Remove kube-rbac-proxy

This sidecar container allows to hide the `/metrics` endpoint of the
manager. Keep it simple and don't introduce another layer with its own
image vulnerabilities and drifts. Users will probably use network
policies to prevent communication with other components of the system.

charts/kubewarden-controller/Chart.yaml

@@ -13,7 +13,7 @@ maintainers:
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.15
+version: 0.1.16
 
 # This is the version of kubewarden-controller container image to be used
 appVersion: "v0.2.2"

charts/kubewarden-controller/templates/deployment.yaml

@@ -24,20 +24,8 @@ spec:
       {{- end }}
       serviceAccountName: {{ include "kubewarden-controller.serviceAccountName" . }}
       containers:
-      - name: kube-rbac-proxy
-        args:
-        - --secure-listen-address=0.0.0.0:8443
-        - --upstream=http://127.0.0.1:8080/
-        - --logtostderr=true
-        - --v=10
-        image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0
-        ports:
-        - containerPort: 8443
-          name: https
       - name: manager
         args:
-        - --health-probe-bind-address=:8081
-        - --metrics-bind-address=127.0.0.1:8080
         - --leader-elect
         - --deployments-namespace={{ .Release.Namespace }}
         - --deployments-service-account-name={{ .Values.policyServer.serviceAccountName }}