From 6c04161328fb1e48542bf511c624a1061b01d656 Mon Sep 17 00:00:00 2001 From: OZGCloud <ozgcloud@mgm-tp.com> Date: Wed, 8 Nov 2023 13:34:03 +0100 Subject: [PATCH] OZG-4455 add egress network policy option --- src/main/helm/templates/network_policy.yaml | 5 ++++ src/test/helm/network_policy_test.yaml | 32 +++++++++++++++++++++ 2 files changed, 37 insertions(+) diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml index 5cee33420..99ce5027f 100644 --- a/src/main/helm/templates/network_policy.yaml +++ b/src/main/helm/templates/network_policy.yaml @@ -89,4 +89,9 @@ spec: - ipBlock: cidr: {{ required "ozgcloud.bayernid.cidr muss angegeben sein" ((.Values.ozgcloud).bayernid).cidr }} {{- end }} + +{{- with (.Values.networkPolicy).additionalEgressConfig }} +{{ toYaml . | indent 2 }} +{{- end }} + {{- end }} \ No newline at end of file diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml index ca1e231f2..408efa3a3 100644 --- a/src/test/helm/network_policy_test.yaml +++ b/src/test/helm/network_policy_test.yaml @@ -148,6 +148,38 @@ tests: - ipBlock: cidr: 2.3.4.5/1 + - it: add egress rules by values + set: + networkPolicy: + additionalEgressConfig: + - to: + - ipBlock: + cidr: 1.1.1.1/32 + - to: + - podSelector: + matchLabels: + component: ozg-mongodb + ports: + - port: 27017 + protocol: TCP + asserts: + - contains: + path: spec.egress + content: + to: + - ipBlock: + cidr: 1.1.1.1/32 + - contains: + path: spec.egress + content: + to: + - podSelector: + matchLabels: + component: ozg-mongodb + ports: + - port: 27017 + protocol: TCP + - it: test network policy disabled set: networkPolicy: -- GitLab