UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit 93fcdec5 authored by Michael Martin's avatar Michael Martin
Browse files

Merge branch 'TEST-ONLY-add-Dynamic-Network-Policy-for-twistlock' into 'master' 

Add dynamic network policy for twistlock

Closes big-bang/product/packages/twistlock#189

See merge request !5903
parents 577817bb 7e48547d
No related branches found
No related tags found
1 merge request!5903Add dynamic network policy for twistlock
Pipeline #4030656 passed
Stage: 🎛 prevar
Hide whitespace changes
Inline Side-by-side
chart/templates/twistlock/namespace.yaml
+ 1
1
View file @ 93fcdec5
...@@ -7,5 +7,5 @@ metadata: ...@@ -7,5 +7,5 @@ metadata:
app.kubernetes.io/name: twistlock app.kubernetes.io/name: twistlock
app.kubernetes.io/component: "security" app.kubernetes.io/component: "security"
{{- include "commonLabels" . | nindent 4}} {{- include "commonLabels" . | nindent 4}}
istio-injection: {{ ternary "enabled" "disabled" (and .Values.istio.enabled (eq (dig "istio" "injection" "enabled" .Values.twistlock) "enabled")) }} istio-injection: {{ ternary "enabled" "disabled" (and (include "istioEnabled" .) (eq (dig "istio" "injection" "enabled" .Values.twistlock) "enabled")) }}
{{- end }} {{- end }}
\ No newline at end of file
chart/templates/twistlock/values.yaml
+ 4
2
View file @ 93fcdec5
...@@ -28,6 +28,8 @@ imagePullSecrets: ...@@ -28,6 +28,8 @@ imagePullSecrets:
networkPolicies: networkPolicies:
enabled: {{ .Values.networkPolicies.enabled }} enabled: {{ .Values.networkPolicies.enabled }}
istioNamespaceSelector:
{{ include "istioNamespaceSelector" . | nindent 4 }}
ingressLabels: ingressLabels:
{{- $gateway := default "public" .Values.twistlock.ingress.gateway }} {{- $gateway := default "public" .Values.twistlock.ingress.gateway }}
{{- $default := dict "app" (dig "gateways" $gateway "ingressGateway" nil .Values.istio) "istio" nil }} {{- $default := dict "app" (dig "gateways" $gateway "ingressGateway" nil .Values.istio) "istio" nil }}
...@@ -36,7 +38,7 @@ networkPolicies: ...@@ -36,7 +38,7 @@ networkPolicies:
nodeCidr: {{ .Values.networkPolicies.nodeCidr }} nodeCidr: {{ .Values.networkPolicies.nodeCidr }}
istio: istio:
enabled: {{ .Values.istio.enabled }} enabled: {{ include "istioEnabled" . }}
hardened: hardened:
enabled: {{ or enabled: {{ or
(dig "istio" "hardened" "enabled" false .Values.twistlock.values) (dig "istio" "hardened" "enabled" false .Values.twistlock.values)
...@@ -44,7 +46,7 @@ istio: ...@@ -44,7 +46,7 @@ istio:
}} }}
console: console:
gateways: gateways:
- istio-system/{{ default "public" .Values.twistlock.ingress.gateway }} - {{ include "istioGatewayNamespace" . }}/{{ default (include "istioPublicGateway" . ) .Values.twistlock.ingress.gateway }}
{{- if .Values.istio.enabled }} {{- if .Values.istio.enabled }}
annotations: annotations:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI