Clean up provider internals (#1591)

This change cleans up the provider internals in preparation for more
involved features like adding EFA support
(#1564). This was necessary
because there was still a substantial amount of legacy cruft in the
provider that wasn't even exposed to users (seem to be leftovers from
moving the nodejs implementation onto MLCs).
Additionally it slightly reorganizes the internal module structure in
order to have a more manageable code structure (compared to the current
flat structure and HUGE files).

This change should be fully transparent to users.

nodejs/eks/addon.ts → nodejs/eks/addons/addon.ts

@@ -14,7 +14,7 @@
 
 import * as pulumi from "@pulumi/pulumi";
 import * as aws from "@pulumi/aws";
-import { Cluster } from "./cluster";
+import { Cluster } from "../cluster";
 
 /**
  * AddonOptions describes the configuration options available for the Amazon VPC CNI plugin for Kubernetes. This is obtained from

nodejs/eks/cni-addon.ts → nodejs/eks/addons/cni-addon.ts

@@ -16,7 +16,7 @@ import * as pulumi from "@pulumi/pulumi";
 import * as aws from "@pulumi/aws";
 import * as k8s from "@pulumi/kubernetes";
 import { stringifyAddonConfiguration } from "./addon";
-import { isObject } from "./utilities";
+import { isObject } from "../utilities";
 
 export interface VpcCniAddonOptions extends CniEnvVariables {
     clusterName: pulumi.Input<string>;

nodejs/eks/addons/index.ts

@@ -0,0 +1,17 @@
+// Copyright 2016-2024, Pulumi Corporation.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+export { Addon } from "./addon";
+export { VpcCniAddon, VpcCniAddonOptions } from "./cni-addon";
+export { stringifyAddonConfiguration } from "./addon";

nodejs/eks/authenticationMode.test.ts → nodejs/eks/cluster/authenticationMode.test.ts

@@ -18,7 +18,7 @@ import {
     validateAuthenticationMode,
 } from "./authenticationMode";
 
-import { ClusterOptions, AuthenticationMode } from "./cluster";
+import { ClusterOptions } from "./cluster";
 
 import * as aws from "@pulumi/aws";
 

nodejs/eks/cluster.ts → nodejs/eks/cluster/cluster.ts

@@ -30,20 +30,19 @@ import {
     validateAuthenticationMode,
 } from "./authenticationMode";
 import { getIssuerCAThumbprint } from "./cert-thumprint";
-import { assertCompatibleAWSCLIExists } from "./dependencies";
+import { assertCompatibleAWSCLIExists } from "../dependencies";
 import {
     computeWorkerSubnets,
     createNodeGroupV2,
     NodeGroupBaseOptions,
     NodeGroupV2Data,
-} from "./nodegroup";
-import { createNodeGroupSecurityGroup } from "./securitygroup";
-import { ServiceRole } from "./servicerole";
+} from "../nodes";
+import { createNodeGroupSecurityGroup } from "../nodes";
+import { ServiceRole } from "../servicerole";
 import { createStorageClass, EBSVolumeType, StorageClass } from "./storageclass";
-import { InputTags, UserStorageClasses } from "./utils";
-import { VpcCniAddon, VpcCniAddonOptions } from "./cni-addon";
-import { stringifyAddonConfiguration } from "./addon";
-import { getRegionFromArn } from "./utilities";
+import { InputTags, UserStorageClasses } from "../utils";
+import { stringifyAddonConfiguration, VpcCniAddon, VpcCniAddonOptions } from "../addons";
+import { getRegionFromArn } from "../utilities";
 
 /**
  * RoleMapping describes a mapping from an AWS IAM role to a Kubernetes user and groups.
@@ -2015,137 +2014,6 @@ export const AccessEntryType = {
  */
 export type AccessEntryType = (typeof AccessEntryType)[keyof typeof AccessEntryType];
 
-/**
- * Cluster is a component that wraps the AWS and Kubernetes resources necessary to run an EKS cluster, its worker
- * nodes, its optional StorageClasses, and an optional deployment of the Kubernetes Dashboard.
- */
-export class Cluster extends pulumi.ComponentResource {
-    /**
-     * A kubeconfig that can be used to connect to the EKS cluster.
-     */
-    public readonly kubeconfig: pulumi.Output<any>;
-
-    /**
-     * A kubeconfig that can be used to connect to the EKS cluster as a JSON string.
-     */
-    public readonly kubeconfigJson: pulumi.Output<string>;
-
-    /**
-     * The AWS resource provider.
-     */
-    public readonly awsProvider: pulumi.ProviderResource;
-
-    /**
-     * A Kubernetes resource provider that can be used to deploy into this cluster. For example, the code below will
-     * create a new Pod in the EKS cluster.
-     *
-     *     let eks = new Cluster("eks");
-     *     let pod = new kubernetes.core.v1.Pod("pod", { ... }, { provider: eks.provider });
-     *
-     */
-    public readonly provider: k8s.Provider;
-
-    /**
-     * The security group for the EKS cluster.
-     */
-    public readonly clusterSecurityGroup: aws.ec2.SecurityGroup | undefined;
-
-    /**
-     * The service roles used by the EKS cluster.
-     */
-    public readonly instanceRoles: pulumi.Output<aws.iam.Role[]>;
-
-    /**
-     * The security group for the cluster's nodes.
-     */
-    public readonly nodeSecurityGroup: aws.ec2.SecurityGroup | undefined;
-
-    /**
-     * The ingress rule that gives node group access to cluster API server
-     */
-    public readonly eksClusterIngressRule: aws.ec2.SecurityGroupRule | undefined;
-
-    /**
-     * The default Node Group configuration, or undefined if `skipDefaultNodeGroup` was specified.
-     */
-    public readonly defaultNodeGroup: NodeGroupV2Data | undefined;
-
-    /**
-     * The EKS cluster.
-     */
-    public readonly eksCluster: aws.eks.Cluster;
-
-    /**
-     * The EKS cluster and its dependencies.
-     */
-    public readonly core: CoreData;
-
-    /**
-     * Create a new EKS cluster with worker nodes, optional storage classes, and deploy the Kubernetes Dashboard if
-     * requested.
-     *
-     * @param name The _unique_ name of this component.
-     * @param args The arguments for this cluster.
-     * @param opts A bag of options that control this component's behavior.
-     */
-    constructor(name: string, args?: ClusterOptions, opts?: pulumi.ComponentResourceOptions) {
-        const type = "eks:index:Cluster";
-
-        if (opts?.urn) {
-            const props = {
-                kubeconfig: undefined,
-                eksCluster: undefined,
-            };
-            super(type, name, props, opts);
-            return;
-        }
-
-        super(type, name, args, opts);
-
-        const cluster = createCluster(name, this, args, opts);
-        this.kubeconfig = cluster.kubeconfig;
-        this.kubeconfigJson = cluster.kubeconfigJson;
-        this.clusterSecurityGroup = cluster.clusterSecurityGroup;
-        this.instanceRoles = cluster.instanceRoles;
-        this.nodeSecurityGroup = cluster.nodeSecurityGroup;
-        this.eksClusterIngressRule = cluster.eksClusterIngressRule;
-        this.defaultNodeGroup = cluster.defaultNodeGroup;
-        this.eksCluster = cluster.eksCluster;
-        this.core = cluster.core;
-
-        this.registerOutputs({
-            kubeconfig: this.kubeconfig,
-            eksCluster: this.eksCluster,
-        });
-    }
-
-    /**
-     * Generate a kubeconfig for cluster authentication that does not use the
-     * default AWS credential provider chain, and instead is scoped to
-     * the supported options in `KubeconfigOptions`.
-     *
-     * The kubeconfig generated is automatically stringified for ease of use
-     * with the pulumi/kubernetes provider.
-     *
-     * See for more details:
-     * - https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html
-     * - https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html
-     * - https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
-     */
-    getKubeconfig(args: KubeconfigOptions): pulumi.Output<string> {
-        const region = this.eksCluster.arn.apply(getRegionFromArn);
-        const kc = generateKubeconfig(
-            this.eksCluster.name,
-            this.eksCluster.endpoint,
-            region,
-            true,
-            this.eksCluster.certificateAuthority?.data,
-            args,
-        );
-        return pulumi.output(kc).apply(JSON.stringify);
-    }
-}
-
 /** @internal */
 export interface ClusterResult {
     kubeconfig: pulumi.Output<any>;
@@ -2243,9 +2111,9 @@ export function createCluster(
         defaultNodeGroup = createNodeGroupV2(
             name,
             {
-                cluster: core,
                 ...core.nodeGroupOptions,
             },
+            pulumi.output(core),
             self,
         );
     }
@@ -2301,17 +2169,10 @@ export function createCluster(
 }
 
