addSecond)\n .Then(addThird);\n\n//This function uses the complete type definition, but is not required.\nfunction addSecond(cm: PeprRequest<a.ConfigMap>) {\n cm.SetLabel("pepr.dev/second", "true");\n}\n\n// This function has no type definition, so you won\'t have intellisense in the function body.\nfunction addThird(cm) {\n cm.SetLabel("pepr.dev/third", "true");\n}\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (CM Example 4a) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This is the same as Example 4, except this only operates on a CM in the `pepr-demo-2` namespace.\n * Note because the Capability defines namespaces, the namespace specified here must be one of those.\n * Alternatively, you can remove the namespace from the Capability definition and specify it here.\n */\nWhen(a.ConfigMap)\n .IsCreated()\n .InNamespace("pepr-demo-2")\n .WithName("example-4a")\n .Then(cm => cm.SetLabel("pepr.dev/first", "true"))\n .Then(addSecond)\n .Then(addThird);\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (CM Example 5) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This Capability Action is a bit more complex. It will look for any ConfigMap in the `pepr-demo`\n * namespace that has the label `chuck-norris` during CREATE. When it finds one, it will fetch a\n * random Chuck Norris joke from the API and add it to the ConfigMap. This is a great example of how\n * you can use Pepr to make changes to your K8s objects based on external data.\n *\n * Note the use of the `async` keyword. This is required for any Capability Action that uses `await` or `fetch()`.\n *\n * Also note we are passing a type to the `fetch()` function. This is optional, but it will help you\n * avoid mistakes when working with the data returned from the API. You can also use the `as` keyword to\n * cast the data returned from the API.\n *\n * These are equivalent:\n * ```ts\n * const joke = await fetch<TheChuckNorrisJoke>("https://api.chucknorris.io/jokes/random?category=dev");\n * const joke = await fetch("https://api.chucknorris.io/jokes/random?category=dev") as TheChuckNorrisJoke;\n * ```\n *\n * Alternatively, you can drop the type completely:\n *\n * ```ts\n * fetch("https://api.chucknorris.io/jokes/random?category=dev")\n * ```\n */\ninterface TheChuckNorrisJoke {\n icon_url: string;\n id: string;\n url: string;\n value: string;\n}\n\nWhen(a.ConfigMap)\n .IsCreated()\n .WithLabel("chuck-norris")\n .Then(async change => {\n // Try/catch is not needed as a response object will always be returned\n const response = await fetch<TheChuckNorrisJoke>(\n "https://api.chucknorris.io/jokes/random?category=dev"\n );\n\n // Instead, check the `response.ok` field\n if (response.ok) {\n // Add the Chuck Norris joke to the configmap\n change.Raw.data["chuck-says"] = response.data.value;\n return;\n }\n\n // You can also assert on different HTTP response codes\n if (response.status === fetchStatus.NOT_FOUND) {\n // Do something else\n return;\n }\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (Secret Base64 Handling) *\n * ---------------------------------------------------------------------------------------------------\n *\n * The K8s JS client provides incomplete support for base64 encoding/decoding handling for secrets,\n * unlike the GO client. To make this less painful, Pepr automatically handles base64 encoding/decoding\n * secret data before and after the Capability Action is executed.\n */\nWhen(a.Secret)\n .IsCreated()\n .WithName("secret-1")\n .Then(request => {\n const secret = request.Raw;\n\n // This will be encoded at the end of all processing back to base64: "Y2hhbmdlLXdpdGhvdXQtZW5jb2Rpbmc="\n secret.data.magic = "change-without-encoding";\n\n // You can modify the data directly, and it will be encoded at the end of all processing\n secret.data.example += " - modified by Pepr";\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (Untyped Custom Resource) *\n * ---------------------------------------------------------------------------------------------------\n *\n * Out of the box, Pepr supports all the standard Kubernetes objects. However, you can also create\n * your own types. This is useful if you are working with an Operator that creates custom resources.\n * There are two ways to do this, the first is to use the `When()` function with a `GenericKind`,\n * the second is to create a new class that extends `GenericKind` and use the `RegisterKind()` function.\n *\n * This example shows how to use the `When()` function with a `GenericKind`. Note that you\n * must specify the `group`, `version`, and `kind` of the object (if applicable). This is how Pepr knows\n * if the Capability Action should be triggered or not. Since we are using a `GenericKind`,\n * Pepr will not be able to provide any intellisense for the object, so you will need to refer to the\n * Kubernetes API documentation for the object you are working with.\n *\n * You will need ot wait for the CRD in `hello-pepr.samples.yaml` to be created, then you can apply\n *\n * ```yaml\n * apiVersion: pepr.dev/v1\n * kind: Unicorn\n * metadata:\n * name: example-1\n * namespace: pepr-demo\n * spec:\n * message: replace-me\n * counter: 0\n * ```\n */\nWhen(a.GenericKind, {\n group: "pepr.dev",\n version: "v1",\n kind: "Unicorn",\n})\n .IsCreated()\n .WithName("example-1")\n .ThenSet({\n spec: {\n message: "Hello Pepr without type data!",\n counter: Math.random(),\n },\n });\n\n/**\n * ---------------------------------------------------------------------------------------------------\n * CAPABILITY ACTION (Typed Custom Resource) *\n * ---------------------------------------------------------------------------------------------------\n *\n * This example shows how to use the `RegisterKind()` function to create a new type. This is useful\n * if you are working with an Operator that creates custom resources and you want to have intellisense\n * for the object. Note that you must specify the `group`, `version`, and `kind` of the object (if applicable)\n * as this is how Pepr knows if the Capability Action should be triggered or not.\n *\n * Once you register a new Kind with Pepr, you can use the `When()` function with the new Kind. Ideally,\n * you should register custom Kinds at the top of your Capability file or Pepr Module so they are available\n * to all Capability Actions, but we are putting it here for demonstration purposes.\n *\n * You will need ot wait for the CRD in `hello-pepr.samples.yaml` to be created, then you can apply\n *\n * ```yaml\n * apiVersion: pepr.dev/v1\n * kind: Unicorn\n * metadata:\n * name: example-2\n * namespace: pepr-demo\n * spec:\n * message: replace-me\n * counter: 0\n * ```*\n */\nclass UnicornKind extends a.GenericKind {\n spec: {\n /**\n * JSDoc comments can be added to explain more details about the field.\n *\n * @example\n * ```ts\n * request.Raw.spec.message = "Hello Pepr!";\n * ```\n * */\n message: string;\n counter: number;\n };\n}\n\nRegisterKind(UnicornKind, {\n group: "pepr.dev",\n version: "v1",\n kind: "Unicorn",\n});\n\nWhen(UnicornKind)\n .IsCreated()\n .WithName("example-2")\n .ThenSet({\n spec: {\n message: "Hello Pepr now with type data!",\n counter: Math.random(),\n },\n });\n';
|
|
911
|
-
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, version: "0.
|
|
974
|
+
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, version: "0.7.0", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { prebuild: "rm -fr dist/* && node hack/build-template-data.js", build: "tsc && node build.mjs", test: "npm run test:unit && npm run test:e2e", "test:unit": "npm run build && tsc -p tsconfig.tests.json && ava dist/**/*.test.js", "test:e2e": "npm run test:e2e:k3d && npm run test:e2e:build && npm run test:e2e:image && npm run test:e2e:run", "test:e2e:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0'", "test:e2e:build": "npm run build && npm pack && npm uninstall pepr -g && npm install -g pepr-0.0.0-development.tgz && pepr", "test:e2e:image": "docker buildx build --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:e2e:run": "ava hack/e2e.test.mjs --sequential --timeout=2m", "format:check": "eslint src && prettier src --check", "format:fix": "eslint src --fix && prettier src --write" }, dependencies: { "@kubernetes/client-node": "0.18.1", express: "4.18.2", "fast-json-patch": "3.1.1", "http-status-codes": "2.2.0", "node-fetch": "2.6.11", ramda: "0.29.0" }, devDependencies: { "@types/eslint": "8.40.0", "@types/express": "4.17.17", "@types/node-fetch": "2.6.4", "@types/node-forge": "1.3.2", "@types/prettier": "2.7.3", "@types/prompts": "2.4.4", "@types/ramda": "0.29.2", "@types/uuid": "9.0.1", ava: "5.3.0", nock: "13.3.1" }, peerDependencies: { "@typescript-eslint/eslint-plugin": "5.59.7", "@typescript-eslint/parser": "5.59.7", commander: "10.0.1", esbuild: "0.17.19", eslint: "8.41.0", "node-forge": "1.3.1", prettier: "2.8.8", prompts: "2.4.2", typescript: "5.0.4", uuid: "9.0.0" }, ava: { failFast: true, verbose: true } };
|
|
912
975
|
|
|
913
976
|
// src/cli/init/templates/pepr.code-snippets.json
|
|
914
977
|
var pepr_code_snippets_default = {
|
|
@@ -955,7 +1018,7 @@ var tsconfig_module_default = {
|
|
|
955
1018
|
};
|
|
956
1019
|
|
|
957
1020
|
// src/cli/init/utils.ts
|
|
958
|
-
var
|
|
1021
|
+
var import_fs2 = require("fs");
|
|
959
1022
|
function sanitizeName(name) {
|
|
960
1023
|
let sanitized = name.toLowerCase().replace(/[^a-z0-9-]+/gi, "-");
|
|
961
1024
|
sanitized = sanitized.replace(/^-+|-+$/g, "");
|
|
@@ -964,7 +1027,7 @@ function sanitizeName(name) {
|
|
|
964
1027
|
}
|
|
965
1028
|
async function createDir(dir) {
|
|
966
1029
|
try {
|
|
967
|
-
await
|
|
1030
|
+
await import_fs2.promises.mkdir(dir);
|
|
968
1031
|
} catch (err) {
|
|
969
1032
|
if (err && err.code === "EEXIST") {
|
|
970
1033
|
throw new Error(`Directory ${dir} already exists`);
|
|
@@ -977,7 +1040,7 @@ function write(path, data) {
|
|
|
977
1040
|
if (typeof data !== "string") {
|
|
978
1041
|
data = JSON.stringify(data, null, 2);
|
|
979
1042
|
}
|
|
980
|
-
return
|
|
1043
|
+
return import_fs2.promises.writeFile(path, data);
|
|
981
1044
|
}
|
|
982
1045
|
|
|
983
1046
|
// src/cli/init/templates.ts
|
|
@@ -1065,18 +1128,21 @@ function build_default(program2) {
|
|
|
1065
1128
|
peprTS2
|
|
1066
1129
|
).action(async (opts) => {
|
|
1067
1130
|
const { cfg, path, uuid } = await buildModule(void 0, opts.entryPoint);
|
|
1068
|
-
|
|
1131
|
+
if (opts.entryPoint !== peprTS2) {
|
|
1132
|
+
logger_default.info(`Module built successfully at ${path}`);
|
|
1133
|
+
return;
|
|
1134
|
+
}
|
|
1069
1135
|
const webhook = new Webhook({
|
|
1070
1136
|
...cfg.pepr,
|
|
1071
1137
|
