Skip to content
This repository has been archived by the owner on Mar 9, 2022. It is now read-only.

DDBTEAM-570: Added network policies to chart #20

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions infrastructure/cover-service-faktor/templates/cron-job.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ spec:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
networking/allow-internet-access: "{{ .Release.Name }}"
spec:
containers:
- name: cronjob
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,9 @@ spec:
metadata:
labels:
app: {{ .Release.Name }}-app
tier: frontend
networking/allow-ingress-access: "true"
networking/allow-monitoring-access: "true"
networking/allow-internet-access: "{{ .Release.Name }}"
annotations:
prometheus.io/scrape: "true"
prometheus.io/path: "/metrics"
Expand Down Expand Up @@ -111,6 +113,7 @@ spec:
name: {{ .Release.Name }}-nginx-config
ports:
- containerPort: 80
name: pod-http-port
- name: nginx-exporter
image: nginx/nginx-prometheus-exporter:{{ .Values.nginx.exporter.image.version }}
imagePullPolicy: {{ .Values.app.image.imagePullPolicy }}
Expand Down
18 changes: 18 additions & 0 deletions infrastructure/cover-service-faktor/templates/policy.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
namespace: {{ .Release.Namespace }}
name: {{ .Release.Name }}-network-policy
spec:
podSelector:
matchLabels:
networking/allow-internet-access: "{{ .Release.Name }}"
policyTypes:
- Egress
egress:
- to:
ports:
# Need to communicate with open-platform and adgangsplatformen.
- protocol: TCP
port: 443
3 changes: 0 additions & 3 deletions infrastructure/cover-service-faktor/templates/services.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,9 @@ kind: Service
metadata:
namespace: {{ .Release.Namespace }}
name: {{ .Release.Name }}-service
labels:
tier: frontend
spec:
selector:
app: {{ .Release.Name }}-app
tier: frontend
ports:
- protocol: TCP
port: 80
Expand Down