From 2fd0733333a6f16479c0f568e411196ca93ccd29 Mon Sep 17 00:00:00 2001 From: Sheogorath <sheogorath@shivering-isles.com> Date: Mon, 5 Dec 2022 12:59:32 +0000 Subject: [PATCH] chore(hcloud-dynfw): Remove obsolete dynamic firewall This patch removes the namespace for the OVPN firewall reconfiguration, since switching to netbird made this obsolete. --- apps/k8s01/hcloud-dynfw/cronjob.yaml | 27 ---------- apps/k8s01/hcloud-dynfw/kustomization.yaml | 8 --- apps/k8s01/hcloud-dynfw/namespace.yaml | 11 ---- apps/k8s01/hcloud-dynfw/secrets.yaml | 61 ---------------------- 4 files changed, 107 deletions(-) delete mode 100644 apps/k8s01/hcloud-dynfw/cronjob.yaml delete mode 100644 apps/k8s01/hcloud-dynfw/kustomization.yaml delete mode 100644 apps/k8s01/hcloud-dynfw/namespace.yaml delete mode 100644 apps/k8s01/hcloud-dynfw/secrets.yaml diff --git a/apps/k8s01/hcloud-dynfw/cronjob.yaml b/apps/k8s01/hcloud-dynfw/cronjob.yaml deleted file mode 100644 index 23b5f71aa..000000000 --- a/apps/k8s01/hcloud-dynfw/cronjob.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: batch/v1 -kind: CronJob -metadata: - name: dynfw - namespace: hcloud-dynfw -spec: - schedule: "*/15 * * * *" - jobTemplate: - spec: - template: - spec: - containers: - - name: hcloud-dynfw - image: quay.io/sheogorath/hcloud-dynfw:latest - imagePullPolicy: Always - resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 100m - memory: 128Mi - envFrom: - - secretRef: - name: hcloud-dynfw-conf - restartPolicy: OnFailure - automountServiceAccountToken: false diff --git a/apps/k8s01/hcloud-dynfw/kustomization.yaml b/apps/k8s01/hcloud-dynfw/kustomization.yaml deleted file mode 100644 index 5ab14c575..000000000 --- a/apps/k8s01/hcloud-dynfw/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: hcloud-dynfw -resources: - - namespace.yaml - - secrets.yaml - - cronjob.yaml - - ../../../shared/resourcequotas/default.yaml diff --git a/apps/k8s01/hcloud-dynfw/namespace.yaml b/apps/k8s01/hcloud-dynfw/namespace.yaml deleted file mode 100644 index a3422254d..000000000 --- a/apps/k8s01/hcloud-dynfw/namespace.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: hcloud-dynfw - labels: - pod-security.kubernetes.io/audit: restricted - pod-security.kubernetes.io/enforce: baseline - pod-security.kubernetes.io/warn: restricted - pod-security.kubernetes.io/audit-version: v1.23 - pod-security.kubernetes.io/enforce-version: v1.23 - pod-security.kubernetes.io/warn-version: v1.23 diff --git a/apps/k8s01/hcloud-dynfw/secrets.yaml b/apps/k8s01/hcloud-dynfw/secrets.yaml deleted file mode 100644 index 14388fa6a..000000000 --- a/apps/k8s01/hcloud-dynfw/secrets.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: hcloud-dynfw-conf - namespace: hcloud-dynfw -type: Opaque -stringData: - HCLOUD_FIREWALL_ID: ENC[AES256_GCM,data:9pqYdzFR,iv:CmcFX/vDW09Io8lkkQ9xVMXwRzEzSnHQO0YMviGIgcI=,tag:Z5iTE/lMUIaScUcDZMO98g==,type:str] - HCLOUD_TOKEN: ENC[AES256_GCM,data:/zwa6kPuRmbFp+CEeg1dXoN1Hl3mm5oY+X6FJVswxcJRadlkDMWqAhx9PbXOASnh9xCJqJLxZq1dhXgIK66Mdw==,iv:u5MRgLgVbwimyXnahQikyH8H1uedr4ptDH7SSEGQ2vg=,tag:yKw7HRevjW/jbpfzyrHg2w==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2022-03-16T02:22:07Z" - mac: ENC[AES256_GCM,data:HzH3Oo7ZFg2GO4ZCDQGXc2zotY4qbj4e+XeWhkdd+JI6kXdbKYLBfLo73O+SGqMSi7YVabVnQDrs5TBWh21Sa/v7nAF+B7gGLWZfyoPSIFUw9wsDVacsKM+/p3ySRlY5AfCey7d5Bs5rywPNjKLNJcm56wKfwCUMrcfHWTnST0o=,iv:4TiaPEevNWgbyDLeM/odYc7/21u+rvBFOMf6crhjVh8=,tag:zi+FPDj2yHn12ZYtIyh10g==,type:str] - pgp: - - created_at: "2022-03-16T01:58:45Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - wcFMA7kpg2bgzVHcARAAbtZjHI2vzzSaY+jwMCVzn9rjSXpWs+321/KDMzHWOcsM - X1sy+WiuBbyRpoKUsWDerVcEsB15cpQw2qB5PFQIzOx3VwfEdZGG7I1vZqPIToHb - aXzTqZTLXpbkjHT8HmhqvohgROeMjGA3bSWeS7diJ8UpvXFkZDi3sCnXjivNWjk8 - 0oRlUoB5Ted7fgpQwkaIfyjOhyh85ol5tgbhypSMXv0tMEolAFk58+l0LsplS+HY - KuPrYet0+vSqrKaODXroPkf7COWrhmhrKXppmKXk45ayba1NNLD1dPXPh69q9Cgn - ozkTj4fmVCdREzGmp+gWypZ/pLzqDqeEaKzRBeZnJS3IqqmIkQ9XH9mg0JaOS66d - mAy7f/Oe49tzmWA4mFdQerTALau6B9lzPwngjkvvERI9fwWPSUNpDEgleGfrCsar - OLjeBRtGcPPSrRQo/6k0ZkXjZQka4j2ZdXTpBnuWqn1gY+R0xSTqTWVYuug53RxF - D5KzlQiO2jJnweniHyAsrYlkNfQUa/GS0Ik7c7Ks3Yt0TbeaMBlniXJ/lwbXFfhj - aDA9ml9N3NRp5rYF/bpY9b6DYVn/K7XZ0WxkfePNk421mj/7et4uOLT3YrAbpA0R - 3FxvAS4Ri0uGIyHcdrautHm7t9WbfcM5/2PUyVVu+VpmVZ5ZhSFJ9tUbx1QT0ArS - 5gFOrQsNXQKHuEwToVJB8kWiRyV/n/7MS5jyX8/39Ydo68Mp4fSqwxAAFq7ZzYgb - yFDLIodjBPHfDXGJGPptg3vkYhZ/VVtai0IobuH/hjWV++Iul6j2AA== - =k0hG - -----END PGP MESSAGE----- - fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601 - - created_at: "2022-03-16T01:58:45Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA4oYbIHZIrAPARAAoMwSLDy35njoKwNFJMYflIo3tcWsKsURcdaDeQDKx3D3 - i0eNms3597QXPEVuLxMgHz94wYUdudwU5v7lS6BCVwS8ROI2uMMGCK3Gnrcpp0EO - KfoI4GGVf75LawDahPh5SD6lrhQCj2uHMqzakHYRjnvtgzi1FJxnq7RnbM00+MPc - haLsKKfy1Z4pHcF18QEcMnmaST2U/ue8wYGneiyM+A0CX0Ht1ScCaon3aFXuzNEP - XaDFqGUgI0gXufdx5d1bPQGjZ9JyJ5l8NxK3vWmYD/xTOzJJ1hXjHBI22PCWKgn1 - ZfopDNDnNjpCexOlewTPDTDAntOyOJ0EhWM1q/Kfq+GNpvr4R+kiRZ9mvAwj98Pu - bgWnq4IFxWJz7FUjE97k1BQadAXhZvcQJeGGrfPzazsVMiwR8yBMwv/DtGQZVos9 - Xra0TzXVzN0DPuyN0YXlmn50QxdtzfC/+Q/4AK8bagdLSOd9dE5n8kCXPZnnTZv4 - V3X16Al6T4BwWxE7yDzbik081rk5iMPuTLKvJOZpFWpzK1zQr514XQpJQrw+igiM - AmJvH7YBokC5Z+yUZ1dGNhTBV9OMlI1+LbViVH0jE4Cyin3Ru4z2kp8sWeW/RTcT - wQxRqWBkn5/tqfOVY+b6xS1FJb+cLYjIbbk1Y40A68GgOE+F2hR/bMnEdyYveYLU - aAEJAhA30UjmGpqRkgRu0QMdAGL7a+MZcTLsc6GjW4fQNIizPUj2g+MqDJ3stF5x - TDtUiappORuls3BkP5nidiArunY/+SeQzFrjofvSdP+81CLUmhva4886UWVCyiW/ - tP9e91SJ1gLq - =xx7Y - -----END PGP MESSAGE----- - fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07 - encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang|externalURL|.*-secret|.*-url|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey)$ - version: 3.7.1 -- GitLab