 /**
- * This is a variant of `Cluster` that is used for the MLC `Cluster`. We don't just use `Cluster`,
- * because not all of its output properties are typed as `Output<T>`, which prevents it from being
- * able to be correctly "rehydrated" from a resource reference. So we use this copy instead rather
- * than modifying the public surface area of the existing `Cluster` class, which is still being
- * used directly by users using the Node.js SDK. Once we move Node.js over to the generated MLC SDK,
- * we can clean all this up. Internally, this leverages the same `createCluster` helper method that
- * `Cluster` uses.
- *
- * @internal
+ * Cluster is a component that wraps the AWS and Kubernetes resources necessary to run an EKS cluster, its worker
+ * nodes, its optional StorageClasses, and an optional deployment of the Kubernetes Dashboard.
  */
-export class ClusterInternal extends pulumi.ComponentResource {
+export class Cluster extends pulumi.ComponentResource {
     public readonly clusterSecurityGroup!: pulumi.Output<aws.ec2.SecurityGroup | undefined>;
     public readonly core!: pulumi.Output<pulumi.Unwrap<CoreData>>;
     public readonly defaultNodeGroup!: pulumi.Output<pulumi.Unwrap<NodeGroupV2Data> | undefined>;

nodejs/eks/cluster/index.ts

@@ -0,0 +1,16 @@
+// Copyright 2016-2024, Pulumi Corporation.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+export { Cluster, ClusterCreationRoleProvider, CoreData } from "./cluster";
+export { supportsAccessEntries } from "./authenticationMode";

nodejs/eks/storageclass.ts → nodejs/eks/cluster/storageclass.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import * as aws from "@pulumi/aws";
 import * as k8s from "@pulumi/kubernetes";
 import * as k8sInputs from "@pulumi/kubernetes/types/input";
 import * as pulumi from "@pulumi/pulumi";

nodejs/eks/cmd/provider/addon.ts

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import * as pulumi from "@pulumi/pulumi";
-import { Addon } from "../../addon";
+import { Addon } from "../../addons";
 
 const managedAddonProvider: pulumi.provider.Provider = {
     construct: (

nodejs/eks/cmd/provider/cluster.ts

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import * as pulumi from "@pulumi/pulumi";
-import { ClusterCreationRoleProvider, ClusterInternal } from "../../cluster";
+import { ClusterCreationRoleProvider, Cluster } from "../../cluster";
 
 const clusterProvider: pulumi.provider.Provider = {
     construct: (
@@ -23,7 +23,7 @@ const clusterProvider: pulumi.provider.Provider = {
         options: pulumi.ComponentResourceOptions,
     ) => {
         try {
-            const cluster = new ClusterInternal(name, inputs, options);
+            const cluster = new Cluster(name, inputs, options);
             return Promise.resolve({
                 urn: cluster.urn,
                 state: {

nodejs/eks/cmd/provider/cni-addon.ts

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import * as pulumi from "@pulumi/pulumi";
-import { VpcCniAddon } from "../../cni-addon";
+import { VpcCniAddon } from "../../addons";
 
 const cniAddonProvider: pulumi.provider.Provider = {
     construct: (

nodejs/eks/cmd/provider/index.ts

@@ -14,8 +14,8 @@
 
 import * as pulumi from "@pulumi/pulumi";
 import { readFileSync } from "fs";
-import { ClusterInternal } from "../../cluster";
-import { VpcCniAddon } from "../../cni-addon";
+import { Cluster } from "../../cluster";
+import { VpcCniAddon } from "../../addons/cni-addon";
 import { clusterCreationRoleProviderProviderFactory, clusterProviderFactory } from "./cluster";
 import { cniAddonProviderFactory } from "./cni-addon";
 import {
@@ -50,7 +50,7 @@ class Provider implements pulumi.provider.Provider {
             construct: (name, type, urn) => {
                 switch (type) {
                     case "eks:index:Cluster":
-                        return new ClusterInternal(name, undefined, { urn });
+                        return new Cluster(name, undefined, { urn });
                     case "eks:index:VpcCniAddon":
                         return new VpcCniAddon(name, undefined, { urn });
                     default:
@@ -63,7 +63,7 @@ class Provider implements pulumi.provider.Provider {
     async call(token: string, inputs: pulumi.Inputs): Promise<pulumi.provider.InvokeResult> {
         switch (token) {
             case "eks:index:Cluster/getKubeconfig":
-                const self: ClusterInternal = inputs.__self__;
+                const self: Cluster = inputs.__self__;
                 const result = self.getKubeconfig({
                     profileName: inputs.profileName,
                     roleArn: inputs.roleArn,

nodejs/eks/cmd/provider/nodegroup.ts

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import * as pulumi from "@pulumi/pulumi";
-import { ManagedNodeGroupInternal, NodeGroupInternal, NodeGroupV2Internal } from "../../nodegroup";
+import { ManagedNodeGroup, NodeGroup, NodeGroupV2 } from "../../nodes";
 
 const nodeGroupProvider: pulumi.provider.Provider = {
     construct: (
@@ -23,7 +23,7 @@ const nodeGroupProvider: pulumi.provider.Provider = {
         options: pulumi.ComponentResourceOptions,
     ) => {
         try {
-            const nodegroup = new NodeGroupInternal(name, <any>inputs, options);
+            const nodegroup = new NodeGroup(name, <any>inputs, options);
             return Promise.resolve({
                 urn: nodegroup.urn,
                 state: {
@@ -54,7 +54,7 @@ const managedNodeGroupProvider: pulumi.provider.Provider = {
         options: pulumi.ComponentResourceOptions,
     ) => {
         try {
-            const nodegroup = new ManagedNodeGroupInternal(name, <any>inputs, options);
+            const nodegroup = new ManagedNodeGroup(name, <any>inputs, options);
             return Promise.resolve({
                 urn: nodegroup.urn,
                 state: {
@@ -81,7 +81,7 @@ const nodeGroupV2Provider: pulumi.provider.Provider = {
         options: pulumi.ComponentResourceOptions,
     ) => {
         try {
-            const nodegroup = new NodeGroupV2Internal(name, <any>inputs, options);
+            const nodegroup = new NodeGroupV2(name, <any>inputs, options);
             return Promise.resolve({
                 urn: nodegroup.urn,
                 state: {

nodejs/eks/cmd/provider/securitygroup.ts

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import * as pulumi from "@pulumi/pulumi";
-import { NodeGroupSecurityGroup } from "../../securitygroup";
+import { NodeGroupSecurityGroup } from "../../nodes";
 
 const nodeGroupSecurityGroupProvider: pulumi.provider.Provider = {
     construct: (