description: cfg.description
|
|
1072
1138
|
});
|
|
1073
1139
|
const yamlFile = `pepr-module-${uuid}.yaml`;
|
|
1074
1140
|
const yamlPath = (0, import_path.resolve)("dist", yamlFile);
|
|
1075
|
-
const yaml = webhook.allYaml(
|
|
1141
|
+
const yaml = await webhook.allYaml(path);
|
|
1076
1142
|
const zarfPath = (0, import_path.resolve)("dist", "zarf.yaml");
|
|
1077
1143
|
const zarf = webhook.zarfYaml(yamlFile);
|
|
1078
|
-
await
|
|
1079
|
-
await
|
|
1144
|
+
await import_fs3.promises.writeFile(yamlPath, yaml);
|
|
1145
|
+
await import_fs3.promises.writeFile(zarfPath, zarf);
|
|
1080
1146
|
logger_default.debug(`Module compiled successfully at ${path}`);
|
|
1081
1147
|
logger_default.info(`K8s resource for the module saved to ${yamlPath}`);
|
|
1082
1148
|
});
|
|
@@ -1087,15 +1153,15 @@ async function loadModule(entryPoint = peprTS2) {
|
|
|
1087
1153
|
const cfgPath = (0, import_path.resolve)(".", "package.json");
|
|
1088
1154
|
const input = (0, import_path.resolve)(".", entryPoint);
|
|
1089
1155
|
try {
|
|
1090
|
-
await
|
|
1091
|
-
await
|
|
1156
|
+
await import_fs3.promises.access(cfgPath);
|
|
1157
|
+
await import_fs3.promises.access(input);
|
|
1092
1158
|
} catch (e) {
|
|
1093
1159
|
logger_default.error(
|
|
1094
1160
|
`Could not find ${cfgPath} or ${input} in the current directory. Please run this command from the root of your module's directory.`
|
|
1095
1161
|
);
|
|
1096
1162
|
process.exit(1);
|
|
1097
1163
|
}
|
|
1098
|
-
const moduleText = await
|
|
1164
|
+
const moduleText = await import_fs3.promises.readFile(cfgPath, { encoding: "utf-8" });
|
|
1099
1165
|
const cfg = JSON.parse(moduleText);
|
|
1100
1166
|
const { uuid } = cfg.pepr;
|
|
1101
1167
|
const name = `pepr-${uuid}.js`;
|
|
@@ -1120,9 +1186,8 @@ async function loadModule(entryPoint = peprTS2) {
|
|
|
1120
1186
|
async function buildModule(reloader, entryPoint = peprTS2) {
|
|
1121
1187
|
try {
|
|
1122
1188
|
const { cfg, path, uuid } = await loadModule(entryPoint);
|
|
1123
|
-
(0,
|
|
1124
|
-
const
|
|
1125
|
-
const ctx = await (0, import_esbuild.context)({
|
|
1189
|
+
(0, import_child_process2.execSync)("./node_modules/.bin/tsc", { stdio: "inherit" });
|
|
1190
|
+
const ctxCfg = {
|
|
1126
1191
|
bundle: true,
|
|
1127
1192
|
entryPoints: [entryPoint],
|
|
1128
1193
|
external: externalLibs,
|
|
@@ -1130,11 +1195,8 @@ async function buildModule(reloader, entryPoint = peprTS2) {
|
|
|
1130
1195
|
keepNames: true,
|
|
1131
1196
|
legalComments: "external",
|
|
1132
1197
|
metafile: true,
|
|
1133
|
-
|
|
1134
|
-
minify: !reloader && !customEntryPoint,
|
|
1198
|
+
minify: true,
|
|
1135
1199
|
outfile: path,
|
|
1136
|
-
// Only bundle the NPM packages if we're not using a custom entry point
|
|
1137
|
-
packages: customEntryPoint ? "external" : void 0,
|
|
1138
1200
|
plugins: [
|
|
1139
1201
|
{
|
|
1140
1202
|
name: "reload-server",
|
|
@@ -1144,18 +1206,26 @@ async function buildModule(reloader, entryPoint = peprTS2) {
|
|
|
1144
1206
|
console.log(await (0, import_esbuild.analyzeMetafile)(r.metafile));
|
|
1145
1207
|
}
|
|
1146
1208
|
if (reloader) {
|
|
1147
|
-
reloader(r);
|
|
1209
|
+
await reloader(r);
|
|
1148
1210
|
}
|
|
1149
1211
|
});
|
|
1150
1212
|
}
|
|
1151
1213
|
}
|
|
1152
1214
|
],
|
|
1153
1215
|
platform: "node",
|
|
1154
|
-
|
|
1155
|
-
|
|
1156
|
-
|
|
1157
|
-
|
|
1158
|
-
|
|
1216
|
+
sourcemap: true,
