diff --git a/src/main/helm/zufi-server/templates/network_policy.yaml b/src/main/helm/zufi-server/templates/network_policy.yaml
index 0ffb38ed8a598abf42c696463d7a721705514dd3..4e3584ed3537141ad45315c0b27bc6a9d345dc02 100644
--- a/src/main/helm/zufi-server/templates/network_policy.yaml
+++ b/src/main/helm/zufi-server/templates/network_policy.yaml
@@ -59,7 +59,13 @@ spec:
podSelector:
matchLabels:
component: fachstellen-proxy
-
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ name: {{ (.Values.networkPolicy).monitoringNamespace | default "openshift-user-workload-monitoring" }}
+ ports:
+ - protocol: TCP
+ port: 8081
{{- with (.Values.networkPolicy).additionalIngressConfigLocal }}
{{ toYaml . | indent 2 }}
{{- end }}
diff --git a/src/test/helm/zufi-server/network_policy_test.yaml b/src/test/helm/zufi-server/network_policy_test.yaml
index 3b13187eb8d60d7a4864db1212928f03ce3fbd31..6a588b2548567836a3ebe0f556f0050f61fc4a45 100644
--- a/src/test/helm/zufi-server/network_policy_test.yaml
+++ b/src/test/helm/zufi-server/network_policy_test.yaml
@@ -112,15 +112,37 @@ tests:
component: fachstellen-proxy
ports:
- port: 9090
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ name: openshift-user-workload-monitoring
+ ports:
+ - protocol: TCP
+ port: 8081
podSelector:
matchLabels:
component: zufi-server
policyTypes:
- Ingress
- Egress
-
-
+ - it: should set monitoring namespace
+ set:
+ networkPolicy:
+ dnsServerNamespace: test-ns
+ fachstellenProxyNamespace: fachstellen-proxy
+ monitoringNamespace: test-monitoring
+ asserts:
+ - contains:
+ path: spec.ingress
+ content:
+ from:
+ - namespaceSelector:
+ matchLabels:
+ name: test-monitoring
+ ports:
+ - protocol: TCP
+ port: 8081
- it: add ingress rule by values local
set: