From 3394c635353db1903324b4fe642a023ddc515c63 Mon Sep 17 00:00:00 2001 From: Jonas Juselius Date: Fri, 9 Feb 2024 18:58:57 +0100 Subject: [PATCH] fix: fix/update atlantis host and cluster manifests --- .../host-manifests/allow-loft-analytics.yaml | 12 ---------- .../cnp.yaml} | 7 +++++- .../manifests/allow-atlantis-services.yaml | 23 ------------------- .../atlantis/manifests/allow-external-s3.yaml | 12 ---------- .../atlantis/manifests/dapr-tracing.yaml | 14 ----------- 5 files changed, 6 insertions(+), 62 deletions(-) delete mode 100644 resources/atlantis/host-manifests/allow-loft-analytics.yaml rename resources/atlantis/{manifests/allow-external-services.yaml => host-manifests/cnp.yaml} (65%) delete mode 100644 resources/atlantis/manifests/allow-atlantis-services.yaml delete mode 100644 resources/atlantis/manifests/allow-external-s3.yaml diff --git a/resources/atlantis/host-manifests/allow-loft-analytics.yaml b/resources/atlantis/host-manifests/allow-loft-analytics.yaml deleted file mode 100644 index 9731785d..00000000 --- a/resources/atlantis/host-manifests/allow-loft-analytics.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: cilium.io/v2 -kind: CiliumNetworkPolicy -metadata: - name: allow-loft-analytics - namespace: atlantis -spec: - egress: - - toFQDNs: - - matchName: analytics.loft.rocks - endpointSelector: - matchLabels: - app: vcluster diff --git a/resources/atlantis/manifests/allow-external-services.yaml b/resources/atlantis/host-manifests/cnp.yaml similarity index 65% rename from resources/atlantis/manifests/allow-external-services.yaml rename to resources/atlantis/host-manifests/cnp.yaml index abc69ebe..cd818756 100644 --- a/resources/atlantis/manifests/allow-external-services.yaml +++ b/resources/atlantis/host-manifests/cnp.yaml @@ -2,11 +2,16 @@ apiVersion: cilium.io/v2 kind: CiliumNetworkPolicy metadata: name: allow-external-services + namespace: atlantis spec: egress: - toFQDNs: + - matchName: api.github.com + - matchName: dapr.github.io - matchName: gitlab.com - matchPattern: '*.gitlab.com' - - matchName: api.github.com + - matchPattern: "*.k1.itpartner.no" + - matchName: analytics.loft.rocks endpointSelector: matchLabels: {} + diff --git a/resources/atlantis/manifests/allow-atlantis-services.yaml b/resources/atlantis/manifests/allow-atlantis-services.yaml deleted file mode 100644 index fefb846a..00000000 --- a/resources/atlantis/manifests/allow-atlantis-services.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: cilium.io/v2 -kind: CiliumNetworkPolicy -metadata: - name: allow-atlantis-services - namespace: atlantis -spec: - egress: - - toEndpoints: - - matchLabels: - "k8s:io.kubernetes.pod.namespace": dapr-system - - toEndpoints: - - matchLabels: - "k8s:io.kubernetes.pod.namespace": redis - - toEndpoints: - - matchLabels: - "k8s:io.kubernetes.pod.namespace": rabbitmq - - toEndpoints: - - matchLabels: - "k8s:io.kubernetes.pod.namespace": jaeger - endpointSelector: - matchLabels: {} - - diff --git a/resources/atlantis/manifests/allow-external-s3.yaml b/resources/atlantis/manifests/allow-external-s3.yaml deleted file mode 100644 index 3f1696f2..00000000 --- a/resources/atlantis/manifests/allow-external-s3.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: cilium.io/v2 -kind: CiliumNetworkPolicy -metadata: - name: allow-external-s3 - namespace: atlantis -spec: - egress: - - toFQDNs: - - matchName: s3.k1.itpartner.no - endpointSelector: - matchLabels: {} - diff --git a/resources/atlantis/manifests/dapr-tracing.yaml b/resources/atlantis/manifests/dapr-tracing.yaml index 50aed714..004b98a2 100644 --- a/resources/atlantis/manifests/dapr-tracing.yaml +++ b/resources/atlantis/manifests/dapr-tracing.yaml @@ -1,17 +1,3 @@ -apiVersion: jaegertracing.io/v1 -kind: "Jaeger" -metadata: - name: jaeger -spec: - strategy: allInOne - ingress: - enabled: false - allInOne: - image: jaegertracing/all-in-one:1.22 - options: - query: - base-path: /jaeger ---- apiVersion: dapr.io/v1alpha1 kind: Configuration metadata: