From be65e71943d292c0cf4c819849a49d43288f799b Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Wed, 28 Aug 2024 13:48:35 +0200
Subject: [PATCH] OZG-6499 OZG-6566 Add egress to administration
---
src/main/helm/templates/network_policy.yaml | 15 +++++++++++----
src/test/helm/network_policy_test.yaml | 7 +++++++
2 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index ee37649c47..6351f504d5 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -26,7 +26,7 @@ spec:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: {{ required "zufiManager.namespace must be set if zufiManager server is enabled" (.Values.zufiManager).namespace }}
- podSelector:
+ podSelector:
matchLabels:
component: zufi-server
ports:
@@ -34,15 +34,22 @@ spec:
protocol: TCP
{{- end }}
- to:
- - podSelector:
+ - podSelector:
matchLabels:
component: vorgang-manager
ports:
- port: 9090
protocol: TCP
+ - to:
+ - podSelector:
+ matchLabels:
+ component: administration
+ ports:
+ - port: 8080
+ protocol: TCP
# public keycloak ip
- to:
- - ipBlock:
+ - ipBlock:
cidr: {{ required "networkPolicy.ssoPublicIp must be set" (.Values.networkPolicy).ssoPublicIp }}
- to:
- namespaceSelector:
@@ -58,7 +65,7 @@ spec:
- port: 5353
protocol: TCP
- to:
- - podSelector:
+ - podSelector:
matchLabels:
component: user-manager
ports:
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index b1b35ecddd..7316383d23 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -84,6 +84,13 @@ tests:
ports:
- port: 9090
protocol: TCP
+ - to:
+ - podSelector:
+ matchLabels:
+ component: administration
+ ports:
+ - port: 8080
+ protocol: TCP
# public keycloak ip
- to:
- ipBlock:
--
GitLab