diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index 1f3c97142e3282e62cc84628cffb0ce376b21ace..3808e4bb7a84a8d65ff7387a73152098ec842592 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -48,6 +48,13 @@ spec:
- podSelector:
matchLabels:
ozg-component: xta-adapter
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ name: {{ (.Values.networkPolicy).monitoringNamespace | default "openshift-user-workload-monitoring" }}
+ ports:
+ - protocol: TCP
+ port: 8081
{{- if ((.Values.ozgcloud).antragraum).enabled }}
- from:
- namespaceSelector:
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 4a10bb1398946fc48c6e90783a1c3af5fc592e6f..d96ceb8d562bc5631faca0bd8e8c875e4f797eb2 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -107,6 +107,40 @@ tests:
matchLabels:
ozg-component: xta-adapter
+ - it: should add ingress rule for monitoring scraper
+ set:
+ networkPolicy:
+ dnsServerNamespace: test-dns-namespace
+ asserts:
+ - contains:
+ path: spec.ingress
+ content:
+ ports:
+ - port: 8081
+ protocol: TCP
+ from:
+ - namespaceSelector:
+ matchLabels:
+ name: openshift-user-workload-monitoring
+
+ - it: should set monitoring namespace for monitoring scraper ingress rule
+ set:
+ networkPolicy:
+ dnsServerNamespace: test-dns-namespace
+ monitoringNamespace: test-monitoring
+ asserts:
+ - contains:
+ path: spec.ingress
+ content:
+ ports:
+ - port: 8081
+ protocol: TCP
+ from:
+ - namespaceSelector:
+ matchLabels:
+ name: test-monitoring
+
+
- it: should add ingress rule for antragraum if antragraum is enabled
set:
networkPolicy: