Revert "Cherry-pick tigera#2639 Add dynamic layers to tigera infra la…

…yer in SG EV-3506 (tigera#2649)" This reverts commit e139e32.
vara2504 · May 26, 2023 · 40dce4d · 40dce4d
1 parent 5f88b85
commit 40dce4d
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 67 deletions.
diff --git a/pkg/controller/clusterconnection/clusterconnection_controller.go b/pkg/controller/clusterconnection/clusterconnection_controller.go
@@ -331,29 +331,16 @@ func (r *ReconcileConnection) Reconcile(ctx context.Context, request reconcile.R
 		}
 	}
 
-	// Populate a list of namespaces to be displayed in the service graph Tigera infrastructure layer.
-	sgLayerTigeraNameSpaces := render.DefaultSGLayerTigeraNamespaces()
-	sgLayerTigeraNameSpaces[render.GuardianNamespace] = true
-
-	amz, err := utils.GetAmazonCloudIntegration(ctx, r.Client)
-	if err != nil && !k8serrors.IsNotFound(err) {
-		r.status.SetDegraded(operatorv1.ResourceReadError, "Failed to get the GetAmazonCloudIntegration configuration", err, reqLogger)
-		return reconcile.Result{}, nil
-	} else if amz != nil {
-		sgLayerTigeraNameSpaces[render.AmazonCloudIntegrationNamespace] = true
-	}
-
 	ch := utils.NewComponentHandler(log, r.Client, r.Scheme, managementClusterConnection)
 	guardianCfg := &render.GuardianConfiguration{
-		URL:                     managementClusterConnection.Spec.ManagementClusterAddr,
-		TunnelCAType:            managementClusterConnection.Spec.TLS.CA,
-		PullSecrets:             pullSecrets,
-		Openshift:               r.Provider == operatorv1.ProviderOpenShift,
-		Installation:            instl,
-		TunnelSecret:            tunnelSecret,
-		TrustedCertBundle:       trustedCertBundle,
-		UsePSP:                  r.usePSP,
-		SGLayerTigeraNameSpaces: sgLayerTigeraNameSpaces,
+		URL:               managementClusterConnection.Spec.ManagementClusterAddr,
+		TunnelCAType:      managementClusterConnection.Spec.TLS.CA,
+		PullSecrets:       pullSecrets,
+		Openshift:         r.Provider == operatorv1.ProviderOpenShift,
+		Installation:      instl,
+		TunnelSecret:      tunnelSecret,
+		TrustedCertBundle: trustedCertBundle,
+		UsePSP:            r.usePSP,
 	}
 
 	components := []render.Component{render.Guardian(guardianCfg)}

diff --git a/pkg/controller/manager/manager_controller.go b/pkg/controller/manager/manager_controller.go
@@ -359,10 +359,6 @@ func (r *ReconcileManager) Reconcile(ctx context.Context, request reconcile.Requ
 		trustedSecretNames = append(trustedSecretNames, render.ComplianceServerCertSecret)
 	}
 
-	// Populate a list of namespaces to be displayed in the service graph Tigera infrastructure layer.
-	sgLayerTigeraNameSpaces := render.DefaultSGLayerTigeraNamespaces()
-	sgLayerTigeraNameSpaces[render.ManagerNamespace] = true
-
 	// Fetch the Authentication spec. If present, we use to configure user authentication.
 	authenticationCR, err := utils.GetAuthentication(ctx, r.client)
 	if err != nil && !errors.IsNotFound(err) {
@@ -374,7 +370,6 @@ func (r *ReconcileManager) Reconcile(ctx context.Context, request reconcile.Requ
 		return reconcile.Result{}, nil
 	} else if authenticationCR != nil {
 		trustedSecretNames = append(trustedSecretNames, render.DexTLSSecretName)
-		sgLayerTigeraNameSpaces[render.DexNamespace] = true
 	}
 
 	trustedBundle := certificateManager.CreateTrustedBundle()
@@ -526,14 +521,6 @@ func (r *ReconcileManager) Reconcile(ctx context.Context, request reconcile.Requ
 		replicas = &mcmReplicas
 	}
 
-	amz, err := utils.GetAmazonCloudIntegration(ctx, r.client)
-	if err != nil && !errors.IsNotFound(err) {
-		r.status.SetDegraded(operatorv1.ResourceReadError, "Failed to get the GetAmazonCloudIntegration configuration", err, reqLogger)
-		return reconcile.Result{}, nil
-	} else if amz != nil {
-		sgLayerTigeraNameSpaces[render.AmazonCloudIntegrationNamespace] = true
-	}
-
 	managerCfg := &render.ManagerConfiguration{
 		KeyValidatorConfig:      keyValidatorConfig,
 		ESSecrets:               esSecrets,
@@ -553,7 +540,6 @@ func (r *ReconcileManager) Reconcile(ctx context.Context, request reconcile.Requ
 		Compliance:              complianceCR,
 		ComplianceLicenseActive: complianceLicenseFeatureActive,
 		UsePSP:                  r.usePSP,
-		SGLayerTigeraNameSpaces: sgLayerTigeraNameSpaces,
 	}
 
 	// Render the desired objects from the CRD and create or update them.

diff --git a/pkg/render/guardian.go b/pkg/render/guardian.go
@@ -90,8 +90,7 @@ type GuardianConfiguration struct {
 	TunnelCAType      operatorv1.CAType
 
 	// Whether the cluster supports pod security policies.
-	UsePSP                  bool
-	SGLayerTigeraNameSpaces map[string]bool
+	UsePSP bool
 }
 
 type GuardianComponent struct {
@@ -133,7 +132,7 @@ func (c *GuardianComponent) Objects() ([]client.Object, []client.Object) {
 		managerClusterRoleBinding(),
 		managerClusterWideSettingsGroup(),
 		managerUserSpecificSettingsGroup(),
-		managerClusterWideTigeraLayer(c.cfg.SGLayerTigeraNameSpaces),
+		managerClusterWideTigeraLayer(),
 		managerClusterWideDefaultView(),
 	)
 

diff --git a/pkg/render/manager.go b/pkg/render/manager.go
@@ -154,8 +154,6 @@ type ManagerConfiguration struct {
 
 	// Whether the cluster supports pod security policies.
 	UsePSP bool
-
-	SGLayerTigeraNameSpaces map[string]bool
 }
 
 type managerComponent struct {
@@ -212,7 +210,7 @@ func (c *managerComponent) Objects() ([]client.Object, []client.Object) {
 		managerClusterRoleBinding(),
 		managerClusterWideSettingsGroup(),
 		managerUserSpecificSettingsGroup(),
-		managerClusterWideTigeraLayer(c.cfg.SGLayerTigeraNameSpaces),
+		managerClusterWideTigeraLayer(),
 		managerClusterWideDefaultView(),
 	)
 	objs = append(objs, c.getTLSObjects()...)
@@ -946,15 +944,33 @@ func managerUserSpecificSettingsGroup() *v3.UISettingsGroup {
 // all of the tigera namespaces.
 //
 // Calico Enterprise only
-func managerClusterWideTigeraLayer(namespaces map[string]bool) *v3.UISettings {
-
-	nodes := make([]v3.UIGraphNode, 0, len(namespaces))
-	for ns := range namespaces {
-		nodes = append(nodes, v3.UIGraphNode{
+func managerClusterWideTigeraLayer() *v3.UISettings {
+	namespaces := []string{
+		"tigera-compliance",
+		"tigera-dex",
+		"tigera-dpi",
+		"tigera-eck-operator",
+		"tigera-elasticsearch",
+		"tigera-fluentd",
+		"tigera-guardian",
+		"tigera-intrusion-detection",
+		"tigera-kibana",
+		"tigera-manager",
+		"tigera-operator",
+		"tigera-packetcapture",
+		"tigera-policy-recommendation",
+		"tigera-prometheus",
+		"tigera-system",
+		"calico-system",
+	}
+	nodes := make([]v3.UIGraphNode, len(namespaces))
+	for i := range namespaces {
+		ns := namespaces[i]
+		nodes[i] = v3.UIGraphNode{
 			ID:   "namespace/" + ns,
 			Type: "namespace",
 			Name: ns,
-		})
+		}
 	}
 
 	return &v3.UISettings{
@@ -997,23 +1013,3 @@ func managerClusterWideDefaultView() *v3.UISettings {
 		},
 	}
 }
-
-// DefaultSGLayerTigeraNamespaces returns the default list of namespaces to be displayed in Service graph
-// map is used to avoid duplication of namespaces.
-func DefaultSGLayerTigeraNamespaces() map[string]bool {
-	return map[string]bool{
-		"tigera-compliance":            true,
-		"tigera-dpi":                   true,
-		"tigera-eck-operator":          true,
-		"tigera-elasticsearch":         true,
-		"tigera-fluentd":               true,
-		"tigera-intrusion-detection":   true,
-		"tigera-kibana":                true,
-		"tigera-operator":              true,
-		"tigera-packetcapture":         true,
-		"tigera-policy-recommendation": true,
-		"tigera-prometheus":            true,
-		"tigera-system":                true,
-		"calico-system":                true,
-	}
-}