From 587c786fdb12780d57a9061bb708ebfbe20cab5b Mon Sep 17 00:00:00 2001
From: Yisheng Cai <yisheng.cai@streamnative.io>
Date: Fri, 13 Sep 2024 06:40:22 +0800
Subject: [PATCH] fix: Remove duplicated AuthorizationPolicy (#75)

Remove duplicated AuthorizationPolicy
---
 .../chart/templates/bookkeeper.yaml           | 20 -------------------
 .../chart/templates/pulsar.yaml               | 19 ------------------
 .../chart/templates/sn-operator.yaml          | 18 -----------------
 .../chart/templates/zookeeper.yaml            | 19 ------------------
 4 files changed, 76 deletions(-)

diff --git a/modules/olm-subscriptions/chart/templates/bookkeeper.yaml b/modules/olm-subscriptions/chart/templates/bookkeeper.yaml
index 03bef5d..ab3d3e5 100644
--- a/modules/olm-subscriptions/chart/templates/bookkeeper.yaml
+++ b/modules/olm-subscriptions/chart/templates/bookkeeper.yaml
@@ -40,24 +40,4 @@ spec:
     envFrom:
     {{- toYaml .Values.bookkeeper.config.envFrom | nindent 4 }}
     {{- end }}
----
-{{- if and .Values.istio.enabled }}
-apiVersion: security.istio.io/v1beta1
-kind: AuthorizationPolicy
-metadata:
-  name: {{ .Values.bookkeeper.name }}
-  namespace: {{ .Values.istio.rootNamespace }}
-spec:
-  selector:
-    matchLabels:
-      # well-known labels
-      cloud.streamnative.io/app: pulsar
-      cloud.streamnative.io/component: bookkeeper
-  action: ALLOW
-  rules:
-    - from:
-        - source:
-            principals: ["cluster.local/ns/{{ .Values.install_namespace }}/sa/bookkeeper-operator-controller-manager"]
-{{- end }}
-
 {{- end }}
diff --git a/modules/olm-subscriptions/chart/templates/pulsar.yaml b/modules/olm-subscriptions/chart/templates/pulsar.yaml
index 9e7aa83..bf96c5a 100644
--- a/modules/olm-subscriptions/chart/templates/pulsar.yaml
+++ b/modules/olm-subscriptions/chart/templates/pulsar.yaml
@@ -40,23 +40,4 @@ spec:
     envFrom:
     {{- toYaml .Values.pulsar.config.envFrom | nindent 4 }}
     {{- end }}
----
-{{- if and .Values.istio.enabled }}
-apiVersion: security.istio.io/v1beta1
-kind: AuthorizationPolicy
-metadata:
-  name: {{ .Values.pulsar.name }}
-  namespace: {{ .Values.istio.rootNamespace }}
-spec:
-  selector:
-    matchLabels:
-      # well-known labels
-      cloud.streamnative.io/app: pulsar
-      cloud.streamnative.io/component: broker
-  action: ALLOW
-  rules:
-    - from:
-        - source:
-            principals: ["cluster.local/ns/{{ .Values.install_namespace }}/sa/pulsar-operator-controller-manager"]
-{{- end }}
 {{- end }}
diff --git a/modules/olm-subscriptions/chart/templates/sn-operator.yaml b/modules/olm-subscriptions/chart/templates/sn-operator.yaml
index 2e7dfdd..037971f 100644
--- a/modules/olm-subscriptions/chart/templates/sn-operator.yaml
+++ b/modules/olm-subscriptions/chart/templates/sn-operator.yaml
@@ -40,22 +40,4 @@ spec:
     envFrom:
     {{- toYaml .Values.sn_operator.config.envFrom | nindent 4 }}
     {{- end }}
----
-{{- if and .Values.istio.enabled }}
-apiVersion: security.istio.io/v1beta1
-kind: AuthorizationPolicy
-metadata:
-  name: {{ .Values.sn_operator.name }}
-  namespace: {{ .Values.istio.rootNamespace }}
-spec:
-  selector:
-    matchLabels:
-      # well-known labels
-      cloud.streamnative.io/app: pulsar
-  action: ALLOW
-  rules:
-    - from:
-        - source:
-            principals: ["cluster.local/ns/{{ .Values.install_namespace }}/sa/sn-operator-controller-manager"]
-{{- end }}
 {{- end }}
diff --git a/modules/olm-subscriptions/chart/templates/zookeeper.yaml b/modules/olm-subscriptions/chart/templates/zookeeper.yaml
index 69e3627..530b883 100644
--- a/modules/olm-subscriptions/chart/templates/zookeeper.yaml
+++ b/modules/olm-subscriptions/chart/templates/zookeeper.yaml
@@ -40,23 +40,4 @@ spec:
     envFrom:
     {{- toYaml .Values.zookeeper.config.envFrom | nindent 4 }}
     {{- end }}
----
-{{- if and .Values.istio.enabled }}
-apiVersion: security.istio.io/v1beta1
-kind: AuthorizationPolicy
-metadata:
-  name: {{ .Values.zookeeper.name }}
-  namespace: {{ .Values.istio.rootNamespace }}
-spec:
-  selector:
-    matchLabels:
-      # well-known labels
-      cloud.streamnative.io/app: pulsar
-      cloud.streamnative.io/component: zookeeper
-  action: ALLOW
-  rules:
-    - from:
-        - source:
-            principals: ["cluster.local/ns/{{ .Values.install_namespace }}/sa/zookeeper-operator-controller-manager"]
-{{- end }}
 {{- end }}