From 9861a799cfc4645467515764a47fcc8e4e8d83d9 Mon Sep 17 00:00:00 2001
From: Lucas <lucas.bickel@adfinis.com>
Date: Thu, 16 Jan 2025 17:10:33 +0100
Subject: [PATCH] chore(security-apps): Fail deprecated gangway installations

---
 README.md                                     |  2 +-
 charts/keycloak-operator/Chart.yaml           | 17 +++++--
 charts/keycloak-operator/README.md            |  2 +-
 .../tests/__snapshot__/default_test.yaml.snap | 44 +++++++++----------
 charts/security-apps/Chart.yaml               |  8 +---
 charts/security-apps/README.md                |  2 +-
 charts/security-apps/ci/default-values.yaml   |  4 --
 charts/security-apps/templates/gangway.yaml   | 32 +-------------
 8 files changed, 42 insertions(+), 69 deletions(-)

diff --git a/README.md b/README.md
index 5ddf061c9..616586610 100644
--- a/README.md
+++ b/README.md
@@ -39,7 +39,7 @@ Chart for HedgeDoc, a fork of CodiMD
 [<img alt="hedgedoc" src="https://raw.githubusercontent.com/hedgedoc/hedgedoc-logo/main/LOGOTYPE/PNG/HedgeDoc-Logo%201.png" width="128">](charts/hedgedoc)
 #### [keycloak-operator](charts/keycloak-operator) chart
 
-![Version: 1.4.x](https://img.shields.io/badge/version-1.4.x-brightgreen) ![App version: 26..x](https://img.shields.io/badge/app%20version-26..x-brightgreen)
+![Version: 1.5.x](https://img.shields.io/badge/version-1.5.x-brightgreen) ![App version: 26..x](https://img.shields.io/badge/app%20version-26..x-brightgreen)
 
 Deploy Keycloak Operator and Keycloak
 
diff --git a/charts/keycloak-operator/Chart.yaml b/charts/keycloak-operator/Chart.yaml
index 5a33fb38e..fa1a384b2 100644
--- a/charts/keycloak-operator/Chart.yaml
+++ b/charts/keycloak-operator/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
 name: keycloak-operator
 description: Deploy Keycloak Operator and Keycloak
 type: application
-version: 1.4.4
-appVersion: "26.0.7"
+version: 1.5.0
+appVersion: "26.1.0"
 icon: https://www.keycloak.org/resources/images/logo-stacked.svg
 home: https://www.keycloak.org
 sources:
@@ -16,4 +16,15 @@ maintainers:
 annotations:
   artifacthub.io/changes: |
     - kind: fixed
-      description: "fix: don't quote value for poolMinSize as the upstream type is integer"
+      description: |
+        feat: Update Keycloak from 26.0.7 to 26.1.0
+
+        The first Keycloak release in 2025 contains several features:
+        * default to jdbc-ping for cluster discovery
+        * otel tracing support
+        * networkpolicy preview
+        * dark mode
+        * plus many additional features
+      links:
+        name: Release Notes
+        url: https://www.keycloak.org/docs/26.1.0/release_notes/index.html
diff --git a/charts/keycloak-operator/README.md b/charts/keycloak-operator/README.md
index db163bc2f..27a2b7f1d 100644
--- a/charts/keycloak-operator/README.md
+++ b/charts/keycloak-operator/README.md
@@ -1,6 +1,6 @@
 # keycloak-operator
 
-![Version: 1.4.4](https://img.shields.io/badge/Version-1.4.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.0.7](https://img.shields.io/badge/AppVersion-26.0.7-informational?style=flat-square)
+![Version: 1.5.0](https://img.shields.io/badge/Version-1.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.1.0](https://img.shields.io/badge/AppVersion-26.1.0-informational?style=flat-square)
 
