- Open Google Cloud Shell
- Clone the project
git clone https://github.com/Twingate-Labs/tg-group-profile-manager.git
cd tg-group-profile-manager
- Update
tg-group-profile-manager.conf
with the configuration values described in the README - Update the file
profile_config.json
following the notes in the schema documentation - Execute the following commands to deploy CloudRun
gcloud config set compute/zone europe-west2-a # change to your preferred zone
gcloud config set run/region europe-west2 # change to your preferred region
export PROJECT_ID=$(gcloud config list --format 'value(core.project)')
export SERVICE_ACCOUNT=$(gcloud iam service-accounts list --format 'value(EMAIL)' --filter 'NAME:Compute Engine default service account')
./cloudrun_setup.sh
- Copy the URL of the Slack app, e.g.
https://tg-group-profile-manager-xxxxx-nw.a.run.app
- Download
tg-group-profile-manager.conf
template here - Update
tg-group-profile-manager.conf
with the configuration values described in the README - Download and run Docker container
docker run -p 8080:8080 --env-file ./tg-group-profile-manager.conf -d --name tg-group-profile-manager ghcr.io/twingate-labs/tg-group-profile-manager:latest
- Now you should have the
tg-group-profile_manager
container running on port 8080
To install the chart
$ helm repo add twingate-labs https://twingate-labs.github.io/tg-group-profile-manager-helm/
$ helm install tg-group-profile-manager twingate-labs/tg-group-profile-manager -n [namespace] \
--set variables.twingateAccount="xxx.twingate.com" \
--set variables.twingateApiKey="xxx" \
--set variables.slackSigningSecret="xxx" \
--set variables.slackBotToken="xoxb-xxx" \
--set-json='variables.profileConfig={"profiles":[{"profileName":"Example One Of Profile 1","profileType":"oneOf","groups":["Prod","Preprod","Testing"],"applicableToGroup":"Everyone"},{"profileName":"Example One Of Profile 2","profileType":"oneOf","groups":["US","EU","ASIA"],"applicableToGroup":"Everyone"},{"profileName":"Example Self-Serve Business Approvals","profileType":"selfServeApproval","groups":["HR","Finance","Sales"],"timeOptions": ["Forever", "1h", "8h", "24h", "7d", "30d", "90d"],"applicableToGroup":"Everyone","approverGroup":"IT"}, {"profileName":"Example Self-Serve Business Approvals 2","profileType":"selfServeApproval","groups":["HR","Finance","Sales"],"timeOptions": ["Forever", "1h", "8h", "24h"],"applicableToGroup":"Everyone","approverGroup":"IT"}],"groupPermissions":{"Prod":"Admin"}}'
For setting up with secret, see setup with secret
For setting up with https/ingress, see setup with ingress
NodeJS 18+ required
- Clone the latest tg group profile manager
git clone https://github.com/Twingate-Labs/tg-group-profile-manager.git
cd tg-group-profile-manager
- Update
tg-group-profile-manager.conf
with the configuration values described in the README - Copy the updated
tg-group-profile-manager.conf
to the file.env
- Run
npm install
- Run
node app.mjs
- Now you should have the Slackbot running on port 8080