From 3ae624f432a813ab794714cee7499357b0698ac7 Mon Sep 17 00:00:00 2001
From: Felix Reichenbach <felix.reichenbach@mgm-tp.com>
Date: Tue, 14 Jan 2025 12:09:14 +0100
Subject: [PATCH] OZG-6741 revert netpol changes
---
src/main/helm/templates/network_policy.yaml | 7 --
src/test/helm/network_policy_test.yaml | 93 ++++++++++-----------
2 files changed, 43 insertions(+), 57 deletions(-)
diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index 21b59c44..3778b7b1 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -69,13 +69,6 @@ spec:
ports:
- port: 27017
protocol: TCP
- - to:
- - podSelector:
- matchLabels:
- component: alfa
- ports:
- - port: 8080
- protocol: TCP
# public keycloak ip
- to:
- ipBlock:
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 34c0d4b3..7eb27b3a 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -76,12 +76,12 @@ tests:
- ports:
- port: 8080
- from:
- - namespaceSelector:
- matchLabels:
- name: "openshift-user-workload-monitoring"
+ - namespaceSelector:
+ matchLabels:
+ name: "openshift-user-workload-monitoring"
ports:
- - protocol: TCP
- port: 8081
+ - protocol: TCP
+ port: 8081
egress:
- to:
- namespaceSelector:
@@ -100,13 +100,6 @@ tests:
ports:
- port: 27017
protocol: TCP
- - to:
- - podSelector:
- matchLabels:
- component: "alfa"
- ports:
- - port: 8080
- protocol: TCP
# public keycloak ip
- to:
- ipBlock:
@@ -131,18 +124,18 @@ tests:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-namespace-dns
additionalIngressConfigLocal:
- - from:
- - podSelector:
- matchLabels:
- component: client2
+ - from:
+ - podSelector:
+ matchLabels:
+ component: client2
asserts:
- contains:
path: spec.ingress
content:
from:
- - podSelector:
- matchLabels:
- component: client2
+ - podSelector:
+ matchLabels:
+ component: client2
- it: set ingress monitoring namespace rule
set:
@@ -155,30 +148,30 @@ tests:
path: spec.ingress
content:
from:
- - namespaceSelector:
- matchLabels:
- name: "monitoring"
+ - namespaceSelector:
+ matchLabels:
+ name: "monitoring"
ports:
- - protocol: TCP
- port: 8081
+ - protocol: TCP
+ port: 8081
- it: add ingress rule by values global
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-namespace-dns
additionalIngressConfigGlobal:
- - from:
- - podSelector:
- matchLabels:
- component: client2
+ - from:
+ - podSelector:
+ matchLabels:
+ component: client2
asserts:
- contains:
path: spec.ingress
content:
from:
- - podSelector:
- matchLabels:
- component: client2
+ - podSelector:
+ matchLabels:
+ component: client2
- it: add egress rules by values local
set:
@@ -186,32 +179,32 @@ tests:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-dns-namespace
additionalEgressConfigLocal:
- - to:
- - ipBlock:
- cidr: 1.2.3.4/32
+ - to:
+ - ipBlock:
+ cidr: 1.2.3.4/32
asserts:
- - contains:
- path: spec.egress
- content:
- to:
- - ipBlock:
- cidr: 1.2.3.4/32
+ - contains:
+ path: spec.egress
+ content:
+ to:
+ - ipBlock:
+ cidr: 1.2.3.4/32
- it: add egress rules by values Global
set:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-dns-namespace
additionalEgressConfigGlobal:
- - to:
- - ipBlock:
- cidr: 1.2.3.4/32
+ - to:
+ - ipBlock:
+ cidr: 1.2.3.4/32
asserts:
- - contains:
- path: spec.egress
- content:
- to:
- - ipBlock:
- cidr: 1.2.3.4/32
+ - contains:
+ path: spec.egress
+ content:
+ to:
+ - ipBlock:
+ cidr: 1.2.3.4/32
- it: test network policy disabled
set:
@@ -254,4 +247,4 @@ tests:
ssoPublicIp: 1.1.1.1
asserts:
- hasDocuments:
- count: 1
+ count: 1
\ No newline at end of file
--
GitLab