Merge branch 'master' into allow-to-import-app-as-lib

Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com>

.eslintrc.js

@@ -11,7 +11,6 @@ module.exports = {
     "**/dist/**/*",
     "**/static/**/*",
     "**/site/**/*",
-    "extensions/*/*.tgz",
     "build/webpack/**/*",
   ],
   settings: {

.github/workflows/release.yml

@@ -33,6 +33,6 @@ jobs:
   publish-npm:
     uses: ./.github/workflows/publish-release-npm.yml
     needs: release
-    if: ${{ jobs.release.outputs.version != '' }}
+    if: ${{ needs.release.outputs.version != '' }}
     with:
-      version: ${{ jobs.release.outputs.version }}
+      version: ${{ needs.release.outputs.version }}

.github/workflows/test.yml

@@ -57,10 +57,6 @@ jobs:
         name: Run tests
         if: ${{ matrix.type == 'unit' }}
 
-      - run: make test-extensions
-        name: Run In-tree Extension tests
-        if: ${{ matrix.type == 'unit' }}
-
       - run: make ci-validate-dev
         if: ${{ contains(github.event.pull_request.labels.*.name, 'dependencies') && matrix.type == 'unit' }}
         name: Validate dev mode will work

.idea/lens.iml

@@ -6,10 +6,6 @@
       <excludeFolder url="file://$MODULE_DIR$/.tmp" />
       <excludeFolder url="file://$MODULE_DIR$/tmp" />
       <excludeFolder url="file://$MODULE_DIR$/node_modules" />
-      <excludeFolder url="file://$MODULE_DIR$/extensions/kube-object-event-status/node_modules" />
-      <excludeFolder url="file://$MODULE_DIR$/extensions/metrics-cluster-feature/node_modules" />
-      <excludeFolder url="file://$MODULE_DIR$/extensions/node-menu/node_modules" />
-      <excludeFolder url="file://$MODULE_DIR$/extensions/pod-menu/node_modules" />
       <excludeFolder url="file://$MODULE_DIR$/static/build" />
       <excludeFolder url="file://$MODULE_DIR$/src/extensions/npm/extensions/dist" />
       <excludeFolder url="file://$MODULE_DIR$/dist" />
@@ -20,4 +16,4 @@
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="library" name="ogre-tools" level="project" />
   </component>
-</module>
+</module>

Makefile

@@ -5,10 +5,6 @@ CMD_ARGS = $(filter-out $@,$(MAKECMDGOALS))
 
 NPM_RELEASE_TAG ?= latest
 ELECTRON_BUILDER_EXTRA_ARGS ?=
-EXTENSIONS_DIR = ./extensions
-extensions = $(foreach dir, $(wildcard $(EXTENSIONS_DIR)/*), ${dir})
-extension_node_modules = $(foreach dir, $(wildcard $(EXTENSIONS_DIR)/*), ${dir}/node_modules)
-extension_dists = $(foreach dir, $(wildcard $(EXTENSIONS_DIR)/*), ${dir}/dist)
 
 ifeq ($(OS),Windows_NT)
     DETECTED_OS := Windows
@@ -28,10 +24,10 @@ compile-dev: node_modules
 	yarn compile:renderer --cache
 
 .PHONY: validate-dev
-ci-validate-dev: binaries/client build-extensions compile-dev
+ci-validate-dev: binaries/client compile-dev
 
 .PHONY: dev
-dev: binaries/client build-extensions
+dev: binaries/client
 	rm -rf static/build/
 	yarn run build:tray-icons
 	yarn dev
@@ -54,7 +50,6 @@ integration: build
 
 .PHONY: build
 build: node_modules binaries/client
-	$(MAKE) build-extensions -B
 	yarn run build:tray-icons
 	yarn run compile
 ifeq "$(DETECTED_OS)" "Windows"
@@ -63,28 +58,8 @@ ifeq "$(DETECTED_OS)" "Windows"
 endif
 	yarn run electron-builder --publish onTag $(ELECTRON_BUILDER_EXTRA_ARGS)
 
-.NOTPARALLEL: $(extension_node_modules)
-$(extension_node_modules): node_modules
-	cd $(@:/node_modules=) && ../../node_modules/.bin/npm install --no-audit --no-fund --no-save
-
-$(extension_dists): packages/extensions/dist $(extension_node_modules)
-	cd $(@:/dist=) && ../../node_modules/.bin/npm run build
-	rm -rf ./node_modules/$(shell basename $(@:/dist=))
-
-.PHONY: clean-old-extensions
-clean-old-extensions:
-	find ./extensions -mindepth 1 -maxdepth 1 -type d '!' -exec test -e '{}/package.json' \; -exec rm -rf {} \;
-
-.PHONY: build-extensions
-build-extensions: node_modules clean-old-extensions $(extension_dists)
-	yarn install --check-files --frozen-lockfile --network-timeout=100000
-
-.PHONY: test-extensions
-test-extensions: $(extension_node_modules)
-	$(foreach dir, $(extensions), (cd $(dir) && npm run test || exit $?);)
-
-packages/extensions/__mocks__:
-	cp -r __mocks__ packages/extensions/
+src/extensions/npm/extensions/__mocks__:
+	cp -r __mocks__ src/extensions/npm/extensions/
 
 packages/extensions/dist: packages/extensions/node_modules
 	yarn compile:extension-types
@@ -121,17 +96,13 @@ build-docs:
 docs: build-docs
 	yarn mkdocs-serve-local
 
-.PHONY: clean-extensions
-clean-extensions:
-	rm -rf $(EXTENSIONS_DIR)/*/{dist,node_modules,*.tgz}
-
 .PHONY: clean-npm
 clean-npm:
 	rm -rf packages/extensions/{dist,__mocks__,node_modules}
 	rm -rf static/build/library/
 
 .PHONY: clean
-clean: clean-npm clean-extensions
+clean: clean-npm
 	rm -rf binaries/client
 	rm -rf dist
 	rm -rf static/build

extensions/.eslintrc.js

@@ -1,20 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-module.exports = {
-  "overrides": [
-    {
-      files: [
-        "**/*.ts",
-        "**/*.tsx",
-      ],
-      rules: {
-        "import/no-unresolved": ["error", {
-          ignore: ["@k8slens/extensions"],
-        }],
-      },
-    },
-  ],
-};

extensions/.gitignore

@@ -1 +0,0 @@
-*/*.tgz

extensions/kube-object-event-status/Makefile

@@ -1,8 +0,0 @@
-install-deps:
-	npm install
-
-build: install-deps
-	npm run build
-
-test:
-	npm run test

extensions/kube-object-event-status/package.json

@@ -1,21 +0,0 @@
-{
-  "name": "kube-object-event-status",
-  "version": "6.1.1",
-  "description": "Adds kube object status from events",
-  "renderer": "dist/renderer.js",
-  "lens": {
-    "metadata": {},
-    "styles": []
-  },
-  "scripts": {
-    "build": "npx webpack",
-    "dev": "npx webpack -- --watch",
-    "test": "echo NO TESTS"
-  },
-  "files": [
-    "dist/**/*"
-  ],
-  "devDependencies": {
-    "@k8slens/extensions": "file:../../src/extensions/npm/extensions"
-  }
-}

extensions/kube-object-event-status/renderer.tsx

@@ -1,53 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import { Renderer } from "@k8slens/extensions";
-import { resolveStatus, resolveStatusForCronJobs, resolveStatusForPods } from "./src/resolver";
-
-export default class EventResourceStatusRendererExtension extends Renderer.LensExtension {
-  kubeObjectStatusTexts = [
-    {
-      kind: "Pod",
-      apiVersions: ["v1"],
-      resolve: (pod: Renderer.K8sApi.Pod) => resolveStatusForPods(pod),
-    },
-    {
-      kind: "ReplicaSet",
-      apiVersions: ["v1"],
-      resolve: (replicaSet: Renderer.K8sApi.ReplicaSet) => resolveStatus(replicaSet),
-    },
-    {
-      kind: "Deployment",
-      apiVersions: ["apps/v1"],
-      resolve: (deployment: Renderer.K8sApi.Deployment) => resolveStatus(deployment),
-    },
-    {
-      kind: "StatefulSet",
-      apiVersions: ["apps/v1"],
-      resolve: (statefulSet: Renderer.K8sApi.StatefulSet) => resolveStatus(statefulSet),
-    },
-    {
-      kind: "DaemonSet",
-      apiVersions: ["apps/v1"],
-      resolve: (daemonSet: Renderer.K8sApi.DaemonSet) => resolveStatus(daemonSet),
-    },
-    {
-      kind: "Job",
-      apiVersions: [
-        "batch/v1",
-        "batch/v1beta1",
-      ],
-      resolve: (job: Renderer.K8sApi.Job) => resolveStatus(job),
-    },
-    {
-      kind: "CronJob",
-      apiVersions: [
-        "batch/v1",
-        "batch/v1beta1",
-      ],
-      resolve: (cronJob: Renderer.K8sApi.CronJob) => resolveStatusForCronJobs(cronJob),
-    },
-  ];
-}

extensions/kube-object-event-status/src/resolver.tsx

@@ -1,72 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import { Renderer } from "@k8slens/extensions";
-
-const { apiManager, eventApi, KubeObjectStatusLevel } = Renderer.K8sApi;
-
-type KubeObject = Renderer.K8sApi.KubeObject;
-type Pod = Renderer.K8sApi.Pod;
-type CronJob = Renderer.K8sApi.CronJob;
-type KubeObjectStatus = Renderer.K8sApi.KubeObjectStatus;
-type EventStore = Renderer.K8sApi.EventStore;
-
-export function resolveStatus(object: KubeObject): KubeObjectStatus {
-  const eventStore = apiManager.getStore(eventApi);
-  const events = (eventStore as EventStore).getEventsByObject(object);
-  const warnings = events.filter(evt => evt.isWarning());
-
-  if (!events.length || !warnings.length) {
-    return null;
-  }
-  const event = [...warnings, ...events][0]; // get latest event
-
-  return {
-    level: KubeObjectStatusLevel.WARNING,
-    text: `${event.message}`,
-    timestamp: event.metadata.creationTimestamp,
-  };
-}
-
-export function resolveStatusForPods(pod: Pod): KubeObjectStatus {
-  if (!pod.hasIssues()) {
-    return null;
-  }
-  const eventStore = apiManager.getStore(eventApi);
-  const events = (eventStore as EventStore).getEventsByObject(pod);
-  const warnings = events.filter(evt => evt.isWarning());
-
-  if (!events.length || !warnings.length) {
-    return null;
-  }
-  const event = [...warnings, ...events][0]; // get latest event
-
-  return {
-    level: KubeObjectStatusLevel.WARNING,
-    text: `${event.message}`,
-    timestamp: event.metadata.creationTimestamp,
-  };
-}
-
-export function resolveStatusForCronJobs(cronJob: CronJob): KubeObjectStatus {
-  const eventStore = apiManager.getStore(eventApi);
-  let events = (eventStore as EventStore).getEventsByObject(cronJob);
-  const warnings = events.filter(evt => evt.isWarning());
-
-  if (cronJob.isNeverRun()) {
-    events = events.filter(event => event.reason != "FailedNeedsStart");
-  }
-
-  if (!events.length || !warnings.length) {
-    return null;
-  }
-  const event = [...warnings, ...events][0]; // get latest event
-
-  return {
-    level: KubeObjectStatusLevel.WARNING,
-    text: `${event.message}`,
-    timestamp: event.metadata.creationTimestamp,
-  };
-}

extensions/kube-object-event-status/tsconfig.json

@@ -1,27 +0,0 @@
-{
-  "compilerOptions": {
-    "outDir": "dist",
-    "module": "CommonJS",
-    "target": "ES2017",
-    "lib": ["ESNext", "DOM", "DOM.Iterable"],
-    "moduleResolution": "Node",
-    "sourceMap": false,
-    "declaration": false,
-    "strict": false,
-    "noImplicitAny": true,
-    "skipLibCheck": true,
-    "esModuleInterop": true,
-    "allowSyntheticDefaultImports": true,
-    "experimentalDecorators": true,
-    "useDefineForClassFields": true,
-    "jsx": "react"
-  },
-  "include": [
-    "./*.ts",
-    "./*.tsx"
-  ],
-  "exclude": [
-    "node_modules",
-    "*.js"
-  ]
-}

extensions/kube-object-event-status/webpack.config.js

@@ -1,44 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-const path = require("path");
-
-module.exports = [
-  {
-    entry: "./renderer.tsx",
-    context: __dirname,
-    target: "electron-renderer",
-    mode: "production",
-    optimization: {
-      minimize: false,
-    },
-    module: {
-      rules: [
-        {
-          test: /\.tsx?$/,
-          use: "ts-loader",
-          exclude: /node_modules/,
-        },
-      ],
-    },
-    externals: [
-      {
-        "@k8slens/extensions": "var global.LensExtensions",
-        "react": "var global.React",
-        "react-dom": "var global.ReactDOM",
-        "mobx": "var global.Mobx",
-        "mobx-react": "var global.MobxReact",
-      },
-    ],
-    resolve: {
-      extensions: [ ".tsx", ".ts", ".js" ],
-    },
-    output: {
-      libraryTarget: "commonjs2",
-      globalObject: "this",
-      filename: "renderer.js",
-      path: path.resolve(__dirname, "dist"),
-    },
-  },
-];

extensions/metrics-cluster-feature/package.json

@@ -1,24 +0,0 @@
-{
-  "name": "lens-metrics-cluster-feature",
-  "version": "6.1.0",
-  "description": "Lens metrics cluster feature",
-  "renderer": "dist/renderer.js",
-  "lens": {
-    "metadata": {},
-    "styles": []
-  },
-  "scripts": {
-    "build": "npx webpack",
-    "dev": "npx webpack -- --watch",
-    "test": "npx jest --passWithNoTests --env=jsdom src $@",
-    "clean": "rm -rf dist/ && rm *.tgz"
-  },
-  "files": [
-    "dist/**/*",
-    "resources/**/*"
-  ],
-  "devDependencies": {
-    "@k8slens/extensions": "file:../../src/extensions/npm/extensions",
-    "semver": "^7.3.2"
-  }
-}

extensions/metrics-cluster-feature/renderer.tsx

@@ -1,27 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import React from "react";
-import type { Common } from "@k8slens/extensions";
-import { Renderer } from "@k8slens/extensions";
-import { MetricsSettings } from "./src/metrics-settings";
-
-export default class ClusterMetricsFeatureExtension extends Renderer.LensExtension {
-  entitySettings = [
-    {
-      apiVersions: ["entity.k8slens.dev/v1alpha1"],
-      kind: "KubernetesCluster",
-      title: "Lens Metrics",
-      priority: 5,
-      components: {
-        View: ({ entity = null }: { entity: Common.Catalog.KubernetesCluster }) => {
-          return (
-            <MetricsSettings cluster={entity} />
-          );
-        },
-      },
-    },
-  ];
-}

extensions/metrics-cluster-feature/resources/01-namespace.yml.hb

@@ -1,6 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: lens-metrics
-  annotations:
-    extensionVersion: "{{ version }}"

extensions/metrics-cluster-feature/resources/02-configmap.yml.hb

@@ -1,281 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: prometheus-config
-  namespace: lens-metrics
-data:
-  prometheus.yaml: |-
-    # Global config
-    global:
-      scrape_interval: 15s
-
-    {{#if alertManagers}}
-    # AlertManager
-    alerting:
-      alertmanagers:
-      - static_configs:
-        - targets:
-          {{#each alertManagers}}
-          - {{this}}
-          {{/each}}
-    {{/if}}
-
-    # Scrape configs for running Prometheus on a Kubernetes cluster.
-    # This uses separate scrape configs for cluster components (i.e. API server, node)
-    # and services to allow each to use different authentication configs.
-    #
-    # Kubernetes labels will be added as Prometheus labels on metrics via the
-    # `labelmap` relabeling action.
-    scrape_configs:
-
-    # Scrape config for API servers.
-    #
-    # Kubernetes exposes API servers as endpoints to the default/kubernetes
-    # service so this uses `endpoints` role and uses relabelling to only keep
-    # the endpoints associated with the default/kubernetes service using the
-    # default named port `https`. This works for single API server deployments as
-    # well as HA API server deployments.
-    - job_name: 'kubernetes-apiservers'
-      kubernetes_sd_configs:
-      - role: endpoints
-
-      scheme: https
-      tls_config:
-        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-        # Using endpoints to discover kube-apiserver targets finds the pod IP
-        # (host IP since apiserver uses host network) which is not used in
-        # the server certificate.
-        insecure_skip_verify: true
-      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-
-      # Keep only the default/kubernetes service endpoints for the https port. This
-      # will add targets for each API server which Kubernetes adds an endpoint to
-      # the default/kubernetes service.
-      relabel_configs:
-      - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
-        action: keep
-        regex: default;kubernetes;https
-      - replacement: apiserver
-        action: replace
-        target_label: job
-
-    # Scrape config for node (i.e. kubelet) /metrics (e.g. 'kubelet_'). Explore
-    # metrics from a node by scraping kubelet (127.0.0.1:10250/metrics).
-    - job_name: 'kubelet'
-      kubernetes_sd_configs:
-      - role: node
-
-      scheme: https
-      tls_config:
-        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-        # Kubelet certs don't have any fixed IP SANs
-        insecure_skip_verify: true
-      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-
-      relabel_configs:
-      - action: labelmap
-        regex: __meta_kubernetes_node_label_(.+)
-      - replacement: 'lens-metrics'
-        target_label: kubernetes_namespace
-
-      metric_relabel_configs:
-      - source_labels:
-          - namespace
-        action: replace
-        regex: (.+)
-        target_label: kubernetes_namespace
-
-    # Scrape config for Kubelet cAdvisor. Explore metrics from a node by
-    # scraping kubelet (127.0.0.1:10250/metrics/cadvisor).
-    - job_name: 'kubernetes-cadvisor'
-      kubernetes_sd_configs:
-      - role: node
-
-      scheme: https
-      metrics_path: /metrics/cadvisor
-      tls_config:
-        # Kubelet certs don't have any fixed IP SANs
-        insecure_skip_verify: true
-        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-
-      relabel_configs:
-      - action: labelmap
-        regex: __meta_kubernetes_node_label_(.+)
-      metric_relabel_configs:
-      - source_labels:
-          - namespace
-        action: replace
-        target_label: kubernetes_namespace
-      - source_labels:
-        - pod
-        regex: (.*)
-        replacement: $1
-        action: replace
-        target_label: pod_name
-      - source_labels:
-        - container
-        regex: (.*)
-        replacement: $1
-        action: replace
-        target_label: container_name
-
-    # Scrap etcd metrics from masters via etcd-scraper-proxy
-    - job_name: 'etcd'
-      kubernetes_sd_configs:
-      - role: pod
-      scheme: http
-      relabel_configs:
-        - source_labels: [__meta_kubernetes_namespace]
-          action: keep
-          regex: 'kube-system'
-        - source_labels: [__meta_kubernetes_pod_label_component]
-          action: keep
-          regex: 'etcd-scraper-proxy'
-        - action: labelmap
-          regex: __meta_kubernetes_pod_label_(.+)
-
-    # Scrape config for service endpoints.
-    #
-    # The relabeling allows the actual service scrape endpoint to be configured
-    # via the following annotations:
-    #
-    # * `prometheus.io/scrape`: Only scrape services that have a value of `true`
-    # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need
-    # to set this to `https` & most likely set the `tls_config` of the scrape config.
-    # * `prometheus.io/path`: If the metrics path is not `/metrics` override this.
-    # * `prometheus.io/port`: If the metrics are exposed on a different port to the
-    # service then set this appropriately.
-    - job_name: 'kubernetes-service-endpoints'
-
-      kubernetes_sd_configs:
-      - role: endpoints
-        namespaces:
-          names:
-            - lens-metrics
-
-      relabel_configs:
-      - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
-        action: keep
-        regex: true
-      - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]
-        action: replace
-        target_label: __scheme__
-        regex: (https?)
-      - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]
-        action: replace
-        target_label: __metrics_path__
-        regex: (.+)
-      - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port]
-        action: replace
-        target_label: __address__
-        regex: ([^:]+)(?::\d+)?;(\d+)
-        replacement: $1:$2
-      - action: labelmap
-        regex: __meta_kubernetes_service_label_(.+)
-      - source_labels: [__meta_kubernetes_service_name]
-        action: replace
-        target_label: job
-      - action: replace
-        source_labels:
-        - __meta_kubernetes_pod_node_name
-        target_label: kubernetes_node
-      - source_labels: [__meta_kubernetes_namespace]
-        action: replace
-        target_label: kubernetes_namespace
-      metric_relabel_configs:
-      - source_labels:
-          - namespace
-        action: replace
-        regex: (.+)
-        target_label: kubernetes_namespace
-
-    # Example scrape config for probing services via the Blackbox Exporter.
-    #
-    # The relabeling allows the actual service scrape endpoint to be configured
-    # via the following annotations:
-    #
-    # * `prometheus.io/probe`: Only probe services that have a value of `true`
-    - job_name: 'kubernetes-services'
-
-      metrics_path: /probe
-      params:
-        module: [http_2xx]
-
-      kubernetes_sd_configs:
-      - role: service
-        namespaces:
-          names:
-            - lens-metrics
-
-      relabel_configs:
-      - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe]
-        action: keep
-        regex: true
-      - source_labels: [__address__]
-        target_label: __param_target
-      - target_label: __address__
-        replacement: blackbox
-      - source_labels: [__param_target]
-        target_label: instance
-      - action: labelmap
-        regex: __meta_kubernetes_service_label_(.+)
-      - source_labels: [__meta_kubernetes_service_name]
-        target_label: job
-      metric_relabel_configs:
-      - source_labels:
-          - namespace
-        action: replace
-        regex: (.+)
-        target_label: kubernetes_namespace
-
-    # Example scrape config for pods
-    #
-    # The relabeling allows the actual pod scrape endpoint to be configured via the
-    # following annotations:
-    #
-    # * `prometheus.io/scrape`: Only scrape pods that have a value of `true`
-    # * `prometheus.io/path`: If the metrics path is not `/metrics` override this.
-    # * `prometheus.io/port`: Scrape the pod on the indicated port instead of the
-    # pod's declared ports (default is a port-free target if none are declared).
-    - job_name: 'kubernetes-pods'
-
-      kubernetes_sd_configs:
-      - role: pod
-        namespaces:
-          names:
-            - lens-metrics
-
-      relabel_configs:
-      - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
-        action: keep
-        regex: true
-      - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
-        action: replace
-        target_label: __metrics_path__
-        regex: (.+)
-      - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
-        action: replace
-        regex: ([^:]+)(?::\d+)?;(\d+)
-        replacement: $1:$2
-        target_label: __address__
-      - action: labelmap
-        regex: __meta_kubernetes_pod_label_(.+)
-      - source_labels: [__meta_kubernetes_namespace]
-        action: replace
-        target_label: kubernetes_namespace
-      - source_labels: [__meta_kubernetes_pod_name]
-        action: replace
-        target_label: kubernetes_pod_name
-      metric_relabel_configs:
-      - source_labels:
-          - namespace
-        action: replace
-        regex: (.+)
-        target_label: kubernetes_namespace
-
-    # Rule files
-    rule_files:
-      - "/etc/prometheus/rules/*.rules"
-      - "/etc/prometheus/rules/*.yaml"
-      - "/etc/prometheus/rules/*.yml"

extensions/metrics-cluster-feature/resources/02-service-account.yml

@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: prometheus
-  namespace: lens-metrics

extensions/metrics-cluster-feature/resources/03-service.yml.hb

@@ -1,18 +0,0 @@
-{{#if prometheus.enabled}}
-apiVersion: v1
-kind: Service
-metadata:
-  name: prometheus
-  namespace: lens-metrics
-  annotations:
-    prometheus.io/scrape: 'true'
-spec:
-  type: ClusterIP
-  selector:
-    name: prometheus
-  ports:
-    - name: web
-      protocol: TCP
-      port: 80
-      targetPort: 9090
-{{/if}}

extensions/metrics-cluster-feature/resources/03-statefulset.yml.hb

@@ -1,113 +0,0 @@
-{{#if prometheus.enabled}}
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: prometheus
-  namespace: lens-metrics
-spec:
-  replicas: {{replicas}}
-  serviceName: prometheus
-  selector:
-    matchLabels:
-      name: prometheus
-  template:
-    metadata:
-      labels:
-        name: prometheus
-    spec:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-              - matchExpressions:
-                - key: kubernetes.io/os
-                  operator: In
-                  values:
-                  - linux
-      # <%- if config.node_selector -%>
-      # nodeSelector:
-      # <%- node_selector.to_h.each do |key, value| -%>
-      #   <%= key %>: <%= value %>
-      # <%- end -%>
-      # <%- end -%>
-      # <%- unless config.tolerations.empty? -%>
-      # tolerations:
-      # <%- config.tolerations.each do |t| -%>
-      #   -
-      #     <%- t.each do |k,v| -%>
-      #     <%= k %>: <%= v %>
-      #     <%- end -%>
-      # <%- end -%>
-      # <%- end -%>
-      serviceAccountName: prometheus
-      initContainers:
-        - name: chown
-          image: docker.io/alpine:3.12
-          command: ["chown", "-R", "65534:65534", "/var/lib/prometheus"]
-          volumeMounts:
-            - name: data
-              mountPath: /var/lib/prometheus
-      containers:
-        - name: prometheus
-          image: quay.io/prometheus/prometheus:v2.27.1
-          args:
-            - --web.listen-address=0.0.0.0:9090
-            - --config.file=/etc/prometheus/prometheus.yaml
-            - --storage.tsdb.path=/var/lib/prometheus
-            - --storage.tsdb.retention.time={{retention.time}}
-            - --storage.tsdb.retention.size={{retention.size}}
-            - --storage.tsdb.min-block-duration=2h
-            - --storage.tsdb.max-block-duration=2h
-          ports:
-            - name: web
-              containerPort: 9090
-          volumeMounts:
-            - name: config
-              mountPath: /etc/prometheus
-            - name: rules
-              mountPath: /etc/prometheus/rules
-            - name: data
-              mountPath: /var/lib/prometheus
-          readinessProbe:
-            httpGet:
-              path: /-/ready
-              port: 9090
-            initialDelaySeconds: 10
-            timeoutSeconds: 10
-          livenessProbe:
-            httpGet:
-              path: /-/healthy
-              port: 9090
-            initialDelaySeconds: 10
-            timeoutSeconds: 10
-          resources:
-            requests:
-              cpu: 100m
-              memory: 512Mi
-      terminationGracePeriodSeconds: 30
-      volumes:
-        - name: config
-          configMap:
-            name: prometheus-config
-        - name: rules
-          configMap:
-            name: prometheus-rules
-        {{#unless persistence.enabled}}
-        - name: data
-          emptyDir: {}
-        {{/unless}}
-  {{#if persistence.enabled}}
-  volumeClaimTemplates:
-    - metadata:
-        name: data
-      spec:
-        accessModes:
-        - ReadWriteOnce
-        {{#if persistence.storageClass}}
-        storageClassName: "{{persistence.storageClass}}"
-        {{/if}}
-        resources:
-          requests:
-            storage: {{persistence.size}}
-  {{/if}}
-{{/if}}

