Skip to content

Latest commit

 

History

History
48 lines (42 loc) · 3.3 KB

MANUAL_DEPLOYMENT.md

File metadata and controls

48 lines (42 loc) · 3.3 KB
Raw

Deploy on Google CloudRun (manual)

  1. Open Google Cloud Shell
  2. Clone the project git clone https://github.com/Twingate-Labs/tg-group-profile-manager.git
  3. cd tg-group-profile-manager
  4. Update tg-group-profile-manager.conf with the configuration values described in the README
  5. Update the file profile_config.json following the notes in the schema documentation
  6. Execute the following commands to deploy CloudRun
gcloud config set compute/zone europe-west2-a # change to your preferred zone
gcloud config set run/region europe-west2 # change to your preferred region
export PROJECT_ID=$(gcloud config list --format 'value(core.project)')
export SERVICE_ACCOUNT=$(gcloud iam service-accounts list --format 'value(EMAIL)' --filter 'NAME:Compute Engine default service account')
./cloudrun_setup.sh
  1. Copy the URL of the Slack app, e.g. https://tg-group-profile-manager-xxxxx-nw.a.run.app

Deploy on Docker

  1. Download tg-group-profile-manager.conf template here
  2. Update tg-group-profile-manager.conf with the configuration values described in the README
  3. Download and run Docker container docker run -p 8080:8080 --env-file ./tg-group-profile-manager.conf -d --name tg-group-profile-manager ghcr.io/twingate-labs/tg-group-profile-manager:latest
  4. Now you should have the tg-group-profile_manager container running on port 8080

Deploy on K8S

To install the chart

$ helm repo add twingate-labs https://twingate-labs.github.io/tg-group-profile-manager-helm/
$ helm install tg-group-profile-manager twingate-labs/tg-group-profile-manager -n [namespace] \
    --set variables.twingateAccount="xxx.twingate.com" \
    --set variables.twingateApiKey="xxx" \
    --set variables.slackSigningSecret="xxx" \
    --set variables.slackBotToken="xoxb-xxx" \
    --set-json='variables.profileConfig={"profiles":[{"profileName":"Example One Of Profile 1","profileType":"oneOf","groups":["Prod","Preprod","Testing"],"applicableToGroup":"Everyone"},{"profileName":"Example One Of Profile 2","profileType":"oneOf","groups":["US","EU","ASIA"],"applicableToGroup":"Everyone"},{"profileName":"Example Self-Serve Business Approvals","profileType":"selfServeApproval","groups":["HR","Finance","Sales"],"timeOptions": ["Forever", "1h", "8h", "24h", "7d", "30d", "90d"],"applicableToGroup":"Everyone","approverGroup":"IT"}, {"profileName":"Example Self-Serve Business Approvals 2","profileType":"selfServeApproval","groups":["HR","Finance","Sales"],"timeOptions": ["Forever", "1h", "8h", "24h"],"applicableToGroup":"Everyone","approverGroup":"IT"}],"groupPermissions":{"Prod":"Admin"}}'

For setting up with secret, see setup with secret

For setting up with https/ingress, see setup with ingress

Deploy on NodeJS

NodeJS 18+ required

  1. Clone the latest tg group profile manager git clone https://github.com/Twingate-Labs/tg-group-profile-manager.git
  2. cd tg-group-profile-manager
  3. Update tg-group-profile-manager.conf with the configuration values described in the README
  4. Copy the updated tg-group-profile-manager.conf to the file .env
  5. Run npm install
  6. Run node app.mjs
  7. Now you should have the Slackbot running on port 8080