|
|
1217
|
+
treeShaking: true
|
|
1218
|
+
};
|
|
1219
|
+
if (reloader) {
|
|
1220
|
+
ctxCfg.minify = false;
|
|
1221
|
+
}
|
|
1222
|
+
if (entryPoint !== peprTS2) {
|
|
1223
|
+
ctxCfg.minify = false;
|
|
1224
|
+
ctxCfg.outfile = (0, import_path.resolve)("dist", (0, import_path.basename)(entryPoint, (0, import_path.extname)(entryPoint))) + ".js";
|
|
1225
|
+
ctxCfg.packages = "external";
|
|
1226
|
+
ctxCfg.treeShaking = false;
|
|
1227
|
+
}
|
|
1228
|
+
const ctx = await (0, import_esbuild.context)(ctxCfg);
|
|
1159
1229
|
if (reloader) {
|
|
1160
1230
|
await ctx.watch();
|
|
1161
1231
|
} else {
|
|
@@ -1173,7 +1243,6 @@ async function buildModule(reloader, entryPoint = peprTS2) {
|
|
|
1173
1243
|
}
|
|
1174
1244
|
|
|
1175
1245
|
// src/cli/deploy.ts
|
|
1176
|
-
var import_fs3 = require("fs");
|
|
1177
1246
|
var import_prompts = __toESM(require("prompts"));
|
|
1178
1247
|
function deploy_default(program2) {
|
|
1179
1248
|
program2.command("deploy").description("Deploy a Pepr Module").option("-i, --image [image]", "Override the image tag").option("--confirm", "Skip confirmation prompt").action(async (opts) => {
|
|
@@ -1188,7 +1257,6 @@ function deploy_default(program2) {
|
|
|
1188
1257
|
}
|
|
1189
1258
|
}
|
|
1190
1259
|
const { cfg, path } = await buildModule();
|
|
1191
|
-
const code = await import_fs3.promises.readFile(path);
|
|
1192
1260
|
const webhook = new Webhook({
|
|
1193
1261
|
...cfg.pepr,
|
|
1194
1262
|
description: cfg.description
|
|
@@ -1197,7 +1265,7 @@ function deploy_default(program2) {
|
|
|
1197
1265
|
webhook.image = opts.image;
|
|
1198
1266
|
}
|
|
1199
1267
|
try {
|
|
1200
|
-
await webhook.deploy(
|
|
1268
|
+
await webhook.deploy(path);
|
|
1201
1269
|
logger_default.info(`Module deployed successfully`);
|
|
1202
1270
|
} catch (e) {
|
|
1203
1271
|
logger_default.error(`Error deploying module: ${e}`);
|
|
@@ -1207,7 +1275,7 @@ function deploy_default(program2) {
|
|
|
1207
1275
|
}
|
|
1208
1276
|
|
|
1209
1277
|
// src/cli/dev.ts
|
|
1210
|
-
var
|
|
1278
|
+
var import_child_process3 = require("child_process");
|
|
1211
1279
|
var import_fs4 = require("fs");
|
|
1212
1280
|
var import_prompts2 = __toESM(require("prompts"));
|
|
1213
1281
|
function dev_default(program2) {
|
|
@@ -1233,12 +1301,11 @@ function dev_default(program2) {
|
|
|
1233
1301
|
await import_fs4.promises.writeFile("insecure-tls.crt", webhook.tls.pem.crt);
|
|
1234
1302
|
await import_fs4.promises.writeFile("insecure-tls.key", webhook.tls.pem.key);
|
|
1235
1303
|
try {
|
|
1236
|
-
await webhook.deploy(void 0, 30);
|
|
1237
|
-
logger_default.info(`Module deployed successfully`);
|
|
1238
1304
|
let program3;
|
|
1239
|
-
const runFork = () => {
|
|
1305
|
+
const runFork = async () => {
|
|
1240
1306
|
logger_default.info(`Running module ${path}`);
|
|
1241
|
-
|
|
1307
|
+
await webhook.deploy(path, 30);
|
|
1308
|
+
program3 = (0, import_child_process3.fork)(path, {
|
|
1242
1309
|
env: {
|
|
1243
1310
|
...process.env,
|
|
1244
1311
|
LOG_LEVEL: "debug",
|
|
@@ -1247,16 +1314,16 @@ function dev_default(program2) {
|
|
|
1247
1314
|
}
|
|
1248
1315
|
});
|
|
1249
1316
|
};
|
|
1250
|
-
await buildModule((r) => {
|
|
1317
|
+
await buildModule(async (r) => {
|
|
1251
1318
|
if (r.errors.length > 0) {
|
|
1252
1319
|
logger_default.error(`Error compiling module: ${r.errors}`);
|
|
1253
1320
|
return;
|
|
1254
1321
|
}
|
|
1255
1322
|
if (program3) {
|
|
1256
1323
|
program3.once("exit", runFork);
|
|
1257
|
-
program3.kill();
|
|
1324
|
+
program3.kill("SIGKILL");
|
|
1258
1325
|
} else {
|
|
1259
|
-
runFork();
|
|
1326
|
+
await runFork();
|
|
1260
1327
|
}
|
|
1261
1328
|
});
|
|
1262
1329
|
} catch (e) {
|
|
@@ -1316,23 +1383,13 @@ function format_default(program2) {
|
|
|
1316
1383
|
}
|
|
1317
1384
|
|
|
1318
1385
|
// src/cli/init/index.ts
|
|
1319
|
-
var
|
|
1386
|
+
var import_child_process4 = require("child_process");
|
|
1320
1387
|
var import_path2 = require("path");
|
|
1321
1388
|
var import_prompts4 = __toESM(require("prompts"));
|
|
1322
1389
|
|
|
1323
1390
|
// src/cli/init/walkthrough.ts
|
|
1324
1391
|
var import_fs6 = require("fs");
|
|
1325
1392
|
var import_prompts3 = __toESM(require("prompts"));
|
|
1326
|
-
|
|
1327
|
-
// src/lib/types.ts
|
|
1328
|
-
var ErrorBehavior = /* @__PURE__ */ ((ErrorBehavior2) => {
|
|
1329
|
-
ErrorBehavior2["ignore"] = "ignore";
|
|
1330
|
-
ErrorBehavior2["audit"] = "audit";
|
|
1331
|
-
ErrorBehavior2["reject"] = "reject";
|
|
1332
|
-
return ErrorBehavior2;
|
|
1333
|
-
})(ErrorBehavior || {});
|
|
1334
|
-
|
|
1335
|
-
// src/cli/init/walkthrough.ts
|
|
1336
1393
|
function walkthrough() {
|
|
1337
1394
|
const askName = {
|
|
1338
1395
|
type: "text",
|
|
@@ -1435,14 +1492,14 @@ function init_default(program2) {
|
|
|
1435
1492
|
await write((0, import_path2.resolve)(dirName, "capabilities", helloPepr.path), helloPepr.data);
|
|
1436
1493
|
if (!opts.skipPostInit) {
|
|
1437
1494
|
process.chdir(dirName);
|
|
1438
|
-
(0,
|
|
1495
|
+
(0, import_child_process4.execSync)("npm install", {
|
|
1439
1496
|
stdio: "inherit"
|
|
1440
1497
|
});
|
|
1441
|
-
(0,
|
|
1498
|
+
(0, import_child_process4.execSync)("git init", {
|
|
1442
1499
|
stdio: "inherit"
|
|
1443
1500
|
});
|
|
1444
1501
|
try {
|
|
1445
|
-
(0,
|
|
1502
|
+
(0, import_child_process4.execSync)("code .", {
|
|
1446
1503
|
stdio: "inherit"
|
|
1447
1504
|
});
|
|
1448
1505
|
} catch (e) {
|
|
@@ -1475,7 +1532,7 @@ var RootCmd = class extends import_commander.Command {
|
|
|
1475
1532
|
};
|
|
1476
1533
|
|
|
1477
1534
|
// src/cli/update.ts
|
|
1478
|
-
var
|
|
1535
|
+
var import_child_process5 = require("child_process");
|
|
1479
1536
|
var import_path3 = require("path");
|
|
1480
1537
|
var import_prompts5 = __toESM(require("prompts"));
|
|
1481
1538
|
function update_default(program2) {
|
|
@@ -1499,10 +1556,10 @@ function update_default(program2) {
|
|
|
1499
1556
|
await write((0, import_path3.resolve)("capabilities", samplesYaml.path), samplesYaml.data);
|
|
1500
1557
|
await write((0, import_path3.resolve)("capabilities", helloPepr.path), helloPepr.data);
|
|
1501
1558
|
}
|
|
1502
|
-
(0,
|
|
1559
|
+
(0, import_child_process5.execSync)("npm install pepr@latest", {
|
|
1503
1560
|
stdio: "inherit"
|
|
1504
1561
|
});
|
|
1505
|
-
(0,
|
|
1562
|
+
(0, import_child_process5.execSync)("npm install -g pepr@latest", {
|
|
1506
1563
|
stdio: "inherit"
|
|
1507
1564
|
});
|
|
1508
1565
|
console.log(`Module updated!`);
|
package/dist/controller.js
CHANGED
|
@@ -116,7 +116,7 @@ if (process.env.LOG_LEVEL) {
|
|
|
116
116
|
var logger_default = Log;
|
|
117
117
|
|
|
118
118
|
// src/cli/init/templates/data.json
|
|
119
|
-
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, version: "0.
