fix: Prometheus | remove insecure grafana ingress

k8s-operators/index.ts

@@ -1,12 +1,10 @@
-import * as fs from "fs";
-import * as path from "path";
 import { HelmProvider } from "@cdktf/provider-helm/lib/provider";
 import { Release } from "@cdktf/provider-helm/lib/release";
 import { TerraformStack } from "cdktf";
 import { Construct } from "constructs";
 import { BarmanCloudPluginInstall } from "./barman";
 import { Prometheus } from "./prometheus";
-import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";
+import { OnePassword } from "./1password";
 
 export class K8SOperators extends TerraformStack {
   constructor(scope: Construct, id: string) {
@@ -18,48 +16,16 @@ export class K8SOperators extends TerraformStack {
       },
     });
 
-    const kubernetes = new KubernetesProvider(this, "kubernetes", {
-      configPath: "~/.kube/config",
-    });
-
     new Prometheus(this, "prometheus", {
-      providers: {
+      provider: helm,
-        helm,
-        kubernetes,
-      },
       namespace: "monitoring",
       name: "prometheus-operator",
       version: "75.10.0",
     });
 
-    new Release(this, "onepassword-operator", {
+    new OnePassword(this, "onepassword", {
       provider: helm,
-      name: "onepassword-operator",
+      name: "onepassword",
-      chart: "connect",
-      repository: "https://1password.github.io/connect-helm-charts/",
-      namespace: "1password",
-      createNamespace: true,
-      set: [
-        {
-          name: "operator.create",
-          value: "true",
-        },
-      ],
-      setSensitive: [
-        {
-          name: "operator.token.value",
-          value: process.env.OP_CONNECT_TOKEN!,
-        },
-        {
-          name: "connect.credentials_base64",
-          value: btoa(
-            fs.readFileSync(
-              path.join(__dirname, "1password-credentials.json"),
-              "utf-8",
-            ),
-          ),
-        },
-      ],
     });
 
     const cnpg = new Release(this, "cnpg-operator", {

k8s-operators/prometheus/index.ts

@@ -2,11 +2,10 @@ import * as fs from "fs";
 import * as path from "path";
 import { Release } from "@cdktf/provider-helm/lib/release";
 import { Construct } from "constructs";
-import { IngressRoute } from "../../utils";
+import { HelmProvider } from "@cdktf/provider-helm/lib/provider";
-import { Providers } from "../../types";
 
 type PrometheusOptions = {
-  providers: Providers;
+  provider: HelmProvider;
   name: string;
   namespace: string;
   version: string;
@@ -16,22 +15,8 @@ export class Prometheus extends Construct {
   constructor(scope: Construct, id: string, options: PrometheusOptions) {
     super(scope, id);
 
-    const { helm, kubernetes } = options.providers;
-
-    new IngressRoute(this, "ingress", {
-      provider: kubernetes,
-      name: "grafana",
-      namespace: options.namespace,
-      entryPoints: ["websecure"],
-      serviceName: "prometheus-operator-grafana",
-      servicePort: 80,
-      tlsSecretName: "grafana-tls",
-      host: "grafana.dogar.dev",
-    });
-
     new Release(this, id, {
       ...options,
-      provider: helm,
       repository: "https://prometheus-community.github.io/helm-charts",
       chart: "kube-prometheus-stack",
       createNamespace: true,