fix: add acl.json to new atlantis deployment

acl.json

@@ -1 +0,0 @@
-values/petimeter/manifests/acl.json

values/atlantis/base/acl.json

@@ -0,0 +1,331 @@
+[
+    {
+        "domain": "oceanbox.io",
+        "access": [
+            {
+                "matching": ".*@oceanbox.io",
+                "group": "/oceanbox",
+                "roles": [ "admin" ],
+                "capabilities": [
+                    "run:*"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "salmar.no",
+        "access": [
+            {
+                "matching": ".*@salmar.no",
+                "group": "/salmar",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "leroy.no",
+        "access": [
+            {
+                "matching": "karstein@leroy.no",
+                "group": "/oceanbox",
+                "roles": [ "admin" ],
+                "capabilities": [ "run:*" ]
+            },
+            {
+                "matching": ".*@leroy.no",
+                "group": "/leroy",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "serit.no",
+        "access": [
+            {
+                "matching": ".*@tromso.serit.no",
+                "group": "/oceanbox",
+                "roles": [ "admin" ],
+                "capabilities": []
+            }
+        ]
+    },
+    {
+        "domain": "aqua-kompetanse.no",
+        "access": [
+            {
+                "matching": ".*@aqua-kompetanse.no",
+                "group": "/aqua-kompetanse",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "kelpinor.no",
+        "access": [
+            {
+                "matching": ".*@kelpinor.no",
+                "group": "/kelpinor",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "bkmanimalhealth.com",
+        "access": [
+            {
+                "matching": ".*@bkmanimalhealth.com",
+                "group": "/bkmanimalhealth",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "uio.no",
+        "access": [
+            {
+                "matching": ".*@geo.uio.no",
+                "group": "/demo",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "nord.no",
+        "access": [
+            {
+                "matching": ".*@.*.nord.no",
+                "group": "/uni-nord",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "argusmiljo.no",
+        "access": [
+            {
+                "matching": ".*@argusmiljo.no",
+                "group": "/argusmiljo",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "bakkafrost.com",
+        "access": [
+            {
+                "matching": ".*@bakkafrost.com",
+                "group": "/bakkafrost",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "multiconsult.no",
+        "access": [
+            {
+                "matching": ".*@multiconsult.no",
+                "group": "/multiconsult",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "kpmg.no",
+        "access": [
+            {
+                "matching": ".*@kpmg.no",
+                "group": "/kpmg",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "synfaring.no",
+        "access": [
+            {
+                "matching": ".*@synfaring.no",
+                "group": "/synfaring",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "boehareide.no",
+        "access": [
+            {
+                "matching": ".*@boehareide.no",
+                "group": "/boehareide",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "sinkaberg.no",
+        "access": [
+            {
+                "matching": ".*@sinkaberg.no",
+                "group": "/sinkaberg",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "akerbla.no",
+        "access": [
+            {
+                "matching": ".*@akerbla.no",
+                "group": "/akerbla",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "nr.no",
+        "access": [
+            {
+                "matching": ".*@nr.no",
+                "group": "/nr",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "sjomatnorge.no",
+        "access": [
+            {
+                "matching": ".*@sjomatnorge.no",
+                "group": "/sjomatnorge",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "tatidentilbake.no",
+        "access": [
+            {
+                "matching": ".*@tatidentilbake.no",
+                "group": "/tatidentilbake",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "oceandata.earth",
+        "access": [
+            {
+                "matching": ".*@oceandata.earth",
+                "group": "/hubocean",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "masoval.no",
+        "access": [
+            {
+                "matching": ".*@masoval.no",
+                "group": "/masoval",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    },
+    {
+        "domain": "gmail.com",
+        "access": [
+            {
+                "matching": "jonas.juselius@gmail.com",
+                "group": "/bakkafrost",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            },
+            {
+                "matching": ".*@gmail.com",
+                "group": "/demo",
+                "roles": [ "user" ],
+                "capabilities": [
+                    "run:transport",
+                    "run:sedimentation"
+                ]
+            }
+        ]
+    }
+]

values/atlantis/base/deployment_patch.yaml

@@ -4,11 +4,19 @@
 - op: replace
   path: /spec/template/spec/containers/0/readinessProbe/httpGet/path
   value: /healthz
-- op: add
-  path: /spec/template/spec/containers/0/env/-
-  value:
-    name: INTRERNAL_PORT
-    value: "8000"
 - op: add
   path: /spec/template/spec/containers/0/envFrom
   value: []
+- op: add
+  path: /spec/template/spec/containers/0/volumeMounts/-
+  value:
+    name: acl
+    mountPath: /app/acl.json
+    subPath: acl.json
+    readOnly: true
+- op: add
+  path: /spec/template/spec/volumes/-
+  value:
+    name: acl
+    configMap:
+      name: petimeter-acl

values/atlantis/base/kustomization.yaml

@@ -1,6 +1,12 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: atlantis
+generatorOptions:
+  disableNameSuffixHash: true
+configmapGenerator:
+- name: petimeter-acl
+  files:
+    - acl.json
 patches:
   - target:
       version: v1
@@ -14,4 +20,4 @@ patches:
     path: ingress_patch.yaml
 resources:
   - _manifest.yaml
-  - defaultbackend.yaml
+  - defaultbackend.yaml

values/atlantis/chart

@@ -1 +0,0 @@
-oceanbox/atlantis