diff --git a/infrastructure/cover-service-faktor/templates/cron-job.yaml b/infrastructure/cover-service-faktor/templates/cron-job.yaml index ff1a4cb..2ccde09 100644 --- a/infrastructure/cover-service-faktor/templates/cron-job.yaml +++ b/infrastructure/cover-service-faktor/templates/cron-job.yaml @@ -15,6 +15,8 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + networking/allow-internet-access: "{{ .Release.Name }}" spec: containers: - name: cronjob diff --git a/infrastructure/cover-service-faktor/templates/deployment.yaml b/infrastructure/cover-service-faktor/templates/deployment.yaml index 2a6e6be..10eb056 100644 --- a/infrastructure/cover-service-faktor/templates/deployment.yaml +++ b/infrastructure/cover-service-faktor/templates/deployment.yaml @@ -18,7 +18,9 @@ spec: metadata: labels: app: {{ .Release.Name }}-app - tier: frontend + networking/allow-ingress-access: "true" + networking/allow-monitoring-access: "true" + networking/allow-internet-access: "{{ .Release.Name }}" annotations: prometheus.io/scrape: "true" prometheus.io/path: "/metrics" @@ -111,6 +113,7 @@ spec: name: {{ .Release.Name }}-nginx-config ports: - containerPort: 80 + name: pod-http-port - name: nginx-exporter image: nginx/nginx-prometheus-exporter:{{ .Values.nginx.exporter.image.version }} imagePullPolicy: {{ .Values.app.image.imagePullPolicy }} diff --git a/infrastructure/cover-service-faktor/templates/policy.yaml b/infrastructure/cover-service-faktor/templates/policy.yaml new file mode 100644 index 0000000..5d4bfaf --- /dev/null +++ b/infrastructure/cover-service-faktor/templates/policy.yaml @@ -0,0 +1,18 @@ +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + namespace: {{ .Release.Namespace }} + name: {{ .Release.Name }}-network-policy +spec: + podSelector: + matchLabels: + networking/allow-internet-access: "{{ .Release.Name }}" + policyTypes: + - Egress + egress: + - to: + ports: + # Need to communicate with open-platform and adgangsplatformen. + - protocol: TCP + port: 443 \ No newline at end of file diff --git a/infrastructure/cover-service-faktor/templates/services.yaml b/infrastructure/cover-service-faktor/templates/services.yaml index e0a38a7..0aefd08 100644 --- a/infrastructure/cover-service-faktor/templates/services.yaml +++ b/infrastructure/cover-service-faktor/templates/services.yaml @@ -4,12 +4,9 @@ kind: Service metadata: namespace: {{ .Release.Namespace }} name: {{ .Release.Name }}-service - labels: - tier: frontend spec: selector: app: {{ .Release.Name }}-app - tier: frontend ports: - protocol: TCP port: 80