Added Helm chart

[DavideWalder]

Added a chart to deploy the client to K8s, comprised of:

• A deployment with a container and an initContainer (needed to copy configs to a read/write volume)
• A service exposing ports 1080 and 8080
• A secret with the proxies' basic auth
• A secret with the OpenVPN config

The documentation for the chart is autogenerated via the pre-commit hook helm-docs.

The chart would also have to be distributed and hosted (for example through GitHub pages, as explained here), but this requires admin rights to the repo.

[wfg]

Thanks for putting this together. How did you test this? Are there any problems at all with the chart?

[DavideWalder]

Thanks for putting this together. How did you test this? Are there any problems at all with the chart?

I tested it by deploying it with different values to a private cluster. More specifically I tested that the configuration for OpenVPN and both proxies is created correctly (secrets and env vars correctly created and referenced).

In terms of behaviour of the image in the k8s environment: I tested that OpenVPN, both proxies and authentication work as intended (tested by port-forwarding the two ports to my local machine and sending requests through the pod using cURL). Also tested the KILL_SWITCH and SUBNET options by by passing the address of the DNS server in /etc/resolv.conf as subnet (without it OpenVPN can't connect and with it it can, as intended).

Things left to do:

• I haven't properly tested the readinessProbe, which is currently the same as the healthcheck in the Dockerfile. This should anyway be replaced by a better check that pings both proxies (it can also be used as a livenessProbe then).
• The autoscaler would need more testing with sustained traffic, to see if it actually works nicely or if the metrics are too erratic.

Other than that I didn't notice any other issue with the chart (also only used it for a few days)