From d6e7a40e8c364f41126b7ea96c50a4cbaac5d9e0 Mon Sep 17 00:00:00 2001
From: Matthias Wessendorf <mwessend@redhat.com>
Date: Tue, 10 Dec 2024 11:01:35 +0100
Subject: [PATCH] Remove unused TLS references for the integration sink

Signed-off-by: Matthias Wessendorf <mwessend@redhat.com>
---
 .../integration-sink-tls-certificate.yaml     | 48 -------------------
 pkg/eventingtls/eventingtls.go                |  3 --
 pkg/reconciler/integration/sink/controller.go |  5 --
 3 files changed, 56 deletions(-)
 delete mode 100644 config/core-tls/integration-sink-tls-certificate.yaml

diff --git a/config/core-tls/integration-sink-tls-certificate.yaml b/config/core-tls/integration-sink-tls-certificate.yaml
deleted file mode 100644
index 7feca251d27..00000000000
--- a/config/core-tls/integration-sink-tls-certificate.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright 2023 The Knative Authors
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: integration-sink-server-tls
-  namespace: knative-eventing
-spec:
-  # Secret names are always required.
-  secretName: integration-sink-server-tls
-
-  secretTemplate:
-    labels:
-      app.kubernetes.io/component: integration-sink
-      app.kubernetes.io/name: knative-eventing
-
-  # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator
-  duration: 2160h0m0s # 90d
-  renewBefore: 360h0m0s # 15d
-  subject:
-    organizations:
-      - local
-  privateKey:
-    algorithm: RSA
-    encoding: PKCS1
-    size: 2048
-    rotationPolicy: Always
-
-  dnsNames:
-    - integration-sink.knative-eventing.svc.cluster.local
-    - integration-sink.knative-eventing.svc
-
-  issuerRef:
-    name: knative-eventing-ca-issuer
-    kind: ClusterIssuer
-    group: cert-manager.io
diff --git a/pkg/eventingtls/eventingtls.go b/pkg/eventingtls/eventingtls.go
index eedea290d51..718a744c197 100644
--- a/pkg/eventingtls/eventingtls.go
+++ b/pkg/eventingtls/eventingtls.go
@@ -57,9 +57,6 @@ const (
 	BrokerFilterServerTLSSecretName = "mt-broker-filter-server-tls" //nolint:gosec // This is not a hardcoded credential
 	// BrokerIngressServerTLSSecretName is the name of the tls secret for the broker ingress server
 	BrokerIngressServerTLSSecretName = "mt-broker-ingress-server-tls" //nolint:gosec // This is not a hardcoded credential
-
-	// IntegrationSinkDispatcherServerTLSSecretName is the name of the tls secret for the integration sink dispatcher server
-	IntegrationSinkDispatcherServerTLSSecretName = "integration-sink-server-tls" //nolint:gosec // This is not a hardcoded credential
 )
 
 type ClientConfig struct {
diff --git a/pkg/reconciler/integration/sink/controller.go b/pkg/reconciler/integration/sink/controller.go
index a50e2e8c9ac..460776b19bc 100644
--- a/pkg/reconciler/integration/sink/controller.go
+++ b/pkg/reconciler/integration/sink/controller.go
@@ -31,7 +31,6 @@ import (
 	secretinformer "knative.dev/pkg/injection/clients/namespacedkube/informers/core/v1/secret"
 
 	integrationsinkreconciler "knative.dev/eventing/pkg/client/injection/reconciler/sinks/v1alpha1/integrationsink"
-	"knative.dev/eventing/pkg/eventingtls"
 	kubeclient "knative.dev/pkg/client/injection/kube/client"
 	"knative.dev/pkg/configmap"
 	"knative.dev/pkg/controller"
@@ -82,10 +81,6 @@ func NewController(
 	globalResync = func(interface{}) {
 		impl.GlobalResync(integrationSinkInformer.Informer())
 	}
-	secretInformer.Informer().AddEventHandler(cache.FilteringResourceEventHandler{
-		FilterFunc: controller.FilterWithName(eventingtls.IntegrationSinkDispatcherServerTLSSecretName),
-		Handler:    controller.HandleAll(globalResync),
-	})
 
 	deploymentInformer.Informer().AddEventHandler(cache.FilteringResourceEventHandler{
 		FilterFunc: controller.FilterControllerGVK(v1alpha1.SchemeGroupVersion.WithKind("IntegrationSink")),