From 0f59ecfb91812602c5cba18e2bde8e65bdda0326 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Fri, 17 Feb 2023 23:19:02 +0100
Subject: [PATCH] drop(starboard): Remove starboard setup from cluster

---
 docs/src/components/starboard.md            |  1 -
 infrastructure/kustomization.yaml           |  1 -
 infrastructure/starboard/README.md          | 18 ------
 infrastructure/starboard/kustomization.yaml | 12 ----
 infrastructure/starboard/monitoring.yaml    | 28 ----------
 infrastructure/starboard/namespace.yaml     | 12 ----
 infrastructure/starboard/networkpolicy.yaml | 12 ----
 infrastructure/starboard/release.yaml       | 61 ---------------------
 infrastructure/starboard/repository.yaml    |  8 ---
 9 files changed, 153 deletions(-)
 delete mode 120000 docs/src/components/starboard.md
 delete mode 100644 infrastructure/starboard/README.md
 delete mode 100644 infrastructure/starboard/kustomization.yaml
 delete mode 100644 infrastructure/starboard/monitoring.yaml
 delete mode 100644 infrastructure/starboard/namespace.yaml
 delete mode 100644 infrastructure/starboard/networkpolicy.yaml
 delete mode 100644 infrastructure/starboard/release.yaml
 delete mode 100644 infrastructure/starboard/repository.yaml

diff --git a/docs/src/components/starboard.md b/docs/src/components/starboard.md
deleted file mode 120000
index 2230c00d2..000000000
--- a/docs/src/components/starboard.md
+++ /dev/null
@@ -1 +0,0 @@
-../../../infrastructure/starboard/README.md
\ No newline at end of file
diff --git a/infrastructure/kustomization.yaml b/infrastructure/kustomization.yaml
index 4b9b4c54f..8cd1c6def 100644
--- a/infrastructure/kustomization.yaml
+++ b/infrastructure/kustomization.yaml
@@ -16,4 +16,3 @@ resources:
   - k8up
   - postgres
   - kubenav
-  - starboard
diff --git a/infrastructure/starboard/README.md b/infrastructure/starboard/README.md
deleted file mode 100644
index a63484575..000000000
--- a/infrastructure/starboard/README.md
+++ /dev/null
@@ -1,18 +0,0 @@
-Starboard
-===
-
-Operator to create and manage automated container image scans for all containers deployed in the cluster, this helps to provide visibility for potential security issues and makes it easy to identify containers and deployments affected by CVEs.
-
-This particular installation utilises a trivy-server setup, that reduces the times to download the vulnerability database, making it API limit friendlier.
-
-Links
----
-
-- [Starboard Docs](https://aquasecurity.github.io/starboard/v0.15.4/)
-- [Starboard Helm Chart](https://github.com/aquasecurity/starboard/tree/main/deploy/helm)
-- [Starboard Source Code](https://github.com/aquasecurity/starboard/)
-- [Starboard Help Forum](https://github.com/aquasecurity/starboard//discussions)
-- [Trivy Docs](https://aquasecurity.github.io/trivy/v0.25.4/)
-- [Trivy Helm Chart](https://github.com/aquasecurity/trivy/tree/main/helm/trivy)
-- [Trivy Source Code](https://github.com/aquasecurity/trivy/)
-- [Trivy Help Forum](https://github.com/aquasecurity/trivy/discussions)
diff --git a/infrastructure/starboard/kustomization.yaml b/infrastructure/starboard/kustomization.yaml
deleted file mode 100644
index cbeaece97..000000000
--- a/infrastructure/starboard/kustomization.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: starboard-system
-resources:
-  - namespace.yaml
-  - repository.yaml
-  - release.yaml
-  - monitoring.yaml
-  - ../../shared/networkpolicies/allow-from-same-namespace.yaml
-  - ../../shared/networkpolicies/allow-from-monitoring.yaml
-patchesStrategicMerge:
-  - networkpolicy.yaml
diff --git a/infrastructure/starboard/monitoring.yaml b/infrastructure/starboard/monitoring.yaml
deleted file mode 100644
