From 8862ff90eb24573b2bddf7921751b34e5ced84ca Mon Sep 17 00:00:00 2001
From: "maximilian.bartz" <maximilian.bartz@phoenix-systems.ch>
Date: Mon, 30 Jun 2025 11:48:40 +0200
Subject: [PATCH] Added firewall test deploy from S3 Bucket

---
 firewall-dev/ks-vm.yaml        | 18 ++++++++++
 firewall-dev/vm/fortigate.yaml | 64 ++++++++++++++++++++++++++++++++++
 kustomization.yaml             |  1 +
 3 files changed, 83 insertions(+)
 create mode 100644 firewall-dev/ks-vm.yaml
 create mode 100644 firewall-dev/vm/fortigate.yaml

diff --git a/firewall-dev/ks-vm.yaml b/firewall-dev/ks-vm.yaml
new file mode 100644
index 0000000..11a4382
--- /dev/null
+++ b/firewall-dev/ks-vm.yaml
@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app fortigate
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./firewall-dev/vm
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: tenant-repos
+  wait: false
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m
\ No newline at end of file
diff --git a/firewall-dev/vm/fortigate.yaml b/firewall-dev/vm/fortigate.yaml
new file mode 100644
index 0000000..c0433e6
--- /dev/null
+++ b/firewall-dev/vm/fortigate.yaml
@@ -0,0 +1,64 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  name: fortigate-dev
+  namespace: ${TENANT_NAMESPACE}
+spec:
+  dataVolumeTemplates:
+    - metadata:
+        name: fortigate-rootdisk-dev
+      spec:
+        source:
+          http:
+            url: https://glacier-1.kvant.cloud/ocp-virt-images/sources/fortios_v7_6_3.qcow2
+        storage:
+          resources:
+            requests:
+              storage: 30Gi
+  runStrategy: Always
+  template:
+    metadata:
+      labels:
+        kubevirt.io/domain: fortigate-dev
+    spec:
+      domain:
+        cpu:
+          cores: 2
+        memory:
+          guest: 4Gi
+        features:
+          acpi: {}
+          smm:
+            enabled: true
+        firmware:
+          bootloader:
+            efi:
+              secureBoot: true
+        devices:
+          rng: {}
+          networkInterfaceMultiqueue: true
+          interfaces:
+            - name: default
+              masquerade: {}
+              ports:
+                - port: 443
+                - port: 22
+          disks:
+            - disk:
+                bus: sata
+              name: rootdisk
+        resources:
+          requests:
+            memory: 4Gi
+            cpu: 2
+          limits:
+            memory: 4Gi
+            cpu: 2
+      networks:
+        - name: default
+          pod: {}
+      terminationGracePeriodSeconds: 180
+      volumes:
+        - name: rootdisk
+          dataVolume:
+            name: fortigate-rootdisk-dev
\ No newline at end of file
diff --git a/kustomization.yaml b/kustomization.yaml
index bc48a2c..3214af5 100644
--- a/kustomization.yaml
+++ b/kustomization.yaml
@@ -5,6 +5,7 @@ resources:
   - repos/ks.yaml
   - network/ks-lb.yaml
   - firewall/ks-vm.yaml
+  - firewall-dev/ks-vm.yaml
   - windows-vm-standard/ks-vm.yaml
   - windows-vm-standard/ks-pvc.yaml
   - windows-vm-standard-dev/ks-vm.yaml