From 6286c0a888a199cd71e9a299acac1058b37e2afa Mon Sep 17 00:00:00 2001
From: bcaton <bcaton@redhat.com>
Date: Wed, 10 Dec 2025 13:14:48 -0500
Subject: [PATCH] Revert "bundle: Add NetworkPolicy to
 container-security-operator (PROJQUAY-9430) (#148)"

This reverts commit 4ba8e553d62b1a53e127ef9421320e945cf6a49a.
---
 ...ainer-security-operator.networkpolicy.yaml | 85 -------------------
 1 file changed, 85 deletions(-)
 delete mode 100644 bundle/manifests/container-security-operator.networkpolicy.yaml

diff --git a/bundle/manifests/container-security-operator.networkpolicy.yaml b/bundle/manifests/container-security-operator.networkpolicy.yaml
deleted file mode 100644
index 4f93c69..0000000
--- a/bundle/manifests/container-security-operator.networkpolicy.yaml
+++ /dev/null
@@ -1,85 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: container-security-operator
-  labels:
-    app.kubernetes.io/name: container-security-operator
-    app.kubernetes.io/component: operator
-    app.kubernetes.io/part-of: container-security-operator
-spec:
-  podSelector:
-    matchLabels:
-      name: container-security-operator-alm-owned
-  policyTypes:
-  - Ingress
-  - Egress
-  ingress:
-  # Allow Prometheus scraping on metrics port
-  - from:
-    - namespaceSelector:
-        matchLabels:
-          name: openshift-monitoring
-    - namespaceSelector:
-        matchLabels:
-          name: monitoring
-    - namespaceSelector:
-        matchLabels:
-          name: prometheus
-    ports:
-    - protocol: TCP
-      port: 8081
-  # Allow Kubernetes API server communication
-  - from:
-    - namespaceSelector: {}
-    ports:
-    - protocol: TCP
-      port: 443
-    - protocol: TCP
-      port: 6443
-  egress:
-  # Allow DNS resolution
-  - to: []
-    ports:
-    - protocol: UDP
-      port: 53
-    - protocol: TCP
-      port: 53
-  # Allow HTTPS connections to container registries and external services
-  - to: []
-    ports:
-    - protocol: TCP
-      port: 443
-  # Allow HTTP connections for well-known endpoint discovery (fallback)
-  - to: []
-    ports:
-    - protocol: TCP
-      port: 80
-  # Allow Kubernetes API server communication
-  - to:
-    - namespaceSelector:
-        matchLabels:
-          name: kube-system
-    - namespaceSelector:
-        matchLabels:
-          name: openshift-kube-apiserver
-    - namespaceSelector:
-        matchLabels:
-          name: openshift-apiserver
-    ports:
-    - protocol: TCP
-      port: 443
-    - protocol: TCP
-      port: 6443
-  # Allow communication with OpenShift operator APIs
-  - to:
-    - namespaceSelector:
-        matchLabels:
-          name: openshift-operator-lifecycle-manager
-    - namespaceSelector:
-        matchLabels:
-          name: openshift-marketplace
-    ports:
-    - protocol: TCP
-      port: 443
-    - protocol: TCP
-      port: 6443