From 332d835563040b1fe3c46064058c5fb109cc0dd5 Mon Sep 17 00:00:00 2001 From: bhargav joshi Date: Thu, 21 Mar 2024 16:48:23 -0400 Subject: [PATCH] Delete kubernetes/jenkins/ambassador directory Remove CVE found in synk --- .../ambassador/ambassador-rbac-public.yaml | 118 ------------------ .../ambassador/ambassador-service.yaml | 22 ---- 2 files changed, 140 deletions(-) delete mode 100644 kubernetes/jenkins/ambassador/ambassador-rbac-public.yaml delete mode 100644 kubernetes/jenkins/ambassador/ambassador-service.yaml diff --git a/kubernetes/jenkins/ambassador/ambassador-rbac-public.yaml b/kubernetes/jenkins/ambassador/ambassador-rbac-public.yaml deleted file mode 100644 index 1614b7c296..0000000000 --- a/kubernetes/jenkins/ambassador/ambassador-rbac-public.yaml +++ /dev/null @@ -1,118 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - labels: - service: ambassador-admin - name: ambassador-admin - namespace: jenkins-system - annotations: - getambassador.io/config: | - --- - apiVersion: ambassador/v0 - kind: Module - name: ambassador - config: - ambassador_id: ambassador-jenkins-3 -spec: - type: NodePort - ports: - - name: ambassador-admin - port: 8877 - targetPort: 8877 - nodePort: 30301 - selector: - service: ambassador ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: ambassador-jenkins - namespace: jenkins-system -rules: -- apiGroups: [""] - resources: - - services - verbs: ["get", "list", "watch"] -- apiGroups: [""] - resources: - - configmaps - verbs: ["create", "update", "patch", "get", "list", "watch"] -- apiGroups: [""] - resources: - - secrets - verbs: ["get", "list", "watch"] ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ambassador - namespace: jenkins-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: ambassador-jenkins - namespace: jenkins-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: ambassador -subjects: -- kind: ServiceAccount - name: ambassador - namespace: jenkins-system ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: ambassador-jenkins - namespace: jenkins-system -spec: - replicas: 1 - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - service: ambassador - spec: - serviceAccountName: ambassador - containers: - - name: ambassador - image: quay.io/datawire/ambassador:0.40.2 - resources: - limits: - cpu: 1 - memory: 400Mi - requests: - cpu: 200m - memory: 100Mi - env: - - name: AMBASSADOR_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: AMBASSADOR_ID - value: ambassador-jenkins-3 - livenessProbe: - httpGet: - path: /ambassador/v0/check_alive - port: 8877 - initialDelaySeconds: 30 - periodSeconds: 3 - readinessProbe: - httpGet: - path: /ambassador/v0/check_ready - port: 8877 - initialDelaySeconds: 30 - periodSeconds: 3 -# - name: statsd -# image: quay.io/datawire/statsd:0.39.0 - restartPolicy: Always - nodeSelector: - kubernetes.dcos.io/node-type: public - tolerations: - - key: "node-type.kubernetes.dcos.io/public" - operator: "Exists" - effect: "NoSchedule" diff --git a/kubernetes/jenkins/ambassador/ambassador-service.yaml b/kubernetes/jenkins/ambassador/ambassador-service.yaml deleted file mode 100644 index d855474edf..0000000000 --- a/kubernetes/jenkins/ambassador/ambassador-service.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: ambassador - namespace: jenkins-system - labels: - app: ambassador - annotations: - getambassador.io/config: | - --- - apiVersion: ambassador/v0 - kind: Module - name: ambassador - cofig: - ambassador_id: ambassador-jenkins-3 -spec: - type: NodePort - ports: - - port: 80 - nodePort: 30300 - selector: - service: ambassador