Gandalf the Greybeard
6e9c97593c
Per org RBAC policy, development/testing Headlamp instances must run in `privilegedescalation-dev`, not `default`. Agents only have read-write access in `privilegedescalation` and `privilegedescalation-dev` — the `default` namespace is outside our permitted scope. Updated: - deployment/e2e-ci-runner-rbac.yaml: Role/RoleBinding now targets privilegedescalation-dev - deployment/headlamp-e2e-values.yaml: comment updated - scripts/deploy-e2e-headlamp.sh: default namespace changed - scripts/teardown-e2e-headlamp.sh: default namespace changed Note: .github/workflows/e2e.yaml still sets E2E_NAMESPACE: default and needs a separate update — delegated to Hugh Hackman (workflow owner). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
33 lines
1.0 KiB
Bash
Executable File
33 lines
1.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# teardown-e2e-headlamp.sh
|
|
#
|
|
# Tears down the dedicated E2E Headlamp instance deployed by deploy-e2e-headlamp.sh.
|
|
#
|
|
# Environment:
|
|
# E2E_NAMESPACE — namespace to clean up (default: privilegedescalation-dev)
|
|
# E2E_RELEASE — Helm release to uninstall (default: headlamp-e2e)
|
|
set -euo pipefail
|
|
|
|
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
|
|
|
E2E_NAMESPACE="${E2E_NAMESPACE:-privilegedescalation-dev}"
|
|
E2E_RELEASE="${E2E_RELEASE:-headlamp-e2e}"
|
|
|
|
echo "=== E2E Headlamp Teardown ==="
|
|
echo " Namespace: $E2E_NAMESPACE"
|
|
echo " Release: $E2E_RELEASE"
|
|
|
|
echo "Uninstalling Helm release..."
|
|
helm uninstall "$E2E_RELEASE" -n "$E2E_NAMESPACE" 2>/dev/null || echo "Release not found (already removed?)"
|
|
|
|
echo "Cleaning up ConfigMap..."
|
|
kubectl delete configmap headlamp-polaris-plugin -n "$E2E_NAMESPACE" --ignore-not-found
|
|
|
|
echo "Cleaning up service account..."
|
|
kubectl delete serviceaccount headlamp-e2e-test -n "$E2E_NAMESPACE" --ignore-not-found
|
|
|
|
# Clean up local env file
|
|
rm -f "$REPO_ROOT/.env.e2e"
|
|
|
|
echo "Teardown complete."
|