Skip to content

Commit

Permalink
merge commit 378
Browse files Browse the repository at this point in the history
  • Loading branch information
@twingate-build-bot
twingate-build-bot committed Jun 11, 2024
2 parents 745fd05 + 6d1d381 commit 41a78a4
Show file tree
Hide file tree
Showing 9 changed files with 126 additions and 30 deletions.
13 changes: 12 additions & 1 deletion index.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,17 @@
apiVersion: v1
entries:
connector:
- apiVersion: v1
appVersion: latest
created: "2024-06-11T15:53:12.408518685Z"
description: Twingate Connector helm chart
digest: 93d3ace13a3becd36bff707235ca9c7948382c3a67a7cd096a186b048bf78163
home: https://www.twingate.com
icon: https://www.twingate.com/twingate.png
name: connector
urls:
- https://twingate.github.io/helm-charts/packages/connector-0.1.25.tgz
version: 0.1.25
- apiVersion: v1
appVersion: latest
created: "2024-06-11T05:40:02.441706024Z"
Expand Down Expand Up @@ -167,4 +178,4 @@ entries:
urls:
- https://twingate.github.io/helm-charts/packages/connector-0.1.9.tgz
version: 0.1.9
generated: "2024-06-11T05:40:02.441097237Z"
generated: "2024-06-11T15:53:12.407865292Z"
Binary file added packages/connector-0.1.25.tgz
View file
Binary file not shown.
2 changes: 1 addition & 1 deletion stable/connector/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,4 @@ home: https://www.twingate.com
description: Twingate Connector helm chart
icon: https://www.twingate.com/twingate.png
name: connector
version: 0.1.24
version: 0.1.25
57 changes: 29 additions & 28 deletions stable/connector/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,31 +58,32 @@ The command removes all the Kubernetes components associated with the chart and

The following table lists the configurable parameters of the Twingate chart and their default values.

| Parameter | Description | Default |
|-----------------------------------------|-----------------------------------------------------------------------------|---------------------------------------------------------|
| `connector.network` | The Twingate network name, eg. acme (required) | |
| `connector.url` | The Twingate service domain | `twingate.com` |
| `connector.accessToken` | Access Token (required unless `connector.existingSecret` is specified) | |
| `connector.refreshToken` | Refresh Token (required unless `connector.existingSecret` is specified) | |
| `connector.existingSecret` | The name of an existing secret to use for the access and refresh tokens | |
| `connector.logLevel` | Log Level - supported : [error, warning, info, debug] | `error` |
| `connector.logAnalytics` | Real-time connection logs (see https://www.twingate.com/docs/connector-real-time-logs) - supported : [v1, v2] | |
| `connector.dnsServer` | Custom DNS server | |
| `image.registry` | Twingate image registry | `docker.io` |
| `image.repository` | Twingate image name | `twingate/connector` |
| `image.tag` | Twingate image tag | `latest` |
| `image.pullPolicy` | Twingate image pull policy | `Always` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `nameOverride` | String to partially override twingate.fullname template | `nil` |
| `fullnameOverride` | String to fully override twingate.fullname template | `nil` |
| `icmpSupport.enabled` | Enable the ICMP securityContext. See more in values file | `false` |
| `affinity` | Map of node/pod affinities | `{}` (The value is evaluated as a template) |
| `nodeSelector` | node labels for pod assignment | `{}` (The value is evaluated as a template) |
| `tolerations` | Tolerations for pod assignment | `[]` (The value is evaluated as a template) |
| `resources` | Resource requests and limits | `{}` (The value is evaluated as a template) |
| `additionalLabels` | Additional labels for the deployment | `{}` (The value is evaluated as a template) |
| `podAnnotations` | Map of annotations to add to pods | `{}` |
| `podDnsPolicy` | Optional pod [DNS policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-policy) | |
| `podDnsConfig` | Optional pod [DNS configurations](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-config) | |
| `env` | Additional environment variables for the deployment | `{}` (The value is evaluated as a template) |
| `hostNetwork` | Enable/Disable host network for the pod | `false` (Disabled by default) |
| Parameter | Description | Default |
|-----------------------------------------|-----------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `connector.network` | The Twingate network name, eg. acme (required) | |
| `connector.url` | The Twingate service domain | `twingate.com` |
| `connector.accessToken` | Access Token (required unless `connector.existingSecret` is specified) | |
| `connector.refreshToken` | Refresh Token (required unless `connector.existingSecret` is specified) | |
| `connector.existingSecret` | The name of an existing secret to use for the access and refresh tokens | |
| `connector.logLevel` | Log Level - supported : [error, warning, info, debug] | `error` |
| `connector.logAnalytics` | Real-time connection logs (see https://www.twingate.com/docs/connector-real-time-logs) - supported : [v1, v2] | |
| `connector.dnsServer` | Custom DNS server | |
| `image.registry` | Twingate image registry | `docker.io` |
| `image.repository` | Twingate image name | `twingate/connector` |
| `image.tag` | Twingate image tag | `latest` |
| `image.pullPolicy` | Twingate image pull policy | `Always` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `nameOverride` | String to partially override twingate.fullname template | `nil` |
| `fullnameOverride` | String to fully override twingate.fullname template | `nil` |
| `icmpSupport.enabled` | Enable the ICMP securityContext. See more in values file | `false` |
| `affinity` | Map of node/pod affinities | `{}` (The value is evaluated as a template) |
| `priorityClassName` | String to added priorityClass for pod assignment | `nil` |
| `nodeSelector` | node labels for pod assignment | `{}` (The value is evaluated as a template) |
| `tolerations` | Tolerations for pod assignment | `[]` (The value is evaluated as a template) |
| `resources` | Resource requests and limits | `{}` (The value is evaluated as a template) |
| `additionalLabels` | Additional labels for the deployment | `{}` (The value is evaluated as a template) |
| `podAnnotations` | Map of annotations to add to pods | `{}` |
| `podDnsPolicy` | Optional pod [DNS policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-policy) | |
| `podDnsConfig` | Optional pod [DNS configurations](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-config) | |
| `env` | Additional environment variables for the deployment | `{}` (The value is evaluated as a template) |
| `hostNetwork` | Enable/Disable host network for the pod | `false` (Disabled by default) |
3 changes: 3 additions & 0 deletions stable/connector/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,9 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- end }}
{{- with .Values.podDnsPolicy }}
dnsPolicy: {{ . }}
{{- end }}
Expand Down
1 change: 1 addition & 0 deletions stable/connector/values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,7 @@
"nodeSelector": {},
"tolerations": [],
"affinity": {},
"priorityClassName": "",
"env": {},
"icmpSupport": {
"enabled": false
Expand Down
6 changes: 6 additions & 0 deletions stable/connector/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,12 @@ tolerations: []
##
affinity: {}

