KropCloud/cert-manager-webhook-example
1
0
Fork 1
mirror of https://github.com/cert-manager/webhook-example.git synced 2025-07-02 23:05:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(helm-chart): add a network policy allowing egress to ibm cis

Browse source
This commit is contained in:
James Reeve 2024-01-05 15:27:24 -05:00
parent 1ca17544d8
commit 2e95f8d804
No known key found for this signature in database
1 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
deploy/cert-manager-ibm-cis-webhook/templates/networkpolicies.yaml
View file

@ -27,12 +27,13 @@ metadata:
spec: spec:
podSelector: podSelector:
matchLabels: matchLabels:
app: {{ include "cert-manager-ibm-cis-webhook.name" . }} app.kubernetes.io/name: {{ include "cert-manager-ibm-cis-webhook.name" . }}
policyTypes: policyTypes:
- Ingress - Ingress
ingress: ingress:
- from: - from:
- podSelector: {} - podSelector: {}
- namespaceSelector: {}
ports: ports:
- protocol: TCP - protocol: TCP
port: {{ .Values.containerPort }} port: {{ .Values.containerPort }}
@ -44,9 +45,23 @@ metadata:
spec: spec:
podSelector: podSelector:
matchLabels: matchLabels:
app: {{ include "cert-manager-ibm-cis-webhook.name" . }} app.kubernetes.io/name: {{ include "cert-manager-ibm-cis-webhook.name" . }}
policyTypes: policyTypes:
- Egress - Egress
egress: egress:
- {} - {}
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-egress-to-cis
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: {{ include "cert-manager-ibm-cis-webhook.name" . }}
policyTypes:
- Egress
egress:
- ports:
- port: 443
{{- end }} {{- end }}