CI -> remove scripted deletion of netbird default policy

eclipse-opendut · Dec 20, 2024 · 304d5d4 · 304d5d4
1 parent 6bf88fa
commit 304d5d4
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 157 deletions.
diff --git a/.ci/docker/netbird/Dockerfile_netbird_init b/.ci/docker/netbird/Dockerfile_netbird_init
@@ -2,7 +2,6 @@
 
 # Check the logs of the container or the following files for the API key and testenv setup key:
 # docker exec -ti netbird-management_init-1 cat /management/api_key
-# docker exec -ti netbird-management_init-1 cat /management/testenv_setup_key
 
 FROM ubuntu:22.04
 ARG PUID=1000

diff --git a/.ci/docker/netbird/netbird-api-functions.sh b/.ci/docker/netbird/netbird-api-functions.sh
@@ -274,140 +274,3 @@ get_netbird_api_token() {
   API_KEY=$(echo "$API_KEY_RESPONSE" | jq -r '.plain_token')
   echo "$API_KEY"
 }
-
-group_id_get_by_name() {
-    GROUP_NAME="$1"
-
-    GROUP_RESPONSE=$(curl -s -H "Authorization: Bearer $TOKEN" $NETBIRD_MANAGEMENT_URL/api/groups)
-    GROUP_ID=$(echo "$GROUP_RESPONSE" | jq -sr ".[] | map(select(.name==\"${GROUP_NAME}\")) | first | .id" )
-    if [ "$GROUP_ID" == "null" ]; then
-      echo ""
-    else
-      echo "$GROUP_ID"
-    fi
-}
-
-group_create() {
-  GROUP_NAME="$1"
-  GROUP_ID=$(group_id_get_by_name "$GROUP_NAME")
-
-  if [ -z "$GROUP_ID" ]; then
-      GROUP_RESPONSE=$(curl -s -H "Authorization: Bearer $TOKEN" -d "{\"name\":\"$GROUP_NAME\"}" $NETBIRD_MANAGEMENT_URL/api/groups)
-      GROUP_ID=$(echo "$GROUP_RESPONSE" | jq -r '.id')
-  fi
-  echo "$GROUP_ID"
-}
-
-create_setup_key_for_group() {
-  GROUP_NAME="$1"
-
-  GROUP_ID=$(group_create "$GROUP_NAME")
-  RESPONSE_SETUP_KEY=$(curl -s -H "Authorization: Bearer $TOKEN" -d "{\"name\":\"$GROUP_NAME\",\"auto_groups\":[\"$GROUP_ID\"],\"type\":\"reusable\",\"expires_in\":31536000,\"usage_limit\":0}" $NETBIRD_MANAGEMENT_URL/api/setup-keys)
-  NETBIRD_SETUP_KEY_TESTENV_GROUP=$(echo "$RESPONSE_SETUP_KEY" | jq -r '.key')
-  echo "$NETBIRD_SETUP_KEY_TESTENV_GROUP"
-}
-
-policy_list() {
-  POLICIES=$(curl -s -H "Authorization: Bearer $TOKEN" $NETBIRD_MANAGEMENT_URL/api/policies)
-  echo "$POLICIES"
-}
-
-policy_list_names() {
-  POLICIES=$(policy_list)
-  echo "$POLICIES" | jq -r '.[].name'
-}
-
-
-policy_id_by_name() {
-  POLICY_NAME="$1"
-
-  POLICIES=$(policy_list)
-  POLICY_ID=$(echo "$POLICIES" | jq -sr ".[] | map(select(.name==\"${POLICY_NAME}\")) | first | .id" )
-  if [ "$POLICY_ID" == "null" ]; then
-    echo ""
-  else
-    echo "$POLICY_ID"
-  fi
-}
-
-policy_disable_default_rule() {
-  DEFAULT_POLICY_ID=$(policy_id_by_name "Default")
-  GROUP_ID=$(group_id_get_by_name "All")
-
-  if [ -n "$DEFAULT_POLICY_ID" ]; then
-    curl -qs -XPUT -H "Authorization: Bearer $TOKEN" \
-          -H 'Content-Type application/json' \
-          $NETBIRD_MANAGEMENT_URL/api/policies/"$DEFAULT_POLICY_ID" \
-          --output /dev/null \
-          --data-binary @- << EOF
-  {
-    "name": "Default",
-    "description": "This is a default rule that allows connections between all the resources",
-    "enabled": false,
-    "query": "",
-    "rules": [
-      {
-        "name": "Default",
-        "description": "This is a default rule that allows connections between all the resources",
-        "enabled": false,
-        "sources": [
-          "$GROUP_ID"
-        ],
-        "destinations": [
-          "$GROUP_ID"
-        ],
-        "bidirectional": true,
-        "protocol": "all",
-        "ports": [],
-        "action": "accept"
-      }
-    ]
-  }
-EOF
-  fi
-}
-
-policy_create_rule() {
-  POLICY_NAME="$1"
-  GROUP_NAME="$2"
-
-  POLICY_ID=$(policy_id_by_name "$POLICY_NAME")
-  GROUP_ID=$(group_id_get_by_name "$GROUP_NAME")
-  echo Found policy with POLICY_ID="$POLICY_ID"
-  echo Found group with GROUP_ID="$GROUP_ID"
-
-  if [ -z "$POLICY_ID" ]; then
-    echo "Creating policy $POLICY_NAME"
-    curl -s -XPOST -H "Authorization: Bearer $TOKEN" \
-          -H 'Content-Type application/json' \
-          $NETBIRD_MANAGEMENT_URL/api/policies \
-          --output /dev/null \
-          --data-binary @- << EOF
-          {
-            "name": "$POLICY_NAME",
-            "description": "",
-            "enabled": true,
-            "rules": [
-              {
-                "name": "$POLICY_NAME",
-                "description": "",
-                "enabled": true,
-                "sources": [
-                  "$GROUP_ID"
-                ],
-                "destinations": [
-                  "$GROUP_ID"
-                ],
-                "bidirectional": true,
-                "protocol": "all",
-                "action": "accept"
-              }
-            ]
-          }
-EOF
-  else
-    echo "Policy $POLICY_NAME already exists"
-  fi
-
-}
-
diff --git a/.ci/docker/netbird/netbird-api-init.sh b/.ci/docker/netbird/netbird-api-init.sh
@@ -25,26 +25,7 @@ else
   API_KEY=$(cat /management/api_key)
 fi
 
-# disable communication between peers by default
-# --> requires to be in a group explicitly
-policy_disable_default_rule
-
-if [ ! -e "/management/testenv_setup_key" ]; then
-  GROUP_NAME="testenv"
-  NETBIRD_SETUP_KEY_TESTENV_GROUP=$(create_setup_key_for_group $GROUP_NAME)
-  if [ -n "$NETBIRD_SETUP_KEY_TESTENV_GROUP" ]; then
-    echo "$NETBIRD_SETUP_KEY_TESTENV_GROUP" > /management/testenv_setup_key
-    policy_create_rule "${GROUP_NAME}_policy" "$GROUP_NAME"
-  else
-    echo "Failed to retrieve NETBIRD_SETUP_KEY_TESTENV_GROUP."
-    #exit 1
-  fi
-else
-  NETBIRD_SETUP_KEY_TESTENV_GROUP=$(cat /management/testenv_setup_key)
-fi
-
 echo API_KEY="$API_KEY"
-echo NETBIRD_SETUP_KEY_TESTENV_GROUP="$NETBIRD_SETUP_KEY_TESTENV_GROUP"
 
 # check if api token works
 if netbird_api_token_test "$API_KEY"; then