Revert adding tornjak to be releasable

Signed-off-by: Marco Franssen <marco.franssen@gmail.com>

charts/spire/charts/spire-server/README.md

@@ -89,14 +89,6 @@ A Helm chart to install the SPIRE server.
 | telemetry.prometheus.enabled | bool | `false` |  |
 | tolerations | list | `[]` |  |
 | topologySpreadConstraints | list | `[]` |  |
-| tornjak.config.backend.dataStore.driver | string | `"sqlite3"` |  |
-| tornjak.config.backend.dataStore.file | string | `"/run/spire/data/tornjak.sqlite3"` |  |
-| tornjak.config.frontend.apiServerURL | string | `"http://localhost:10000"` |  |
-| tornjak.enabled | bool | `false` |  |
-| tornjak.image.pullPolicy | string | `"IfNotPresent"` |  |
-| tornjak.image.registry | string | `"ghcr.io"` |  |
-| tornjak.image.repository | string | `"spiffe/tornjak"` |  |
-| tornjak.image.version | string | `"latest"` |  |
 | trustDomain | string | `"example.org"` |  |
 | upstreamAuthority.certManager.enabled | bool | `false` |  |
 | upstreamAuthority.certManager.issuer_group | string | `"cert-manager.io"` |  |

charts/spire/charts/spire-server/templates/NOTES.txt

@@ -4,21 +4,3 @@ Installed {{ .Chart.Name }}…
 
   kubectl exec -n {{ .Release.Namespace }} {{ include "spire-server.fullname" . }}-0 -c spire-server -- \
     spire-server entry show
-
-{{- if eq (.Values.tornjak.enabled | toString) "true" }}
-
-### WARNING ###
-This Tornjak is configured without authentication and it is intended for
-testing only. Please do not use this version in production.
-
-Tornjak APIs (Backend):
-      kubectl -n {{ include "spire-server.namespace" . }} port-forward {{ include "spire-server.fullname" . }}-0 10000:10000
-
-Tornjak UI (Frontend):
-      kubectl -n {{ include "spire-server.namespace" . }} port-forward {{ include "spire-server.fullname" . }}-0 3000:3000
-
-Tornjak API access:  {{ include "tornjak.apiURL" . }}
-Tornjak UI access:   {{ include "tornjak.FrontendURL" . }}
-
-Installed {{ include "spire-tornjak.fullname" . }}…
-{{- end }}

charts/spire/charts/spire-server/templates/_helpers.tpl

@@ -110,35 +110,3 @@ Create the name of the service account to use
 [{{ printf "%s:%s-agent" .Release.Namespace .Release.Name | quote }}]
 {{- end }}
 {{- end }}
-
-{{/*
-Tornjak specific section
-*/}}
-
-{{- define "spire-tornjak.fullname" -}}
-{{ include "spire-server.fullname" . | trimSuffix "-server" }}-tornjak
-{{- end }}
-{{- define "spire-tornjak.config" -}}
-{{ include "spire-tornjak.fullname" . }}-config
-{{- end }}
-{{- define "spire-tornjak.frontend" -}}
-{{ include "spire-tornjak.fullname" . }}-fe
-{{- end }}
-{{- define "spire-tornjak.backend" -}}
-{{ include "spire-tornjak.fullname" . }}-be
-{{- end }}
-
-{{/*
-Create URL for accessing Tornjak Backend
-*/}}
-{{- define "tornjak.apiURL" -}}
-{{- default .Values.tornjak.config.frontend.apiServerURL }}
-{{- end }}
-
-{{/*
-Create URL for accessing Tornjak Frontend
-*/}}
-{{- define "tornjak.FrontendURL" -}}
-{{- $feurl := print "http://localhost:3000" }}
-{{- $feurl }}
-{{- end }}

charts/spire/charts/spire-server/templates/service.yaml

@@ -26,36 +26,3 @@ spec:
     {{- end }}
   selector:
     {{- include "spire-server.selectorLabels" . | nindent 4 }}
-
-{{- if eq (.Values.tornjak.enabled | toString) "true" }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  namespace: {{ include "spire-server.namespace" . }}
-  name: {{ include "spire-tornjak.frontend" . }}
-spec:
-  type: {{ .Values.service.type }} # ClusterIP
-  selector:
-    {{- include "spire-server.selectorLabels" . | nindent 4 }}
-  ports:
-    - name: {{ include "spire-tornjak.frontend" . }}
-      port: 3000
-      targetPort: 3000
-      protocol: TCP
----
-apiVersion: v1
-kind: Service
-metadata:
-  namespace: {{ include "spire-server.namespace" . }}
-  name: {{ include "spire-tornjak.backend" . }}
-spec:
-  type: {{ .Values.service.type }} # ClusterIP
-  selector:
-   {{- include "spire-server.selectorLabels" . | nindent 4 }}
-  ports:
-    - name: {{ include "spire-tornjak.backend" . }}
-      port: 10000
-      targetPort: 10000
-      protocol: TCP
-{{- end }}

charts/spire/charts/spire-server/templates/statefulset.yaml

@@ -1,6 +1,5 @@
 {{- $configSum := (include (print $.Template.BasePath "/configmap.yaml") . | sha256sum) }}
 {{- $configSum2 := (include (print $.Template.BasePath "/controller-manager-configmap.yaml") . | sha256sum) }}
-{{- $configSumTornjak := (include (print $.Template.BasePath "/tornjak-config.yaml") . | sha256sum) }}
 {{- $fullname := include "spire-server.fullname" . }}
 apiVersion: apps/v1
 kind: StatefulSet
@@ -22,7 +21,6 @@ spec:
       annotations:
         checksum/config: {{ $configSum }}
         checksum/config2: {{ $configSum2 }}
-        checksum/configTornjak: {{ $configSumTornjak }}
         {{- with .Values.podAnnotations }}
           {{- toYaml . | nindent 8 }}
         {{- end }}
@@ -146,51 +144,6 @@ spec:
               mountPath: /tmp
               readOnly: false
         {{- end }}
-
-        {{- if eq (.Values.tornjak.enabled | toString) "true" }}
-        - name: tornjak
-          securityContext:
-            {{- toYaml .Values.controllerManager.securityContext | nindent 12 }}
-          image: {{ template "spire-server.image" (dict "appVersion" $.Chart.AppVersion "image" .Values.tornjak.image) }}
-          imagePullPolicy: {{ .Values.tornjak.image.pullPolicy }}
-          startupProbe:
-            httpGet:
-              scheme: HTTP
-              port: 3000
-            failureThreshold: 6
-            initialDelaySeconds: 60
-            periodSeconds: 30
-            successThreshold: 1
-            timeoutSeconds: 10
-          env:
-          {{- if .Values.tornjak.config.frontend }}
-          - name: REACT_APP_API_SERVER_URI
-            value: {{ include "tornjak.apiURL" . | required "Either .Values.tornjak.config.backend.ingress or .Values.tornjak.config.frontend.apiServerURL is required." }}
-          {{- end }}
-          args:
-          - -c
-          - /run/spire/config/server.conf
-          - -t
-          - /run/spire/tornjak-config/server.conf
-          ports:
-          - containerPort: 3000
-            protocol: TCP
-          volumeMounts:
-          - name: {{ include "spire-tornjak.config" . }}
-            mountPath: /run/spire/tornjak-config
-          - name: spire-server-socket
-            mountPath: /tmp/spire-server/private
-            readOnly: true
-          - name: spire-config
-            mountPath: /run/spire/config
-            readOnly: true
-          {{- if eq (.Values.dataStorage.enabled | toString) "true" }}
-          - name: spire-data
-            mountPath: /run/spire/data
-            readOnly: false
-          {{- end }}
-        {{- end }}
-
         {{- if gt (len .Values.extraContainers) 0 }}
         {{- toYaml .Values.extraContainers | nindent 8 }}
         {{- end }}
@@ -228,14 +181,6 @@ spec:
           configMap:
             name: {{ include "spire-controller-manager.fullname" . }}
         {{- end }}
-        {{- if eq (.Values.tornjak.enabled | toString) "true" }}
-        {{- if .Values.tornjak.config }}
-        - name: {{ include "spire-tornjak.config" . }}
-          configMap:
-            defaultMode: 420
-            name: {{ include "spire-tornjak.config" . }}
-        {{- end }}
-        {{- end }}
         {{- if gt (len .Values.extraVolumes) 0 }}
         {{- toYaml .Values.extraVolumes | nindent 8 }}
         {{- end }}

charts/spire/charts/spire-server/values.yaml

@@ -203,26 +203,3 @@ nodeAttestor:
   k8sPsat:
     enabled: true
     serviceAccountAllowList: []
-
-# tornjak - Tornjak specific configuration
-tornjak:
-  enabled: false
-  # image - Tornjak image (frontend + backend) if not separated above
-  image: # ghcr.io/spiffe/tornjak
-    registry: ghcr.io
-    repository: spiffe/tornjak
-    pullPolicy: IfNotPresent
-    # Overrides the image tag whose default is the chart appVersion.
-    # TODO we should use a specific Tornjak version instead of 'latest'
-    version: "latest"
-  config:
-    # Front-end specific configuration:
-    frontend:
-      # apiServerURL - URL of the Tornjak back-end
-      apiServerURL: "http://localhost:10000"  # 👈 Use it for minikube or kind
-     # Back-end specific configuration
-    backend:
-      # dataStore - persistent DB for storing Tornjak specific information
-      dataStore:
-        driver: "sqlite3"
-        file: "/run/spire/data/tornjak.sqlite3"