### priorityClassName for pod assignment
### Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
### Note: priorityClassName will be ignored if it's set
##
priorityClassName: ""

## Extra environment variables that will be pass onto connector pod
##
## env:
Expand Down
68 changes: 68 additions & 0 deletions test/golden/priority-class.golden.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
---
# Source: connector/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: test-connector
labels:
app.kubernetes.io/name: connector
helm.sh/chart: connector-major.minor.patch-test
app.kubernetes.io/instance: test
app.kubernetes.io/version: "latest"
app.kubernetes.io/managed-by: Helm
type: Opaque
data:
TWINGATE_ACCESS_TOKEN: "QUNDRVNTX1RPS0VO"
TWINGATE_REFRESH_TOKEN: "UkVGUkVTSF9UT0tFTg=="
---
# Source: connector/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-connector
labels:
app.kubernetes.io/name: connector
helm.sh/chart: connector-major.minor.patch-test
app.kubernetes.io/instance: test
app.kubernetes.io/version: "latest"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: connector
app.kubernetes.io/instance: test
template:
metadata:
labels:
app.kubernetes.io/name: connector
app.kubernetes.io/instance: test
spec:
containers:
- name: connector
image: "twingate/connector:1"
imagePullPolicy: Always
envFrom:
- secretRef:
name: test-connector
optional: false
env:
- name: TWINGATE_LABEL_DEPLOYED_BY
value: helm
- name: TWINGATE_LABEL_HELM_CHART
value: connector-major.minor.patch-test
- name: TWINGATE_URL
value: "https://test-tenant.twingate.com"
- name: TWINGATE_LOG_LEVEL
value: "3"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
runAsNonRoot: true
runAsUser: 65532
resources:
requests:
cpu: 50m
memory: 200Mi
priorityClassName: "system-cluster-critical"
6 changes: 6 additions & 0 deletions test/golden/priority-class.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
priorityClassName: "system-cluster-critical"

connector:
network: "test-tenant"
accessToken: "ACCESS_TOKEN"
refreshToken: "REFRESH_TOKEN"

0 comments on commit 41a78a4

Please sign in to comment.