From f521fde72b6133c9ef43655c9ec41c3e94b9d8fe Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Fri, 6 Sep 2024 13:46:17 +0200
Subject: [PATCH] ozg-6647 add monitoring network policy
---
src/main/helm/templates/network_policy.yaml | 7 +++++
src/test/helm/network_policy_test.yaml | 34 +++++++++++++++++++++
2 files changed, 41 insertions(+)
diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index 1f3c97142..14742ec39 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -48,6 +48,13 @@ spec:
- podSelector:
matchLabels:
ozg-component: xta-adapter
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ name: {{ (.Values.networkPolicy).monitoringNamespace | default "openshift-monitoring" }}
+ ports:
+ - protocol: TCP
+ port: 8081
{{- if ((.Values.ozgcloud).antragraum).enabled }}
- from:
- namespaceSelector:
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 4a10bb139..3b10067bb 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -107,6 +107,40 @@ tests:
matchLabels:
ozg-component: xta-adapter
+ - it: should add ingress rule for monitoring scraper
+ set:
+ networkPolicy:
+ dnsServerNamespace: test-dns-namespace
+ asserts:
+ - contains:
+ path: spec.ingress
+ content:
+ ports:
+ - port: 8081
+ protocol: TCP
+ from:
+ - namespaceSelector:
+ matchLabels:
+ name: openshift-monitoring
+
+ - it: should set monitoring namespace for monitoring scraper ingress rule
+ set:
+ networkPolicy:
+ dnsServerNamespace: test-dns-namespace
+ monitoringNamespace: test-monitoring
+ asserts:
+ - contains:
+ path: spec.ingress
+ content:
+ ports:
+ - port: 8081
+ protocol: TCP
+ from:
+ - namespaceSelector:
+ matchLabels:
+ name: test-monitoring
+
+
- it: should add ingress rule for antragraum if antragraum is enabled
set:
networkPolicy:
--
GitLab