@@ -7,6 +7,14 @@ source "$(dirname "$SCRIPT")/../../lib/common.sh"
77
88test_in_well_known_dev_context
99
10+ # Uninstall Helm releases first to let Helm clean up its managed resources properly.
11+ for release in stackrox-central-services stackrox-secured-cluster-services stackrox-monitoring; do
12+ if helm status " $release " & > /dev/null; then
13+ einfo " Uninstalling Helm release: $release "
14+ helm uninstall " $release " || true
15+ fi
16+ done
17+
1018# Collect all stackrox PVs before we delete the respective PVCs.
1119IFS=$' \n ' read -d ' ' < <(
1220 kubectl get pv -o json | jq -r ' .items[] | select(.spec.claimRef.namespace == "stackrox") | .metadata.name'
@@ -21,6 +29,15 @@ kubectl -n stackrox get cm,deploy,ds,hpa,networkpolicy,role,rolebinding,secret,s
2129# Only delete cluster-wide RBAC/PSP-related resources that contain have the app.kubernetes.io/name=stackrox label.
2230kubectl -n stackrox get clusterrole,clusterrolebinding,psp,validatingwebhookconfiguration -o name -l app.kubernetes.io/name=stackrox | xargs kubectl -n stackrox delete --wait
2331
32+ # Delete the SecurityPolicy CRD which is not labeled and can cause "managedFields must be nil" errors
33+ # if left behind when reinstalling via Helm.
34+ kubectl delete crd securitypolicies.config.stackrox.io --ignore-not-found
35+
36+ # Delete monitoring ClusterRoles/ClusterRoleBindings that are managed by the stackrox-monitoring Helm release
37+ # and may not have the app.kubernetes.io/name=stackrox label.
38+ kubectl delete clusterrole stackrox-monitoring stackrox-monitoring-kube-state-metrics --ignore-not-found
39+ kubectl delete clusterrolebinding stackrox-monitoring-kube-state-metrics --ignore-not-found
40+
2441# # DO NOT RUN THIS IN A CUSTOMER ENVIRONMENT, IT WILL DELETE ALL THEIR DATA
2542# # AND THEY WILL NEVER TALK TO US AGAIN.
2643[[ " ${# stackrox_pvs[@]} " == 0 ]] || kubectl delete --wait pv " ${stackrox_pvs[@]} "
0 commit comments