|
|
119
|
+
var packageJSON = { name: "pepr", description: "Kubernetes application engine", author: "Defense Unicorns", homepage: "https://github.com/defenseunicorns/pepr", license: "Apache-2.0", bin: "dist/cli.js", repository: "defenseunicorns/pepr", engines: { node: ">=18.0.0" }, version: "0.7.0", main: "dist/lib.js", types: "dist/lib.d.ts", scripts: { prebuild: "rm -fr dist/* && node hack/build-template-data.js", build: "tsc && node build.mjs", test: "npm run test:unit && npm run test:e2e", "test:unit": "npm run build && tsc -p tsconfig.tests.json && ava dist/**/*.test.js", "test:e2e": "npm run test:e2e:k3d && npm run test:e2e:build && npm run test:e2e:image && npm run test:e2e:run", "test:e2e:k3d": "k3d cluster delete pepr-dev && k3d cluster create pepr-dev --k3s-arg '--debug@server:0'", "test:e2e:build": "npm run build && npm pack && npm uninstall pepr -g && npm install -g pepr-0.0.0-development.tgz && pepr", "test:e2e:image": "docker buildx build --tag pepr:dev . && k3d image import pepr:dev -c pepr-dev", "test:e2e:run": "ava hack/e2e.test.mjs --sequential --timeout=2m", "format:check": "eslint src && prettier src --check", "format:fix": "eslint src --fix && prettier src --write" }, dependencies: { "@kubernetes/client-node": "0.18.1", express: "4.18.2", "fast-json-patch": "3.1.1", "http-status-codes": "2.2.0", "node-fetch": "2.6.11", ramda: "0.29.0" }, devDependencies: { "@types/eslint": "8.40.0", "@types/express": "4.17.17", "@types/node-fetch": "2.6.4", "@types/node-forge": "1.3.2", "@types/prettier": "2.7.3", "@types/prompts": "2.4.4", "@types/ramda": "0.29.2", "@types/uuid": "9.0.1", ava: "5.3.0", nock: "13.3.1" }, peerDependencies: { "@typescript-eslint/eslint-plugin": "5.59.7", "@typescript-eslint/parser": "5.59.7", commander: "10.0.1", esbuild: "0.17.19", eslint: "8.41.0", "node-forge": "1.3.1", prettier: "2.8.8", prompts: "2.4.2", typescript: "5.0.4", uuid: "9.0.0" }, ava: { failFast: true, verbose: true } };
|
|
120
120
|
|
|
121
121
|
// src/runtime/controller.ts
|
|
122
122
|
var { version } = packageJSON;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"capability.d.ts","sourceRoot":"","sources":["../../src/lib/capability.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,OAAO,EAEL,OAAO,EAIP,aAAa,EAGb,YAAY,EACZ,SAAS,EACT,YAAY,EACb,MAAM,SAAS,CAAC;AAEjB;;GAEG;AACH,qBAAa,UAAW,YAAW,aAAa;IAC9C,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,WAAW,CAAC,CAAuB;IAG3C,OAAO,CAAC,iBAAiB,CAAoB;IAE7C,OAAO,CAAC,SAAS,CAAiB;IAElC,IAAI,QAAQ,IAAI,OAAO,EAAE,CAExB;IAED,IAAI,IAAI,WAEP;IAED,IAAI,WAAW,WAEd;IAED,IAAI,UAAU,aAEb;IAED,IAAI,gBAAgB,cAEnB;gBAEW,GAAG,EAAE,aAAa;IAQ9B;;;;;;;;OAQG;IACH,IAAI,4CAA6C,gBAAgB,
|
|
1
|
+
{"version":3,"file":"capability.d.ts","sourceRoot":"","sources":["../../src/lib/capability.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,OAAO,EAEL,OAAO,EAIP,aAAa,EAGb,YAAY,EACZ,SAAS,EACT,YAAY,EACb,MAAM,SAAS,CAAC;AAEjB;;GAEG;AACH,qBAAa,UAAW,YAAW,aAAa;IAC9C,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,WAAW,CAAC,CAAuB;IAG3C,OAAO,CAAC,iBAAiB,CAAoB;IAE7C,OAAO,CAAC,SAAS,CAAiB;IAElC,IAAI,QAAQ,IAAI,OAAO,EAAE,CAExB;IAED,IAAI,IAAI,WAEP;IAED,IAAI,WAAW,WAEd;IAED,IAAI,UAAU,aAEb;IAED,IAAI,gBAAgB,cAEnB;gBAEW,GAAG,EAAE,aAAa;IAQ9B;;;;;;;;OAQG;IACH,IAAI,4CAA6C,gBAAgB,qBAwF/D;CACH"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/lib/controller.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEhD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/lib/controller.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEhD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAGvC,qBAAa,UAAU;IAKnB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;IAC5B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;IAP7B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAa;IACjC,OAAO,CAAC,OAAO,CAAS;gBAGL,MAAM,EAAE,YAAY,EACpB,YAAY,EAAE,UAAU,EAAE,EAC1B,UAAU,CAAC,SAAQ,OAAO,KAAK,IAAI,aAAA,EACnC,SAAS,CAAC,SAAQ,QAAQ,KAAK,IAAI,aAAA;IAuBtD,+BAA+B;IACxB,WAAW,SAAU,MAAM,UA0ChC;IAEF,OAAO,CAAC,MAAM,CAYZ;IAEF,OAAO,CAAC,OAAO,CAOb;IAEF,OAAO,CAAC,MAAM,CAiCZ;CACH"}
|
package/dist/lib/filter.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"filter.d.ts","sourceRoot":"","sources":["../../src/lib/filter.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAEtC,OAAO,EAAE,OAAO,
|
|
1
|
+
