From 16c3e878223f815db7a3a20ec458a9b2abf21b1c Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Mon, 2 Dec 2024 17:15:24 -0500 Subject: [PATCH] Remove setting up network policies from clamav module --- README.md | 1 - clamav/main.tf | 15 --------------- clamav/providers.tf | 5 ----- clamav/tests/creation.tftest.hcl | 17 ----------------- clamav/variables.tf | 5 ----- 5 files changed, 43 deletions(-) diff --git a/README.md b/README.md index 51c3ed0..67d54bf 100644 --- a/README.md +++ b/README.md @@ -102,7 +102,6 @@ module "clamav" { cf_org_name = local.cf_org_name cf_space_name = local.cf_space_name - app_name = "app_name" name = "my_clamav_name" clamav_image = "ghcr.io/gsa-tts/clamav-rest/clamav:TAG_NAME" max_file_size = "30M" diff --git a/clamav/main.tf b/clamav/main.tf index 724385d..d1b76d0 100644 --- a/clamav/main.tf +++ b/clamav/main.tf @@ -2,12 +2,6 @@ locals { endpoint = "${var.name}.apps.internal" } -data "cloudfoundry_app" "app" { - name = var.app_name - org_name = var.cf_org_name - space_name = var.cf_space_name -} - resource "cloudfoundry_app" "clamav_api" { name = var.name space_name = var.cf_space_name @@ -35,12 +29,3 @@ resource "cloudfoundry_app" "clamav_api" { MAX_FILE_SIZE = var.max_file_size } } - -resource "cloudfoundry_network_policy" "clamav_routing" { - provider = cloudfoundry-community - policy { - source_app = data.cloudfoundry_app.app.id - destination_app = cloudfoundry_app.clamav_api.id - port = "61443" - } -} diff --git a/clamav/providers.tf b/clamav/providers.tf index 60dd033..b6ad4a3 100644 --- a/clamav/providers.tf +++ b/clamav/providers.tf @@ -5,10 +5,5 @@ terraform { source = "cloudfoundry/cloudfoundry" version = ">=1.1.0" } - - cloudfoundry-community = { - source = "cloudfoundry-community/cloudfoundry" - version = ">=0.53.1" - } } } diff --git a/clamav/tests/creation.tftest.hcl b/clamav/tests/creation.tftest.hcl index 735cd15..75c5c7a 100644 --- a/clamav/tests/creation.tftest.hcl +++ b/clamav/tests/creation.tftest.hcl @@ -1,10 +1,8 @@ mock_provider "cloudfoundry" {} -mock_provider "cloudfoundry-community" {} variables { cf_org_name = "gsa-tts-devtools-prototyping" cf_space_name = "terraform-cloudgov-ci-tests" - app_name = "terraform_cloudgov_app" name = "terraform-cloudgov-clamav-test" clamav_image = "ghcr.io/gsa-tts/clamav-rest/clamav:TAG" max_file_size = "30M" @@ -60,21 +58,6 @@ run "test_app_creation" { condition = lookup(cloudfoundry_app.clamav_api.environment, "PROXY_PASSWORD", null) == null error_message = "Does not set the PROXY_PASSWORD environment by default" } - - assert { - condition = [for policy in cloudfoundry_network_policy.clamav_routing.policy : policy.source_app] == [data.cloudfoundry_app.app.id] - error_message = "Routing policy allows traffic from the source app" - } - - assert { - condition = [for policy in cloudfoundry_network_policy.clamav_routing.policy : policy.destination_app] == [cloudfoundry_app.clamav_api.id] - error_message = "Routing policy allows traffic to the clamav app" - } - - assert { - condition = [for policy in cloudfoundry_network_policy.clamav_routing.policy : policy.port] == ["61443"] - error_message = "Routing policy opens up traffic on the internal https port" - } } run "test_with_proxy" { diff --git a/clamav/variables.tf b/clamav/variables.tf index 6203c56..c161deb 100644 --- a/clamav/variables.tf +++ b/clamav/variables.tf @@ -8,11 +8,6 @@ variable "cf_space_name" { description = "cloud.gov space name" } -variable "app_name" { - type = string - description = "base application name to allow routing to the clamav app" -} - variable "name" { type = string description = "name of the clamav scanning application"