diff --git a/index.yaml b/index.yaml index 802109b..3b804db 100644 --- a/index.yaml +++ b/index.yaml @@ -3,9 +3,9 @@ entries: connector: - apiVersion: v1 appVersion: latest - created: "2024-09-05T16:01:46.866022786Z" + created: "2024-11-21T21:02:27.909235019Z" description: Twingate Connector helm chart - digest: 206968f3351cd119c80150ed59cf370c7f8241571fc3cbc1deea6ecaf3df8387 + digest: c83c331380ff0ffe1916a5dbd2a2972cc57afba16bfcb9ffeb724f8fe2c1bcfd home: https://www.twingate.com icon: https://www.twingate.com/twingate.png name: connector @@ -200,4 +200,4 @@ entries: urls: - https://twingate.github.io/helm-charts/packages/connector-0.1.9.tgz version: 0.1.9 -generated: "2024-09-05T16:01:46.864896325Z" +generated: "2024-11-21T21:02:27.907582087Z" diff --git a/packages/connector-0.1.27.tgz b/packages/connector-0.1.27.tgz index cdfa8d5..793f045 100644 Binary files a/packages/connector-0.1.27.tgz and b/packages/connector-0.1.27.tgz differ diff --git a/stable/connector/README.md b/stable/connector/README.md index 920888e..f1facab 100644 --- a/stable/connector/README.md +++ b/stable/connector/README.md @@ -88,3 +88,5 @@ The following table lists the configurable parameters of the Twingate chart and | `podDnsConfig` | Optional pod [DNS configurations](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-config) | | | `env` | Additional environment variables for the deployment | `{}` (The value is evaluated as a template) | | `hostNetwork` | Enable/Disable host network for the pod | `false` (Disabled by default) | +| `readinessProbe` | Pod's readiness probe | default healthcheck - `connectorctl health` | +| `livenessProbe` | Pod's liveness probe | default healthcheck - `connectorctl health` | diff --git a/stable/connector/templates/deployment.yaml b/stable/connector/templates/deployment.yaml index d999a17..5ea2c98 100644 --- a/stable/connector/templates/deployment.yaml +++ b/stable/connector/templates/deployment.yaml @@ -45,6 +45,14 @@ spec: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.readinessProbe }} + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 12 }} + {{- end }} + {{- if .Values.livenessProbe }} + livenessProbe: +{{ toYaml .Values.livenessProbe | indent 12 }} + {{- end }} envFrom: - secretRef: {{- if .Values.connector.existingSecret }} diff --git a/stable/connector/values.yaml b/stable/connector/values.yaml index a5f73e0..4e79bd0 100644 --- a/stable/connector/values.yaml +++ b/stable/connector/values.yaml @@ -84,3 +84,20 @@ connector: {} # refreshToken: "" # existingSecret: "secret name" # dnsServer: "some.dnsserver.com" + +readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: + periodSeconds: 5 + + +livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 diff --git a/test/golden/affinity.golden.yaml b/test/golden/affinity.golden.yaml index f2e47ce..e7da7fb 100644 --- a/test/golden/affinity.golden.yaml +++ b/test/golden/affinity.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/connector-url.golden.yaml b/test/golden/connector-url.golden.yaml index 565204e..4f478be 100644 --- a/test/golden/connector-url.golden.yaml +++ b/test/golden/connector-url.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/default-values.golden.yaml b/test/golden/default-values.golden.yaml index 3a09416..c796043 100644 --- a/test/golden/default-values.golden.yaml +++ b/test/golden/default-values.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/env-vars.golden.yaml b/test/golden/env-vars.golden.yaml index 13048ef..71ccdfc 100644 --- a/test/golden/env-vars.golden.yaml +++ b/test/golden/env-vars.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/extraPodDefinitions.golden.yaml b/test/golden/extraPodDefinitions.golden.yaml index db2eafa..fcab1bb 100644 --- a/test/golden/extraPodDefinitions.golden.yaml +++ b/test/golden/extraPodDefinitions.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/image-pull-secrets.golden.yaml b/test/golden/image-pull-secrets.golden.yaml index b39af5c..145ed17 100644 --- a/test/golden/image-pull-secrets.golden.yaml +++ b/test/golden/image-pull-secrets.golden.yaml @@ -44,6 +44,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/logAnalytics.golden.yaml b/test/golden/logAnalytics.golden.yaml index de9cbb7..215dc3c 100644 --- a/test/golden/logAnalytics.golden.yaml +++ b/test/golden/logAnalytics.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/loglevel-debug.golden.yaml b/test/golden/loglevel-debug.golden.yaml index e863ccf..580937b 100644 --- a/test/golden/loglevel-debug.golden.yaml +++ b/test/golden/loglevel-debug.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/loglevel-error.golden.yaml b/test/golden/loglevel-error.golden.yaml index 3a09416..c796043 100644 --- a/test/golden/loglevel-error.golden.yaml +++ b/test/golden/loglevel-error.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/loglevel-info.golden.yaml b/test/golden/loglevel-info.golden.yaml index 4df4e3d..e1765a0 100644 --- a/test/golden/loglevel-info.golden.yaml +++ b/test/golden/loglevel-info.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/loglevel-warning.golden.yaml b/test/golden/loglevel-warning.golden.yaml index 734ef9c..5c25189 100644 --- a/test/golden/loglevel-warning.golden.yaml +++ b/test/golden/loglevel-warning.