{"version":3,"file":"filter.d.ts","sourceRoot":"","sources":["../../src/lib/filter.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAEtC,OAAO,EAAE,OAAO,EAAS,MAAM,SAAS,CAAC;AAEzC;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,WAwE/D"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"kinds.d.ts","sourceRoot":"","sources":["../../../src/lib/k8s/kinds.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAE3C,eAAO,MAAM,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"kinds.d.ts","sourceRoot":"","sources":["../../../src/lib/k8s/kinds.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAE3C,eAAO,MAAM,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CA8cnD,CAAC;AAEF,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,gBAAgB,CAErE;AAED;;;;;GAKG;AACH,eAAO,MAAM,YAAY,UAAW,YAAY,oBAAoB,gBAAgB,SAUnF,CAAC"}
|
package/dist/lib/k8s/types.d.ts
CHANGED
|
@@ -36,6 +36,8 @@ export interface GroupVersionKind {
|
|
|
36
36
|
readonly kind: string;
|
|
37
37
|
readonly group: string;
|
|
38
38
|
readonly version?: string;
|
|
39
|
+
/** Optional, override the plural name for use in Webhook rules generation */
|
|
40
|
+
readonly plural?: string;
|
|
39
41
|
}
|
|
40
42
|
/**
|
|
41
43
|
* GroupVersionResource unambiguously identifies a resource. It doesn't anonymously include GroupVersion
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/lib/k8s/types.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEnE,oBAAY,SAAS;IACnB,MAAM,WAAW;IACjB,MAAM,WAAW;IACjB,MAAM,WAAW;IACjB,OAAO,YAAY;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,YAAY,CAAC;CACzB;AACD,MAAM,WAAW,oBAAoB,CAAC,CAAC,SAAS,gBAAgB;IAC9D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,UAAU,CAAC;IACtB,KAAK,EAAE,CAAC,EAAE,CAAC;CACZ;AAED;;;;GAIG;AACH,qBAAa,WAAW;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,YAAY,CAAC;IAExB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED;;;IAGI;AACJ,MAAM,WAAW,gBAAgB;IAC/B,yCAAyC;IACzC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/lib/k8s/types.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEnE,oBAAY,SAAS;IACnB,MAAM,WAAW;IACjB,MAAM,WAAW;IACjB,MAAM,WAAW;IACjB,OAAO,YAAY;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,YAAY,CAAC;CACzB;AACD,MAAM,WAAW,oBAAoB,CAAC,CAAC,SAAS,gBAAgB;IAC9D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,UAAU,CAAC;IACtB,KAAK,EAAE,CAAC,EAAE,CAAC;CACZ;AAED;;;;GAIG;AACH,qBAAa,WAAW;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,YAAY,CAAC;IAExB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED;;;IAGI;AACJ,MAAM,WAAW,gBAAgB;IAC/B,yCAAyC;IACzC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,6EAA6E;IAC7E,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,OAAO,CAAC,CAAC,GAAG,gBAAgB;IAC3C,gEAAgE;IAChE,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IAErB,+GAA+G;IAC/G,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAC;IAEhC,sFAAsF;IACtF,QAAQ,CAAC,QAAQ,EAAE,oBAAoB,CAAC;IAExC,iGAAiG;IACjG,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAE9B,yHAAyH;IACzH,QAAQ,CAAC,WAAW,CAAC,EAAE,gBAAgB,CAAC;IAExC,0GAA0G;IAC1G,QAAQ,CAAC,eAAe,CAAC,EAAE,oBAAoB,CAAC;IAEhD,qHAAqH;IACrH,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAErC;;;OAGG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB,uEAAuE;IACvE,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAE5B;;;OAGG;IACH,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAE9B,wDAAwD;IACxD,QAAQ,CAAC,QAAQ,EAAE;QACjB,0EAA0E;QAC1E,QAAQ,CAAC,EAAE,MAAM,CAAC;QAElB;;;WAGG;QACH,GAAG,CAAC,EAAE,MAAM,CAAC;QAEb,kDAAkD;QAClD,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAElB,gEAAgE;QAChE,KAAK,CAAC,EAAE;YACN,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;SACzB,CAAC;KACH,CAAC;IAEF,2FAA2F;IAC3F,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IAEnB,4EAA4E;IAC5E,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IAEvB,gHAAgH;IAChH,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;IAE1B;;;;;;OAMG;IAEH,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC;CACxB;AAED,MAAM,WAAW,QAAQ;IACvB,kIAAkI;IAClI,GAAG,EAAE,MAAM,CAAC;IAEZ,4EAA4E;IAC5E,OAAO,EAAE,OAAO,CAAC;IAEjB,6IAA6I;IAC7I,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,uFAAuF;IACvF,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,8DAA8D;IAC9D,SAAS,CAAC,EAAE,WAAW,CAAC;IAExB,2HAA2H;IAC3H,gBAAgB,CAAC,EAAE;QACjB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;KACvB,CAAC;IAEF,qFAAqF;IACrF,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB;;;;;;;;;OASG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC;CACnC,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
|
-
import { V1ClusterRole, V1ClusterRoleBinding, V1Deployment, V1MutatingWebhookConfiguration, V1Namespace, V1NetworkPolicy, V1Secret, V1Service, V1ServiceAccount } from "@kubernetes/client-node";
|
|
2
|
+
import { V1ClusterRole, V1ClusterRoleBinding, V1Deployment, V1MutatingWebhookConfiguration, V1Namespace, V1NetworkPolicy, V1RuleWithOperations, V1Secret, V1Service, V1ServiceAccount } from "@kubernetes/client-node";
|
|
3
3
|
import { ModuleConfig } from "../types";
|
|
4
4
|
import { TLSOut } from "./tls";
|
|
5
5
|
export declare class Webhook {
|
|
@@ -22,14 +22,15 @@ export declare class Webhook {
|
|
|
22
22
|
clusterRoleBinding(): V1ClusterRoleBinding;
|
|
23
23
|
serviceAccount(): V1ServiceAccount;
|
|
24
24
|
tlsSecret(): V1Secret;
|
|
25
|
-
|
|
25
|
+
generateWebhookRules(path: string): Promise<V1RuleWithOperations[]>;
|
|
26
|
+
mutatingWebhook(path: string, timeoutSeconds?: number): Promise<V1MutatingWebhookConfiguration>;
|
|
26
27
|
deployment(hash: string): V1Deployment;
|
|
27
28
|
/** Only permit the kube-system ns ingress access to the controller */
|
|
28
29
|
networkPolicy(): V1NetworkPolicy;
|
|
29
30
|
service(): V1Service;
|
|
30
31
|
moduleSecret(data: Buffer, hash: string): V1Secret;
|
|
31
32
|
zarfYaml(path: string): string;
|
|
32
|
-
allYaml(
|
|
33
|
-
deploy(
|
|
33
|
+
allYaml(path: string): Promise<string>;
|
|
34
|
+
deploy(path: string, webhookTimeout?: number): Promise<void>;
|
|
34
35
|
}
|
|
35
36
|
//# sourceMappingURL=webhook.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../../src/lib/k8s/webhook.ts"],"names":[],"mappings":";AAGA,OAAO,EASL,aAAa,EACb,oBAAoB,EACpB,YAAY,EAEZ,8BAA8B,EAC9B,WAAW,EACX,eAAe,EACf,QAAQ,EACR,SAAS,EACT,gBAAgB,EAEjB,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../../src/lib/k8s/webhook.ts"],"names":[],"mappings":";AAGA,OAAO,EASL,aAAa,EACb,oBAAoB,EACpB,YAAY,EAEZ,8BAA8B,EAC9B,WAAW,EACX,eAAe,EACf,oBAAoB,EACpB,QAAQ,EACR,SAAS,EACT,gBAAgB,EAEjB,MAAM,yBAAyB,CAAC;AAQjC,OAAO,EAA6B,YAAY,EAAE,MAAM,UAAU,CAAC;AACnE,OAAO,EAAE,MAAM,EAAU,MAAM,OAAO,CAAC;AAQvC,qBAAa,OAAO;IAUN,OAAO,CAAC,QAAQ,CAAC,MAAM;IAAgB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;IATzE,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,IAAI,CAAS;IAEd,KAAK,EAAE,MAAM,CAAC;IAErB,IAAW,GAAG,IAAI,MAAM,CAEvB;gBAE4B,MAAM,EAAE,YAAY,EAAmB,IAAI,CAAC,oBAAQ;IASjF,yCAAyC;IACzC,SAAS,IAAI,WAAW;IAQxB;;;;;OAKG;IACH,WAAW,IAAI,aAAa;IAgB5B,kBAAkB,IAAI,oBAAoB;IAqB1C,cAAc,IAAI,gBAAgB;IAWlC,SAAS,IAAI,QAAQ;IAgBrB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC;IAwF7D,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,cAAc,SAAK,GAAG,OAAO,CAAC,8BAA8B,CAAC;IAyDjG,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,YAAY;IAyFtC,sEAAsE;IACtE,aAAa,IAAI,eAAe;IAsChC,OAAO,IAAI,SAAS;IAsBpB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,QAAQ;IAkBlD,QAAQ,CAAC,IAAI,EAAE,MAAM;IA2Bf,OAAO,CAAC,IAAI,EAAE,MAAM;IAyBpB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM;CA6InD"}
|
package/dist/lib/module.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../../src/lib/module.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAOvC,MAAM,MAAM,WAAW,GAAG;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,YAAY,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,qHAAqH;IACrH,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,IAAI,CAAC;IAEpC,6GAA6G;IAC7G,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,QAAQ,KAAK,IAAI,CAAC;CACrC,CAAC;AAEF,qBAAa,UAAU;IACrB,OAAO,CAAC,WAAW,
|
|
1
|
+
{"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../../src/lib/module.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAOvC,MAAM,MAAM,WAAW,GAAG;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,YAAY,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,qHAAqH;IACrH,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,IAAI,CAAC;IAEpC,6GAA6G;IAC7G,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,QAAQ,KAAK,IAAI,CAAC;CACrC,CAAC;AAEF,qBAAa,UAAU;IACrB,OAAO,CAAC,WAAW,CAAc;IAEjC;;;;;;OAMG;gBACS,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,WAAW,EAAE,YAAY,GAAE,UAAU,EAAO,EAAE,IAAI,GAAE,iBAAsB;IAoB7G;;;;;OAKG;IACH,KAAK,CAAC,IAAI,SAAO;CAGlB"}
|
package/dist/lib/types.d.ts
CHANGED
|
@@ -34,7 +34,8 @@ export declare enum Event {
|
|
|
34
34
|
Create = "CREATE",
|
|
35
35
|
Update = "UPDATE",
|
|
36
36
|
Delete = "DELETE",
|
|
37
|
-
CreateOrUpdate = "CREATEORUPDATE"
|
|
37
|
+
CreateOrUpdate = "CREATEORUPDATE",
|
|
38
|
+
Any = "*"
|
|
38
39
|
}
|
|
39
40
|
export interface CapabilityCfg {
|
|
40
41
|
/**
|
|
@@ -106,7 +107,7 @@ export type WhenSelector<T extends GenericClass> = {
|
|
|
106
107
|
IsDeleted: () => BindingAll<T>;
|
|
107
108
|
};
|
|
108
109
|
export type Binding = {
|
|
109
|
-
event
|
|
110
|
+
event: Event;
|
|
110
111
|
readonly kind: GroupVersionKind;
|
|
111
112
|
readonly filters: {
|
|
112
113
|
name: string;
|