Add a resource to a group using annotations

[ErezWeiss]

Hi guys! Please add the ability to add a resource to a group using annotations. Something like: twingate.com/resourceaccess-principalId: '{GROUP-ID}'

Thanks!

[linear[bot]]

OSS-33 Add a resource to a group using annotations

[ErezWeiss]

also, add the option to import existing resources, as adding twingate.com/resource-id doesn't work.

[ErezWeiss]

also, adding twingate.com/resource-name doesn't change the resource name.

[ErezWeiss]

also removing the annotation doesn't delete the resource.

[ekampf]

1. Importing existing resources while using annotations - didnt think of that feature. Will think about adding it (there's no support for twingate.com/resource-id) today
2. Should work... will add an integration test and fix if necessary
3. Will look into it ASAP

[ekampf]

@ErezWeiss please see docs: https://github.com/Twingate/kubernetes-operator/wiki/User-Guide#exposing-a-cluster-workload-by-annotating-an-existing-service

Only the following annotations are supported at the moment:

• twingate.com/resource-alias
• twingate.com/resource-isBrowserShortcutEnabled
• twingate.com/resource-securityPolicyId
• twingate.com/resource-isVisible

I understand the use case for adding id for importing. Is customizing the name really necessary?

[ekampf]

I've been thinking more about 1 - adding a twingate.com/resource-id annotation to support import, or twingate.com/resource-principalIds (has to be plural - you could want to add a resource to multiple principals) seems to me like an abuse of service annotations for advanced use cases that better fit using TwingateResource and TwingateResourceAccess directly...

[ErezWeiss]

Thanks Eran! We decided to move on with the CRs and not with the annotations. We also decided to recreate all the resources rather then import them (too long process)

[ErezWeiss]

Regarding the name annotation - we have a convention for the naming, I guess we are not alone. @ekampf

[ekampf]

@ErezWeiss name annotation (twingate.com/resource-name) supported in version 0.11.0 so you can use it. I will close this issue for now but love the feedback keep it coming :)