From 5d0eeb8e80d31fb7d66c8a6943d66d025c21ac64 Mon Sep 17 00:00:00 2001
From: Giovanni Guerrieri <giovanni.guerrieri@cern.ch>
Date: Wed, 24 Sep 2025 18:03:31 +0200
Subject: [PATCH] feat(policies): enable ESCAPE policies on rucio services

See https://github.com/ESCAPE-WP2/ESCAPE-Rucio-policy-package/pull/3
---
 infrastructure/cluster/flux/rucio/rucio-daemons.yaml     | 6 ++++++
 infrastructure/cluster/flux/rucio/rucio-servers.yaml     | 6 ++++++
 infrastructure/cluster/flux/rucio/rucio-serversAuth.yaml | 6 ++++++
 infrastructure/cluster/flux/rucio/rucio-ui.yaml          | 6 ++++++
 4 files changed, 24 insertions(+)

diff --git a/infrastructure/cluster/flux/rucio/rucio-daemons.yaml b/infrastructure/cluster/flux/rucio/rucio-daemons.yaml
index d93d38f..cc41909 100644
--- a/infrastructure/cluster/flux/rucio/rucio-daemons.yaml
+++ b/infrastructure/cluster/flux/rucio/rucio-daemons.yaml
@@ -27,6 +27,12 @@ spec:
     #   valuesKey: values.yaml
 
   values:
+    policyPackages:
+      enabled: true
+      packages:
+        - moduleName: escape-rucio-policy-package
+          requirement: escape-rucio-policy-package==0.1.0
+          version: 0.1.0
     additionalSecrets:
       - volumeName: idpsecrets
         secretName: idpsecrets
diff --git a/infrastructure/cluster/flux/rucio/rucio-servers.yaml b/infrastructure/cluster/flux/rucio/rucio-servers.yaml
index 1f81018..59f3292 100644
--- a/infrastructure/cluster/flux/rucio/rucio-servers.yaml
+++ b/infrastructure/cluster/flux/rucio/rucio-servers.yaml
@@ -25,6 +25,12 @@ spec:
       targetPath: config.database.default
 
   values:
+    policyPackages:
+      enabled: true
+      packages:
+        - moduleName: escape-rucio-policy-package
+          requirement: escape-rucio-policy-package==0.1.0
+          version: 0.1.0
     secretMounts:
       - secretName: server-gridca
         mountPath: /etc/grid-security/certificates/
diff --git a/infrastructure/cluster/flux/rucio/rucio-serversAuth.yaml b/infrastructure/cluster/flux/rucio/rucio-serversAuth.yaml
index c0619e7..f4381ac 100644
--- a/infrastructure/cluster/flux/rucio/rucio-serversAuth.yaml
+++ b/infrastructure/cluster/flux/rucio/rucio-serversAuth.yaml
@@ -25,6 +25,12 @@ spec:
       targetPath: config.database.default
 
   values:
+    policyPackages:
+      enabled: true
+      packages:
+        - moduleName: escape-rucio-policy-package
+          requirement: escape-rucio-policy-package==0.1.0
+          version: 0.1.0
     secretMounts:
       # - secretName: server-hostcert
       #   mountPath: /etc/grid-security/hostcert.pem
diff --git a/infrastructure/cluster/flux/rucio/rucio-ui.yaml b/infrastructure/cluster/flux/rucio/rucio-ui.yaml
index 8a42bcc..662bf97 100644
--- a/infrastructure/cluster/flux/rucio/rucio-ui.yaml
+++ b/infrastructure/cluster/flux/rucio/rucio-ui.yaml
@@ -24,6 +24,12 @@ spec:
       targetPath: config.database.default
   
   values:
+    policyPackages:
+      enabled: true
+      packages:
+        - moduleName: escape-rucio-policy-package
+          requirement: escape-rucio-policy-package==0.1.0
+          version: 0.1.0
     secretMounts:
       - secretName: hostcert
         mountPath: /etc/grid-security/hostcert.pem