UNPKG

kubricate

Version:

A TypeScript framework for building reusable, type-safe Kubernetes infrastructure — without the YAML mess.

github.com/thaitype/kubricate/tree/main/packages/kubricate

thaitype/kubricate

71 lines (59 loc) 2.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
import type { BaseProvider } from '@kubricate/core'; import type { BaseStack } from '../stack/BaseStack.js'; import { SecretInjectionBuilder } from './SecretInjectionBuilder.js'; import type { SecretManager } from './SecretManager.js'; import type { AnySecretManager, ExtractSecretManager } from './types.js'; export type ExtractProviderKeyFromSecretManager< SM extends AnySecretManager, Key extends keyof ExtractSecretManager<SM>['secretEntries'], > = ExtractSecretManager<SM>['secretEntries'][Key] extends { provider: infer P } ? P : never; export type GetProviderKindFromConnector<SM extends AnySecretManager, ProviderKey> = ProviderKey extends string ? // eslint-disable-next-line @typescript-eslint/no-explicit-any ExtractSecretManager<SM>['providerInstances'][ProviderKey] extends BaseProvider<any, infer Instance> ? Instance : never : never; export type GetProviderKinds< SM extends AnySecretManager, Key extends keyof ExtractSecretManager<SM>['secretEntries'], > = GetProviderKindFromConnector<SM, ExtractProviderKeyFromSecretManager<SM, Key>>; export class SecretsInjectionContext<SM extends SecretManager = AnySecretManager> { private defaultResourceId: string | undefined; private builders: SecretInjectionBuilder[] = []; constructor( private stack: BaseStack, private manager: SM, private secretManagerId: number ) {} /** * Set the default resourceId to use when no explicit resource is defined in a secret injection. */ setDefaultResourceId(id: string): void { this.defaultResourceId = id; } /** * Start defining how a secret will be injected into a resource. * This only resolves the provider, not the actual secret value. * * @param secretName - The name of the secret to inject. * @returns A SecretInjectionBuilder for chaining inject behavior. */ secrets< NewKey extends keyof ExtractSecretManager<SM>['secretEntries'] = keyof ExtractSecretManager<SM>['secretEntries'], ProviderKinds extends GetProviderKinds<SM, NewKey> = GetProviderKinds<SM, NewKey>, >(secretName: NewKey): SecretInjectionBuilder<ProviderKinds> { const { providerInstance, providerId } = this.manager.resolveProviderFor(String(secretName)); const builder = new SecretInjectionBuilder(this.stack, String(secretName), providerInstance, { defaultResourceId: this.defaultResourceId, secretManagerId: this.secretManagerId, providerId, }); this.builders.push(builder); return builder as unknown as SecretInjectionBuilder<ProviderKinds>; } resolveAll(): void { for (const builder of this.builders) { builder.resolveInjection(); } } }