the following code will empty the default security rules.
for _, securityGroup := range securityGroups.Resources {
if !strings.HasPrefix(securityGroup.Name, "switchblade") {
err = s.cli.Execute(pexec.Execution{
Args: []string{"update-security-group", securityGroup.Name, filepath.Join(home, "empty-security-group.json")},
Stdout: log,
Stderr: log,
Env: env,
})
if err != nil {
return "", fmt.Errorf("failed to update-security-group: %w\n\nOutput:\n%s", err, log)
}
}
}
the following code will empty the default security rules.
https://github.com/cloudfoundry/switchblade/blob/main/internal/cloudfoundry/setup.go#L318-L330
this is harmful on a running cloudfoundry instance
and i also do not see the purposes of this,
as we already set security rules per switchblade app/org/space
can someone please elaborate why this would be necessary