OZG-4455 add egress network policy option

6c041613 · OZGCloud · 48e579cc · 6c041613 · 6c041613
Commit 6c041613 authored 1 year ago by OZGCloud
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -89,4 +89,9 @@ spec:
    - ipBlock:
        cidr:  {{ required "ozgcloud.bayernid.cidr muss angegeben sein" ((.Values.ozgcloud).bayernid).cidr }}
 {{- end }}
+
+{{- with (.Values.networkPolicy).additionalEgressConfig }}
+{{ toYaml . | indent 2 }}
+{{- end }}
+
 {{- end }}
\ No newline at end of file
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -148,6 +148,38 @@ tests:
              - ipBlock:
                  cidr: 2.3.4.5/1

+  - it: add egress rules by values
+    set:
+      networkPolicy:
+        additionalEgressConfig:
+        - to:
+          - ipBlock:
+              cidr: 1.1.1.1/32
+        - to:
+          - podSelector:
+              matchLabels:
+                component: ozg-mongodb
+          ports:
+            - port: 27017
+              protocol: TCP
+      asserts:
+      - contains:
+          path: spec.egress
+          content:
+            to:
+            - ipBlock:
+                cidr: 1.1.1.1/32
+      - contains:
+          path: spec.egress
+          content:
+            to:
+            - podSelector:
+                matchLabels:
+                  component: ozg-mongodb
+            ports:
+              - port: 27017
+                protocol: TCP
+
  - it: test network policy disabled
    set:
      networkPolicy: