From be38e361ebdac8c00255a2caa212b78b2527f65e Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Fri, 12 Apr 2024 16:02:44 +0200
Subject: [PATCH] OZG-5100 add namespace additionamNetworkRules

---
 .../main/helm/templates/network_policy.yaml   |  6 +++
 .../src/test/helm/network_policy_test.yaml    | 39 +++++++++++++++++++
 src/main/helm/templates/network_policy.yaml   |  6 +++
 src/test/helm/network_policy_test.yaml        | 38 ++++++++++++++++++
 4 files changed, 89 insertions(+)

diff --git a/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml b/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml
index e0effc809..95cd70f64 100644
--- a/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml
+++ b/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml
@@ -44,6 +44,9 @@ spec:
           component: vorgang-manager
 {{- with (.Values.networkPolicy).additionalIngressConfig }}
 {{ toYaml . | indent 2 }}
+{{- end }}
+{{- with (.Values.networkPolicy).additionalIngressConfigNamespace }}
+{{ toYaml . | indent 2 }}
 {{- end }}
   egress:
   - to:
@@ -62,5 +65,8 @@ spec:
 {{- with (.Values.networkPolicy).additionalEgressConfig }}
 {{ toYaml . | indent 2 }}
 {{- end }}
+{{- with (.Values.networkPolicy).additionalEgressConfigNamespace }}
+{{ toYaml . | indent 2 }}
+{{- end }}
 
 {{- end }}
\ No newline at end of file
diff --git a/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml b/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml
index 7382ad094..fbb9de636 100644
--- a/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml
+++ b/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml
@@ -110,6 +110,7 @@ tests:
                 matchLabels:
                   component: client2
 
+
   - it: add egress rules by values
     set:
       networkPolicy:
@@ -144,6 +145,44 @@ tests:
             - port: 12345
               protocol: TCP
 
+
+  - it: should add additionalIngressConfigNamespace
+    set:
+      networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-namespace-dns
+        additionalIngressConfigNamespace:
+        - from:
+          - podSelector: 
+              matchLabels:
+                additionalIngressConfigNamespace: yes
+    asserts:
+      - contains:
+          path: spec.ingress
+          content:
+            from:
+            - podSelector: 
+                matchLabels:
+                  additionalIngressConfigNamespace: yes
+
+  - it: should add additionalEgressConfigNamespace
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
+        additionalEgressConfigNamespace:
+        - to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+    asserts:
+    - contains:
+        path: spec.egress
+        content:
+          to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+
   - it: test network policy disabled
     set:
       networkPolicy:
diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index fb20373df..88ad059ed 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -47,6 +47,9 @@ spec:
           ozg-component: eingangsadapter
 {{- with (.Values.networkPolicy).additionalIngressConfig }}
 {{ toYaml . | indent 2 }}
+{{- end }}
+{{- with (.Values.networkPolicy).additionalIngressConfigNamespace }}
+{{ toYaml . | indent 2 }}
 {{- end }}
   egress:
   - to:
@@ -101,5 +104,8 @@ spec:
 {{- with (.Values.networkPolicy).additionalEgressConfig }}
 {{ toYaml . | indent 2 }}
 {{- end }}
+{{- with (.Values.networkPolicy).additionalEgressConfigNamespace }}
+{{ toYaml . | indent 2 }}
+{{- end }}
 
 {{- end }}
\ No newline at end of file
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 16661a34b..e31527a6a 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -287,6 +287,44 @@ tests:
             - port: 12345
               protocol: TCP
 
+
+  - it: should add additionalIngressConfigNamespace
+    set:
+      networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-namespace-dns
+        additionalIngressConfigNamespace:
+        - from:
+          - podSelector: 
+              matchLabels:
+                additionalIngressConfigNamespace: yes
+    asserts:
+      - contains:
+          path: spec.ingress
+          content:
+            from:
+            - podSelector: 
+                matchLabels:
+                  additionalIngressConfigNamespace: yes
+
+  - it: should add additionalEgressConfigNamespace
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
+        additionalEgressConfigNamespace:
+        - to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+    asserts:
+    - contains:
+        path: spec.egress
+        content:
+          to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+
   - it: test network policy disabled
     set:
       networkPolicy:
-- 
GitLab