Merge pull request #525 from wunderio/feature/hub-agent

Jancis · web-flow · commit d6bc5b5d075d · 2026-03-31T08:28:51.000Z
Silta hub agent
diff --git a/silta-cluster/templates/silta-hub-agent.yaml b/silta-cluster/templates/silta-hub-agent.yaml
@@ -0,0 +1,97 @@
+{{- if and .Values.hub.enabled .Values.hub.clusterId }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Name }}-hub-agent
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Release.Name }}-hub-agent
+rules:
+  - apiGroups: [""]
+    resources:
+      - namespaces
+      - pods
+      - services
+      - configmaps
+      - secrets
+    verbs:
+      - get
+      - list
+  - apiGroups: ["apps"]
+    resources:
+      - deployments
+      - statefulsets
+      - daemonsets
+      - replicasets
+    verbs:
+      - get
+      - list
+  - apiGroups: ["batch"]
+    resources:
+      - jobs
+      - cronjobs
+    verbs:
+      - get
+      - list
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Release.Name }}-hub-agent
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Release.Name }}-hub-agent
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Release.Name }}-hub-agent
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-hub-agent
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Release.Name }}-hub-agent
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}-hub-agent
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name }}-hub-agent
+    spec:
+      serviceAccountName: {{ .Release.Name }}-hub-agent
+      containers:
+        - name: agent
+          image: {{ .Values.hub.image }}:{{ .Values.hub.imageTag }}
+          imagePullPolicy: IfNotPresent
+          env:
+            - name: SILTA_HUB_URL
+              value: {{ .Values.hub.url }}
+            - name: CLUSTER_ID
+              value: {{ .Values.hub.clusterId }}
+            - name: SILTA_HUB_KEY
+              value: {{ .Values.hub.accessKey }}
+            - name: HUB_SYNC_CRON
+              value: {{ .Values.hub.syncSchedule }}
+            - name: TELEMETRY
+              value: {{ .Values.hub.telemetry }}
+          resources:
+            {{- .Values.hub.resources | toYaml | nindent 12 }}
+          securityContext:
+            runAsNonRoot: true
+            runAsUser: 65534
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            capabilities:
+              drop:
+                - ALL
+---
+{{- end }}
diff --git a/silta-cluster/values.yaml b/silta-cluster/values.yaml
@@ -509,3 +509,20 @@ daemonset:
     enabled: true
     image: docker.io/bash
     imageTag: "5"
+
+hub:
+  enabled: false
+  clusterId: ""
+  url: ""
+  accessKey: ""
+  syncSchedule: "0 2 * * *"
+  telemetry: "all" # Telemetry options: "disabled", "silta-cluster", "all"
+  image: "wunderio/silta-hub-agent"
+  imageTag: "1"
+  resources:
+    requests:
+      cpu: 50m
+      memory: 64Mi
+    limits:
+      cpu: 200m
+      memory: 128Mi