index 9f036d0e6..000000000
--- a/infrastructure/starboard/monitoring.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1beta1
-kind: HelmRepository
-metadata:
-  name: giantswarm
-  namespace: starboard-system
-spec:
-  interval: 30m
-  url: https://giantswarm.github.io/giantswarm-catalog
----
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: starboard-exporter
-  namespace: starboard-system
-spec:
-  releaseName: starboard-exporter
-  chart:
-    spec:
-      chart: starboard-exporter
-      sourceRef:
-        kind: HelmRepository
-        name: giantswarm
-        namespace: starboard-system
-      version: 0.7.1
-  interval: 5m
-  values:
-    networkpolicy:
-      enabled: false
diff --git a/infrastructure/starboard/namespace.yaml b/infrastructure/starboard/namespace.yaml
deleted file mode 100644
index 3523645ab..000000000
--- a/infrastructure/starboard/namespace.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: starboard-system
-  labels:
-    pod-security.kubernetes.io/audit: restricted
-    pod-security.kubernetes.io/enforce: baseline
-    pod-security.kubernetes.io/warn: restricted
-    pod-security.kubernetes.io/audit-version: v1.23
-    pod-security.kubernetes.io/enforce-version: v1.23
-    pod-security.kubernetes.io/warn-version: v1.23
-    kyverno.shivering-isles.com/class: "system"
diff --git a/infrastructure/starboard/networkpolicy.yaml b/infrastructure/starboard/networkpolicy.yaml
deleted file mode 100644
index ccec8a45b..000000000
--- a/infrastructure/starboard/networkpolicy.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: allow-from-monitoring
-spec:
-  podSelector:
-    matchExpressions:
-      - key: app.kubernetes.io/name
-        operator: In
-        values:
-          - starboard-exporter
diff --git a/infrastructure/starboard/release.yaml b/infrastructure/starboard/release.yaml
deleted file mode 100644
index a068e51c5..000000000
--- a/infrastructure/starboard/release.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: starboard-operator
-  namespace: starboard-system
-spec:
-  releaseName: starboard-operator
-  chart:
-    spec:
-      chart: starboard-operator
-      sourceRef:
-        kind: HelmRepository
-        name: aqua
-        namespace: starboard-system
-      version: 0.10.10
-  interval: 5m
-  install:
-    crds: CreateReplace
-  upgrade:
-    crds: CreateReplace
-  valuesFrom:
-    - kind: ConfigMap
-      name: starboard-base-values
-      valuesKey: values.yaml
-    - kind: Secret
-      name: starboard-override-values
-      valuesKey: values-overrides.yaml
-      optional: true
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: starboard-base-values
-  namespace: starboard-system
-data:
-  values.yaml: |
-    operator:
-      vulnerabilityScannerScanOnlyCurrentRevisions: true
-      clusterComplianceEnabled: false
-      kubernetesBenchmarkEnabled: false
-    trivy:
-      mode: ClientServer
-      ignoreUnfixed: false
-      serverURL: "http://trivy:4954"
----
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: trivy
-  namespace: starboard-system
-spec:
-  releaseName: trivy
-  chart:
-    spec:
-      chart: trivy
-      sourceRef:
-        kind: HelmRepository
-        name: aqua
-        namespace: starboard-system
-      version: 0.5.0
-  interval: 5m
diff --git a/infrastructure/starboard/repository.yaml b/infrastructure/starboard/repository.yaml
deleted file mode 100644
index 7ab68f8d6..000000000
--- a/infrastructure/starboard/repository.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1beta1
-kind: HelmRepository
-metadata:
-  name: aqua
-  namespace: starboard-system
-spec:
-  interval: 30m
-  url: https://aquasecurity.github.io/helm-charts/
-- 
GitLab