 Deploy Keycloak Operator and Keycloak
 
diff --git a/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap b/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap
index 2e8f8876f..f1f82dabb 100644
--- a/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap
+++ b/charts/keycloak-operator/tests/__snapshot__/default_test.yaml.snap
@@ -8,8 +8,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: keycloakcontroller-cluster-role
     rules:
       - apiGroups:
@@ -35,8 +35,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: keycloakrealmimportcontroller-cluster-role
     rules:
       - apiGroups:
@@ -62,8 +62,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: RELEASE-NAME-keycloak-operator-operator
     spec:
       replicas: 1
@@ -86,8 +86,8 @@ should match snapshot:
                     fieldRef:
                       fieldPath: metadata.namespace
                 - name: KC_OPERATOR_KEYCLOAK_IMAGE
-                  value: quay.io/keycloak/keycloak:26.0.7
-              image: quay.io/keycloak/keycloak-operator:26.0.7
+                  value: quay.io/keycloak/keycloak:26.1.0
+              image: quay.io/keycloak/keycloak-operator:26.1.0
               imagePullPolicy: IfNotPresent
               livenessProbe:
                 failureThreshold: 3
@@ -127,8 +127,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: keycloak-operator-role-binding
     roleRef:
       apiGroup: rbac.authorization.k8s.io
@@ -146,8 +146,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: keycloak-operator-view
     roleRef:
       apiGroup: rbac.authorization.k8s.io
@@ -165,8 +165,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: keycloakcontroller-role-binding
     roleRef:
       apiGroup: rbac.authorization.k8s.io
@@ -184,8 +184,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: keycloakrealmimportcontroller-role-binding
     roleRef:
       apiGroup: rbac.authorization.k8s.io
@@ -203,8 +203,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: keycloak-operator-role
     rules:
       - apiGroups:
@@ -266,8 +266,8 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: RELEASE-NAME-keycloak-operator-operator
     spec:
       ports:
@@ -289,6 +289,6 @@ should match snapshot:
         app.kubernetes.io/instance: RELEASE-NAME
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: keycloak-operator
-        app.kubernetes.io/version: 26.0.7
-        helm.sh/chart: keycloak-operator-1.4.4
+        app.kubernetes.io/version: 26.1.0
+        helm.sh/chart: keycloak-operator-1.5.0
       name: RELEASE-NAME-keycloak-operator
diff --git a/charts/security-apps/Chart.yaml b/charts/security-apps/Chart.yaml
index 164018159..d55c5f2b7 100644
--- a/charts/security-apps/Chart.yaml
+++ b/charts/security-apps/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: security-apps
 description: Argo CD app-of-apps config for security applications
 type: application
-version: 0.89.0
+version: 0.90.0
 home: https://github.com/adfinis/helm-charts/tree/main/charts/security-apps
 sources:
   - https://github.com/adfinis/helm-charts
@@ -15,10 +15,6 @@ dependencies:
     version: 0.9.1
     repository: https://charts.adfinis.com
 annotations:
-  artifacthub.io/containsSecurityUpdates: "true"
   artifacthub.io/changes: |
     - kind: changed
-      description: "chore: update oauth2-proxy from 6.10.1 to 7.8.2"
-      links:
-        - name: OAuth-Proxy 7.8.2 Release
-          url: https://github.com/oauth2-proxy/manifests/releases/tag/oauth2-proxy-7.8.2
+      description: "Fail installations of deprecated gangway component"
diff --git a/charts/security-apps/README.md b/charts/security-apps/README.md
index c03a098d0..b8adc39fb 100644
--- a/charts/security-apps/README.md
+++ b/charts/security-apps/README.md
@@ -1,6 +1,6 @@
 # security-apps
 
-![Version: 0.89.0](https://img.shields.io/badge/Version-0.89.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 0.90.0](https://img.shields.io/badge/Version-0.90.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 Argo CD app-of-apps config for security applications
 
diff --git a/charts/security-apps/ci/default-values.yaml b/charts/security-apps/ci/default-values.yaml
index dd081eb29..8533c56d2 100644
--- a/charts/security-apps/ci/default-values.yaml
+++ b/charts/security-apps/ci/default-values.yaml
@@ -2,10 +2,6 @@ dex:
   enabled: true
   values: {}
 
-gangway:
-  enabled: true
-  values: {}
-
 vault:
   enabled: true
   values: {}
diff --git a/charts/security-apps/templates/gangway.yaml b/charts/security-apps/templates/gangway.yaml
index 5939c17d2..d281d42f7 100644
--- a/charts/security-apps/templates/gangway.yaml
+++ b/charts/security-apps/templates/gangway.yaml
@@ -1,33 +1,3 @@
 {{ if .Values.gangway.enabled }}
-{{ template "argoconfig.application" (list . "security-apps.gangway") }}
+{{ fail "gangway is DEPRECATED, use dexK8sAuthenticator instead" }}
 {{ end }}
-
-{{- define "security-apps.gangway" -}}{{- $app := unset .Values.gangway "enabled" -}}{{- $name := default $app.destination.namespace $app.name -}}
-metadata:
-  name: {{ template "common.fullname" . }}-{{ $name }}
-spec:
-  {{- if $app.project }}
-  project: {{ $app.project | quote }}
-  {{- end }}
-  source:
-    repoURL: {{ $app.repoURL | quote }}
-    chart: {{ $app.chart | quote }}
-    targetRevision: {{ $app.targetRevision | quote }}
-    helm:
-      releaseName: {{ $name | quote }}
-      values: |-
-        nameOverride: {{ $name | quote }}
-        {{- $app.values | toYaml | nindent 8 }}
-  {{- if $app.destination }}
-  destination:
-    {{ $app.destination | toYaml | nindent 4 }}
-  {{- end }}
-  {{- if $app.syncPolicy }}
-  syncPolicy:
-    {{ $app.syncPolicy | toYaml | nindent 4 }}
-  {{- end }}
-  {{- if $app.ignoreDifferences }}
-  ignoreDifferences:
-    {{ $app.ignoreDifferences | toYaml | nindent 4 }}
-  {{- end }}
-{{- end -}}