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/override-readiness-liveness-probes-check.golden.yaml b/test/golden/override-readiness-liveness-probes-check.golden.yaml new file mode 100644 index 0000000..0f2b952 --- /dev/null +++ b/test/golden/override-readiness-liveness-probes-check.golden.yaml @@ -0,0 +1,81 @@ +--- +# Source: connector/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: test-connector + labels: + app.kubernetes.io/name: connector + helm.sh/chart: connector-major.minor.patch-test + app.kubernetes.io/instance: test + app.kubernetes.io/version: "latest" + app.kubernetes.io/managed-by: Helm +type: Opaque +data: + TWINGATE_ACCESS_TOKEN: "QUNDRVNTX1RPS0VO" + TWINGATE_REFRESH_TOKEN: "UkVGUkVTSF9UT0tFTg==" +--- +# Source: connector/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: test-connector + labels: + app.kubernetes.io/name: connector + helm.sh/chart: connector-major.minor.patch-test + app.kubernetes.io/instance: test + app.kubernetes.io/version: "latest" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: connector + app.kubernetes.io/instance: test + template: + metadata: + labels: + app.kubernetes.io/name: connector + app.kubernetes.io/instance: test + spec: + containers: + - name: connector + image: "twingate/connector:1" + imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 20 + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 + envFrom: + - secretRef: + name: test-connector + optional: false + env: + - name: TWINGATE_LABEL_DEPLOYED_BY + value: helm + - name: TWINGATE_LABEL_HELM_CHART + value: connector-major.minor.patch-test + - name: TWINGATE_URL + value: "https://test-tenant.twingate.com" + - name: TWINGATE_LOG_LEVEL + value: "3" + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 65532 + resources: + requests: + cpu: 50m + memory: 200Mi diff --git a/test/golden/override-readiness-liveness-probes-check.yaml b/test/golden/override-readiness-liveness-probes-check.yaml new file mode 100644 index 0000000..df8379f --- /dev/null +++ b/test/golden/override-readiness-liveness-probes-check.yaml @@ -0,0 +1,14 @@ +image: + repository: twingate/connector + tag: 1 + pullPolicy: Always + +connector: + network: "test-tenant" + accessToken: "ACCESS_TOKEN" + refreshToken: "REFRESH_TOKEN" + + +readinessProbe: + initialDelaySeconds: 20 + diff --git a/test/golden/override-readiness-liveness-probes.golden.yaml b/test/golden/override-readiness-liveness-probes.golden.yaml new file mode 100644 index 0000000..3a09416 --- /dev/null +++ b/test/golden/override-readiness-liveness-probes.golden.yaml @@ -0,0 +1,67 @@ +--- +# Source: connector/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: test-connector + labels: + app.kubernetes.io/name: connector + helm.sh/chart: connector-major.minor.patch-test + app.kubernetes.io/instance: test + app.kubernetes.io/version: "latest" + app.kubernetes.io/managed-by: Helm +type: Opaque +data: + TWINGATE_ACCESS_TOKEN: "QUNDRVNTX1RPS0VO" + TWINGATE_REFRESH_TOKEN: "UkVGUkVTSF9UT0tFTg==" +--- +# Source: connector/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: test-connector + labels: + app.kubernetes.io/name: connector + helm.sh/chart: connector-major.minor.patch-test + app.kubernetes.io/instance: test + app.kubernetes.io/version: "latest" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: connector + app.kubernetes.io/instance: test + template: + metadata: + labels: + app.kubernetes.io/name: connector + app.kubernetes.io/instance: test + spec: + containers: + - name: connector + image: "twingate/connector:1" + imagePullPolicy: Always + envFrom: + - secretRef: + name: test-connector + optional: false + env: + - name: TWINGATE_LABEL_DEPLOYED_BY + value: helm + - name: TWINGATE_LABEL_HELM_CHART + value: connector-major.minor.patch-test + - name: TWINGATE_URL + value: "https://test-tenant.twingate.com" + - name: TWINGATE_LOG_LEVEL + value: "3" + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 65532 + resources: + requests: + cpu: 50m + memory: 200Mi diff --git a/test/golden/override-readiness-liveness-probes.yaml b/test/golden/override-readiness-liveness-probes.yaml new file mode 100644 index 0000000..435d91b --- /dev/null +++ b/test/golden/override-readiness-liveness-probes.yaml @@ -0,0 +1,13 @@ +image: + repository: twingate/connector + tag: 1 + pullPolicy: Always + +connector: + network: "test-tenant" + accessToken: "ACCESS_TOKEN" + refreshToken: "REFRESH_TOKEN" + + +readinessProbe: false +livenessProbe: false diff --git a/test/golden/priority-class.golden.yaml b/test/golden/priority-class.golden.yaml index cf9e148..1ba1747 100644 --- a/test/golden/priority-class.golden.yaml +++ b/test/golden/priority-class.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/resources.golden.yaml b/test/golden/resources.golden.yaml index f9545ef..44a9c89 100644 --- a/test/golden/resources.golden.yaml +++ b/test/golden/resources.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/toleration.golden.yaml b/test/golden/toleration.golden.yaml index bcf4fba..b88e2e8 100644 --- a/test/golden/toleration.golden.yaml +++ b/test/golden/toleration.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector diff --git a/test/golden/topology.golden.yaml b/test/golden/topology.golden.yaml index 72338f9..1a2891c 100644 --- a/test/golden/topology.golden.yaml +++ b/test/golden/topology.golden.yaml @@ -42,6 +42,20 @@ spec: - name: connector image: "twingate/connector:1" imagePullPolicy: Always + readinessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: null + periodSeconds: 5 + livenessProbe: + exec: + command: + - /connectorctl + - health + initialDelaySeconds: 5 + periodSeconds: 5 envFrom: - secretRef: name: test-connector