From 7941898c25ab685f2dc0e9f02823470e52c93fef Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Thu, 25 Apr 2024 16:39:20 +0200
Subject: [PATCH] ozg-5100 additional global and local networpolicies

---
 src/main/helm/templates/network_policy.yaml | 12 +++-
 src/test/helm/network_policy_test.yaml      | 70 ++++++++++++++++++---
 2 files changed, 70 insertions(+), 12 deletions(-)

diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index efe20f52..37671ef7 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -14,7 +14,10 @@ spec:
   ingress:
   - ports:
     - port: 8080
-{{- with (.Values.networkPolicy).additionalIngressConfig }}
+{{- with (.Values.networkPolicy).additionalIngressConfigLocal }}
+{{ toYaml . | indent 2 }}
+{{- end }}
+{{- with (.Values.networkPolicy).additionalIngressConfigGlobal }}
 {{ toYaml . | indent 2 }}
 {{- end }}
   egress:
@@ -42,8 +45,11 @@ spec:
           protocol: UDP
         - port: 5353
           protocol: TCP
-{{- with (.Values.networkPolicy).additionalEgressConfig }}
-{{ toYaml . | indent 2 }}
+{{- with (.Values.networkPolicy).additionalEgressConfigLocal }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+{{- with (.Values.networkPolicy).additionalEgressConfigGlobal }}
+{{ toYaml . | indent 4 }}
 {{- end }}
 
 {{- end }}
\ No newline at end of file
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 5ce2a529..5069e64c 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -91,24 +91,76 @@ tests:
                     protocol: UDP
                   - port: 5353
                     protocol: TCP
-  - it: add ingress rule by values
+
+  - it: add ingress rule by values local
     set:
       networkPolicy:
         ssoPublicIp: 51.89.117.53/32
         dnsServerNamespace: test-namespace-dns
-        additionalIngressConfig:
-          - from:
-              - podSelector:
-                  matchLabels:
-                    component: client2
+        additionalIngressConfigLocal:
+        - from:
+          - podSelector: 
+              matchLabels:
+                component: client2
     asserts:
       - contains:
           path: spec.ingress
           content:
             from:
-              - podSelector:
-                  matchLabels:
-                    component: client2
+            - podSelector: 
+                matchLabels:
+                  component: client2
+  - it: add ingress rule by values global
+    set:
+      networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-namespace-dns
+        additionalIngressConfigGlobal:
+        - from:
+          - podSelector: 
+              matchLabels:
+                component: client2
+    asserts:
+      - contains:
+          path: spec.ingress
+          content:
+            from:
+            - podSelector: 
+                matchLabels:
+                  component: client2
+
+  - it: add egress rules by values local
+    set:
+      networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-dns-namespace
+        additionalEgressConfigLocal:
+        - to:
+          - ipBlock:
+              cidr: 1.2.3.4/32
+    asserts:
+    - contains:
+        path: spec.egress
+        content:
+          to:
+          - ipBlock:
+              cidr: 1.2.3.4/32
+  - it: add egress rules by values Global
+    set:
+      networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-dns-namespace
+        additionalEgressConfigGlobal:
+        - to:
+          - ipBlock:
+              cidr: 1.2.3.4/32
+    asserts:
+    - contains:
+        path: spec.egress
+        content:
+          to:
+          - ipBlock:
+              cidr: 1.2.3.4/32
 
   - it: test network policy disabled
     set:
-- 
GitLab