rm analytics

api/v1alpha1/securesign_types.go

@@ -28,10 +28,6 @@ type SecuresignSpec struct {
 	Rekor    RekorSpec    `json:"rekor,omitempty"`
 	Fulcio   FulcioSpec   `json:"fulcio,omitempty"`
 	Trillian TrillianSpec `json:"trillian,omitempty"`
-	// If true, the Operator will create segment backup job and cronjob and required RBAC
-	//+kubebuilder:validation:XValidation:rule=(self || !oldSelf),message=Feature cannot be disabled
-	//+kubebuilder:default:=false
-	Analytics bool `json:"analytics"`
 	//+kubebuilder:default:={keys:{{name: rekor.pub},{name: ctfe.pub},{name: fulcio_v1.crt.pem}}}
 	Tuf   TufSpec   `json:"tuf,omitempty"`
 	Ctlog CTlogSpec `json:"ctlog,omitempty"`

config/crd/bases/rhtas.redhat.com_securesigns.yaml

@@ -56,14 +56,6 @@ spec:
           spec:
             description: SecuresignSpec defines the desired state of Securesign
             properties:
-              analytics:
-                default: false
-                description: If true, the Operator will create segment backup job
-                  and cronjob and required RBAC
-                type: boolean
-                x-kubernetes-validations:
-                - message: Feature cannot be disabled
-                  rule: (self || !oldSelf)
               ctlog:
                 description: CTlogSpec defines the desired state of CTlog component
                 properties:
@@ -693,8 +685,6 @@ spec:
                     minimum: 1
                     type: integer
                 type: object
-            required:
-            - analytics
             type: object
           status:
             description: SecuresignStatus defines the observed state of Securesign

controllers/securesign/actions/rbac.go

@@ -21,7 +21,6 @@ const (
 	namespacedNamePattern   = SegmentRBACName + "-%s"
 	clusterWideNamePattern  = SegmentRBACName + "-%s" + "-%s"
 	OpenshiftMonitoringNS   = "openshift-monitoring"
-	openshiftConsoleNS      = "openshift-console"
 	OpenshiftUWMonitoringNS = "openshift-user-workload-monitoring"
 )
 
@@ -49,9 +48,6 @@ func (i rbacAction) CanHandle(_ context.Context, instance *rhtasv1alpha1.Secures
 }
 
 func (i rbacAction) Handle(ctx context.Context, instance *rhtasv1alpha1.Securesign) *action.Result {
-	if !instance.Spec.Analytics {
-		return i.Continue()
-	}
 	var err error
 
 	labels := constants.LabelsFor(SegmentBackupJobName, SegmentBackupCronJobName, instance.Name)
@@ -89,9 +85,10 @@ func (i rbacAction) Handle(ctx context.Context, instance *rhtasv1alpha1.Securesi
 		labels,
 		[]rbacv1.PolicyRule{
 			{
-				APIGroups: []string{""},
-				Resources: []string{"configmaps"},
-				Verbs:     []string{"get", "list", "patch"},
+				APIGroups:     []string{""},
+				Resources:     []string{"configmaps"},
+				Verbs:         []string{"get", "list", "patch"},
+				ResourceNames: []string{"cluster-monitoring-config"},
 			},
 			{
 				APIGroups: []string{"route.openshift.io"},

controllers/securesign/actions/segment_backup_cronjob.go

@@ -42,11 +42,6 @@ func (i segmentBackupCronJob) CanHandle(_ context.Context, instance *rhtasv1alph
 }
 
 func (i segmentBackupCronJob) Handle(ctx context.Context, instance *rhtasv1alpha1.Securesign) *action.Result {
-
-	if !instance.Spec.Analytics {
-		return i.Continue()
-	}
-
 	var (
 		err     error
 		updated bool

controllers/securesign/actions/segment_backup_job.go

@@ -38,9 +38,6 @@ func (i segmentBackupJob) CanHandle(_ context.Context, instance *rhtasv1alpha1.S
 }
 
 func (i segmentBackupJob) Handle(ctx context.Context, instance *rhtasv1alpha1.Securesign) *action.Result {
-	if !instance.Spec.Analytics {
-		return i.Continue()
-	}
 
 	var (
 		err error