chore: remove ingress-nginx app

core.yaml

@@ -19,6 +19,7 @@ k8s:
       app: harbor
     - name: apl-harbor-operator
       disableIstioInjection: true
+    - name: git-server
     - name: gitea
     - name: apl-gitea-operator
       disableIstioInjection: true
@@ -28,14 +29,6 @@ k8s:
       app: grafana
     - name: istio-system
       disableIstioInjection: true
-      labels:
-        'apl.io/ingress-controller-scope': 'true'
-    - name: ingress
-      # disabling istio sidecar as it does not preserve client ip (yet)
-      # TODO: enable once it does
-      disableIstioInjection: true
-      labels:
-        'apl.io/ingress-controller-scope': 'true'
     - name: keycloak
     - name: apl-keycloak-operator
       disableIstioInjection: true
@@ -58,6 +51,8 @@ k8s:
     - name: kyverno
       app: kyverno
       disableIstioInjection: true
+    - name: tekton-dashboard
+      app: tekton-pipelines
     - name: tekton-pipelines
       disableIstioInjection: true
       disablePolicyChecks: true
@@ -87,6 +82,11 @@ k8s:
       disablePolicyChecks: true
     - name: sealed-secrets
       app: sealed-secrets
+    - name: external-secrets
+      app: external-secrets
+      disableIstioInjection: true
+    - name: apl-secrets
+      disableIstioInjection: true
     - name: policy-reporter
       app: policy-reporter
       disablePolicyChecks: true
@@ -97,22 +97,10 @@ adminApps:
     tags: [alerting, observability]
     deps: [prometheus]
     ownHost: true
-    ingress:
-      - svc: po-alertmanager
-        namespace: monitoring
-        # namespace: alertmanager
-        port: 9093
-        type: public
-        auth: true
   - name: argocd
     tags: [cicd, gitops]
     isShared: true
     ownHost: true
-    ingress:
-      - svc: argocd-server
-        namespace: argocd
-        type: public
-        auth: true
   - name: cert-manager
     tags: [ingress, security, tls]
   - name: cnpg
@@ -121,146 +109,65 @@ adminApps:
     tags: [tty]
     isShared: true
     ownHost: true
-    ingress:
-      - svc: tty
-        # virtual service is not going to be used.
-        namespace: ingress
-        type: public
-        auth: true
   - name: external-dns
     tags: [ingress, security, tls]
   - name: gitea
     tags: [git]
     isShared: true
     ownHost: true
     path: /user/oauth2/otomi-idp
-    ingress:
-      - namespace: gitea
-        svc: gitea-http
-        port: 3000
-        type: public
   - name: grafana
     tags: [tracing, telemetry, observability]
     deps: [prometheus]
     path: /dashboards
     ownHost: true
-    ingress:
-      - svc: po-grafana
-        namespace: grafana
-        removeRequestHeaders:
-          - authorization
-        type: public
-        auth: true
   - name: harbor
     tags: [security]
     isShared: true
     ownHost: true
-    ingress:
-      - svc: harbor-portal
-        namespace: harbor
-        type: public
-        auth: true
-      - svc: harbor-core
-        namespace: harbor
-        paths: [/api/, /c/]
-        forwardPath: true
-        type: public
-        auth: true
-      - svc: harbor-core
-        namespace: harbor
-        paths: [/chartrepo/, /service/, /v1/, /v2/]
-        forwardPath: true
-        type: public
-        hasOwnIngress: true
   - name: hello
     hide: true
     tags: [demo]
-  - name: ingress-nginx
-    tags: [ingress, auth]
   - name: istio
     tags: [ingress, egress, routing, security, tls, observability, policies]
   - name: keycloak
     path: /admin/otomi/console/
     tags: [auth, sso]
-    # isShared: true
     ownHost: true
-    ingress:
-      - namespace: keycloak
-        svc: keycloak-keycloakx-http
-        type: public
-        port: 8080
   - name: knative
     tags: [serverless, functions]
     deps: [istio]
   - name: kubeflow-pipelines
     tags: [ai, ml]
     ownHost: true
     isShared: true
-    ingress:
-      - svc: ml-pipeline-ui
-        namespace: kfp
-        port: 80
-        type: public
-        auth: true
   - name: kserve
     tags: [ai]
   - name: tekton
     tags: [buildpacks, ci, pipelines]
     ownHost: true
     path: /#/namespaces/team-admin/pipelineruns
-    ingress:
-      - svc: tekton-dashboard
-        namespace: tekton-pipelines
-        port: 9097
-        type: public
-        auth: true
-        removeRequestHeaders:
-          - authorization
   - name: loki
     tags: [logging, telemetry, observability]
-    deps: [grafana, prometheus]
+    deps: [grafana, prometheus, otel]
     useHost: grafana
     path: /explore?orgId=1&left=%7B"datasource":"loki","queries":%5B%7B"refId":"A"%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D
   - name: console
     hide: true
     isShared: true
     ownHost: true
-    ingress:
-      - svc: otomi-api
-        namespace: otomi
-        paths: [/api/]
-        type: public
-        auth: true
-      - svc: otomi-console
-        namespace: otomi
-        type: public
-        auth: true
   - name: api # Used by any client that do not support cookies
     hide: true
     isShared: true
     ownHost: true
-    ingress:
-      - svc: otomi-api
-        namespace: otomi
-        type: public
-        # RequestAuthentication and AuthorizationPolicy ensure Authorization header validation
-        auth: false
-
   - name: prometheus
     tags: [metrics, observability]
     ownHost: true
-    ingress:
-      - svc: po-prometheus
-        port: 9090
-        namespace: monitoring
-        # namespace: prometheus
-        type: public
-        auth: true
   - name: sealed-secrets
     tags: [secrets, security, observability]
     ownHost: true
   - name: otel
-    tags: [tracing]
+    tags: [logging, tracing]
   - name: trivy
     tags: [security]
     deps: [prometheus, grafana]
@@ -273,33 +180,11 @@ teamApps:
   - name: alertmanager
     ownHost: true
     path: /#/alerts?silenced=false&inhibited=false&active=true&filter=%7Bnamespace%3D"team-#TEAM#"%7D
-    ingress:
-      - svc: po-alertmanager
-        hasPrefix: true
-        port: 9093
-        type: public
-        auth: true
   - name: grafana
     ownHost: true
     path: /dashboards
-    ingress:
-      - svc: po-grafana
-        hasPrefix: true
-        forwardPath: true
-        removeRequestHeaders:
-          - authorization
-        type: public
-        auth: true
   - name: loki
     useHost: grafana
     path: /explore?orgId=1&left=%7B"datasource":"loki","queries":%5B%7B"refId":"A","expr":"","queryType":"range","datasource":%7B"type":"loki","uid":"loki"%7D%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D
   - name: tekton
     ownHost: true
-    ingress:
-      - svc: tekton-dashboard
-        hasPrefix: true
-        port: 9097
-        type: public
-        auth: true
-        removeRequestHeaders:
-          - authorization

src/components/App.tsx

@@ -114,9 +114,7 @@ export default function App({ id, teamId, enabled, values: inValues, managed, on
   }, [inValues])
 
   // END HOOKS
-  const appSchema = id.startsWith('ingress-nginx')
-    ? (session.valuesSchema as ValuesSchema).properties.apps.properties['ingress-nginx-platform']
-    : (session.valuesSchema as ValuesSchema).properties.apps.properties[id]
+  const appSchema = (session.valuesSchema as ValuesSchema).properties.apps.properties[id]
   const valuesYaml = isEqual(values, {}) ? '' : YAML.stringify(values)
   const isAdminApps = teamId === 'admin'
 

src/utils/data.ts

@@ -3,7 +3,7 @@ import { JSONSchema7 } from 'json-schema'
 import { cloneDeep, find, isArray, isEmpty, isEqual, isPlainObject, transform } from 'lodash'
 import { GetSessionApiResponse } from 'redux/otomiApi'
 import { sentenceCase as sentenceCaseOrig } from 'change-case'
-import { getAppSchemaName, getCoreAppId } from './schema'
+import { getAppSchemaName } from './schema'
 
 export type CleanOptions = {
   cleanKeys?: any[]
@@ -149,9 +149,9 @@ export const getAppData = (
 
   // get the core app
   const apps = getApps(session, teamId)
-  const coreAppId = getCoreAppId(appId)
+  const coreAppId: string = appId
   const coreApp = find(apps, { name: coreAppId })
-  const { useHost, ingress, isShared, path } = coreApp
+  const { useHost, ownHost, isShared, path } = coreApp
   // bundle the shortcuts
   const coreShortcuts = coreApp.shortcuts ?? []
   const mergedShortcuts = ownShortcuts.length ? [...coreShortcuts, ...ownShortcuts] : coreShortcuts
@@ -189,9 +189,9 @@ export const getAppData = (
     logoAlt: `${coreAppId}_logo${logoAltSuffix}.svg`,
     appInfo: appsInfo[coreAppId],
     schema,
-    externalUrl: ingress || useHost ? `${baseUrl}${path ? rePlace(path, teamId) : '/'}` : undefined,
+    externalUrl: ownHost || useHost ? `${baseUrl}${path ? rePlace(path, teamId) : '/'}` : undefined,
     shortcuts: substShortcuts,
-    hasShortcuts: !!ingress || useHost,
+    hasShortcuts: ownHost || useHost,
     isDeprecated,
     isBeta,
     isAlpha,

src/utils/schema.ts

@@ -4,14 +4,8 @@ import { cloneDeep, each, get, set, unset } from 'lodash'
 
 const getHolderPath = (p) => (p.includes('.') ? p.substr(0, p.lastIndexOf('.')) : p)
 
-export const getCoreAppId = (appId): string => {
-  let id: string = appId
-  if (appId.startsWith('ingress-nginx')) id = 'ingress-nginx'
-  return id
-}
-
 export const getAppSchemaName = (appId: string): string => {
-  return `${pascalCase(getCoreAppId(appId))}`
+  return `${pascalCase(appId)}`
 }
 
 export function getStrict(obj: Record<string, any>, path: string, def: any = undefined) {