Merge pull request #8886 from zalando-incubator/vthupili-tmp

feat: update wiz deletions to wiz_enable_runtime_connector_broker

Author: zaklawrencea

cluster/manifests/deletions.yaml

@@ -346,18 +346,22 @@ post_apply:
 - name: wiz-kubernetes-connector-delete-connector
   kind : Job
   namespace: wiz
-- name: wiz-connector-agent
-  kind : Deployment
-  namespace: wiz
-- name: wiz-broker
+- name: wiz-auto-modify-connector
   kind : ServiceAccount
   namespace: wiz
-- name: wiz-cluster-reader
-  kind : ServiceAccount
+- name: wiz-auto-modify-connector
+  kind : Role
   namespace: wiz
 - name: wiz-auto-modify-connector
-  kind : ServiceAccount
+  kind : RoleBinding
+  namespace: wiz
+{{- end }}
+{{- if ne .Cluster.ConfigItems.wiz_enable_runtime_connector_broker "true" }}
+- name: wiz-connector-agent
+  kind : Deployment
   namespace: wiz
+{{- end }}
+{{- if and (ne .Cluster.ConfigItems.wiz_enable_runtime_connector_broker "true") (ne .Cluster.ConfigItems.wiz_enable_runtime_connector "true") }}
 - name: wiz-connector-connector
   kind : Secret
   namespace: wiz
@@ -367,15 +371,15 @@ post_apply:
 - name: wiz-api-token
   kind : Secret
   namespace: wiz
-- name: wiz-auto-modify-connector
-  kind : Role
-  namespace: wiz
-- name: wiz-auto-modify-connector
-  kind : RoleBinding
+- name: wiz-cluster-reader
+  kind : ServiceAccount
   namespace: wiz
 - name: wiz-cluster-reader
   kind : ClusterRoleBinding
   namespace: wiz
+- name: wiz-broker
+  kind : ServiceAccount
+  namespace: wiz
 {{- end }}
 {{- if ne .Cluster.ConfigItems.wiz_enable_runtime_sensor "true" }}
 - name: wiz-sensor
@@ -394,7 +398,7 @@ post_apply:
   kind : ClusterRoleBinding
   namespace: wiz
 {{- end }}
-{{- if and (ne .Cluster.ConfigItems.wiz_enable_runtime_connector "true") (ne .Cluster.ConfigItems.wiz_enable_runtime_sensor "true") }}
+{{- if and (ne .Cluster.ConfigItems.wiz_enable_runtime_connector_broker "true") (ne .Cluster.ConfigItems.wiz_enable_runtime_sensor "true") }}
 - name: wiz
   kind: Namespace
 {{- end }}

cluster/manifests/wiz/002-connector-serviceaccount.yaml renamed to cluster/manifests/wiz/002-connector-broker-serviceaccount.yaml

@@ -1,4 +1,5 @@
 {{ if eq .Cluster.ConfigItems.wiz_enable_runtime_connector "true"}}
+# It is created when wiz_enable_runtime_connector is true and deleted when wiz_enable_runtime_connector_broker  and wiz_enable_runtime_connector is false
 ---
 # Source: wiz-kubernetes-integration/charts/wiz-kubernetes-connector/charts/wiz-broker/templates/serviceaccount.yaml
 apiVersion: v1
@@ -21,15 +22,4 @@ metadata:
     helm.sh/chart: wiz-broker-2.1.0
     application: "wiz"
     component: "connector"
----
-# Source: wiz-kubernetes-integration/charts/wiz-kubernetes-connector/templates/service-account-modify-connector.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: wiz-auto-modify-connector
-  namespace: "wiz"
-  labels:
-    helm.sh/chart: wiz-broker-2.1.0
-    application: "wiz"
-    component: "connector"
 {{end}}

cluster/manifests/wiz/002-connector-job-serviceaccount.yaml

@@ -0,0 +1,13 @@
+{{ if eq .Cluster.ConfigItems.wiz_enable_runtime_connector "true" }}
+---
+# Source: wiz-kubernetes-integration/charts/wiz-kubernetes-connector/templates/service-account-modify-connector.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: wiz-auto-modify-connector
+  namespace: "wiz"
+  labels:
+    helm.sh/chart: wiz-broker-2.1.0
+    application: "wiz"
+    component: "connector"
+{{ end }}

cluster/manifests/wiz/003-connector-clusterrole.yaml renamed to cluster/manifests/wiz/003-connector-broker-clusterrole.yaml

@@ -1,4 +1,6 @@
 {{ if eq .Cluster.ConfigItems.wiz_enable_runtime_connector "true"}}
+# wiz-cluster-reader-token Secret is dependent on wiz-cluster-reader SA.
+# It is created when wiz_enable_runtime_connector is true and deleted when wiz_enable_runtime_connector_broker  and wiz_enable_runtime_connector is false
 ---
 # Source: wiz-kubernetes-integration/charts/wiz-kubernetes-connector/templates/service-account-cluster-reader.yaml
 apiVersion: rbac.authorization.k8s.io/v1

cluster/manifests/wiz/003-connector-role.yaml renamed to cluster/manifests/wiz/003-connector-job-role.yaml

@@ -1,5 +1,7 @@
 {{ if eq .Cluster.ConfigItems.wiz_enable_runtime_connector "true"}}
 ---
+# These are used both in Job and Deployment
+# Create when wiz_enable_runtime_connector is true and deleted when wiz_enable_runtime_connector_broker and wiz_enable_runtime_connector is false
 # Source: wiz-kubernetes-integration/charts/wiz-kubernetes-connector/templates/secret-connector.yaml
 apiVersion: v1
 kind: Secret