diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index ee37649c47d584833c401a8f68748ba46a4d8fd2..174b22aba6b25c8f4e2219e8db7234b21b6e442a 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -14,6 +14,13 @@ spec:
ingress:
- ports:
- port: 8080
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ name: {{ (.Values.networkPolicy).monitoringNamespace | default "openshift-user-workload-monitoring" }}
+ ports:
+ - protocol: TCP
+ port: 8081
{{- with (.Values.networkPolicy).additionalIngressConfigLocal }}
{{ toYaml . | indent 2 }}
{{- end }}
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index b1b35ecddd7608c33ed412b7a036829d4e966bb6..e4f349ce5591852828a2d7c511244c12e239e652 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -76,6 +76,13 @@ tests:
ingress:
- ports:
- port: 8080
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ name: openshift-user-workload-monitoring
+ ports:
+ - port: 8081
+ protocol: TCP
egress:
- to:
- podSelector:
@@ -259,4 +266,21 @@ tests:
collaborationEnabled: true
asserts:
- failedTemplate:
- errorMessage: zufiManager.namespace must be set if zufiManager server is enabled
\ No newline at end of file
+ errorMessage: zufiManager.namespace must be set if zufiManager server is enabled
+ - it: should set monitoring namesapce
+ set:
+ networkPolicy:
+ ssoPublicIp: 1.1.1.1
+ dnsServerNamespace: test-dns-server-namespace
+ monitoringNamespace: test-monitoring
+ asserts:
+ - contains:
+ path: spec.ingress
+ content:
+ from:
+ - namespaceSelector:
+ matchLabels:
+ name: test-monitoring
+ ports:
+ - protocol: TCP
+ port: 8081
\ No newline at end of file