From 6c04161328fb1e48542bf511c624a1061b01d656 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Wed, 8 Nov 2023 13:34:03 +0100
Subject: [PATCH] OZG-4455 add egress network policy option

---
 src/main/helm/templates/network_policy.yaml |  5 ++++
 src/test/helm/network_policy_test.yaml      | 32 +++++++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index 5cee33420..99ce5027f 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -89,4 +89,9 @@ spec:
     - ipBlock:
         cidr:  {{ required "ozgcloud.bayernid.cidr muss angegeben sein" ((.Values.ozgcloud).bayernid).cidr }}
 {{- end }}
+
+{{- with (.Values.networkPolicy).additionalEgressConfig }}
+{{ toYaml . | indent 2 }}
+{{- end }}
+
 {{- end }}
\ No newline at end of file
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index ca1e231f2..408efa3a3 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -148,6 +148,38 @@ tests:
               - ipBlock:
                   cidr: 2.3.4.5/1
 
+  - it: add egress rules by values
+    set:
+      networkPolicy:
+        additionalEgressConfig:
+        - to:
+          - ipBlock:
+              cidr: 1.1.1.1/32
+        - to:
+          - podSelector:
+              matchLabels:
+                component: ozg-mongodb
+          ports:
+            - port: 27017
+              protocol: TCP
+      asserts:
+      - contains:
+          path: spec.egress
+          content:
+            to:
+            - ipBlock:
+                cidr: 1.1.1.1/32
+      - contains:
+          path: spec.egress
+          content:
+            to:
+            - podSelector:
+                matchLabels:
+                  component: ozg-mongodb
+            ports:
+              - port: 27017
+                protocol: TCP
+
   - it: test network policy disabled
     set:
       networkPolicy:
-- 
GitLab