diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 10c68ea89..8427fdf4f 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -2,7 +2,7 @@ # # This Action will scan dependency manifest files that change as part of a Pull Request, # surfacing known-vulnerable versions of the packages declared or updated in the PR. -# Once installed, if the workflow run is marked as required, +# Once installed, if the workflow run is marked as required, # PRs introducing known-vulnerable packages will be blocked from merging. # # Source repository: https://github.com/actions/dependency-review-action @@ -35,11 +35,11 @@ jobs: run: | npx madge --circular --ts-config tsconfig.json --extensions ts,js src/ > tmp.log || true # Force exit 0 for post-processing tail -n +4 tmp.log > circular-deps.log - if [ $(wc -l < circular-deps.log) -gt 17 ]; then - echo "circular-deps.log has more than 17 circular dependencies." + if [ $(wc -l < circular-deps.log) -gt 11 ]; then + echo "circular-deps.log has more than 11 circular dependencies." wc -l circular-deps.log exit 1 else - echo "circular-deps.log has 17 or fewer circular dependencies." + echo "circular-deps.log has 11 or fewer circular dependencies." exit 0 fi \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 3b9c6013f..87c3d9c87 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2549,9 +2549,9 @@ "dev": true }, "node_modules/@types/node": { - "version": "22.8.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.8.1.tgz", - "integrity": "sha512-k6Gi8Yyo8EtrNtkHXutUu2corfDf9su95VYVP10aGYMMROM6SAItZi0w1XszA6RtWTHSVp5OeFof37w0IEqCQg==", + "version": "22.8.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.8.4.tgz", + "integrity": "sha512-SpNNxkftTJOPk0oN+y2bIqurEXHTA2AOZ3EJDDKeJ5VzkvvORSvmQXGQarcOzWV1ac7DCaPBEdMDxBsM+d8jWw==", "dependencies": { "undici-types": "~6.19.8" } diff --git a/src/lib/assets/rbac.test.ts b/src/lib/assets/rbac.test.ts index 52dfa842e..9d0b76603 100644 --- a/src/lib/assets/rbac.test.ts +++ b/src/lib/assets/rbac.test.ts @@ -5,7 +5,7 @@ import { CapabilityExport } from "../types"; import { it, describe, expect, beforeEach, jest } from "@jest/globals"; import { GenericClass } from "kubernetes-fluent-client"; import { V1PolicyRule as PolicyRule } from "@kubernetes/client-node"; -import { Event } from "../types"; +import { Event } from "../enums"; import fs from "fs"; import * as helpers from "../helpers"; diff --git a/src/lib/assets/webhooks.ts b/src/lib/assets/webhooks.ts index 086fd3a3d..b1c665284 100644 --- a/src/lib/assets/webhooks.ts +++ b/src/lib/assets/webhooks.ts @@ -10,7 +10,7 @@ import { kind } from "kubernetes-fluent-client"; import { concat, equals, uniqWith } from "ramda"; import { Assets } from "."; -import { Event } from "../types"; +import { Event } from "../enums"; const peprIgnoreLabel: V1LabelSelectorRequirement = { key: "pepr.dev", diff --git a/src/lib/capability.test.ts b/src/lib/capability.test.ts index 4616e02f2..3e39e3678 100644 --- a/src/lib/capability.test.ts +++ b/src/lib/capability.test.ts @@ -4,12 +4,11 @@ import { CapabilityCfg, FinalizeAction, MutateAction, ValidateAction, WatchLogAc import { a } from "../lib"; import { V1Pod } from "@kubernetes/client-node"; import { expect, describe, jest, beforeEach, it } from "@jest/globals"; -import { Operation } from "./mutate-types"; +import { Event, Operation } from "./enums"; import { PeprMutateRequest } from "./mutate-request"; import { PeprValidateRequest } from "./validate-request"; import { AdmissionRequest } from "./types"; import { WatchPhase } from "kubernetes-fluent-client/dist/fluent/types"; -import { Event } from "./types"; import { GenericClass } from "kubernetes-fluent-client"; import { Schedule } from "./schedule"; import { OnSchedule } from "./schedule"; diff --git a/src/lib/capability.ts b/src/lib/capability.ts index 15cc70be8..c1903dfe4 100644 --- a/src/lib/capability.ts +++ b/src/lib/capability.ts @@ -1,3 +1,4 @@ +/* eslint-disable max-statements */ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors @@ -7,13 +8,13 @@ import Log from "./logger"; import { isBuildMode, isDevMode, isWatchMode } from "./module"; import { PeprStore, Storage } from "./storage"; import { OnSchedule, Schedule } from "./schedule"; +import { Event } from "./enums"; import { Binding, BindingFilter, BindingWithName, CapabilityCfg, CapabilityExport, - Event, MutateAction, MutateActionChain, ValidateAction, diff --git a/src/lib/enums.ts b/src/lib/enums.ts new file mode 100644 index 000000000..5e34c5c94 --- /dev/null +++ b/src/lib/enums.ts @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: Apache-2.0 +// SPDX-FileCopyrightText: 2023-Present The Pepr Authors + +// Operation type for mutation operations +export enum Operation { + CREATE = "CREATE", + UPDATE = "UPDATE", + DELETE = "DELETE", + CONNECT = "CONNECT", +} + +/** + * The type of Kubernetes mutating webhook event that the action is registered for. + */ +export enum Event { + Create = "CREATE", + Update = "UPDATE", + Delete = "DELETE", + CreateOrUpdate = "CREATEORUPDATE", + Any = "*", +} diff --git a/src/lib/filter/adjudicators.test.ts b/src/lib/filter/adjudicators.test.ts index 8cca0c9e9..9fa21f9a8 100644 --- a/src/lib/filter/adjudicators.test.ts +++ b/src/lib/filter/adjudicators.test.ts @@ -4,8 +4,8 @@ import { expect, describe, it } from "@jest/globals"; import * as sut from "./adjudicators"; import { KubernetesObject } from "kubernetes-fluent-client"; -import { AdmissionRequest, Binding, Event } from "../types"; -import { DeepPartial, Operation } from "../mutate-types"; +import { AdmissionRequest, Binding, DeepPartial } from "../types"; +import { Event, Operation } from "../enums"; describe("definesDeletionTimestamp", () => { //[ Binding, result ] diff --git a/src/lib/filter/adjudicators.ts b/src/lib/filter/adjudicators.ts index 116c932d1..f8cb6cd5b 100644 --- a/src/lib/filter/adjudicators.ts +++ b/src/lib/filter/adjudicators.ts @@ -1,8 +1,7 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors -import { Event } from "../types"; -import { Operation } from "../mutate-types"; +import { Event, Operation } from "../enums"; import { __, allPass, diff --git a/src/lib/filter/filtersWithLogs.ts b/src/lib/filter/filtersWithLogs.ts index 0426a63d3..138c80747 100644 --- a/src/lib/filter/filtersWithLogs.ts +++ b/src/lib/filter/filtersWithLogs.ts @@ -15,7 +15,7 @@ import { mismatchedVersion, uncarryableNamespace, } from "./adjudicators"; -import { Operation } from "../mutate-types"; +import { Operation } from "../enums"; import { FilterInput, FilterParams } from "../types"; import { commonLogMessage } from "./logMessages"; diff --git a/src/lib/filter/shouldSkipRequest.test.ts b/src/lib/filter/shouldSkipRequest.test.ts index d06e3eaaa..429d21f39 100644 --- a/src/lib/filter/shouldSkipRequest.test.ts +++ b/src/lib/filter/shouldSkipRequest.test.ts @@ -6,7 +6,8 @@ import { kind, modelToGroupVersionKind } from "kubernetes-fluent-client"; import * as fc from "fast-check"; import { CreatePod, DeletePod } from "../../fixtures/loader"; import { shouldSkipRequest } from "./shouldSkipRequest"; -import { AdmissionRequest, Binding, Event } from "../types"; +import { AdmissionRequest, Binding } from "../types"; +import { Event } from "../enums"; export const callback = () => undefined; diff --git a/src/lib/finalizer.test.ts b/src/lib/finalizer.test.ts index e377f9225..167eeec24 100644 --- a/src/lib/finalizer.test.ts +++ b/src/lib/finalizer.test.ts @@ -6,7 +6,7 @@ import { addFinalizer, removeFinalizer } from "./finalizer"; import { KubernetesObject, K8s, GenericClass, RegisterKind } from "kubernetes-fluent-client"; import { K8sInit } from "kubernetes-fluent-client/dist/fluent/types"; import { AdmissionRequest } from "./types"; -import { Operation } from "./mutate-types"; +import { Operation } from "./enums"; import { PeprMutateRequest } from "./mutate-request"; import { Binding } from "./types"; diff --git a/src/lib/finalizer.ts b/src/lib/finalizer.ts index e59aedf05..dbd23e7c6 100644 --- a/src/lib/finalizer.ts +++ b/src/lib/finalizer.ts @@ -3,8 +3,8 @@ import { K8s, KubernetesObject, RegisterKind } from "kubernetes-fluent-client"; import Log from "./logger"; -import { Binding } from "./types"; -import { Operation, DeepPartial } from "./mutate-types"; +import { Binding, DeepPartial } from "./types"; +import { Operation } from "./enums"; import { PeprMutateRequest } from "./mutate-request"; export function addFinalizer(request: PeprMutateRequest) { diff --git a/src/lib/helpers.test.ts b/src/lib/helpers.test.ts index c26c56051..d4ecc85c1 100644 --- a/src/lib/helpers.test.ts +++ b/src/lib/helpers.test.ts @@ -1,7 +1,8 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors -import { Binding, CapabilityExport, Event } from "./types"; +import { Binding, CapabilityExport } from "./types"; +import { Event } from "./enums"; import { addVerbIfNotExists, bindingAndCapabilityNSConflict, diff --git a/src/lib/mutate-request.test.ts b/src/lib/mutate-request.test.ts index 4c380e140..f547ae0ea 100644 --- a/src/lib/mutate-request.test.ts +++ b/src/lib/mutate-request.test.ts @@ -4,7 +4,7 @@ import { beforeEach, describe, expect, it } from "@jest/globals"; import { KubernetesObject } from "kubernetes-fluent-client"; import { AdmissionRequest } from "./types"; -import { Operation } from "./mutate-types"; +import { Operation } from "./enums"; import { PeprMutateRequest } from "./mutate-request"; describe("PeprMutateRequest", () => { diff --git a/src/lib/mutate-request.ts b/src/lib/mutate-request.ts index 7ce0d2d56..655cc3bcc 100644 --- a/src/lib/mutate-request.ts +++ b/src/lib/mutate-request.ts @@ -1,17 +1,10 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2023-Present The Pepr Authors -import { Operation, AdmissionRequest, DeepPartial } from "./mutate-types"; +import { AdmissionRequest, DeepPartial } from "./types"; +import { Operation } from "./enums"; import { KubernetesObject } from "kubernetes-fluent-client"; import { clone, mergeDeepRight } from "ramda"; -import { Logger } from "pino"; -import { GenericClass } from "kubernetes-fluent-client"; - -// MutateAction type for handling mutation callbacks -export type MutateAction> = ( - req: PeprMutateRequest, - logger?: Logger, -) => Promise | void | Promise> | PeprMutateRequest; // PeprMutateRequest class for mutation request handling export class PeprMutateRequest { diff --git a/src/lib/mutate-types.ts b/src/lib/mutate-types.ts deleted file mode 100644 index 219d1d405..000000000 --- a/src/lib/mutate-types.ts +++ /dev/null @@ -1,50 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2023-Present The Pepr Authors - -import { KubernetesObject } from "kubernetes-fluent-client"; -import { GroupVersionKind } from "kubernetes-fluent-client"; - -// Operation type for mutation operations -export enum Operation { - CREATE = "CREATE", - UPDATE = "UPDATE", - DELETE = "DELETE", - CONNECT = "CONNECT", -} - -// AdmissionRequest interface for handling admission requests in mutation context -export interface AdmissionRequest { - readonly uid: string; - readonly kind: GroupVersionKind; - readonly resource: GroupVersionResource; - readonly subResource?: string; - readonly requestKind?: GroupVersionKind; - readonly requestResource?: GroupVersionResource; - readonly requestSubResource?: string; - readonly name: string; - readonly namespace?: string; - readonly operation: Operation; - readonly userInfo: { - username?: string; - uid?: string; - groups?: string[]; - extra?: { [key: string]: string[] }; - }; - readonly object: T; - readonly oldObject?: T; - readonly dryRun?: boolean; - // eslint-disable-next-line @typescript-eslint/no-explicit-any - readonly options?: any; -} - -// DeepPartial utility type for deep optional properties -export type DeepPartial = { - [P in keyof T]?: T[P] extends object ? DeepPartial : T[P]; -}; - -// GroupVersionResource interface for resource identification -export interface GroupVersionResource { - readonly group: string; - readonly version: string; - readonly resource: string; -} diff --git a/src/lib/types.ts b/src/lib/types.ts index bd14e59d1..a73ce69c9 100644 --- a/src/lib/types.ts +++ b/src/lib/types.ts @@ -2,7 +2,7 @@ // SPDX-FileCopyrightText: 2023-Present The Pepr Authors import { GenericClass, GroupVersionKind, KubernetesObject } from "kubernetes-fluent-client"; -import { Operation } from "./mutate-types"; +import { Event, Operation } from "./enums"; import { WatchPhase } from "kubernetes-fluent-client/dist/fluent/types"; import { Logger } from "pino"; import { PeprMutateRequest } from "./mutate-request"; @@ -34,17 +34,6 @@ export interface ResponseItem { }; } -/** - * The type of Kubernetes mutating webhook event that the action is registered for. - */ -export enum Event { - Create = "CREATE", - Update = "UPDATE", - Delete = "DELETE", - CreateOrUpdate = "CREATEORUPDATE", - Any = "*", -} - export interface CapabilityCfg { /** * The name of the capability. This should be unique. @@ -370,3 +359,8 @@ export type FilterParams = { }; export type FilterInput = Binding | KubernetesObject | AdmissionRequest | string[] | undefined; + +// DeepPartial utility type for deep optional properties +export type DeepPartial = { + [P in keyof T]?: T[P] extends object ? DeepPartial : T[P]; +}; diff --git a/src/lib/validate-request.test.ts b/src/lib/validate-request.test.ts index 5ce5680ed..9ef0d7c87 100644 --- a/src/lib/validate-request.test.ts +++ b/src/lib/validate-request.test.ts @@ -4,7 +4,7 @@ import { beforeEach, describe, expect, it } from "@jest/globals"; import { KubernetesObject } from "kubernetes-fluent-client"; import { ValidateActionResponse, AdmissionRequest } from "./types"; -import { Operation } from "./mutate-types"; +import { Operation } from "./enums"; import { PeprValidateRequest } from "./validate-request"; describe("PeprValidateRequest", () => { let mockRequest: AdmissionRequest; diff --git a/src/lib/validate-request.ts b/src/lib/validate-request.ts index 4e51e97e2..d4a64bc1d 100644 --- a/src/lib/validate-request.ts +++ b/src/lib/validate-request.ts @@ -8,7 +8,7 @@ import { KubernetesObject } from "kubernetes-fluent-client"; import { clone } from "ramda"; import { AdmissionRequest } from "./types"; import { ValidateActionResponse } from "./types"; -import { Operation } from "./mutate-types"; +import { Operation } from "./enums"; /** * The RequestWrapper class provides methods to modify Kubernetes objects in the context diff --git a/src/lib/watch-processor.ts b/src/lib/watch-processor.ts index 145f70537..7761127b1 100644 --- a/src/lib/watch-processor.ts +++ b/src/lib/watch-processor.ts @@ -7,7 +7,8 @@ import { filterNoMatchReason } from "./helpers"; import { removeFinalizer } from "./finalizer"; import Log from "./logger"; import { Queue } from "./queue"; -import { Binding, Event } from "./types"; +import { Binding } from "./types"; +import { Event } from "./enums"; import { metricsCollector } from "./metrics"; // stores Queue instances diff --git a/src/sdk/sdk.ts b/src/sdk/sdk.ts index 921eb7483..3b07b9f1a 100644 --- a/src/sdk/sdk.ts +++ b/src/sdk/sdk.ts @@ -3,7 +3,6 @@ import { PeprValidateRequest } from "../lib/validate-request"; import { PeprMutateRequest } from "../lib/mutate-request"; -import { a } from "../lib"; import { V1OwnerReference } from "@kubernetes/client-node"; import { GenericKind } from "kubernetes-fluent-client"; import { K8s, kind } from "kubernetes-fluent-client"; @@ -16,7 +15,7 @@ import Log from "../lib/logger"; * @returns the list of containers in the pod */ export function containers( - request: PeprValidateRequest | PeprMutateRequest, + request: PeprValidateRequest | PeprMutateRequest, containerType?: "containers" | "initContainers" | "ephemeralContainers", ) { const containers = request.Raw.spec?.containers || [];