feat(common): Add simplified networkPolicy alternative for use in SCALE GUI

This commit is contained in:
Kjeld Schouten-Lebbing
2022-12-29 21:38:50 +01:00
parent 0898c5dee7
commit 8b2e79e05c
3 changed files with 30 additions and 0 deletions

View File

@@ -0,0 +1,25 @@
{{- define "tc.common.scale.allowedcon" -}}
---
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: allowedCon
{{- with (include "tc.common.labels" $ | fromYaml) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "tc.common.annotations" $ | fromYaml) }}
annotations:
{{- tpl ( toYaml . ) $ | nindent 4 }}
{{- end }}
spec:
policyTypes: ["Ingress"]
{{- if .Values.allowedCon }}
ingress:
- from:
{{- range .Values.allowedCon }}
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: {{ . }}
{{- end -}}
{{- end }}
{{- end -}}

View File

@@ -49,6 +49,8 @@ Secondary entrypoint and primary loader for the common chart
{{ include "tc.common.scale.portal" . | nindent 0 }}
{{ include "tc.common.scale.allowedcon" . | nindent 0 }}
{{ include "tc.common.spawner.networkpolicy" . | nindent 0 }}
{{- end -}}

View File

@@ -1124,6 +1124,9 @@ addons:
pathType: Prefix
tls: []
# -- A list of Apps/Namespace names allowed to communicate with this App/Chart
allowedCon: []
##
# This section contains some-preconfig for frequently used dependencies
##