From afec9ae36bbe078e6d7d5cce1a1799daaa85d4f4 Mon Sep 17 00:00:00 2001
From: Chuck McAndrew <6248903+dcmcand@users.noreply.github.com>
Date: Thu, 22 Feb 2024 14:39:49 -0500
Subject: [PATCH] update max k8s versions and remove depreciated api usage in
 local deploy

---
 src/_nebari/constants.py                      |  2 +-
 .../infrastructure/template/local/main.tf     |  6 +-
 .../template/local/metallb.yaml               | 79 -------------------
 3 files changed, 4 insertions(+), 83 deletions(-)

diff --git a/src/_nebari/constants.py b/src/_nebari/constants.py
index 19ed5ce7e8..ce81d6b417 100644
--- a/src/_nebari/constants.py
+++ b/src/_nebari/constants.py
@@ -8,7 +8,7 @@
 # 04-kubernetes-ingress
 DEFAULT_TRAEFIK_IMAGE_TAG = "2.9.1"
 
-HIGHEST_SUPPORTED_K8S_VERSION = ("1", "26", "9")
+HIGHEST_SUPPORTED_K8S_VERSION = ("1", "29", "2")
 DEFAULT_GKE_RELEASE_CHANNEL = "UNSPECIFIED"
 
 DEFAULT_NEBARI_DASK_VERSION = CURRENT_RELEASE
diff --git a/src/_nebari/stages/infrastructure/template/local/main.tf b/src/_nebari/stages/infrastructure/template/local/main.tf
index 00c1ca97b0..fb0d0997e1 100644
--- a/src/_nebari/stages/infrastructure/template/local/main.tf
+++ b/src/_nebari/stages/infrastructure/template/local/main.tf
@@ -1,8 +1,8 @@
 terraform {
   required_providers {
     kind = {
-      source  = "kyma-incubator/kind"
-      version = "0.0.11"
+      source  = "tehcyx/kind"
+      version = "0.4.0"
     }
     docker = {
       source  = "kreuzwerker/docker"
@@ -48,7 +48,7 @@ resource "kind_cluster" "default" {
 
     node {
       role  = "general"
-      image = "kindest/node:v1.23.13"
+      image = "kindest/node:v1.29.2"
     }
   }
 }
diff --git a/src/_nebari/stages/infrastructure/template/local/metallb.yaml b/src/_nebari/stages/infrastructure/template/local/metallb.yaml
index 9d6b6833c8..c832baebde 100644
--- a/src/_nebari/stages/infrastructure/template/local/metallb.yaml
+++ b/src/_nebari/stages/infrastructure/template/local/metallb.yaml
@@ -1,82 +1,3 @@
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  labels:
-    app: metallb
-  name: controller
-spec:
-  allowPrivilegeEscalation: false
-  allowedCapabilities: []
-  allowedHostPaths: []
-  defaultAddCapabilities: []
-  defaultAllowPrivilegeEscalation: false
-  fsGroup:
-    ranges:
-    - max: 65535
-      min: 1
-    rule: MustRunAs
-  hostIPC: false
-  hostNetwork: false
-  hostPID: false
-  privileged: false
-  readOnlyRootFilesystem: true
-  requiredDropCapabilities:
-  - ALL
-  runAsUser:
-    ranges:
-    - max: 65535
-      min: 1
-    rule: MustRunAs
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    ranges:
-    - max: 65535
-      min: 1
-    rule: MustRunAs
-  volumes:
-  - configMap
-  - secret
-  - emptyDir
----
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  labels:
-    app: metallb
-  name: speaker
-spec:
-  allowPrivilegeEscalation: false
-  allowedCapabilities:
-  - NET_RAW
-  allowedHostPaths: []
-  defaultAddCapabilities: []
-  defaultAllowPrivilegeEscalation: false
-  fsGroup:
-    rule: RunAsAny
-  hostIPC: false
-  hostNetwork: true
-  hostPID: false
-  hostPorts:
-  - max: 7472
-    min: 7472
-  - max: 7946
-    min: 7946
-  privileged: true
-  readOnlyRootFilesystem: true
-  requiredDropCapabilities:
-  - ALL
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    rule: RunAsAny
-  volumes:
-  - configMap
-  - secret
-  - emptyDir
----
 apiVersion: v1
 kind: ServiceAccount
 metadata: