Allow scraping and webhooks
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
This commit is contained in:
Stefan Prodan
14
manifests/policies/allow-scraping.yaml
Normal file
14
manifests/policies/allow-scraping.yaml
Normal file
@@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: NetworkPolicy
|
||||||
|
metadata:
|
||||||
|
name: allow-scraping
|
||||||
|
spec:
|
||||||
|
policyTypes:
|
||||||
|
- Ingress
|
||||||
|
ingress:
|
||||||
|
- from:
|
||||||
|
- namespaceSelector: {}
|
||||||
|
ports:
|
||||||
|
- protocol: TCP
|
||||||
|
port: 8080
|
||||||
|
podSelector: {}
|
||||||
13
manifests/policies/allow-webhooks.yaml
Normal file
13
manifests/policies/allow-webhooks.yaml
Normal file
@@ -0,0 +1,13 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: NetworkPolicy
|
||||||
|
metadata:
|
||||||
|
name: allow-webhooks
|
||||||
|
spec:
|
||||||
|
policyTypes:
|
||||||
|
- Ingress
|
||||||
|
ingress:
|
||||||
|
- from:
|
||||||
|
- namespaceSelector: {}
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
app: notification-controller
|
||||||
@@ -3,9 +3,9 @@ kind: NetworkPolicy
|
|||||||
metadata:
|
metadata:
|
||||||
name: deny-ingress
|
name: deny-ingress
|
||||||
spec:
|
spec:
|
||||||
podSelector: {}
|
|
||||||
policyTypes:
|
policyTypes:
|
||||||
- Ingress
|
- Ingress
|
||||||
ingress:
|
ingress:
|
||||||
- from:
|
- from:
|
||||||
- podSelector: {}
|
- podSelector: {}
|
||||||
|
podSelector: {}
|
||||||
|
|||||||
@@ -2,3 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- deny-ingress.yaml
|
- deny-ingress.yaml
|
||||||
|
- allow-scraping.yaml
|
||||||
|
- allow-webhooks.yaml
|
||||||
|
|||||||
Reference in New Issue
Block a user