search

strongdm / accessbot

Manage access to strongDM resources via Slack
Apache License 2.0
23 stars 19 forks source link

Provide Helm Chart #216

Closed chrisferry closed 2 years ago

chrisferry commented 2 years ago

Would be great to have a helm chart so we could deploy this to Kubernetes as we do not use/support docker compose.

camposer commented 2 years ago

Hi @chrisferry

Could you please elaborate more about why you need Helm for this?

Here's a k8s deployment descriptor that might help:

# The secret definition is totally optional - just ensure that it exists
apiVersion: v1
kind: Secret
metadata:
  name: accessbot-secret
type: Opaque
stringData:
  SDM_API_ACCESS_KEY: sdm-api-access-key
  SDM_API_SECRET_KEY: sdm-api-secret-key
  SLACK_APP_TOKEN: slack-app-token
  SLACK_BOT_TOKEN: slack-bot-token
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: accessbot-deployment
spec:
  selector:
    matchLabels:
      app: accessbot
  replicas: 1
  template:
    metadata:
      labels:
        app: accessbot
    spec:
      containers:
      - name: accessbot
        image: public.ecr.aws/strongdm/accessbot:latest
        env:
        - name: SDM_ADMINS
          value: "@nickname1 @nickname2"
        - name: SDM_API_ACCESS_KEY
          valueFrom:
            secretKeyRef:
              name: accessbot-secret
              key: SDM_API_ACCESS_KEY
        - name: SDM_API_SECRET_KEY
          valueFrom:
            secretKeyRef:
              name: accessbot-secret
              key: SDM_API_SECRET_KEY
        - name: SDM_BOT_PLATFORM
          value: "slack"
        - name: SLACK_APP_TOKEN
          valueFrom:
            secretKeyRef:
              name: accessbot-secret
              key: SLACK_APP_TOKEN
        - name: SLACK_BOT_TOKEN
          valueFrom:
            secretKeyRef:
              name: accessbot-secret
              key: SLACK_BOT_TOKEN
jwhitcraft commented 2 years ago

Just going to come back to this even though it closed, The only way our pipelines allow things to be deploy on our clusters is via Helm charts. While having the deployment descriptor is nice, supporting a helm chart would also be +1 in my book. I'm open to contributing one as I'll need one soon for deploy this into our clusters.

camposer commented 2 years ago

It would be amazing if you can contribute with that @jwhitcraft

I can clearly see a folder named helm, or similar, with a README and all the content. What do you think?

camposer commented 2 years ago

I'll reopen the issue

jwhitcraft commented 2 years ago

@camposer sounds good, I've got time today to start working on this