Remove setting up network policies from clamav module

GSA-TTS · Dec 2, 2024 · 16c3e87 · 16c3e87
1 parent 7153e77
commit 16c3e87
Show file tree

Hide file tree

Showing 5 changed files with 0 additions and 43 deletions.
diff --git a/README.md b/README.md
@@ -102,7 +102,6 @@ module "clamav" {
 
   cf_org_name    = local.cf_org_name
   cf_space_name  = local.cf_space_name
-  app_name       = "app_name"
   name           = "my_clamav_name"
   clamav_image   = "ghcr.io/gsa-tts/clamav-rest/clamav:TAG_NAME"
   max_file_size  = "30M"

diff --git a/clamav/main.tf b/clamav/main.tf
@@ -2,12 +2,6 @@ locals {
   endpoint = "${var.name}.apps.internal"
 }
 
-data "cloudfoundry_app" "app" {
-  name       = var.app_name
-  org_name   = var.cf_org_name
-  space_name = var.cf_space_name
-}
-
 resource "cloudfoundry_app" "clamav_api" {
   name       = var.name
   space_name = var.cf_space_name
@@ -35,12 +29,3 @@ resource "cloudfoundry_app" "clamav_api" {
     MAX_FILE_SIZE                                                                  = var.max_file_size
   }
 }
-
-resource "cloudfoundry_network_policy" "clamav_routing" {
-  provider = cloudfoundry-community
-  policy {
-    source_app      = data.cloudfoundry_app.app.id
-    destination_app = cloudfoundry_app.clamav_api.id
-    port            = "61443"
-  }
-}
diff --git a/clamav/providers.tf b/clamav/providers.tf
@@ -5,10 +5,5 @@ terraform {
       source  = "cloudfoundry/cloudfoundry"
       version = ">=1.1.0"
     }
-
-    cloudfoundry-community = {
-      source  = "cloudfoundry-community/cloudfoundry"
-      version = ">=0.53.1"
-    }
   }
 }
diff --git a/clamav/tests/creation.tftest.hcl b/clamav/tests/creation.tftest.hcl
@@ -1,10 +1,8 @@
 mock_provider "cloudfoundry" {}
-mock_provider "cloudfoundry-community" {}
 
 variables {
   cf_org_name   = "gsa-tts-devtools-prototyping"
   cf_space_name = "terraform-cloudgov-ci-tests"
-  app_name      = "terraform_cloudgov_app"
   name          = "terraform-cloudgov-clamav-test"
   clamav_image  = "ghcr.io/gsa-tts/clamav-rest/clamav:TAG"
   max_file_size = "30M"
@@ -60,21 +58,6 @@ run "test_app_creation" {
     condition     = lookup(cloudfoundry_app.clamav_api.environment, "PROXY_PASSWORD", null) == null
     error_message = "Does not set the PROXY_PASSWORD environment by default"
   }
-
-  assert {
-    condition     = [for policy in cloudfoundry_network_policy.clamav_routing.policy : policy.source_app] == [data.cloudfoundry_app.app.id]
-    error_message = "Routing policy allows traffic from the source app"
-  }
-
-  assert {
-    condition     = [for policy in cloudfoundry_network_policy.clamav_routing.policy : policy.destination_app] == [cloudfoundry_app.clamav_api.id]
-    error_message = "Routing policy allows traffic to the clamav app"
-  }
-
-  assert {
-    condition     = [for policy in cloudfoundry_network_policy.clamav_routing.policy : policy.port] == ["61443"]
-    error_message = "Routing policy opens up traffic on the internal https port"
-  }
 }
 
 run "test_with_proxy" {

diff --git a/clamav/variables.tf b/clamav/variables.tf
@@ -8,11 +8,6 @@ variable "cf_space_name" {
   description = "cloud.gov space name"
 }
 
-variable "app_name" {
-  type        = string
-  description = "base application name to allow routing to the clamav app"
-}
-
 variable "name" {
   type        = string
   description = "name of the clamav scanning application"