extensions/metrics-cluster-feature/resources/04-rules.yml

@@ -1,514 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: prometheus-rules
-  namespace: lens-metrics
-data:
-  alertmanager.rules.yaml: |
-    groups:
-    - name: alertmanager.rules
-      rules:
-      - alert: AlertmanagerConfigInconsistent
-        expr: count_values("config_hash", alertmanager_config_hash) BY (service) / ON(service)
-          GROUP_LEFT() label_replace(prometheus_operator_alertmanager_spec_replicas, "service",
-          "alertmanager-$1", "alertmanager", "(.*)") != 1
-        for: 5m
-        labels:
-          severity: critical
-        annotations:
-          description: The configuration of the instances of the Alertmanager cluster
-            `{{$labels.service}}` are out of sync.
-      - alert: AlertmanagerDownOrMissing
-        expr: label_replace(prometheus_operator_alertmanager_spec_replicas, "job", "alertmanager-$1",
-          "alertmanager", "(.*)") / ON(job) GROUP_RIGHT() sum(up) BY (job) != 1
-        for: 5m
-        labels:
-          severity: warning
-        annotations:
-          description: An unexpected number of Alertmanagers are scraped or Alertmanagers
-            disappeared from discovery.
-      - alert: AlertmanagerFailedReload
-        expr: alertmanager_config_last_reload_successful == 0
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Reloading Alertmanager's configuration has failed for {{ $labels.namespace
-            }}/{{ $labels.pod}}.
-  etcd3.rules.yaml: |
-    groups:
-    - name: ./etcd3.rules
-      rules:
-      - alert: InsufficientMembers
-        expr: count(up{job="etcd"} == 0) > (count(up{job="etcd"}) / 2 - 1)
-        for: 3m
-        labels:
-          severity: critical
-        annotations:
-          description: If one more etcd member goes down the cluster will be unavailable
-          summary: etcd cluster insufficient members
-      - alert: NoLeader
-        expr: etcd_server_has_leader{job="etcd"} == 0
-        for: 1m
-        labels:
-          severity: critical
-        annotations:
-          description: etcd member {{ $labels.instance }} has no leader
-          summary: etcd member has no leader
-      - alert: HighNumberOfLeaderChanges
-        expr: increase(etcd_server_leader_changes_seen_total{job="etcd"}[1h]) > 3
-        labels:
-          severity: warning
-        annotations:
-          description: etcd instance {{ $labels.instance }} has seen {{ $value }} leader
-            changes within the last hour
-          summary: a high number of leader changes within the etcd cluster are happening
-      - alert: GRPCRequestsSlow
-        expr: histogram_quantile(0.99, sum(rate(grpc_server_handling_seconds_bucket{job="etcd",grpc_type="unary"}[5m])) by (grpc_service, grpc_method, le))
-          > 0.15
-        for: 10m
-        labels:
-          severity: critical
-        annotations:
-          description: on etcd instance {{ $labels.instance }} gRPC requests to {{ $labels.grpc_method
-            }} are slow
-          summary: slow gRPC requests
-      - alert: HighNumberOfFailedHTTPRequests
-        expr: sum(rate(etcd_http_failed_total{job="etcd"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job="etcd"}[5m]))
-          BY (method) > 0.01
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: '{{ $value }}% of requests for {{ $labels.method }} failed on etcd
-            instance {{ $labels.instance }}'
-          summary: a high number of HTTP requests are failing
-      - alert: HighNumberOfFailedHTTPRequests
-        expr: sum(rate(etcd_http_failed_total{job="etcd"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job="etcd"}[5m]))
-          BY (method) > 0.05
-        for: 5m
-        labels:
-          severity: critical
-        annotations:
-          description: '{{ $value }}% of requests for {{ $labels.method }} failed on etcd
-            instance {{ $labels.instance }}'
-          summary: a high number of HTTP requests are failing
-      - alert: HTTPRequestsSlow
-        expr: histogram_quantile(0.99, rate(etcd_http_successful_duration_seconds_bucket[5m]))
-          > 0.15
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: on etcd instance {{ $labels.instance }} HTTP requests to {{ $labels.method
-            }} are slow
-          summary: slow HTTP requests
-      - alert: EtcdMemberCommunicationSlow
-        expr: histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket[5m]))
-          > 0.15
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: etcd instance {{ $labels.instance }} member communication with
-            {{ $labels.To }} is slow
-          summary: etcd member communication is slow
-      - alert: HighNumberOfFailedProposals
-        expr: increase(etcd_server_proposals_failed_total{job="etcd"}[1h]) > 5
-        labels:
-          severity: warning
-        annotations:
-          description: etcd instance {{ $labels.instance }} has seen {{ $value }} proposal
-            failures within the last hour
-          summary: a high number of proposals within the etcd cluster are failing
-      - alert: HighFsyncDurations
-        expr: histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket[5m]))
-          > 0.5
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: etcd instance {{ $labels.instance }} fync durations are high
-          summary: high fsync durations
-      - alert: HighCommitDurations
-        expr: histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket[5m]))
-          > 0.25
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: etcd instance {{ $labels.instance }} commit durations are high
-          summary: high commit durations
-  general.rules.yaml: |
-    groups:
-    - name: general.rules
-      rules:
-      - alert: TargetDown
-        expr: 100 * (count(up == 0) BY (job) / count(up) BY (job)) > 10
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: '{{ $value }}% of {{ $labels.job }} targets are down.'
-          summary: Targets are down
-      - record: fd_utilization
-        expr: process_open_fds / process_max_fds
-      - alert: FdExhaustionClose
-        expr: predict_linear(fd_utilization[1h], 3600 * 4) > 1
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: '{{ $labels.job }}: {{ $labels.namespace }}/{{ $labels.pod }} instance
-            will exhaust in file/socket descriptors within the next 4 hours'
-          summary: file descriptors soon exhausted
-      - alert: FdExhaustionClose
-        expr: predict_linear(fd_utilization[10m], 3600) > 1
-        for: 10m
-        labels:
-          severity: critical
-        annotations:
-          description: '{{ $labels.job }}: {{ $labels.namespace }}/{{ $labels.pod }} instance
-            will exhaust in file/socket descriptors within the next hour'
-          summary: file descriptors soon exhausted
-  kube-state-metrics.rules.yaml: |
-    groups:
-    - name: kube-state-metrics.rules
-      rules:
-      - alert: DeploymentGenerationMismatch
-        expr: kube_deployment_status_observed_generation != kube_deployment_metadata_generation
-        for: 15m
-        labels:
-          severity: warning
-        annotations:
-          description: Observed deployment generation does not match expected one for
-            deployment {{$labels.namespaces}}/{{$labels.deployment}}
-          summary: Deployment is outdated
-      - alert: DeploymentReplicasNotUpdated
-        expr: ((kube_deployment_status_replicas_updated != kube_deployment_spec_replicas)
-          or (kube_deployment_status_replicas_available != kube_deployment_spec_replicas))
-          unless (kube_deployment_spec_paused == 1)
-        for: 15m
-        labels:
-          severity: warning
-        annotations:
-          description: Replicas are not updated and available for deployment {{$labels.namespaces}}/{{$labels.deployment}}
-          summary: Deployment replicas are outdated
-      - alert: DaemonSetRolloutStuck
-        expr: kube_daemonset_status_number_ready / kube_daemonset_status_desired_number_scheduled
-          * 100 < 100
-        for: 15m
-        labels:
-          severity: warning
-        annotations:
-          description: Only {{$value}}% of desired pods scheduled and ready for daemon
-            set {{$labels.namespaces}}/{{$labels.daemonset}}
-          summary: DaemonSet is missing pods
-      - alert: K8SDaemonSetsNotScheduled
-        expr: kube_daemonset_status_desired_number_scheduled - kube_daemonset_status_current_number_scheduled
-          > 0
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: A number of daemonsets are not scheduled.
-          summary: Daemonsets are not scheduled correctly
-      - alert: DaemonSetsMissScheduled
-        expr: kube_daemonset_status_number_misscheduled > 0
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: A number of daemonsets are running where they are not supposed
-            to run.
-          summary: Daemonsets are not scheduled correctly
-      - alert: PodFrequentlyRestarting
-        expr: increase(kube_pod_container_status_restarts_total[1h]) > 5
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Pod {{$labels.namespaces}}/{{$labels.pod}} restarted {{$value}}
-            times within the last hour
-          summary: Pod is restarting frequently
-  kubelet.rules.yaml: |
-    groups:
-    - name: kubelet.rules
-      rules:
-      - alert: K8SNodeNotReady
-        expr: kube_node_status_condition{condition="Ready",status="true"} == 0
-        for: 1h
-        labels:
-          severity: warning
-        annotations:
-          description: The Kubelet on {{ $labels.node }} has not checked in with the API,
-            or has set itself to NotReady, for more than an hour
-          summary: Node status is NotReady
-      - alert: K8SManyNodesNotReady
-        expr: count(kube_node_status_condition{condition="Ready",status="true"} == 0)
-          > 1 and (count(kube_node_status_condition{condition="Ready",status="true"} ==
-          0) / count(kube_node_status_condition{condition="Ready",status="true"})) > 0.2
-        for: 1m
-        labels:
-          severity: critical
-        annotations:
-          description: '{{ $value }}% of Kubernetes nodes are not ready'
-      - alert: K8SKubeletDown
-        expr: count(up{job="kubelet"} == 0) / count(up{job="kubelet"}) * 100 > 3
-        for: 1h
-        labels:
-          severity: warning
-        annotations:
-          description: Prometheus failed to scrape {{ $value }}% of kubelets.
-      - alert: K8SKubeletDown
-        expr: (absent(up{job="kubelet"} == 1) or count(up{job="kubelet"} == 0) / count(up{job="kubelet"}))
-          * 100 > 10
-        for: 1h
-        labels:
-          severity: critical
-        annotations:
-          description: Prometheus failed to scrape {{ $value }}% of kubelets, or all Kubelets
-            have disappeared from service discovery.
-          summary: Many Kubelets cannot be scraped
-      - alert: K8SKubeletTooManyPods
-        expr: kubelet_running_pod_count > 100
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Kubelet {{$labels.instance}} is running {{$value}} pods, close
-            to the limit of 110
-          summary: Kubelet is close to pod limit
-  kubernetes.rules.yaml: |
-    groups:
-    - name: kubernetes.rules
-      rules:
-      - record: pod_name:container_memory_usage_bytes:sum
-        expr: sum(container_memory_usage_bytes{container_name!="POD",pod_name!=""}) BY
-          (pod_name)
-      - record: pod_name:container_spec_cpu_shares:sum
-        expr: sum(container_spec_cpu_shares{container_name!="POD",pod_name!=""}) BY (pod_name)
-      - record: pod_name:container_cpu_usage:sum
-        expr: sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name!=""}[5m]))
-          BY (pod_name)
-      - record: pod_name:container_fs_usage_bytes:sum
-        expr: sum(container_fs_usage_bytes{container_name!="POD",pod_name!=""}) BY (pod_name)
-      - record: namespace:container_memory_usage_bytes:sum
-        expr: sum(container_memory_usage_bytes{container_name!=""}) BY (namespace)
-      - record: namespace:container_spec_cpu_shares:sum
-        expr: sum(container_spec_cpu_shares{container_name!=""}) BY (namespace)
-      - record: namespace:container_cpu_usage:sum
-        expr: sum(rate(container_cpu_usage_seconds_total{container_name!="POD"}[5m]))
-          BY (namespace)
-      - record: cluster:memory_usage:ratio
-        expr: sum(container_memory_usage_bytes{container_name!="POD",pod_name!=""}) BY
-          (cluster) / sum(machine_memory_bytes) BY (cluster)
-      - record: cluster:container_spec_cpu_shares:ratio
-        expr: sum(container_spec_cpu_shares{container_name!="POD",pod_name!=""}) / 1000
-          / sum(machine_cpu_cores)
-      - record: cluster:container_cpu_usage:ratio
-        expr: sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name!=""}[5m]))
-          / sum(machine_cpu_cores)
-      - record: apiserver_latency_seconds:quantile
-        expr: histogram_quantile(0.99, rate(apiserver_request_latencies_bucket[5m])) /
-          1e+06
-        labels:
-          quantile: "0.99"
-      - record: apiserver_latency:quantile_seconds
-        expr: histogram_quantile(0.9, rate(apiserver_request_latencies_bucket[5m])) /
-          1e+06
-        labels:
-          quantile: "0.9"
-      - record: apiserver_latency_seconds:quantile
-        expr: histogram_quantile(0.5, rate(apiserver_request_latencies_bucket[5m])) /
-          1e+06
-        labels:
-          quantile: "0.5"
-      - alert: APIServerLatencyHigh
-        expr: apiserver_latency_seconds:quantile{quantile="0.99",subresource!="log",verb!~"^(?:WATCH|WATCHLIST|PROXY|CONNECT)$"}
-          > 1
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: the API server has a 99th percentile latency of {{ $value }} seconds
-            for {{$labels.verb}} {{$labels.resource}}
-      - alert: APIServerLatencyHigh
-        expr: apiserver_latency_seconds:quantile{quantile="0.99",subresource!="log",verb!~"^(?:WATCH|WATCHLIST|PROXY|CONNECT)$"}
-          > 4
-        for: 10m
-        labels:
-          severity: critical
-        annotations:
-          description: the API server has a 99th percentile latency of {{ $value }} seconds
-            for {{$labels.verb}} {{$labels.resource}}
-      - alert: APIServerErrorsHigh
-        expr: rate(apiserver_request_count{code=~"^(?:5..)$"}[5m]) / rate(apiserver_request_count[5m])
-          * 100 > 2
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: API server returns errors for {{ $value }}% of requests
-      - alert: APIServerErrorsHigh
-        expr: rate(apiserver_request_count{code=~"^(?:5..)$"}[5m]) / rate(apiserver_request_count[5m])
-          * 100 > 5
-        for: 10m
-        labels:
-          severity: critical
-        annotations:
-          description: API server returns errors for {{ $value }}% of requests
-      - alert: K8SApiserverDown
-        expr: absent(up{job="apiserver"} == 1)
-        for: 20m
-        labels:
-          severity: critical
-        annotations:
-          description: No API servers are reachable or all have disappeared from service
-            discovery
-
-      - alert: K8sCertificateExpirationNotice
-        labels:
-          severity: warning
-        annotations:
-          description: Kubernetes API Certificate is expiring soon (less than 7 days)
-        expr: sum(apiserver_client_certificate_expiration_seconds_bucket{le="604800"}) > 0
-
-      - alert: K8sCertificateExpirationNotice
-        labels:
-          severity: critical
-        annotations:
-          description: Kubernetes API Certificate is expiring in less than 1 day
-        expr: sum(apiserver_client_certificate_expiration_seconds_bucket{le="86400"}) > 0
-  node.rules.yaml: |
-    groups:
-    - name: node.rules
-      rules:
-      - record: instance:node_cpu:rate:sum
-        expr: sum(rate(node_cpu{mode!="idle",mode!="iowait",mode!~"^(?:guest.*)$"}[3m]))
-          BY (instance)
-      - record: instance:node_filesystem_usage:sum
-        expr: sum((node_filesystem_size{mountpoint="/"} - node_filesystem_free{mountpoint="/"}))
-          BY (instance)
-      - record: instance:node_network_receive_bytes:rate:sum
-        expr: sum(rate(node_network_receive_bytes[3m])) BY (instance)
-      - record: instance:node_network_transmit_bytes:rate:sum
-        expr: sum(rate(node_network_transmit_bytes[3m])) BY (instance)
-      - record: instance:node_cpu:ratio
-        expr: sum(rate(node_cpu{mode!="idle"}[5m])) WITHOUT (cpu, mode) / ON(instance)
-          GROUP_LEFT() count(sum(node_cpu) BY (instance, cpu)) BY (instance)
-      - record: cluster:node_cpu:sum_rate5m
-        expr: sum(rate(node_cpu{mode!="idle"}[5m]))
-      - record: cluster:node_cpu:ratio
-        expr: cluster:node_cpu:rate5m / count(sum(node_cpu) BY (instance, cpu))
-      - alert: NodeExporterDown
-        expr: absent(up{job="node-exporter"} == 1)
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Prometheus could not scrape a node-exporter for more than 10m,
-            or node-exporters have disappeared from discovery
-      - alert: NodeDiskRunningFull
-        expr: predict_linear(node_filesystem_free[6h], 3600 * 24) < 0
-        for: 30m
-        labels:
-          severity: warning
-        annotations:
-          description: device {{$labels.device}} on node {{$labels.instance}} is running
-            full within the next 24 hours (mounted at {{$labels.mountpoint}})
-      - alert: NodeDiskRunningFull
-        expr: predict_linear(node_filesystem_free[30m], 3600 * 2) < 0
-        for: 10m
-        labels:
-          severity: critical
-        annotations:
-          description: device {{$labels.device}} on node {{$labels.instance}} is running
-            full within the next 2 hours (mounted at {{$labels.mountpoint}})
-      - alert: InactiveRAIDDisk
-        expr: node_md_disks - node_md_disks_active > 0
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: '{{$value}} RAID disk(s) on node {{$labels.instance}} are inactive'
-  prometheus.rules.yaml: |
-    groups:
-    - name: prometheus.rules
-      rules:
-      - alert: PrometheusConfigReloadFailed
-        expr: prometheus_config_last_reload_successful == 0
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Reloading Prometheus' configuration has failed for {{$labels.namespace}}/{{$labels.pod}}
-      - alert: PrometheusNotificationQueueRunningFull
-        expr: predict_linear(prometheus_notifications_queue_length[5m], 60 * 30) > prometheus_notifications_queue_capacity
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Prometheus' alert notification queue is running full for {{$labels.namespace}}/{{
-            $labels.pod}}
-      - alert: PrometheusErrorSendingAlerts
-        expr: rate(prometheus_notifications_errors_total[5m]) / rate(prometheus_notifications_sent_total[5m])
-          > 0.01
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Errors while sending alerts from Prometheus {{$labels.namespace}}/{{
-            $labels.pod}} to Alertmanager {{$labels.Alertmanager}}
-      - alert: PrometheusErrorSendingAlerts
-        expr: rate(prometheus_notifications_errors_total[5m]) / rate(prometheus_notifications_sent_total[5m])
-          > 0.03
-        for: 10m
-        labels:
-          severity: critical
-        annotations:
-          description: Errors while sending alerts from Prometheus {{$labels.namespace}}/{{
-            $labels.pod}} to Alertmanager {{$labels.Alertmanager}}
-      - alert: PrometheusNotConnectedToAlertmanagers
-        expr: prometheus_notifications_alertmanagers_discovered < 1
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: Prometheus {{ $labels.namespace }}/{{ $labels.pod}} is not connected
-            to any Alertmanagers
-      - alert: PrometheusTSDBReloadsFailing
-        expr: increase(prometheus_tsdb_reloads_failures_total[2h]) > 0
-        for: 12h
-        labels:
-          severity: warning
-        annotations:
-          description: '{{$labels.job}} at {{$labels.instance}} had {{$value | humanize}}
-            reload failures over the last four hours.'
-          summary: Prometheus has issues reloading data blocks from disk
-      - alert: PrometheusTSDBCompactionsFailing
-        expr: increase(prometheus_tsdb_compactions_failed_total[2h]) > 0
-        for: 12h
-        labels:
-          severity: warning
-        annotations:
-          description: '{{$labels.job}} at {{$labels.instance}} had {{$value | humanize}}
-            compaction failures over the last four hours.'
-          summary: Prometheus has issues compacting sample blocks
-      - alert: PrometheusTSDBWALCorruptions
-        expr: tsdb_wal_corruptions_total > 0
-        for: 4h
-        labels:
-          severity: warning
-        annotations:
-          description: '{{$labels.job}} at {{$labels.instance}} has a corrupted write-ahead
-            log (WAL).'
-          summary: Prometheus write-ahead log is corrupted
-      - alert: PrometheusNotIngestingSamples
-        expr: rate(prometheus_tsdb_head_samples_appended_total[5m]) <= 0
-        for: 10m
-        labels:
-          severity: warning
-        annotations:
-          description: "Prometheus {{ $labels.namespace }}/{{ $labels.pod}} isn't ingesting samples."
-          summary: "Prometheus isn't ingesting samples"

extensions/metrics-cluster-feature/resources/05-clusterrole.yml

@@ -1,18 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: lens-prometheus
-rules:
-- apiGroups: [""]
-  resources:
-  - nodes
-  - nodes/proxy
-  - nodes/metrics
-  - services
-  - endpoints
-  - pods
-  - ingresses
-  - configmaps
-  verbs: ["get", "list", "watch"]
-- nonResourceURLs: ["/metrics"]
-  verbs: ["get"]

extensions/metrics-cluster-feature/resources/06-clusterrole-binding.yml

@@ -1,12 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: lens-prometheus
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: lens-prometheus
-subjects:
-- kind: ServiceAccount
-  name: prometheus
-  namespace: lens-metrics

extensions/metrics-cluster-feature/resources/10-node-exporter-ds.yml.hb

@@ -1,79 +0,0 @@
-{{#if nodeExporter.enabled}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: node-exporter
-  namespace: lens-metrics
-spec:
-  updateStrategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 1
-  selector:
-    matchLabels:
-      name: node-exporter
-      phase: prod
-  template:
-    metadata:
-      labels:
-        name: node-exporter
-        phase: prod
-      annotations:
-        seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
-    spec:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-              - matchExpressions:
-                - key: kubernetes.io/os
-                  operator: In
-                  values:
-                  - linux
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 65534
-      hostPID: true
-      containers:
-      - name: node-exporter
-        image: quay.io/prometheus/node-exporter:v1.1.2
-        args:
-          - --path.procfs=/host/proc
-          - --path.sysfs=/host/sys
-          - --path.rootfs=/host/root
-          - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker|var/lib/containerd|var/lib/containers/.+)($|/)
-          - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$
-        ports:
-          - name: metrics
-            containerPort: 9100
-        resources:
-          requests:
-            cpu: 10m
-            memory: 24Mi
-          limits:
-            cpu: 200m
-            memory: 100Mi
-        volumeMounts:
-          - name: proc
-            mountPath: /host/proc
-            readOnly:  true
-          - name: sys
-            mountPath: /host/sys
-            readOnly: true
-          - name: root
-            mountPath: /host/root
-            readOnly: true
-      tolerations:
-        - effect: NoSchedule
-          operator: Exists
-      volumes:
-        - name: proc
-          hostPath:
-            path: /proc
-        - name: sys
-          hostPath:
-            path: /sys
-        - name: root
-          hostPath:
-            path: /
-{{/if}}

extensions/metrics-cluster-feature/resources/11-node-exporter-svc.yml

@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: node-exporter
-  namespace: lens-metrics
-  annotations:
-    prometheus.io/scrape: 'true'
-spec:
-  type: ClusterIP
-  clusterIP: None
-  selector:
-    name: node-exporter
-    phase: prod
-  ports:
-    - name: metrics
-      protocol: TCP
-      port: 80
-      targetPort: 9100

extensions/metrics-cluster-feature/resources/12-kube-state-metrics-clusterrole.yml

@@ -1,128 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: lens-kube-state-metrics
-rules:
-  - apiGroups:
-    - ""
-    resources:
-    - configmaps
-    - secrets
-    - nodes
-    - pods
-    - services
-    - resourcequotas
-    - replicationcontrollers
-    - limitranges
-    - persistentvolumeclaims
-    - persistentvolumes
-    - namespaces
-    - endpoints
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - extensions
-    resources:
-    - daemonsets
-    - deployments
-    - replicasets
-    - ingresses
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - networking.k8s.io
-    resources:
-    - ingresses
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - apps
-    resources:
-    - statefulsets
-    - daemonsets
-    - deployments
-    - replicasets
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - batch
-    resources:
-    - cronjobs
-    - jobs
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - autoscaling
-    resources:
-    - horizontalpodautoscalers
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - authentication.k8s.io
-    resources:
-    - tokenreviews
-    verbs:
-    - create
-  - apiGroups:
-    - authorization.k8s.io
-    resources:
-    - subjectaccessreviews
-    verbs:
-    - create
-  - apiGroups:
-    - policy
-    resources:
-    - poddisruptionbudgets
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - certificates.k8s.io
-    resources:
-    - certificatesigningrequests
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - storage.k8s.io
-    resources:
-    - storageclasses
-    - volumeattachments
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - admissionregistration.k8s.io
-    resources:
-    - mutatingwebhookconfigurations
-    - validatingwebhookconfigurations
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - networking.k8s.io
-    resources:
-    - networkpolicies
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - coordination.k8s.io
-    resources:
-    - leases
-    verbs:
-    - list
-    - watch
-  - apiGroups:
-    - scheduling.k8s.io
-    resources:
-    - priorityclasses
-    verbs:
-    - list
-    - watch

extensions/metrics-cluster-feature/resources/12.kube-state-metrics-sa.yml

@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: kube-state-metrics
-  namespace: lens-metrics

extensions/metrics-cluster-feature/resources/13-kube-state-metrics-clusterrole-binding.yml

@@ -1,12 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: lens-kube-state-metrics
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: lens-kube-state-metrics
-subjects:
-- kind: ServiceAccount
-  name: kube-state-metrics
-  namespace: lens-metrics

extensions/metrics-cluster-feature/resources/14-kube-state-metrics-deployment.yml.hb

@@ -1,46 +0,0 @@
-{{#if kubeStateMetrics.enabled}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: kube-state-metrics
-  namespace: lens-metrics
-spec:
-  selector:
-    matchLabels:
-      name: kube-state-metrics
-  replicas: 1
-  template:
-    metadata:
-      labels:
-        name: kube-state-metrics
-    spec:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-              - matchExpressions:
-                - key: kubernetes.io/os
-                  operator: In
-                  values:
-                  - linux
-      serviceAccountName: kube-state-metrics
-      containers:
-      - name: kube-state-metrics
-        image: k8s.gcr.io/kube-state-metrics/kube-state-metrics:v2.0.0
-        ports:
-        - name: metrics
-          containerPort: 8080
-        readinessProbe:
-          httpGet:
-            path: /healthz
-            port: 8080
-          initialDelaySeconds: 5
-          timeoutSeconds: 5
-        resources:
-          requests:
-            cpu: 10m
-            memory: 32Mi
-          limits:
-            cpu: 200m
-            memory: 150Mi
-{{/if}}

extensions/metrics-cluster-feature/resources/14-kube-state-metrics-svc.yml

@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: kube-state-metrics
-  namespace: lens-metrics
-  labels:
-    name: kube-state-metrics
-  annotations:
-    prometheus.io/scrape: 'true'
-spec:
-  ports:
-  - name: metrics
-    port: 8080
-    targetPort: 8080
-    protocol: TCP
-  selector:
-    name: kube-state-metrics

extensions/metrics-cluster-feature/src/metrics-feature.ts

@@ -1,108 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import type { Common } from "@k8slens/extensions";
-import { Renderer } from "@k8slens/extensions";
-import semver from "semver";
-import * as path from "path";
-
-const { ResourceStack, forCluster, StorageClass, Namespace } = Renderer.K8sApi;
-
-type ResourceStack = Renderer.K8sApi.ResourceStack;
-
-export interface MetricsConfiguration {
-  // Placeholder for Metrics config structure
-  prometheus: {
-    enabled: boolean;
-  };
-  persistence: {
-    enabled: boolean;
-    storageClass: string;
-    size: string;
-  };
-  nodeExporter: {
-    enabled: boolean;
-  };
-  kubeStateMetrics: {
-    enabled: boolean;
-  };
-  retention: {
-    time: string;
-    size: string;
-  };
-  alertManagers: string[];
-  replicas: number;
-  storageClass: string;
-  version?: string;
-}
-
-export interface MetricsStatus {
-  installed: boolean;
-  canUpgrade: boolean;
-}
-
-export class MetricsFeature {
-  name = "lens-metrics";
-  latestVersion = "v2.26.0-lens1";
-
-  protected stack: ResourceStack;
-
-  constructor(protected cluster: Common.Catalog.KubernetesCluster) {
-    this.stack = new ResourceStack(cluster, this.name);
-  }
-
-  get resourceFolder() {
-    return path.join(__dirname, "../resources/");
-  }
-
-  async install(config: MetricsConfiguration): Promise<string> {
-    // Check if there are storageclasses
-    const storageClassApi = forCluster(this.cluster, StorageClass);
-    const scs = await storageClassApi.list();
-
-    config.persistence.enabled = scs.some(sc => (
-      sc.metadata?.annotations?.["storageclass.kubernetes.io/is-default-class"] === "true" ||
-      sc.metadata?.annotations?.["storageclass.beta.kubernetes.io/is-default-class"] === "true"
-    ));
-
-    config.version = this.latestVersion;
-
-    return this.stack.kubectlApplyFolder(this.resourceFolder, config, ["--prune"]);
-  }
-
-  async upgrade(config: MetricsConfiguration): Promise<string> {
-    return this.install(config);
-  }
-
-  async getStatus(): Promise<MetricsStatus> {
-    const status: MetricsStatus = { installed: false, canUpgrade: false };
-
-    try {
-      const namespaceApi = forCluster(this.cluster, Namespace);
-      const namespace = await namespaceApi.get({ name: "lens-metrics" });
-
-      if (namespace?.kind) {
-        const currentVersion = namespace.metadata.annotations?.extensionVersion || "0.0.0";
-
-        status.installed = true;
-        status.canUpgrade = semver.lt(currentVersion, this.latestVersion, true);
-      } else {
-        status.installed = false;
-      }
-    } catch(e) {
-      if (e?.error?.code === 404) {
-        status.installed = false;
-      } else {
-        console.warn("[LENS-METRICS] failed to resolve install state", e);
-      }
-    }
-
-    return status;
-  }
-
-  async uninstall(config: MetricsConfiguration): Promise<string> {
-    return this.stack.kubectlDeleteFolder(this.resourceFolder, config);
-  }
-}

extensions/metrics-cluster-feature/src/metrics-settings.tsx

@@ -1,276 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import React from "react";
-import type { Common } from "@k8slens/extensions";
-import { Renderer } from "@k8slens/extensions";
-import { observer } from "mobx-react";
-import { computed, observable, makeObservable } from "mobx";
-import type { MetricsConfiguration } from "./metrics-feature";
-import { MetricsFeature } from "./metrics-feature";
-
-const {
-  K8sApi: {
-    forCluster, StatefulSet, DaemonSet, Deployment,
-  },
-  Component: {
-    SubTitle, Switch, Button,
-  },
-} = Renderer;
-
-export interface MetricsSettingsProps {
-  cluster: Common.Catalog.KubernetesCluster;
-}
-
-@observer
-export class MetricsSettings extends React.Component<MetricsSettingsProps> {
-  constructor(props: MetricsSettingsProps) {
-    super(props);
-    makeObservable(this);
-  }
-
-  @observable featureStates = {
-    prometheus: false,
-    kubeStateMetrics: false,
-    nodeExporter: false,
-  };
-  @observable canUpgrade = false;
-  @observable upgrading = false;
-  @observable changed = false;
-  @observable inProgress = false;
-
-  config: MetricsConfiguration = {
-    prometheus: {
-      enabled: false,
-    },
-    persistence: {
-      enabled: false,
-      storageClass: null,
-      size: "20Gi", // kubernetes yaml value (no B suffix)
-    },
-    nodeExporter: {
-      enabled: false,
-    },
-    retention: {
-      time: "2d",
-      size: "5GiB", // argument for prometheus (requires B suffix)
-    },
-    kubeStateMetrics: {
-      enabled: false,
-    },
-    alertManagers: null,
-    replicas: 1,
-    storageClass: null,
-  };
-  feature: MetricsFeature;
-
-  @computed get isTogglable() {
-    if (this.inProgress) return false;
-    if (this.props.cluster.status.phase !== "connected") return false;
-    if (this.canUpgrade) return false;
-    if (!this.isActiveMetricsProvider) return false;
-
-    return true;
-  }
-
-  get metricsProvider() {
-    return this.props.cluster.spec?.metrics?.prometheus?.type || "";
-  }
-
-  get isActiveMetricsProvider() {
-    return (!this.metricsProvider || this.metricsProvider === "lens");
-  }
-
-  async componentDidMount() {
-    this.feature = new MetricsFeature(this.props.cluster);
-
-    await this.updateFeatureStates();
-  }
-
-  async updateFeatureStates() {
-    const status = await this.feature.getStatus();
-
-    this.canUpgrade = status.canUpgrade;
-
-    if (this.canUpgrade) {
-      this.changed = true;
-    }
-
-    const statefulSet = forCluster(this.props.cluster, StatefulSet);
-
-    try {
-      await statefulSet.get({ name: "prometheus", namespace: "lens-metrics" });
-      this.featureStates.prometheus = true;
-    } catch(e) {
-      if (e?.error?.code === 404) {
-        this.featureStates.prometheus = false;
-      } else {
-        this.featureStates.prometheus = undefined;
-      }
-    }
-
-    const deployment = forCluster(this.props.cluster, Deployment);
-
-    try {
-      await deployment.get({ name: "kube-state-metrics", namespace: "lens-metrics" });
-      this.featureStates.kubeStateMetrics = true;
-    } catch(e) {
-      if (e?.error?.code === 404) {
-        this.featureStates.kubeStateMetrics = false;
-      } else {
-        this.featureStates.kubeStateMetrics = undefined;
-      }
-    }
-
-    const daemonSet = forCluster(this.props.cluster, DaemonSet);
-
-    try {
-      await daemonSet.get({ name: "node-exporter", namespace: "lens-metrics" });
-      this.featureStates.nodeExporter = true;
-    } catch(e) {
-      if (e?.error?.code === 404) {
-        this.featureStates.nodeExporter = false;
-      } else {
-        this.featureStates.nodeExporter = undefined;
-      }
-    }
-  }
-
-  async save() {
-    this.config.prometheus.enabled = !!this.featureStates.prometheus;
-    this.config.kubeStateMetrics.enabled = !!this.featureStates.kubeStateMetrics;
-    this.config.nodeExporter.enabled = !!this.featureStates.nodeExporter;
-
-    this.inProgress = true;
-
-    try {
-      if (!this.config.prometheus.enabled && !this.config.kubeStateMetrics.enabled && !this.config.nodeExporter.enabled) {
-        await this.feature.uninstall(this.config);
-      } else {
-        await this.feature.install(this.config);
-      }
-    } finally {
-      this.inProgress = false;
-      this.changed = false;
-
-      await this.updateFeatureStates();
-    }
-  }
-
-  async togglePrometheus(enabled: boolean) {
-    this.featureStates.prometheus = enabled;
-    this.changed = true;
-  }
-
-  async toggleKubeStateMetrics(enabled: boolean) {
-    this.featureStates.kubeStateMetrics = enabled;
-    this.changed = true;
-  }
-
-  async toggleNodeExporter(enabled: boolean) {
-    this.featureStates.nodeExporter = enabled;
-    this.changed = true;
-  }
-
-  @computed get buttonLabel() {
-    const allDisabled = !this.featureStates.kubeStateMetrics && !this.featureStates.nodeExporter && !this.featureStates.prometheus;
-
-    if (this.inProgress && this.canUpgrade) return "Upgrading ...";
-    if (this.inProgress && allDisabled) return "Uninstalling ...";
-    if (this.inProgress) return "Applying ...";
-    if (this.canUpgrade) return "Upgrade";
-
-    if (this.changed && allDisabled) {
-      return "Uninstall";
-    }
-
-    return "Apply";
-  }
-
-  render() {
-    return (
-      <section style={{ display: "flex", flexDirection: "column", rowGap: "1.5rem" }}>
-        { this.props.cluster.status.phase !== "connected" && (
-          <section>
-            <p style={ { color: "var(--colorError)" } }>
-              Lens Metrics settings requires established connection to the cluster.
-            </p>
-          </section>
-        )}
-        { !this.isActiveMetricsProvider && (
-          <section>
-            <p style={ { color: "var(--colorError)" } }>
-              Other metrics provider is currently active. See &quot;Metrics&quot; tab for details.
-            </p>
-          </section>
-        )}
-        <section>
-          <SubTitle title="Prometheus" />
-          <Switch
-            disabled={this.featureStates.kubeStateMetrics === undefined || !this.isTogglable}
-            checked={!!this.featureStates.prometheus && this.props.cluster.status.phase == "connected"}
-            onChange={checked => this.togglePrometheus(checked)}
-            name="prometheus"
-          >
-            Enable bundled Prometheus metrics stack
-          </Switch>
-          <small className="hint">
-            Enable timeseries data visualization (Prometheus stack) for your cluster.
-          </small>
-        </section>
-
-        <section>
-          <SubTitle title="Kube State Metrics" />
-          <Switch
-            disabled={this.featureStates.kubeStateMetrics === undefined || !this.isTogglable}
-            checked={!!this.featureStates.kubeStateMetrics && this.props.cluster.status.phase == "connected"}
-            onChange={checked => this.toggleKubeStateMetrics(checked)}
-            name="kube-state-metrics"
-          >
-            Enable bundled kube-state-metrics stack
-          </Switch>
-          <small className="hint">
-            Enable Kubernetes API object metrics for your cluster.
-            Enable this only if you don&apos;t have existing kube-state-metrics stack installed.
-          </small>
-        </section>
-
-        <section>
-          <SubTitle title="Node Exporter" />
-          <Switch
-            disabled={this.featureStates.nodeExporter === undefined || !this.isTogglable}
-            checked={!!this.featureStates.nodeExporter && this.props.cluster.status.phase == "connected"}
-            onChange={checked => this.toggleNodeExporter(checked)}
-            name="node-exporter"
-          >
-            Enable bundled node-exporter stack
-          </Switch>
-          <small className="hint">
-            Enable node level metrics for your cluster.
-            Enable this only if you don&apos;t have existing node-exporter stack installed.
-          </small>
-        </section>
-
-        <section>
-          <div>
-            <Button
-              primary
-              label={this.buttonLabel}
-              waiting={this.inProgress}
-              onClick={() => this.save()}
-              disabled={!this.changed}
-              style={{ width: "20ch", padding: "0.5rem" }}
-            />
-
-            {this.canUpgrade && (
-              <small className="hint">
-                An update is available for enabled metrics components.
-              </small>
-            )}
-          </div>
-        </section>
-      </section>
-    );
-  }
-}

extensions/metrics-cluster-feature/tsconfig.json

@@ -1,27 +0,0 @@
-{
-  "compilerOptions": {
-    "outDir": "dist",
-    "module": "CommonJS",
-    "target": "ES2017",
-    "lib": ["ESNext", "DOM", "DOM.Iterable"],
-    "moduleResolution": "Node",
-    "sourceMap": false,
-    "declaration": false,
-    "strict": false,
-    "noImplicitAny": true,
-    "skipLibCheck": true,
-    "esModuleInterop": true,
-    "allowSyntheticDefaultImports": true,
-    "experimentalDecorators": true,
-    "useDefineForClassFields": true,
-    "jsx": "react"
-  },
-  "include": [
-    "./**/*.ts",
-    "./**/*.tsx"
-  ],
-  "exclude": [
-    "node_modules",
-    "*.js"
-  ]
-}

extensions/metrics-cluster-feature/webpack.config.js

@@ -1,47 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-const path = require("path");
-
-module.exports = [
-  {
-    entry: "./renderer.tsx",
-    context: __dirname,
-    target: "electron-renderer",
-    mode: "production",
-    optimization: {
-      minimize: false,
-    },
-    module: {
-      rules: [
-        {
-          test: /\.tsx?$/,
-          use: "ts-loader",
-          exclude: /node_modules/,
-        },
-      ],
-    },
-    externals: [
-      {
-        "@k8slens/extensions": "var global.LensExtensions",
-        "react": "var global.React",
-        "react-dom": "var global.ReactDOM",
-        "mobx": "var global.Mobx",
-        "mobx-react": "var global.MobxReact",
-      },
-    ],
-    resolve: {
-      extensions: [ ".tsx", ".ts", ".js" ],
-    },
-    output: {
-      libraryTarget: "commonjs2",
-      globalObject: "this",
-      filename: "renderer.js",
-      path: path.resolve(__dirname, "dist"),
-    },
-    node: {
-      __dirname: false,
-    },
-  },
-];

extensions/node-menu/package.json

@@ -1,22 +0,0 @@
-{
-  "name": "lens-node-menu",
-  "version": "6.1.0",
-  "description": "Lens node menu",
-  "renderer": "dist/renderer.js",
-  "lens": {
-    "metadata": {},
-    "styles": []
-  },
-  "scripts": {
-    "build": "npx webpack",
-    "dev": "npx webpack -- --watch",
-    "test": "npx jest --passWithNoTests --env=jsdom src $@"
-  },
-  "files": [
-    "dist/**/*"
-  ],
-  "dependencies": {},
-  "devDependencies": {
-    "@k8slens/extensions": "file:../../src/extensions/npm/extensions"
-  }
-}

extensions/node-menu/renderer.tsx

@@ -1,21 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import { Renderer } from "@k8slens/extensions";
-import React from "react";
-import type { NodeMenuProps } from "./src/node-menu";
-import { NodeMenu } from "./src/node-menu";
-
-export default class NodeMenuRendererExtension extends Renderer.LensExtension {
-  kubeObjectMenuItems = [
-    {
-      kind: "Node",
-      apiVersions: ["v1"],
-      components: {
-        MenuItem: (props: NodeMenuProps) => <NodeMenu {...props} />,
-      },
-    },
-  ];
-}

extensions/node-menu/src/node-menu.tsx

@@ -1,122 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import React from "react";
-import { Common, Renderer } from "@k8slens/extensions";
-
-type Node = Renderer.K8sApi.Node;
-
-const {
-  Component: {
-    terminalStore,
-    createTerminalTab,
-    ConfirmDialog,
-    MenuItem,
-    Icon,
-  },
-  Navigation,
-} = Renderer;
-const {
-  App,
-} = Common;
-
-
-export interface NodeMenuProps extends Renderer.Component.KubeObjectMenuProps<Node> {
-}
-
-export function NodeMenu(props: NodeMenuProps) {
-  const { object: node, toolbar } = props;
-
-  if (!node) {
-    return null;
-  }
-
-  const nodeName = node.getName();
-  const kubectlPath = App.Preferences.getKubectlPath() || "kubectl";
-
-  const sendToTerminal = (command: string) => {
-    terminalStore.sendCommand(command, {
-      enter: true,
-      newTab: true,
-    });
-    Navigation.hideDetails();
-  };
-
-  const shell = () => {
-    createTerminalTab({
-      title: `Node: ${nodeName}`,
-      node: nodeName,
-    });
-    Navigation.hideDetails();
-  };
-
-  const cordon = () => {
-    sendToTerminal(`${kubectlPath} cordon ${nodeName}`);
-  };
-
-  const unCordon = () => {
-    sendToTerminal(`${kubectlPath} uncordon ${nodeName}`);
-  };
-
-  const drain = () => {
-    const command = `${kubectlPath} drain ${nodeName} --delete-local-data --ignore-daemonsets --force`;
-
-    ConfirmDialog.open({
-      ok: () => sendToTerminal(command),
-      labelOk: `Drain Node`,
-      message: (
-        <p>
-          {"Are you sure you want to drain "}
-          <b>{nodeName}</b>
-          ?
-        </p>
-      ),
-    });
-  };
-
-  return (
-    <>
-      <MenuItem onClick={shell}>
-        <Icon
-          svg="ssh"
-          interactive={toolbar}
-          tooltip={toolbar && "Node shell"}
-        />
-        <span className="title">Shell</span>
-      </MenuItem>
-      {
-        node.isUnschedulable()
-          ? (
-            <MenuItem onClick={unCordon}>
-              <Icon
-                material="play_circle_filled"
-                tooltip={toolbar && "Uncordon"}
-                interactive={toolbar}
-              />
-              <span className="title">Uncordon</span>
-            </MenuItem>
-          )
-          : (
-            <MenuItem onClick={cordon}>
-              <Icon
-                material="pause_circle_filled"
-                tooltip={toolbar && "Cordon"}
-                interactive={toolbar}
-              />
-              <span className="title">Cordon</span>
-            </MenuItem>
-          )
-      }
-      <MenuItem onClick={drain}>
-        <Icon
-          material="delete_sweep"
-          tooltip={toolbar && "Drain"}
-          interactive={toolbar}
-        />
-        <span className="title">Drain</span>
-      </MenuItem>
-    </>
-  );
-}

extensions/node-menu/tsconfig.json

@@ -1,27 +0,0 @@
-{
-  "compilerOptions": {
-    "outDir": "dist",
-    "module": "CommonJS",
-    "target": "ES2017",
-    "lib": ["ESNext", "DOM", "DOM.Iterable"],
-    "moduleResolution": "Node",
-    "sourceMap": false,
-    "declaration": false,
-    "strict": false,
-    "noImplicitAny": true,
-    "skipLibCheck": true,
-    "esModuleInterop": true,
-    "allowSyntheticDefaultImports": true,
-    "experimentalDecorators": true,
-    "useDefineForClassFields": true,
-    "jsx": "react"
-  },
-  "include": [
-    "./*.ts",
-    "./*.tsx"
-  ],
-  "exclude": [
-    "node_modules",
-    "*.js"
-  ]
-}

extensions/node-menu/webpack.config.js

@@ -1,44 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-const path = require("path");
-
-module.exports = [
-  {
-    entry: "./renderer.tsx",
-    context: __dirname,
-    target: "electron-renderer",
-    mode: "production",
-    optimization: {
-      minimize: false,
-    },
-    module: {
-      rules: [
-        {
-          test: /\.tsx?$/,
-          use: "ts-loader",
-          exclude: /node_modules/,
-        },
-      ],
-    },
-    externals: [
-      {
-        "@k8slens/extensions": "var global.LensExtensions",
-        "react": "var global.React",
-        "react-dom": "var global.ReactDOM",
-        "mobx": "var global.Mobx",
-        "mobx-react": "var global.MobxReact",
-      },
-    ],
-    resolve: {
-      extensions: [ ".tsx", ".ts", ".js" ],
-    },
-    output: {
-      libraryTarget: "commonjs2",
-      globalObject: "this",
-      filename: "renderer.js",
-      path: path.resolve(__dirname, "dist"),
-    },
-  },
-];

extensions/pod-menu/package.json

@@ -1,22 +0,0 @@
-{
-  "name": "lens-pod-menu",
-  "version": "6.1.0",
-  "description": "Lens pod menu",
-  "renderer": "dist/renderer.js",
-  "lens": {
-    "metadata": {},
-    "styles": []
-  },
-  "scripts": {
-    "build": "npx webpack",
-    "dev": "npx webpack -- --watch",
-    "test": "npx jest --passWithNoTests --env=jsdom src $@"
-  },
-  "files": [
-    "dist/**/*"
-  ],
-  "dependencies": {},
-  "devDependencies": {
-    "@k8slens/extensions": "file:../../src/extensions/npm/extensions"
-  }
-}

extensions/pod-menu/renderer.tsx

@@ -1,39 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import { Renderer } from "@k8slens/extensions";
-import type { PodAttachMenuProps } from "./src/attach-menu";
-import { PodAttachMenu } from "./src/attach-menu";
-import type { PodShellMenuProps } from "./src/shell-menu";
-import { PodShellMenu } from "./src/shell-menu";
-import type { PodLogsMenuProps } from "./src/logs-menu";
-import { PodLogsMenu } from "./src/logs-menu";
-import React from "react";
-
-export default class PodMenuRendererExtension extends Renderer.LensExtension {
-  kubeObjectMenuItems = [
-    {
-      kind: "Pod",
-      apiVersions: ["v1"],
-      components: {
-        MenuItem: (props: PodAttachMenuProps) => <PodAttachMenu {...props} />,
-      },
-    },
-    {
-      kind: "Pod",
-      apiVersions: ["v1"],
-      components: {
-        MenuItem: (props: PodShellMenuProps) => <PodShellMenu {...props} />,
-      },
-    },
-    {
-      kind: "Pod",
-      apiVersions: ["v1"],
-      components: {
-        MenuItem: (props: PodLogsMenuProps) => <PodLogsMenu {...props} />,
-      },
-    },
-  ];
-}

extensions/pod-menu/src/attach-menu.tsx

@@ -1,106 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-
-
-import React from "react";
-import { Renderer, Common } from "@k8slens/extensions";
-
-type Pod = Renderer.K8sApi.Pod;
-
-const {
-  Component: {
-    createTerminalTab,
-    terminalStore,
-    MenuItem,
-    Icon,
-    SubMenu,
-    StatusBrick,
-  },
-  Navigation,
-} = Renderer;
-const {
-  Util,
-  App,
-} = Common;
-
-export interface PodAttachMenuProps extends Renderer.Component.KubeObjectMenuProps<Pod> {
-}
-
-export class PodAttachMenu extends React.Component<PodAttachMenuProps> {
-  async attachToPod(container?: string) {
-    const { object: pod } = this.props;
-
-    const kubectlPath = App.Preferences.getKubectlPath() || "kubectl";
-    const commandParts = [
-      kubectlPath,
-      "attach",
-      "-i",
-      "-t",
-      "-n", pod.getNs(),
-      pod.getName(),
-    ];
-
-    if (window.navigator.platform !== "Win32") {
-      commandParts.unshift("exec");
-    }
-
-    if (container) {
-      commandParts.push("-c", container);
-    }
-
-    const shell = createTerminalTab({
-      title: `Pod: ${pod.getName()} (namespace: ${pod.getNs()}) [Attached]`,
-    });
-
-    terminalStore.sendCommand(commandParts.join(" "), {
-      enter: true,
-      tabId: shell.id,
-    });
-
-    Navigation.hideDetails();
-  }
-
-  render() {
-    const { object, toolbar } = this.props;
-    const containers = object.getRunningContainers();
-
-    if (!containers.length) return null;
-
-    return (
-      <MenuItem onClick={Util.prevDefault(() => this.attachToPod(containers[0].name))}>
-        <Icon
-          material="pageview"
-          interactive={toolbar}
-          tooltip={toolbar && "Attach to Pod"}
-        />
-        <span className="title">Attach Pod</span>
-        {containers.length > 1 && (
-          <>
-            <Icon className="arrow" material="keyboard_arrow_right"/>
-            <SubMenu>
-              {
-                containers.map(container => {
-                  const { name } = container;
-
-                  return (
-                    <MenuItem
-                      key={name}
-                      onClick={Util.prevDefault(() => this.attachToPod(name))}
-                      className="flex align-center"
-                    >
-                      <StatusBrick/>
-                      <span>{name}</span>
-                    </MenuItem>
-                  );
-                })
-              }
-            </SubMenu>
-          </>
-        )}
-      </MenuItem>
-    );
-  }
-}

extensions/pod-menu/src/logs-menu.tsx

@@ -1,87 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import React from "react";
-import { Renderer, Common } from "@k8slens/extensions";
-
-type Pod = Renderer.K8sApi.Pod;
-type IPodContainer = Renderer.K8sApi.IPodContainer;
-
-const {
-  Component: {
-    logTabStore,
-    MenuItem,
-    Icon,
-    SubMenu,
-    StatusBrick,
-  },
-  Navigation,
-} = Renderer;
-const {
-  Util,
-} = Common;
-
-export interface PodLogsMenuProps extends Renderer.Component.KubeObjectMenuProps<Pod> {
-}
-
-export class PodLogsMenu extends React.Component<PodLogsMenuProps> {
-  showLogs(container: IPodContainer) {
-    Navigation.hideDetails();
-    const pod = this.props.object;
-
-    logTabStore.createPodTab({
-      selectedPod: pod,
-      selectedContainer: container,
-    });
-  }
-
-  render() {
-    const { object: pod, toolbar } = this.props;
-    const containers = pod.getAllContainers();
-    const statuses = pod.getContainerStatuses();
-
-    if (!containers.length) return null;
-
-    return (
-      <MenuItem onClick={Util.prevDefault(() => this.showLogs(containers[0]))}>
-        <Icon
-          material="subject"
-          interactive={toolbar}
-          tooltip={toolbar && "Pod Logs"}
-        />
-        <span className="title">Logs</span>
-        {containers.length > 1 && (
-          <>
-            <Icon className="arrow" material="keyboard_arrow_right"/>
-            <SubMenu>
-              {
-                containers.map(container => {
-                  const { name } = container;
-                  const status = statuses.find(status => status.name === name);
-                  const brick = status ? (
-                    <StatusBrick
-                      className={Util.cssNames(Object.keys(status.state)[0], { ready: status.ready })}
-                    />
-                  ) : null;
-
-                  return (
-                    <MenuItem
-                      key={name}
-                      onClick={Util.prevDefault(() => this.showLogs(container))}
-                      className="flex align-center"
-                    >
-                      {brick}
-                      <span>{name}</span>
-                    </MenuItem>
-                  );
-                })
-              }
-            </SubMenu>
-          </>
-        )}
-      </MenuItem>
-    );
-  }
-}

extensions/pod-menu/src/shell-menu.tsx

@@ -1,114 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-
-
-import React from "react";
-import { Renderer, Common } from "@k8slens/extensions";
-
-type Pod = Renderer.K8sApi.Pod;
-
-const {
-  Component: {
-    createTerminalTab,
-    terminalStore,
-    MenuItem,
-    Icon,
-    SubMenu,
-    StatusBrick,
-  },
-  Navigation,
-} = Renderer;
-const {
-  Util,
-  App,
-} = Common;
-
-export interface PodShellMenuProps extends Renderer.Component.KubeObjectMenuProps<Pod> {
-}
-
-export class PodShellMenu extends React.Component<PodShellMenuProps> {
-  async execShell(container?: string) {
-    const { object: pod } = this.props;
-
-    const kubectlPath = App.Preferences.getKubectlPath() || "kubectl";
-    const commandParts = [
-      kubectlPath,
-      "exec",
-      "-i",
-      "-t",
-      "-n", pod.getNs(),
-      pod.getName(),
-    ];
-
-    if (window.navigator.platform !== "Win32") {
-      commandParts.unshift("exec");
-    }
-
-    if (container) {
-      commandParts.push("-c", container);
-    }
-
-    commandParts.push("--");
-
-    if (pod.getSelectedNodeOs() === "windows") {
-      commandParts.push("powershell");
-    } else {
-      commandParts.push('sh -c "clear; (bash || ash || sh)"');
-    }
-
-    const shell = createTerminalTab({
-      title: `Pod: ${pod.getName()} (namespace: ${pod.getNs()})`,
-    });
-
-    terminalStore.sendCommand(commandParts.join(" "), {
-      enter: true,
-      tabId: shell.id,
-    });
-
-    Navigation.hideDetails();
-  }
-
-  render() {
-    const { object, toolbar } = this.props;
-    const containers = object.getRunningContainers();
-
-    if (!containers.length) return null;
-
-    return (
-      <MenuItem onClick={Util.prevDefault(() => this.execShell(containers[0].name))}>
-        <Icon
-          svg="ssh"
-          interactive={toolbar}
-          tooltip={toolbar && "Pod Shell"} 
-        />
-        <span className="title">Shell</span>
-        {containers.length > 1 && (
-          <>
-            <Icon className="arrow" material="keyboard_arrow_right"/>
-            <SubMenu>
-              {
-                containers.map(container => {
-                  const { name } = container;
-
-                  return (
-                    <MenuItem
-                      key={name}
-                      onClick={Util.prevDefault(() => this.execShell(name))}
-                      className="flex align-center"
-                    >
-                      <StatusBrick/>
-                      <span>{name}</span>
-                    </MenuItem>
-                  );
-                })
-              }
-            </SubMenu>
-          </>
-        )}
-      </MenuItem>
-    );
-  }
-}

extensions/pod-menu/tsconfig.json

@@ -1,27 +0,0 @@
-{
-  "compilerOptions": {
-    "outDir": "dist",
-    "module": "CommonJS",
-    "target": "ES2017",
-    "lib": ["ESNext", "DOM", "DOM.Iterable"],
-    "moduleResolution": "Node",
-    "sourceMap": false,
-    "declaration": false,
-    "strict": false,
-    "noImplicitAny": true,
-    "skipLibCheck": true,
-    "esModuleInterop": true,
-    "allowSyntheticDefaultImports": true,
-    "experimentalDecorators": true,
-    "useDefineForClassFields": true,
-    "jsx": "react"
-  },
-  "include": [
-    "./*.ts",
-    "./*.tsx"
-  ],
-  "exclude": [
-    "node_modules",
-    "*.js"
-  ]
-}

extensions/pod-menu/webpack.config.js

@@ -1,44 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-const path = require("path");
-
-module.exports = [
-  {
-    entry: "./renderer.tsx",
-    context: __dirname,
-    target: "electron-renderer",
-    mode: "production",
-    optimization: {
-      minimize: false,
-    },
-    module: {
-      rules: [
-        {
-          test: /\.tsx?$/,
-          use: "ts-loader",
-          exclude: /node_modules/,
-        },
-      ],
-    },
-    externals: [
-      {
-        "@k8slens/extensions": "var global.LensExtensions",
-        "react": "var global.React",
-        "react-dom": "var global.ReactDOM",
-        "mobx": "var global.Mobx",
-        "mobx-react": "var global.MobxReact",
-      },
-    ],
-    resolve: {
-      extensions: [ ".tsx", ".ts", ".js" ],
-    },
-    output: {
-      libraryTarget: "commonjs2",
-      globalObject: "this",
-      filename: "renderer.js",
-      path: path.resolve(__dirname, "dist"),
-    },
-  },
-];

integration/__tests__/cluster-pages.tests.ts

@@ -76,60 +76,6 @@ describeIf(minikubeReady(TEST_NAMESPACE))("Minikube based tests", () => {
     10 * 60 * 1000,
   );
 
-  it(
-    "show logs and highlight the log search entries",
-    async () => {
-      await navigateToPods(frame);
-
-      const namespacesSelector = await frame.waitForSelector(
-        ".NamespaceSelect",
-      );
-
-      await namespacesSelector.click();
-      await namespacesSelector.type("kube-system");
-      await namespacesSelector.press("Enter");
-      await namespacesSelector.click();
-
-      const kubeApiServerRow = await frame.waitForSelector(
-        "div.TableCell >> text=kube-apiserver",
-      );
-
-      await kubeApiServerRow.click();
-      await frame.waitForSelector(".Drawer", { state: "visible" });
-
-      const showPodLogsIcon = await frame.waitForSelector(
-        ".Drawer .drawer-title .Icon >> text=subject",
-      );
-
-      showPodLogsIcon.click();
-
-      // Check if controls are available
-      await frame.waitForSelector(".Dock.isOpen");
-      await frame.waitForSelector(".LogList .VirtualList");
-      await frame.waitForSelector(".LogResourceSelector");
-
-      const logSearchInput = await frame.waitForSelector(
-        ".LogSearch .SearchInput input",
-      );
-
-      await logSearchInput.type(":");
-      await frame.waitForSelector(".LogList .list span.active");
-
-      const showTimestampsButton = await frame.waitForSelector(
-        "[data-testid='log-controls'] .show-timestamps",
-      );
-
-      await showTimestampsButton.click();
-
-      const showPreviousButton = await frame.waitForSelector(
-        "[data-testid='log-controls'] .show-previous",
-      );
-
-      await showPreviousButton.click();
-    },
-    10 * 60 * 1000,
-  );
-
   it(
     "should show the default namespaces",
     async () => {

package.json

@@ -97,7 +97,12 @@
     "bundledHelmVersion": "3.7.2",
     "sentryDsn": "",
     "contentSecurityPolicy": "script-src 'unsafe-eval' 'self'; frame-src http://*.localhost:*/; img-src * data:",
+<<<<<<< HEAD
     "welcomeRoute": "/welcome"
+=======
+    "welcomeRoute": "/welcome",
+    "extensions": []
+>>>>>>> master
   },
   "engines": {
     "node": ">=16 <17"
@@ -233,7 +238,7 @@
     "@astronautlabs/jsonpath": "^1.1.0",
     "@hapi/call": "^9.0.0",
     "@hapi/subtext": "^7.0.4",
-    "@kubernetes/client-node": "^0.17.1",
+    "@kubernetes/client-node": "^0.18.0",
     "@material-ui/styles": "^4.11.5",
     "@ogre-tools/fp": "^12.0.1",
     "@ogre-tools/injectable": "^12.0.1",
@@ -256,7 +261,7 @@
     "filehound": "^1.17.6",
     "fs-extra": "^9.0.1",
     "glob-to-regexp": "^0.4.1",
-    "got": "^11.8.5",
+    "got": "^11.8.6",
     "grapheme-splitter": "^1.0.4",
     "handlebars": "^4.7.7",
     "history": "^4.10.1",
@@ -275,7 +280,7 @@
     "mobx-utils": "^6.0.4",
     "mock-fs": "^5.2.0",
     "moment": "^2.29.4",
-    "moment-timezone": "^0.5.39",
+    "moment-timezone": "^0.5.40",
     "node-fetch": "^3.3.0",
     "node-pty": "0.10.1",
     "npm": "^8.19.3",
@@ -290,7 +295,7 @@
     "readable-stream": "^3.6.0",
     "request": "^2.88.2",
     "request-promise-native": "^1.0.9",
-    "rfc6902": "^5.0.0",
+    "rfc6902": "^5.0.1",
     "selfsigned": "^2.1.1",
     "semver": "^7.3.8",
     "tar": "^6.1.13",
@@ -344,7 +349,7 @@
     "@types/memorystream": "^0.3.0",
     "@types/mini-css-extract-plugin": "^2.4.0",
     "@types/mock-fs": "^4.13.1",
-    "@types/node": "^16.18.9",
+    "@types/node": "^16.18.10",
     "@types/proper-lockfile": "^4.1.2",
     "@types/randomcolor": "^0.5.7",
     "@types/react": "^17.0.45",
@@ -388,9 +393,9 @@
     "electron": "^19.1.9",
     "electron-builder": "^23.6.0",
     "electron-notarize": "^0.3.0",
-    "esbuild": "^0.16.7",
+    "esbuild": "^0.16.10",
     "esbuild-loader": "^2.20.0",
-    "eslint": "^8.29.0",
+    "eslint": "^8.30.0",
     "eslint-import-resolver-typescript": "^3.5.2",
     "eslint-plugin-header": "^3.1.1",
     "eslint-plugin-import": "^2.26.0",
@@ -416,7 +421,7 @@
     "node-gyp": "^8.3.0",
     "node-loader": "^2.0.0",
     "nodemon": "^2.0.20",
-    "playwright": "^1.28.1",
+    "playwright": "^1.29.0",
     "postcss": "^8.4.20",
     "postcss-loader": "^6.2.1",
     "query-string": "^7.1.3",
@@ -429,7 +434,7 @@
     "react-select-event": "^5.5.1",
     "react-table": "^7.8.0",
     "react-window": "^1.8.8",
-    "sass": "^1.56.1",
+    "sass": "^1.57.1",
     "sass-loader": "^12.6.0",
     "sharp": "^0.31.2",
     "style-loader": "^3.3.1",
@@ -439,7 +444,7 @@
     "ts-node": "^10.9.1",
     "type-fest": "^2.14.0",
     "typed-emitter": "^1.4.0",
-    "typedoc": "0.23.22",
+    "typedoc": "0.23.23",
     "typedoc-plugin-markdown": "^3.13.6",
     "typescript": "^4.9.4",
     "typescript-plugin-css-modules": "^3.4.0",

src/common/cluster-store/allowed-resources-injection-token.ts

@@ -5,7 +5,8 @@
 
 import { getInjectionToken } from "@ogre-tools/injectable";
 import type { IComputedValue } from "mobx";
+import type { KubeApiResourceDescriptor } from "../rbac";
 
-export const allowedResourcesInjectionToken = getInjectionToken<IComputedValue<Set<string>>>({
-  id: "allowed-resources",
+export const shouldShowResourceInjectionToken = getInjectionToken<IComputedValue<boolean>, KubeApiResourceDescriptor>({
+  id: "should-show-resource",
 });

src/common/cluster/authorization-namespace-review.injectable.ts

@@ -1,87 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import type { KubeConfig } from "@kubernetes/client-node";
-import { AuthorizationV1Api } from "@kubernetes/client-node";
-import { getInjectable } from "@ogre-tools/injectable";
-import type { Logger } from "../logger";
-import loggerInjectable from "../logger.injectable";
-import type { KubeApiResource } from "../rbac";
-
-/**
- * Requests the permissions for actions on the kube cluster
- * @param namespace The namespace of the resources
- * @param availableResources List of available resources in the cluster to resolve glob values fir api groups
- * @returns list of allowed resources names
- */
-export type RequestNamespaceResources = (namespace: string, availableResources: KubeApiResource[]) => Promise<string[]>; 
-
-/**
- * @param proxyConfig This config's `currentContext` field must be set, and will be used as the target cluster
- */
-export type AuthorizationNamespaceReview = (proxyConfig: KubeConfig) => RequestNamespaceResources; 
-
-interface Dependencies { 
-  logger: Logger;
-}
-
-const authorizationNamespaceReview = ({ logger }: Dependencies): AuthorizationNamespaceReview => {
-  return (proxyConfig) => {
-
-    const api = proxyConfig.makeApiClient(AuthorizationV1Api);
-
-    return async (namespace, availableResources) => {
-      try {
-        const { body } = await api.createSelfSubjectRulesReview({
-          apiVersion: "authorization.k8s.io/v1",
-          kind: "SelfSubjectRulesReview",
-          spec: { namespace },
-        });
-
-        const resources = new Set<string>();
-
-        body.status?.resourceRules.forEach(resourceRule => {
-          if (!resourceRule.verbs.some(verb => ["*", "list"].includes(verb)) || !resourceRule.resources) {
-            return;
-          }
-
-          const apiGroups = resourceRule.apiGroups;
-
-          if (resourceRule.resources.length === 1 && resourceRule.resources[0] === "*" && apiGroups) {
-            if (apiGroups[0] === "*") {
-              availableResources.forEach(resource => resources.add(resource.apiName));
-            } else {
-              availableResources.forEach((apiResource)=> {
-                if (apiGroups.includes(apiResource.group || "")) {
-                  resources.add(apiResource.apiName);
-                }
-              });
-            }
-          } else {
-            resourceRule.resources.forEach(resource => resources.add(resource));
-          }
-          
-        });
-
-        return [...resources];
-      } catch (error) {
-        logger.error(`[AUTHORIZATION-NAMESPACE-REVIEW]: failed to create subject rules review: ${error}`, { namespace });
-
-        return [];
-      }
-    };
-  };
-};
-
-const authorizationNamespaceReviewInjectable = getInjectable({
-  id: "authorization-namespace-review",
-  instantiate: (di) => {
-    const logger = di.inject(loggerInjectable);
-
-    return authorizationNamespaceReview({ logger });
-  },
-});
-
-export default authorizationNamespaceReviewInjectable;

src/common/cluster/cluster.ts

@@ -9,8 +9,8 @@ import type { KubeConfig } from "@kubernetes/client-node";
 import { HttpError } from "@kubernetes/client-node";
 import type { Kubectl } from "../../main/kubectl/kubectl";
 import type { KubeconfigManager } from "../../main/kubeconfig-manager/kubeconfig-manager";
-import type { KubeApiResource, KubeResource } from "../rbac";
-import { apiResourceRecord, apiResources } from "../rbac";
+import type { KubeApiResource, KubeApiResourceDescriptor } from "../rbac";
+import { formatKubeApiResource } from "../rbac";
 import type { VersionDetector } from "../../main/cluster-detectors/version-detector";
 import type { DetectorRegistry } from "../../main/cluster-detectors/detector-registry";
 import plimit from "p-limit";
@@ -25,8 +25,8 @@ import assert from "assert";
 import type { Logger } from "../logger";
 import type { BroadcastMessage } from "../ipc/broadcast-message.injectable";
 import type { LoadConfigfromFile } from "../kube-helpers/load-config-from-file.injectable";
-import type { RequestNamespaceResources } from "./authorization-namespace-review.injectable";
-import type { RequestListApiResources } from "./list-api-resources.injectable";
+import type { CanListResource, RequestNamespaceListPermissions, RequestNamespaceListPermissionsFor } from "./request-namespace-list-permissions.injectable";
+import type { RequestApiResources } from "./request-api-resources.injectable";
 
 export interface ClusterDependencies {
   readonly directoryForKubeConfigs: string;
@@ -36,8 +36,8 @@ export interface ClusterDependencies {
   createContextHandler: (cluster: Cluster) => ClusterContextHandler;
   createKubectl: (clusterVersion: string) => Kubectl;
   createAuthorizationReview: (config: KubeConfig) => CanI;
-  createAuthorizationNamespaceReview: (config: KubeConfig) => RequestNamespaceResources;
-  createListApiResources: (cluster: Cluster) => RequestListApiResources;
+  requestApiResources: RequestApiResources;
+  requestNamespaceListPermissionsFor: RequestNamespaceListPermissionsFor;
   createListNamespaces: (config: KubeConfig) => ListNamespaces;
   createVersionDetector: (cluster: Cluster) => VersionDetector;
   broadcastMessage: BroadcastMessage;
@@ -49,7 +49,7 @@ export interface ClusterDependencies {
  *
  * @beta
  */
-export class Cluster implements ClusterModel, ClusterState {
+export class Cluster implements ClusterModel {
   /** Unique id for a cluster */
   public readonly id: ClusterId;
   private kubeCtl: Kubectl | undefined;
@@ -62,7 +62,6 @@ export class Cluster implements ClusterModel, ClusterState {
   protected readonly _proxyKubeconfigManager: KubeconfigManager | undefined;
   protected readonly eventsDisposer = disposer();
   protected activated = false;
-  private readonly resourceAccessStatuses = new Map<KubeApiResource, boolean>();
 
   public get contextHandler() {
     // TODO: remove these once main/renderer are seperate classes
@@ -163,25 +162,21 @@ export class Cluster implements ClusterModel, ClusterState {
    * @observable
    */
   @observable metadata: ClusterMetadata = {};
+
   /**
    * List of allowed namespaces verified via K8S::SelfSubjectAccessReview api
-   *
-   * @observable
    */
-  @observable allowedNamespaces: string[] = [];
-  /**
-   * List of allowed resources
-   *
-   * @observable
-   * @internal
-   */
-  @observable allowedResources: string[] = [];
+  readonly allowedNamespaces = observable.array<string>();
+
   /**
    * List of accessible namespaces provided by user in the Cluster Settings
-   *
-   * @observable
    */
-  @observable accessibleNamespaces: string[] = [];
+  readonly accessibleNamespaces = observable.array<string>();
+
+  private readonly knownResources = observable.array<KubeApiResource>();
+
+  // The formatting of this is `group.name` or `name` (if in core)
+  private readonly allowedResources = observable.set<string>();
 
   /**
    * Labels for the catalog entity
@@ -299,7 +294,7 @@ export class Cluster implements ClusterModel, ClusterState {
     }
 
     if (model.accessibleNamespaces) {
-      this.accessibleNamespaces = model.accessibleNamespaces;
+      this.accessibleNamespaces.replace(model.accessibleNamespaces);
     }
 
     if (model.labels) {
@@ -433,8 +428,7 @@ export class Cluster implements ClusterModel, ClusterState {
     this.accessible = false;
     this.ready = false;
     this.activated = false;
-    this.allowedNamespaces = [];
-    this.resourceAccessStatuses.clear();
+    this.allowedNamespaces.clear();
     this.dependencies.logger.info(`[CLUSTER]: disconnected`, { id: this.id });
   }
 
@@ -474,8 +468,7 @@ export class Cluster implements ClusterModel, ClusterState {
      this.dependencies.logger.info(`[CLUSTER]: refreshAccessibility`, this.getMeta());
      const proxyConfig = await this.getProxyKubeconfig();
      const canI = this.dependencies.createAuthorizationReview(proxyConfig);
-     const requestNamespaceResources = this.dependencies.createAuthorizationNamespaceReview(proxyConfig);
-     const listApiResources = this.dependencies.createListApiResources(this);
+     const requestNamespaceListPermissions = this.dependencies.requestNamespaceListPermissionsFor(proxyConfig);
 
      this.isAdmin = await canI({
        namespace: "kube-system",
@@ -486,8 +479,9 @@ export class Cluster implements ClusterModel, ClusterState {
        verb: "watch",
        resource: "*",
      });
-     this.allowedNamespaces = await this.getAllowedNamespaces(proxyConfig);
-     this.allowedResources = await this.getAllowedResources(listApiResources, requestNamespaceResources);
+     this.allowedNamespaces.replace(await this.requestAllowedNamespaces(proxyConfig));
+     this.knownResources.replace(await this.dependencies.requestApiResources(this));
+     this.allowedResources.replace(await this.getAllowedResources(requestNamespaceListPermissions));
      this.ready = true;
    }
 
@@ -600,7 +594,7 @@ export class Cluster implements ClusterModel, ClusterState {
       accessible: this.accessible,
       isAdmin: this.isAdmin,
       allowedNamespaces: this.allowedNamespaces,
-      allowedResources: this.allowedResources,
+      allowedResources: [...this.allowedResources],
       isGlobalWatchEnabled: this.isGlobalWatchEnabled,
     });
   }
@@ -611,8 +605,8 @@ export class Cluster implements ClusterModel, ClusterState {
    */
   @action setState(state: ClusterState) {
     this.accessible = state.accessible;
-    this.allowedNamespaces = state.allowedNamespaces;
-    this.allowedResources = state.allowedResources;
+    this.allowedNamespaces.replace(state.allowedNamespaces);
+    this.allowedResources.replace(state.allowedResources);
     this.apiUrl = state.apiUrl;
     this.disconnected = state.disconnected;
     this.isAdmin = state.isAdmin;
@@ -644,7 +638,7 @@ export class Cluster implements ClusterModel, ClusterState {
     this.dependencies.broadcastMessage(`cluster:${this.id}:connection-update`, update);
   }
 
-  protected async getAllowedNamespaces(proxyConfig: KubeConfig) {
+  protected async requestAllowedNamespaces(proxyConfig: KubeConfig) {
     if (this.accessibleNamespaces.length) {
       return this.accessibleNamespaces;
     }
@@ -668,69 +662,28 @@ export class Cluster implements ClusterModel, ClusterState {
     }
   }
 
-  protected async getAllowedResources(listApiResources:RequestListApiResources, requestNamespaceResources: RequestNamespaceResources) {
+  protected async getAllowedResources(requestNamespaceListPermissions: RequestNamespaceListPermissions) {
+    if (!this.allowedNamespaces.length) {
+      return [];
+    }
+
     try {
-      if (!this.allowedNamespaces.length) {
-        return [];
-      }
+      const apiLimit = plimit(5); // 5 concurrent api requests
+      const canListResourceCheckers = await Promise.all((
+        this.allowedNamespaces.map(namespace => apiLimit(() => requestNamespaceListPermissions(namespace)))
+      ));
+      const canListNamespacedResource: CanListResource = (resource) => canListResourceCheckers.some(fn => fn(resource));
 
-      const unknownResources = new Map<string, KubeApiResource>(apiResources.map(resource => ([resource.apiName, resource])));
-
-      const availableResources =  await listApiResources();
-      const availableResourcesNames = new Set(availableResources.map(apiResource => apiResource.apiName));
-
-      [...unknownResources.values()].map(unknownResource => {
-        if (!availableResourcesNames.has(unknownResource.apiName)) {
-          this.resourceAccessStatuses.set(unknownResource, false);
-          unknownResources.delete(unknownResource.apiName);
-        }
-      });
-
-      if (unknownResources.size > 0) {
-        const apiLimit = plimit(5); // 5 concurrent api requests
-
-        await Promise.all(this.allowedNamespaces.map(namespace => apiLimit(async () => {
-          if (unknownResources.size === 0) {
-            return;
-          }
-
-          const namespaceResources = await requestNamespaceResources(namespace, availableResources);
-
-          for (const resourceName of namespaceResources) {
-            const unknownResource = unknownResources.get(resourceName);
-
-            if (unknownResource) {
-              this.resourceAccessStatuses.set(unknownResource, true);
-              unknownResources.delete(resourceName);
-            }
-          }
-        })));
-
-        for (const forbiddenResource of unknownResources.values()) {
-          this.resourceAccessStatuses.set(forbiddenResource, false);
-        }
-      }
-
-      return apiResources
-        .filter((resource) => this.resourceAccessStatuses.get(resource))
-        .map(apiResource => apiResource.apiName);
+      return this.knownResources
+        .filter(canListNamespacedResource)
+        .map(formatKubeApiResource);
     } catch (error) {
       return [];
     }
   }
 
-  isAllowedResource(kind: string): boolean {
-    if ((kind as KubeResource) in apiResourceRecord) {
-      return this.allowedResources.includes(kind);
-    }
-
-    const apiResource = apiResources.find(resource => resource.kind === kind);
-
-    if (apiResource) {
-      return this.allowedResources.includes(apiResource.apiName);
-    }
-
-    return true; // allowed by default for other resources
+  shouldShowResource(resource: KubeApiResourceDescriptor): boolean {
+    return this.allowedResources.has(formatKubeApiResource(resource));
   }
 
   isMetricHidden(resource: ClusterMetricsResourceType): boolean {

src/common/cluster/is-allowed-resource.ts

@@ -1,20 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import type { KubeResource } from "../rbac";
-import { apiResourceRecord, apiResources } from "../rbac";
-
-export const isAllowedResource = (allowedResources: string[]) => (kind: string): boolean => {
-  if ((kind as KubeResource) in apiResourceRecord) {
-    return allowedResources.includes(kind);
-  }
-
-  const apiResource = apiResources.find(resource => resource.kind === kind);
-
-  if (apiResource) {
-    return allowedResources.includes(apiResource.apiName);
-  }
-
-  return true; // allowed by default for other resources
-};

src/common/cluster/list-api-resources.injectable.ts

@@ -1,91 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import type {
-  V1APIGroupList,
-  V1APIResourceList,
-  V1APIVersions,
-} from "@kubernetes/client-node";
-import { getInjectable } from "@ogre-tools/injectable";
-import type { K8sRequest } from "../../main/k8s-request.injectable";
-import k8SRequestInjectable from "../../main/k8s-request.injectable";
-import type { Logger } from "../logger";
-import loggerInjectable from "../logger.injectable";
-import type { KubeApiResource, KubeResource } from "../rbac";
-import type { Cluster } from "./cluster";
-import plimit from "p-limit";
-
-export type RequestListApiResources = () => Promise<KubeApiResource[]>;
-
-/**
- * @param proxyConfig This config's `currentContext` field must be set, and will be used as the target cluster
- */
-export type ListApiResources = (cluster: Cluster) => RequestListApiResources;
-
-interface Dependencies {
-  logger: Logger;
-  k8sRequest: K8sRequest;
-}
-
-const listApiResources = ({ k8sRequest, logger }: Dependencies): ListApiResources => {
-  return (cluster) => {
-    const clusterRequest = (path: string) => k8sRequest(cluster, path);
-    const apiLimit = plimit(5);
-
-    return async () => {
-      const resources: KubeApiResource[] = [];
-
-      try {
-        const resourceListGroups:{ group:string;path:string }[] = [];
-
-        await Promise.all(
-          [
-            clusterRequest("/api").then((response:V1APIVersions)=>response.versions.forEach(version => resourceListGroups.push({ group:version, path:`/api/${version}` }))),
-            clusterRequest("/apis").then((response:V1APIGroupList) => response.groups.forEach(group => {
-              const preferredVersion = group.preferredVersion?.groupVersion;
-
-              if (preferredVersion) {
-                resourceListGroups.push({ group:group.name, path:`/apis/${preferredVersion}` });
-              }
-            })),
-          ],
-        );
-
-        await Promise.all(
-          resourceListGroups.map(({ group, path }) => apiLimit(async () => {
-            const apiResources:V1APIResourceList = await clusterRequest(path);
-
-            if (apiResources.resources) {
-              resources.push(
-                ...apiResources.resources.filter(resource => resource.verbs.includes("list")).map((resource) => ({
-                  apiName: resource.name as KubeResource,
-                  kind: resource.kind,
-                  group,
-                })),
-              );
-            }
-          }),
-          ),
-        );
-      } catch (error) {
-        logger.error(`[LIST-API-RESOURCES]: failed to list api resources: ${error}`);
-      }
-
-      return resources;
-    };
-  };
-};
-
-const listApiResourcesInjectable = getInjectable({
-  id: "list-api-resources",
-  instantiate: (di) => {
-    const k8sRequest = di.inject(k8SRequestInjectable);
-    const logger = di.inject(loggerInjectable);
-
-    return listApiResources({ k8sRequest, logger });
-  },
-});
-
-export default listApiResourcesInjectable;

src/common/cluster/request-api-resources.injectable.ts

@@ -0,0 +1,83 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+
+import type { V1APIGroupList, V1APIResourceList, V1APIVersions } from "@kubernetes/client-node";
+import { getInjectable } from "@ogre-tools/injectable";
+import k8SRequestInjectable from "../../main/k8s-request.injectable";
+import loggerInjectable from "../logger.injectable";
+import type { KubeApiResource } from "../rbac";
+import type { Cluster } from "./cluster";
+import plimit from "p-limit";
+
+export type RequestApiResources = (cluster: Cluster) => Promise<KubeApiResource[]>;
+
+interface KubeResourceListGroup {
+  group: string;
+  path: string;
+}
+
+const requestApiResourcesInjectable = getInjectable({
+  id: "request-api-resources",
+  instantiate: (di): RequestApiResources => {
+    const k8sRequest = di.inject(k8SRequestInjectable);
+    const logger = di.inject(loggerInjectable);
+
+    return async (cluster) => {
+      const apiLimit = plimit(5);
+      const kubeApiResources: KubeApiResource[] = [];
+      const resourceListGroups: KubeResourceListGroup[] = [];
+
+      try {
+        await Promise.all([
+          (async () => {
+            const { versions } = await k8sRequest(cluster, "/api") as V1APIVersions;
+
+            for (const version of versions) {
+              resourceListGroups.push({
+                group: version,
+                path: `/api/${version}`,
+              });
+            }
+          })(),
+          (async () => {
+            const { groups } = await k8sRequest(cluster, "/apis") as V1APIGroupList;
+
+            for (const { preferredVersion, name } of groups) {
+              const { groupVersion } = preferredVersion ?? {};
+
+              if (groupVersion) {
+                resourceListGroups.push({
+                  group: name,
+                  path: `/apis/${groupVersion}`,
+                });
+              }
+            }
+          })(),
+        ]);
+
+        await Promise.all(
+          resourceListGroups.map(({ group, path }) => apiLimit(async () => {
+            const { resources } = await k8sRequest(cluster, path) as V1APIResourceList;
+
+            for (const resource of resources) {
+              kubeApiResources.push({
+                apiName: resource.name,
+                kind: resource.kind,
+                group,
+                namespaced: resource.namespaced,
+              });
+            }
+          })),
+        );
+      } catch (error) {
+        logger.error(`[LIST-API-RESOURCES]: failed to list api resources: ${error}`);
+      }
+
+      return kubeApiResources;
+    };
+  },
+});
+
+export default requestApiResourcesInjectable;

src/common/cluster/request-namespace-list-permissions.injectable.ts

@@ -0,0 +1,78 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+
+import type { KubeConfig } from "@kubernetes/client-node";
+import { AuthorizationV1Api } from "@kubernetes/client-node";
+import { getInjectable } from "@ogre-tools/injectable";
+import loggerInjectable from "../logger.injectable";
+import type { KubeApiResource } from "../rbac";
+
+export type CanListResource = (resource: KubeApiResource) => boolean;
+
+/**
+ * Requests the permissions for actions on the kube cluster
+ * @param namespace The namespace of the resources
+ */
+export type RequestNamespaceListPermissions = (namespace: string) => Promise<CanListResource>;
+
+/**
+ * @param proxyConfig This config's `currentContext` field must be set, and will be used as the target cluster
+ */
+export type RequestNamespaceListPermissionsFor = (proxyConfig: KubeConfig) => RequestNamespaceListPermissions;
+
+const requestNamespaceListPermissionsForInjectable = getInjectable({
+  id: "request-namespace-list-permissions-for",
+  instantiate: (di): RequestNamespaceListPermissionsFor => {
+    const logger = di.inject(loggerInjectable);
+
+    return (proxyConfig) => {
+      const api = proxyConfig.makeApiClient(AuthorizationV1Api);
+
+      return async (namespace) => {
+        try {
+          const { body: { status }} = await api.createSelfSubjectRulesReview({
+            apiVersion: "authorization.k8s.io/v1",
+            kind: "SelfSubjectRulesReview",
+            spec: { namespace },
+          });
+
+          if (!status || status.incomplete) {
+            logger.warn(`[AUTHORIZATION-NAMESPACE-REVIEW]: allowing all resources in namespace="${namespace}" due to incomplete SelfSubjectRulesReview: ${status?.evaluationError}`);
+
+            return () => true;
+          }
+
+          const { resourceRules } = status;
+
+          return (resource) => {
+            const resourceRule = resourceRules.find(({
+              apiGroups = [],
+              resources = [],
+            }) => {
+              const isAboutRelevantApiGroup = apiGroups.includes("*") || apiGroups.includes(resource.group);
+              const isAboutResource = resources.includes("*") || resources.includes(resource.apiName);
+
+              return isAboutRelevantApiGroup && isAboutResource;
+            });
+
+            if (!resourceRule) {
+              return false;
+            }
+
+            const { verbs } = resourceRule;
+
+            return verbs.includes("*") || verbs.includes("list");
+          };
+        } catch (error) {
+          logger.error(`[AUTHORIZATION-NAMESPACE-REVIEW]: failed to create subject rules review`, { namespace, error });
+
+          return () => true;
+        }
+      };
+    };
+  },
+});
+
+export default requestNamespaceListPermissionsForInjectable;

src/common/configure-packages.ts

@@ -1,27 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import * as Mobx from "mobx";
-import * as Immer from "immer";
-
-/**
- * Setup default configuration for external npm-packages
- */
-export default function configurePackages() {
-  // Docs: https://mobx.js.org/configuration.html
-  Mobx.configure({
-    enforceActions: "never",
-
-    // TODO: enable later (read more: https://mobx.js.org/migrating-from-4-or-5.html)
-    // computedRequiresReaction: true,
-    // reactionRequiresObservable: true,
-    // observableRequiresReaction: true,
-  });
-
-  // Docs: https://immerjs.github.io/immer/
-  // Required in `utils/storage-helper.ts`
-  Immer.setAutoFreeze(false); // allow to merge mobx observables
-  Immer.enableMapSet(); // allow to merge maps and sets
-}

src/common/fetch/download-json.injectable.ts

@@ -1,55 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import { getInjectable } from "@ogre-tools/injectable";
-import type { RequestInit, Response } from "node-fetch";
-import type { AsyncResult } from "../utils/async-result";
-import fetchInjectable from "./fetch.injectable";
-
-export interface DownloadJsonOptions {
-  signal?: AbortSignal | null | undefined;
-}
-
-export type DownloadJson = (url: string, opts?: DownloadJsonOptions) => Promise<AsyncResult<unknown, string>>;
-
-const downloadJsonInjectable = getInjectable({
-  id: "download-json",
-  instantiate: (di): DownloadJson => {
-    const fetch = di.inject(fetchInjectable);
-
-    return async (url, opts) => {
-      let result: Response;
-
-      try {
-        result = await fetch(url, opts as RequestInit);
-      } catch (error) {
-        return {
-          callWasSuccessful: false,
-          error: String(error),
-        };
-      }
-
-      if (result.status < 200 || 300 <= result.status) {
-        return {
-          callWasSuccessful: false,
-          error: result.statusText,
-        };
-      }
-
-      try {
-        return {
-          callWasSuccessful: true,
-          response: await result.json(),
-        };
-      } catch (error) {
-        return {
-          callWasSuccessful: false,
-          error: String(error),
-        };
-      }
-    };
-  },
-});
-
-export default downloadJsonInjectable;

src/common/fetch/download-json/impl.ts

@@ -0,0 +1,46 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import type { AsyncResult } from "../../utils/async-result";
+import type { Fetch } from "../fetch.injectable";
+import type { RequestInit, Response } from "node-fetch";
+
+export interface DownloadJsonOptions {
+  signal?: AbortSignal | null | undefined;
+}
+
+export type DownloadJson = (url: string, opts?: DownloadJsonOptions) => Promise<AsyncResult<unknown, string>>;
+
+export const downloadJsonWith = (fetch: Fetch): DownloadJson => async (url, opts) => {
+  let result: Response;
+
+  try {
+    result = await fetch(url, opts as RequestInit);
+  } catch (error) {
+    return {
+      callWasSuccessful: false,
+      error: String(error),
+    };
+  }
+
+  if (result.status < 200 || 300 <= result.status) {
+    return {
+      callWasSuccessful: false,
+      error: result.statusText,
+    };
+  }
+
+  try {
+    return {
+      callWasSuccessful: true,
+      response: await result.json(),
+    };
+  } catch (error) {
+    return {
+      callWasSuccessful: false,
+      error: String(error),
+    };
+  }
+};
+

src/common/fetch/download-json/normal.injectable.ts

@@ -0,0 +1,14 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import fetchInjectable from "../fetch.injectable";
+import { downloadJsonWith } from "./impl";
+
+const downloadJsonInjectable = getInjectable({
+  id: "download-json",
+  instantiate: (di) => downloadJsonWith(di.inject(fetchInjectable)),
+});
+
+export default downloadJsonInjectable;

src/common/fetch/download-json/proxy.injectable.ts

@@ -0,0 +1,14 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import proxyFetchInjectable from "../proxy-fetch.injectable";
+import { downloadJsonWith } from "./impl";
+
+const proxyDownloadJsonInjectable = getInjectable({
+  id: "proxy-download-json",
+  instantiate: (di) => downloadJsonWith(di.inject(proxyFetchInjectable)),
+});
+
+export default proxyDownloadJsonInjectable;

src/common/fetch/fetch-module.injectable.ts

@@ -0,0 +1,19 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import type * as FetchModule from "node-fetch";
+
+const { NodeFetch } = require("../../../build/webpack/node-fetch.bundle") as { NodeFetch: typeof FetchModule };
+
+/**
+ * NOTE: while using this module can cause side effects, this specific injectable is not marked as
+ * such since sometimes the request can be wholely within the perview of unit test
+ */
+const nodeFetchModuleInjectable = getInjectable({
+  id: "node-fetch-module",
+  instantiate: () => NodeFetch,
+});
+
+export default nodeFetchModuleInjectable;

src/common/fetch/fetch.injectable.ts

@@ -3,32 +3,17 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import { HttpsProxyAgent } from "hpagent";
-import type * as FetchModule from "node-fetch";
-import userStoreInjectable from "../user-store/user-store.injectable";
-
-const { NodeFetch: { default: fetch }} = require("../../../build/webpack/node-fetch.bundle") as { NodeFetch: typeof FetchModule };
-
-type Response = FetchModule.Response;
-type RequestInit = FetchModule.RequestInit;
+import type { RequestInit, Response } from "node-fetch";
+import nodeFetchModuleInjectable from "./fetch-module.injectable";
 
 export type Fetch = (url: string, init?: RequestInit) => Promise<Response>;
 
 const fetchInjectable = getInjectable({
   id: "fetch",
   instantiate: (di): Fetch => {
-    const { httpsProxy, allowUntrustedCAs } = di.inject(userStoreInjectable);
-    const agent = httpsProxy
-      ? new HttpsProxyAgent({
-        proxy: httpsProxy,
-        rejectUnauthorized: !allowUntrustedCAs,
-      })
-      : undefined;
+    const { default: fetch } = di.inject(nodeFetchModuleInjectable);
 
-    return (url, init = {}) => fetch(url, {
-      agent,
-      ...init,
-    });
+    return (url, init) => fetch(url, init);
   },
   causesSideEffects: true,
 });

src/common/fetch/proxy-fetch.injectable.ts

@@ -0,0 +1,30 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import { HttpsProxyAgent } from "hpagent";
+import userStoreInjectable from "../user-store/user-store.injectable";
+import type { Fetch } from "./fetch.injectable";
+import fetchInjectable from "./fetch.injectable";
+
+const proxyFetchInjectable = getInjectable({
+  id: "proxy-fetch",
+  instantiate: (di): Fetch => {
+    const fetch = di.inject(fetchInjectable);
+    const { httpsProxy, allowUntrustedCAs } = di.inject(userStoreInjectable);
+    const agent = httpsProxy
+      ? new HttpsProxyAgent({
+        proxy: httpsProxy,
+        rejectUnauthorized: !allowUntrustedCAs,
+      })
+      : undefined;
+
+    return (url, init = {}) => fetch(url, {
+      agent,
+      ...init,
+    });
+  },
+});
+
+export default proxyFetchInjectable;

src/common/front-end-routing/routes/cluster/config/config-maps/config-maps-route.injectable.ts

@@ -3,22 +3,19 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const configMapsRouteInjectable = getInjectable({
   id: "config-maps-route",
-
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "configmaps");
-
-    return {
-      path: "/configmaps",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
-
+  instantiate: (di) => ({
+    path: "/configmaps",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "configmaps",
+      group: "v1",
+    }),
+  }),
   injectionToken: frontEndRouteInjectionToken,
 });
 

src/common/front-end-routing/routes/cluster/config/horizontal-pod-autoscalers/horizontal-pod-autoscalers-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const horizontalPodAutoscalersRouteInjectable = getInjectable({
   id: "horizontal-pod-autoscalers-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "horizontalpodautoscalers");
-
-    return {
-      path: "/hpa",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/hpa",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "horizontalpodautoscalers",
+      group: "autoscaling",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/config/leases/leases-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const leasesRouteInjectable = getInjectable({
   id: "leases",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "leases");
-
-    return {
-      path: "/leases",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/leases",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "leases",
+      group: "coordination.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/config/limit-ranges/limit-ranges-route.injectable.ts

@@ -3,24 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const limitRangesRouteInjectable = getInjectable({
   id: "limit-ranges-route",
 
-  instantiate: (di) => {
-    const limitRangesIsAllowed = di.inject(
-      isAllowedResourceInjectable,
-      "limitranges",
-    );
-
-    return {
-      path: "/limitranges",
-      clusterFrame: true,
-      isEnabled: limitRangesIsAllowed,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/limitranges",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "limitranges",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/config/pod-disruption-budgets/pod-disruption-budgets-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const podDisruptionBudgetsRouteInjectable = getInjectable({
   id: "pod-disruption-budgets-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "poddisruptionbudgets");
-
-    return {
-      path: "/poddisruptionbudgets",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/poddisruptionbudgets",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "poddisruptionbudgets",
+      group: "policy",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/config/priority-classes/priority-classes-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const priorityClassesRouteInjectable = getInjectable({
   id: "priority-classes-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "priorityclasses");
-
-    return {
-      path: "/priorityclasses",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/priorityclasses",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "priorityclasses",
+      group: "scheduling.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/config/resource-quotas/resource-quotas-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const resourceQuotasRouteInjectable = getInjectable({
   id: "resource-quotas-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "resourcequotas");
-
-    return {
-      path: "/resourcequotas",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/resourcequotas",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "resourcequotas",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/config/runtime-classes/runtime-classes-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const runtimeClassesRouteInjectable = getInjectable({
   id: "runtime-classes-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "runtimeclasses");
-
-    return {
-      path: "/runtimeclasses",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/runtimeclasses",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "runtimeclasses",
+      group: "node.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/config/secrets/secrets-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const secretsRouteInjectable = getInjectable({
   id: "secrets-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "secrets");
-
-    return {
-      path: "/secrets",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/secrets",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "secrets",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/events/events-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../front-end-route-injection-token";
 
 const eventsRouteInjectable = getInjectable({
   id: "events-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "events");
-
-    return {
-      path: "/events",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/events",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "events",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/namespaces/namespaces-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../front-end-route-injection-token";
 
 const namespacesRouteInjectable = getInjectable({
   id: "namespaces-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "namespaces");
-
-    return {
-      path: "/namespaces",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/namespaces",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "namespaces",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/network/endpoints/endpoints-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const endpointsRouteInjectable = getInjectable({
   id: "endpoints-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "endpoints");
-
-    return {
-      path: "/endpoints",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/endpoints",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "endpoints",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/network/ingresses/ingresses-route.injectable.ts

@@ -3,21 +3,27 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
+import { computedOr } from "../../../../../utils/computed-or";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const ingressesRouteInjectable = getInjectable({
   id: "ingresses-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "ingresses");
-
-    return {
-      path: "/ingresses",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/ingresses",
+    clusterFrame: true,
+    isEnabled: computedOr(
+      di.inject(shouldShowResourceInjectionToken, {
+        apiName: "ingresses",
+        group: "networking.k8s.io",
+      }),
+      di.inject(shouldShowResourceInjectionToken, {
+        apiName: "ingresses",
+        group: "extensions",
+      }),
+    ),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/network/network-policies/network-policies-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const networkPoliciesRouteInjectable = getInjectable({
   id: "network-policies-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "networkpolicies");
-
-    return {
-      path: "/network-policies",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/network-policies",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "networkpolicies",
+      group: "networking.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/network/services/services-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const servicesRouteInjectable = getInjectable({
   id: "services-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "services");
-
-    return {
-      path: "/services",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/services",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "services",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/nodes/nodes-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../front-end-route-injection-token";
 
 const nodesRouteInjectable = getInjectable({
   id: "nodes-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "nodes");
-
-    return {
-      path: "/nodes",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/nodes",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "nodes",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/overview/cluster-overview-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../front-end-route-injection-token";
 
 const clusterOverviewRouteInjectable = getInjectable({
   id: "cluster-overview-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "nodes");
-
-    return {
-      path: "/overview",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/overview",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "nodes",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/storage/persistent-volume-claims/persistent-volume-claims-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const persistentVolumeClaimsRouteInjectable = getInjectable({
   id: "persistent-volume-claims-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "persistentvolumeclaims");
-
-    return {
-      path: "/persistent-volume-claims",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/persistent-volume-claims",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "persistentvolumeclaims",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/storage/persistent-volumes/persistent-volumes-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const persistentVolumesRouteInjectable = getInjectable({
   id: "persistent-volumes-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "persistentvolumes");
-
-    return {
-      path: "/persistent-volumes",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/persistent-volumes",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "persistentvolumes",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/storage/storage-classes/storage-classes-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const storageClassesRouteInjectable = getInjectable({
   id: "storage-classes-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "storageclasses");
-
-    return {
-      path: "/storage-classes",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/storage-classes",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "storageclasses",
+      group: "storage.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/user-management/cluster-role-bindings/cluster-role-bindings-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const clusterRoleBindingsRouteInjectable = getInjectable({
   id: "cluster-role-bindings-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "clusterrolebindings");
-
-    return {
-      path: "/cluster-role-bindings",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/cluster-role-bindings",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "clusterrolebindings",
+      group: "rbac.authorization.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/user-management/cluster-roles/cluster-roles-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const clusterRolesRouteInjectable = getInjectable({
   id: "cluster-roles-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "clusterroles");
-
-    return {
-      path: "/cluster-roles",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/cluster-roles",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "clusterroles",
+      group: "rbac.authorization.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/user-management/pod-security-policies/pod-security-policies-route.injectable.ts

@@ -3,19 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const podSecurityPoliciesRouteInjectable = getInjectable({
   id: "pod-security-policies-route",
 
   instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "podsecuritypolicies");
-
     return {
       path: "/pod-security-policies",
       clusterFrame: true,
-      isEnabled: isAllowedResource,
+      isEnabled: di.inject(shouldShowResourceInjectionToken, {
+        apiName: "podsecuritypolicies",
+        group: "policy",
+      }),
     };
   },
 

src/common/front-end-routing/routes/cluster/user-management/role-bindings/role-bindings-route.injectable.ts

@@ -3,19 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const roleBindingsRouteInjectable = getInjectable({
   id: "role-bindings-route",
 
   instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "rolebindings");
-
     return {
       path: "/role-bindings",
       clusterFrame: true,
-      isEnabled: isAllowedResource,
+      isEnabled: di.inject(shouldShowResourceInjectionToken, {
+        apiName: "rolebindings",
+        group: "rbac.authorization.k8s.io",
+      }),
     };
   },
 

src/common/front-end-routing/routes/cluster/user-management/roles/roles-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const rolesRouteInjectable = getInjectable({
   id: "roles-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "roles");
-
-    return {
-      path: "/roles",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/roles",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "roles",
+      group: "rbac.authorization.k8s.io",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/user-management/service-accounts/service-accounts-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const serviceAccountsRouteInjectable = getInjectable({
   id: "service-accounts-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "serviceaccounts");
-
-    return {
-      path: "/service-accounts",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/service-accounts",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "serviceaccounts",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/workloads/cron-jobs/cron-jobs-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const cronJobsRouteInjectable = getInjectable({
   id: "cron-jobs-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "cronjobs");
-
-    return {
-      path: "/cronjobs",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/cronjobs",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "cronjobs",
+      group: "batch",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/workloads/daemonsets/daemonsets-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const daemonsetsRouteInjectable = getInjectable({
   id: "daemonsets-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "daemonsets");
-
-    return {
-      path: "/daemonsets",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/daemonsets",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "daemonsets",
+      group: "apps",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/workloads/deployments/deployments-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const deploymentsRouteInjectable = getInjectable({
   id: "deployments-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "deployments");
-
-    return {
-      path: "/deployments",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/deployments",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "deployments",
+      group: "apps",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/workloads/jobs/jobs-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const jobsRouteInjectable = getInjectable({
   id: "jobs-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "jobs");
-
-    return {
-      path: "/jobs",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/jobs",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "jobs",
+      group: "batch",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/workloads/pods/pods-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const podsRouteInjectable = getInjectable({
   id: "pods-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "pods");
-
-    return {
-      path: "/pods",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/pods",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "pods",
+      group: "v1",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/workloads/replicasets/replicasets-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const replicasetsRouteInjectable = getInjectable({
   id: "replicasets-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "replicasets");
-
-    return {
-      path: "/replicasets",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/replicasets",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "replicasets",
+      group: "apps",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/front-end-routing/routes/cluster/workloads/statefulsets/statefulsets-route.injectable.ts

@@ -3,21 +3,20 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import isAllowedResourceInjectable from "../../../../../utils/is-allowed-resource.injectable";
+import { shouldShowResourceInjectionToken } from "../../../../../cluster-store/allowed-resources-injection-token";
 import { frontEndRouteInjectionToken } from "../../../../front-end-route-injection-token";
 
 const statefulsetsRouteInjectable = getInjectable({
   id: "statefulsets-route",
 
-  instantiate: (di) => {
-    const isAllowedResource = di.inject(isAllowedResourceInjectable, "statefulsets");
-
-    return {
-      path: "/statefulsets",
-      clusterFrame: true,
-      isEnabled: isAllowedResource,
-    };
-  },
+  instantiate: (di) => ({
+    path: "/statefulsets",
+    clusterFrame: true,
+    isEnabled: di.inject(shouldShowResourceInjectionToken, {
+      apiName: "statefulsets",
+      group: "apps",
+    }),
+  }),
 
   injectionToken: frontEndRouteInjectionToken,
 });

src/common/k8s-api/__tests__/api-manager.test.ts

@@ -3,7 +3,14 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 
+import type { DiContainer } from "@ogre-tools/injectable";
+import createClusterInjectable from "../../../main/create-cluster/create-cluster.injectable";
+import clusterFrameContextForNamespacedResourcesInjectable from "../../../renderer/cluster-frame-context/for-namespaced-resources.injectable";
+import hostedClusterInjectable from "../../../renderer/cluster-frame-context/hosted-cluster.injectable";
 import { getDiForUnitTesting } from "../../../renderer/getDiForUnitTesting";
+import storesAndApisCanBeCreatedInjectable from "../../../renderer/stores-apis-can-be-created.injectable";
+import directoryForKubeConfigsInjectable from "../../app-paths/directory-for-kube-configs/directory-for-kube-configs.injectable";
+import directoryForUserDataInjectable from "../../app-paths/directory-for-user-data/directory-for-user-data.injectable";
 import type { ApiManager } from "../api-manager";
 import apiManagerInjectable from "../api-manager/manager.injectable";
 import { KubeApi } from "../kube-api";
@@ -22,9 +29,24 @@ class TestStore extends KubeObjectStore<KubeObject, TestApi> {
 
 describe("ApiManager", () => {
   let apiManager: ApiManager;
+  let di: DiContainer;
 
   beforeEach(() => {
-    const di = getDiForUnitTesting({ doGeneralOverrides: true });
+    di = getDiForUnitTesting({ doGeneralOverrides: true });
+
+    di.override(directoryForUserDataInjectable, () => "/some-user-store-path");
+    di.override(directoryForKubeConfigsInjectable, () => "/some-kube-configs");
+    di.override(storesAndApisCanBeCreatedInjectable, () => true);
+
+    const createCluster = di.inject(createClusterInjectable);
+
+    di.override(hostedClusterInjectable, () => createCluster({
+      contextName: "some-context-name",
+      id: "some-cluster-id",
+      kubeConfigPath: "/some-path-to-a-kubeconfig",
+    }, {
+      clusterServerUrl: "https://localhost:8080",
+    }));
 
     apiManager = di.inject(apiManagerInjectable);
   });
@@ -40,7 +62,9 @@ describe("ApiManager", () => {
         fallbackApiBases: [fallbackApiBase],
         checkPreferredVersion: true,
       });
-      const kubeStore = new TestStore(kubeApi);
+      const kubeStore = new TestStore({
+        context: di.inject(clusterFrameContextForNamespacedResourcesInjectable),
+      }, kubeApi);
 
       apiManager.registerApi(apiBase, kubeApi);
 

src/common/k8s-api/__tests__/kube-api-version-detection.test.ts

@@ -3,43 +3,23 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import type { KubeJsonApi } from "../kube-json-api";
-import { PassThrough } from "stream";
 import type { ApiManager } from "../api-manager";
 import { Ingress, IngressApi } from "../endpoints";
 import { getDiForUnitTesting } from "../../../renderer/getDiForUnitTesting";
 import apiManagerInjectable from "../api-manager/manager.injectable";
-import autoRegistrationInjectable from "../api-manager/auto-registration.injectable";
 import type { Fetch } from "../../fetch/fetch.injectable";
 import fetchInjectable from "../../fetch/fetch.injectable";
 import type { AsyncFnMock } from "@async-fn/jest";
 import asyncFn from "@async-fn/jest";
 import { flushPromises } from "../../test-utils/flush-promises";
 import createKubeJsonApiInjectable from "../create-kube-json-api.injectable";
-import type { Response, Headers as NodeFetchHeaders } from "node-fetch";
-
-const createMockResponseFromString = (url: string, data: string, statusCode = 200) => {
-  const res: jest.Mocked<Response> = {
-    buffer: jest.fn(async () => { throw new Error("buffer() is not supported"); }),
-    clone: jest.fn(() => res),
-    arrayBuffer: jest.fn(async () => { throw new Error("arrayBuffer() is not supported"); }),
-    blob: jest.fn(async () => { throw new Error("blob() is not supported"); }),
-    body: new PassThrough(),
-    bodyUsed: false,
-    headers: new Headers() as NodeFetchHeaders,
-    json: jest.fn(async () => JSON.parse(await res.text())),
-    ok: 200 <= statusCode && statusCode < 300,
-    redirected: 300 <= statusCode && statusCode < 400,
-    size: data.length,
-    status: statusCode,
-    statusText: "some-text",
-    text: jest.fn(async () => data),
-    type: "basic",
-    url,
-    formData: jest.fn(async () => { throw new Error("formData() is not supported"); }),
-  };
-
-  return res;
-};
+import setupAutoRegistrationInjectable from "../../../renderer/before-frame-starts/runnables/setup-auto-registration.injectable";
+import { createMockResponseFromString } from "../../../test-utils/mock-responses";
+import storesAndApisCanBeCreatedInjectable from "../../../renderer/stores-apis-can-be-created.injectable";
+import directoryForUserDataInjectable from "../../app-paths/directory-for-user-data/directory-for-user-data.injectable";
+import createClusterInjectable from "../../../main/create-cluster/create-cluster.injectable";
+import hostedClusterInjectable from "../../../renderer/cluster-frame-context/hosted-cluster.injectable";
+import directoryForKubeConfigsInjectable from "../../app-paths/directory-for-kube-configs/directory-for-kube-configs.injectable";
 
 describe("KubeApi", () => {
   let request: KubeJsonApi;
@@ -52,6 +32,20 @@ describe("KubeApi", () => {
     fetchMock = asyncFn();
     di.override(fetchInjectable, () => fetchMock);
 
+    di.override(directoryForUserDataInjectable, () => "/some-user-store-path");
+    di.override(directoryForKubeConfigsInjectable, () => "/some-kube-configs");
+    di.override(storesAndApisCanBeCreatedInjectable, () => true);
+
+    const createCluster = di.inject(createClusterInjectable);
+
+    di.override(hostedClusterInjectable, () => createCluster({
+      contextName: "some-context-name",
+      id: "some-cluster-id",
+      kubeConfigPath: "/some-path-to-a-kubeconfig",
+    }, {
+      clusterServerUrl: "https://localhost:8080",
+    }));
+
     const createKubeJsonApi = di.inject(createKubeJsonApiInjectable);
 
     request = createKubeJsonApi({
@@ -60,7 +54,9 @@ describe("KubeApi", () => {
     });
     registerApiSpy = jest.spyOn(di.inject(apiManagerInjectable), "registerApi");
 
-    di.inject(autoRegistrationInjectable);
+    const setupAutoRegistration = di.inject(setupAutoRegistrationInjectable);
+
+    setupAutoRegistration.run();
   });
 
   describe("on first call to IngressApi.get()", () => {

src/common/k8s-api/__tests__/kube-api.test.ts

@@ -8,7 +8,6 @@ import type { KubeJsonApi, KubeJsonApiData } from "../kube-json-api";
 import { PassThrough } from "stream";
 import { Deployment, DeploymentApi, NamespaceApi, Pod, PodApi } from "../endpoints";
 import { getDiForUnitTesting } from "../../../renderer/getDiForUnitTesting";
-import autoRegistrationInjectable from "../api-manager/auto-registration.injectable";
 import type { Fetch } from "../../fetch/fetch.injectable";
 import fetchInjectable from "../../fetch/fetch.injectable";
 import type { CreateKubeApiForRemoteCluster } from "../create-kube-api-for-remote-cluster.injectable";
@@ -19,64 +18,14 @@ import { flushPromises } from "../../test-utils/flush-promises";
 import createKubeJsonApiInjectable from "../create-kube-json-api.injectable";
 import type { IKubeWatchEvent } from "../kube-watch-event";
 import type { KubeJsonApiDataFor } from "../kube-object";
-import type { Response, Headers as NodeFetchHeaders } from "node-fetch";
 import AbortController from "abort-controller";
-
-const createMockResponseFromString = (url: string, data: string, statusCode = 200) => {
-  const res: jest.Mocked<Response> = {
-    buffer: jest.fn(async () => { throw new Error("buffer() is not supported"); }),
-    clone: jest.fn(() => res),
-    arrayBuffer: jest.fn(async () => { throw new Error("arrayBuffer() is not supported"); }),
-    blob: jest.fn(async () => { throw new Error("blob() is not supported"); }),
-    body: new PassThrough(),
-    bodyUsed: false,
-    headers: new Headers() as NodeFetchHeaders,
-    json: jest.fn(async () => JSON.parse(await res.text())),
-    ok: 200 <= statusCode && statusCode < 300,
-    redirected: 300 <= statusCode && statusCode < 400,
-    size: data.length,
-    status: statusCode,
-    statusText: "some-text",
-    text: jest.fn(async () => data),
-    type: "basic",
-    url,
-    formData: jest.fn(async () => { throw new Error("formData() is not supported"); }),
-  };
-
-  return res;
-};
-
-const createMockResponseFromStream = (url: string, stream: NodeJS.ReadableStream, statusCode = 200) => {
-  const res: jest.Mocked<Response> = {
-    buffer: jest.fn(async () => { throw new Error("buffer() is not supported"); }),
-    clone: jest.fn(() => res),
-    arrayBuffer: jest.fn(async () => { throw new Error("arrayBuffer() is not supported"); }),
-    blob: jest.fn(async () => { throw new Error("blob() is not supported"); }),
-    body: stream,
-    bodyUsed: false,
-    headers: new Headers() as NodeFetchHeaders,
-    json: jest.fn(async () => JSON.parse(await res.text())),
-    ok: 200 <= statusCode && statusCode < 300,
-    redirected: 300 <= statusCode && statusCode < 400,
-    size: 10,
-    status: statusCode,
-    statusText: "some-text",
-    text: jest.fn(() => {
-      const chunks: Buffer[] = [];
-
-      return new Promise((resolve, reject) => {
-        stream.on("data", (chunk) => chunks.push(Buffer.from(chunk)));
-        stream.on("error", (err) => reject(err));
-        stream.on("end", () => resolve(Buffer.concat(chunks).toString("utf8")));
-      });
-    }),
-    type: "basic",
-    url,
-    formData: jest.fn(async () => { throw new Error("formData() is not supported"); }),
-  };
-
-  return res;
-};
+import setupAutoRegistrationInjectable from "../../../renderer/before-frame-starts/runnables/setup-auto-registration.injectable";
+import { createMockResponseFromStream, createMockResponseFromString } from "../../../test-utils/mock-responses";
+import storesAndApisCanBeCreatedInjectable from "../../../renderer/stores-apis-can-be-created.injectable";
+import directoryForUserDataInjectable from "../../app-paths/directory-for-user-data/directory-for-user-data.injectable";
+import createClusterInjectable from "../../../main/create-cluster/create-cluster.injectable";
+import hostedClusterInjectable from "../../../renderer/cluster-frame-context/hosted-cluster.injectable";
+import directoryForKubeConfigsInjectable from "../../app-paths/directory-for-kube-configs/directory-for-kube-configs.injectable";
 
 describe("createKubeApiForRemoteCluster", () => {
   let createKubeApiForRemoteCluster: CreateKubeApiForRemoteCluster;
@@ -85,6 +34,20 @@ describe("createKubeApiForRemoteCluster", () => {
   beforeEach(async () => {
     const di = getDiForUnitTesting({ doGeneralOverrides: true });
 
+    di.override(directoryForUserDataInjectable, () => "/some-user-store-path");
+    di.override(directoryForKubeConfigsInjectable, () => "/some-kube-configs");
+    di.override(storesAndApisCanBeCreatedInjectable, () => true);
+
+    const createCluster = di.inject(createClusterInjectable);
+
+    di.override(hostedClusterInjectable, () => createCluster({
+      contextName: "some-context-name",
+      id: "some-cluster-id",
+      kubeConfigPath: "/some-path-to-a-kubeconfig",
+    }, {
+      clusterServerUrl: "https://localhost:8080",
+    }));
+
     fetchMock = asyncFn();
     di.override(fetchInjectable, () => fetchMock);
 
@@ -174,6 +137,20 @@ describe("KubeApi", () => {
   beforeEach(async () => {
     const di = getDiForUnitTesting({ doGeneralOverrides: true });
 
+    di.override(directoryForUserDataInjectable, () => "/some-user-store-path");
+    di.override(directoryForKubeConfigsInjectable, () => "/some-kube-configs");
+    di.override(storesAndApisCanBeCreatedInjectable, () => true);
+
+    const createCluster = di.inject(createClusterInjectable);
+
+    di.override(hostedClusterInjectable, () => createCluster({
+      contextName: "some-context-name",
+      id: "some-cluster-id",
+      kubeConfigPath: "/some-path-to-a-kubeconfig",
+    }, {
+      clusterServerUrl: "https://localhost:8080",
+    }));
+
     fetchMock = asyncFn();
     di.override(fetchInjectable, () => fetchMock);
 
@@ -184,7 +161,9 @@ describe("KubeApi", () => {
       apiBase: "/api-kube",
     });
 
-    di.inject(autoRegistrationInjectable);
+    const setupAutoRegistration = di.inject(setupAutoRegistrationInjectable);
+
+    setupAutoRegistration.run();
   });
 
   describe("patching deployments", () => {

src/common/k8s-api/__tests__/kube-object.store.test.ts

@@ -3,27 +3,22 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 
-import type { Cluster } from "../../cluster/cluster";
-import type { ClusterContext } from "../cluster-context";
 import type { KubeApi } from "../kube-api";
 import { KubeObject } from "../kube-object";
 import type { KubeObjectStoreLoadingParams } from "../kube-object.store";
 import { KubeObjectStore } from "../kube-object.store";
 
 class FakeKubeObjectStore extends KubeObjectStore<KubeObject> {
-  _context = {
-    allNamespaces: [],
-    contextNamespaces: [],
-    hasSelectedAll: false,
-    cluster: {} as Cluster,
-  } as ClusterContext;
-
-  get context() {
-    return this._context;
-  }
-
   constructor(private readonly _loadItems: (params: KubeObjectStoreLoadingParams) => KubeObject[], api: Partial<KubeApi<KubeObject>>) {
-    super(api as KubeApi<KubeObject>);
+    super({
+      context: {
+        allNamespaces: [],
+        contextNamespaces: [],
+        hasSelectedAll: false,
+        isGlobalWatchEnabled: () => true,
+        isLoadingAll: () => true,
+      },
+    }, api as KubeApi<KubeObject>);
   }
 
   async loadItems(params: KubeObjectStoreLoadingParams) {