From b7a51ba0bb4b47c7a0866cec0e9a0a2e43c473a5 Mon Sep 17 00:00:00 2001
From: klinch0 <68821526+klinch0@users.noreply.github.com>
Date: Thu, 5 Dec 2024 13:29:08 +0300
Subject: [PATCH] Remove unnecessary allow-to-keycloak policy (#512)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **New Features**
- Enhanced Keycloak client configuration with new secrets for
`k8s-client`, `kubeapps-client`, and `kubeapps-auth-config`.
- Introduced new `ClusterKeycloak` and `ClusterKeycloakRealm` resources
for improved management.
- Updated Keycloak client scopes with additional attributes and protocol
mappers.
- Added multiple CiliumNetworkPolicy and CiliumClusterwideNetworkPolicy
configurations for better traffic control.

- **Improvements**
- Logic added to check for existing Kubernetes secrets and generate new
ones as needed, ensuring seamless configuration management.
- Enhanced network policies to provide comprehensive control over
ingress and egress traffic for various services within the tenant's
namespace.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---
 packages/apps/tenant/templates/networkpolicy.yaml    | 12 ------------
 .../keycloak-configure/templates/configure-kk.yaml   |  2 --
 2 files changed, 14 deletions(-)

diff --git a/packages/apps/tenant/templates/networkpolicy.yaml b/packages/apps/tenant/templates/networkpolicy.yaml
index 28089f9be..7815162fc 100644
--- a/packages/apps/tenant/templates/networkpolicy.yaml
+++ b/packages/apps/tenant/templates/networkpolicy.yaml
@@ -192,16 +192,4 @@ spec:
   - toEndpoints:
     - matchLabels:
         cozystack.io/service: ingress
----
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-to-keycloak
-  namespace: {{ include "tenant.name" . }}
-spec:
-  endpointSelector: {}
-  egress:
-  - toEndpoints:
-      - matchLabels:
-          "k8s:io.kubernetes.pod.namespace": cozy-keycloak
 {{- end }}
diff --git a/packages/system/keycloak-configure/templates/configure-kk.yaml b/packages/system/keycloak-configure/templates/configure-kk.yaml
index 828b8567f..f9c19b271 100644
--- a/packages/system/keycloak-configure/templates/configure-kk.yaml
+++ b/packages/system/keycloak-configure/templates/configure-kk.yaml
@@ -112,8 +112,6 @@ spec:
 
 ---
 
----
-
 apiVersion: v1.edp.epam.com/v1
 kind: KeycloakClient
 metadata: