Merge branch 'TEST-ONLY-add-Dynamic-Network-Policy-for-twistlock' into 'master'

Add dynamic network policy for twistlock

Closes big-bang/product/packages/twistlock#189

See merge request !5903

chart/templates/twistlock/namespace.yaml

@@ -7,5 +7,5 @@ metadata:
     app.kubernetes.io/name: twistlock
     app.kubernetes.io/component: "security"
     {{- include "commonLabels" . | nindent 4}}
-    istio-injection: {{ ternary "enabled" "disabled" (and .Values.istio.enabled (eq (dig "istio" "injection" "enabled" .Values.twistlock) "enabled")) }}
+    istio-injection: {{ ternary "enabled" "disabled" (and (include "istioEnabled" .) (eq (dig "istio" "injection" "enabled" .Values.twistlock) "enabled")) }}
 {{- end }}
\ No newline at end of file

chart/templates/twistlock/values.yaml

@@ -28,6 +28,8 @@ imagePullSecrets:
 
 networkPolicies:
   enabled: {{ .Values.networkPolicies.enabled }}
+  istioNamespaceSelector:
+  {{ include "istioNamespaceSelector" . | nindent 4 }}
   ingressLabels:
     {{- $gateway := default "public" .Values.twistlock.ingress.gateway }}
     {{- $default := dict "app" (dig "gateways" $gateway "ingressGateway" nil .Values.istio) "istio" nil }}
@@ -36,7 +38,7 @@ networkPolicies:
   nodeCidr: {{ .Values.networkPolicies.nodeCidr }}
 
 istio:
-  enabled: {{ .Values.istio.enabled }}
+  enabled: {{ include "istioEnabled" . }}
   hardened:
     enabled: {{ or
       (dig "istio" "hardened" "enabled" false .Values.twistlock.values)
@@ -44,7 +46,7 @@ istio:
     }}
   console:
     gateways:
-    - istio-system/{{ default "public" .Values.twistlock.ingress.gateway }}
+     - {{ include "istioGatewayNamespace" . }}/{{ default (include "istioPublicGateway" . ) .Values.twistlock.ingress.gateway }}
 
 {{- if .Values.istio.enabled }}
 annotations: