AB#2635: Deploy Konnectivity via Helm

cli/internal/helm/testdata/QEMU/constellation-services/charts/konnectivity/templates/clusterrolebinding.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    addonmanager.kubernetes.io/mode: Reconcile
+    kubernetes.io/cluster-service: "true"
+  name: system:konnectivity-server
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:auth-delegator
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: User
+  name: system:konnectivity-server

cli/internal/helm/testdata/QEMU/constellation-services/charts/konnectivity/templates/daemonset.yaml

@@ -0,0 +1,76 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  labels:
+    addonmanager.kubernetes.io/mode: Reconcile
+    k8s-app: konnectivity-agent
+  name: konnectivity-agent
+  namespace: testNamespace
+spec:
+  selector:
+    matchLabels:
+      k8s-app: konnectivity-agent
+  template:
+    metadata:
+      labels:
+        k8s-app: konnectivity-agent
+    spec:
+      containers:
+      - args:
+        - --logtostderr=true
+        - --proxy-server-host=127.0.0.1
+        - --ca-cert=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        - --proxy-server-port=8132
+        - --admin-server-port=8133
+        - --health-server-port=8134
+        - --service-account-token-path=/var/run/secrets/tokens/konnectivity-agent-token
+        - --agent-identifiers=host=$(HOST_IP)
+        - --sync-forever=true
+        - --keepalive-time=60m
+        - --sync-interval=5s
+        - --sync-interval-cap=30s
+        - --probe-interval=5s
+        - --v=3
+        command:
+        - /proxy-agent
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: status.hostIP
+        image: 
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: 8134
+          initialDelaySeconds: 15
+          timeoutSeconds: 15
+        name: konnectivity-agent
+        resources: {}
+        volumeMounts:
+        - mountPath: /var/run/secrets/tokens
+          name: konnectivity-agent-token
+          readOnly: true
+      priorityClassName: system-cluster-critical
+      serviceAccountName: konnectivity-agent
+      tolerations:
+      - effect: NoSchedule
+        key: node-role.kubernetes.io/master
+        operator: Exists
+      - effect: NoSchedule
+        key: node-role.kubernetes.io/control-plane
+        operator: Exists
+      - key: CriticalAddonsOnly
+        operator: Exists
+      - effect: NoExecute
+        key: node.kubernetes.io/not-ready
+        operator: Exists
+      volumes:
+      - name: konnectivity-agent-token
+        projected:
+          sources:
+          - serviceAccountToken:
+              audience: system:konnectivity-server
+              path: konnectivity-agent-token
+  updateStrategy: {}

cli/internal/helm/testdata/QEMU/constellation-services/charts/konnectivity/templates/serviceaccount.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    addonmanager.kubernetes.io/mode: Reconcile
+    kubernetes.io/cluster-service: "true"
+  name: konnectivity-agent
+  namespace: testNamespace