Deprecate apply infra + update oauth network policy (#8650)

.github/workflows/apply-infra.yml

@@ -1,48 +1,59 @@
-name: Apply Infra
-
-on:
-  workflow_dispatch:
-
-concurrency:
-  group: apply_infra
-  cancel-in-progress: false
-
-env:
-  GCLOUD_PROJECT_ID: ${{ secrets.GCLOUD_PROJECT_ID }}
-  DD_API_KEY: ${{ secrets.DD_API_KEY }}
-  DD_APP_KEY: ${{ secrets.DD_APP_KEY }}
-
-jobs:
-  build-and-deploy:
-    runs-on: ubuntu-latest
-    if: github.ref == 'refs/heads/main'
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-
-      - name: Get short sha
-        id: short_sha
-        run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
-
-      - name: "Authenticate with Google Cloud"
-        uses: "google-github-actions/auth@v1"
-        with:
-          credentials_json: "${{ secrets.GCLOUD_SA_KEY }}"
-
-      - name: "Set up Cloud SDK"
-        uses: "google-github-actions/setup-gcloud@v1"
-
-      - name: Install gke-gcloud-auth-plugin
-        run: |
-          gcloud components install gke-gcloud-auth-plugin
-
-      - name: Install yq
-        run: |
-          wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
-          chmod a+x /usr/local/bin/yq
-
-      - name: Run Apply Infra
-        run: |
-          cd k8s
-          ./apply_infra.sh
+# ⛔️ DEPRECATED ACTION ⛔️
+# This workflow has been deprecated in favor of using:
+# - Terraform for infrastructure management
+# - Helm/Helmfile for Kubernetes resources
+#
+# For any infrastructure changes, please contact:
+# - @jules
+# - @flavien
+#
+# Last active: [Insert date when it was deprecated]
+
+# name: Apply Infra
+
+# on:
+#   workflow_dispatch:
+
+# concurrency:
+#   group: apply_infra
+#   cancel-in-progress: false
+
+# env:
+#   GCLOUD_PROJECT_ID: ${{ secrets.GCLOUD_PROJECT_ID }}
+#   DD_API_KEY: ${{ secrets.DD_API_KEY }}
+#   DD_APP_KEY: ${{ secrets.DD_APP_KEY }}
+
+# jobs:
+#   build-and-deploy:
+#     runs-on: ubuntu-latest
+#     if: github.ref == 'refs/heads/main'
+
+#     steps:
+#       - name: Checkout code
+#         uses: actions/checkout@v3
+
+#       - name: Get short sha
+#         id: short_sha
+#         run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+#       - name: "Authenticate with Google Cloud"
+#         uses: "google-github-actions/auth@v1"
+#         with:
+#           credentials_json: "${{ secrets.GCLOUD_SA_KEY }}"
+
+#       - name: "Set up Cloud SDK"
+#         uses: "google-github-actions/setup-gcloud@v1"
+
+#       - name: Install gke-gcloud-auth-plugin
+#         run: |
+#           gcloud components install gke-gcloud-auth-plugin
+
+#       - name: Install yq
+#         run: |
+#           wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+#           chmod a+x /usr/local/bin/yq
+
+#       - name: Run Apply Infra
+#         run: |
+#           cd k8s
+#           ./apply_infra.sh

k8s/dust-kube/network-policies/oauth-network-policy.yaml

@@ -34,6 +34,17 @@ spec:
         - podSelector:
             matchLabels:
               app: core
+    - podSelector:
+        matchExpressions:
+          - key: app.kubernetes.io/name
+            operator: In
+            values:
+              - connectors
+              - connectors-worker
+              - connectors-worker-google-drive
+              - connectors-worker-notion
+              - connectors-worker-notion-gc
+              - connectors-worker-webcrawler
       ports:
         - protocol: TCP
-          port: 3006
+          port: 3006