DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Chart: Rework network policies. (#10238)

Browse source
This commit is contained in:
Marco Ebert 2023-09-24 17:02:57 +02:00 committed by GitHub
parent c3194dd388
commit 0b0ce031ac
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 87 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

45
charts/ingress-nginx/templates/controller-networkpolicy.yaml Normal file
View file

@ -0,0 +1,45 @@
{{- if .Values.controller.networkPolicy.enabled }}
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
{{- include "ingress-nginx.labels" . | nindent 4 }}
app.kubernetes.io/component: controller
{{- with .Values.controller.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "ingress-nginx.controller.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
podSelector:
matchLabels:
{{- include "ingress-nginx.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: controller
policyTypes:
- Ingress
- Egress
ingress:
- ports:
{{- range $key, $value := .Values.controller.containerPort }}
- protocol: TCP
port: {{ $value }}
{{- end }}
{{- if .Values.controller.metrics.enabled }}
- protocol: TCP
port: {{ .Values.controller.metrics.port }}
{{- end }}
{{- if .Values.controller.admissionWebhooks.enabled }}
- protocol: TCP
port: {{ .Values.controller.admissionWebhooks.port }}
{{- end }}
{{- range $key, $value := .Values.tcp }}
- protocol: TCP
port: {{ $key }}
{{- end }}
{{- range $key, $value := .Values.udp }}
- protocol: UDP
port: {{ $key }}
{{- end }}
egress:
- {}
{{- end }}