Fixes #67 : Add support for additional networkPolicies in jira
General MR
Summary
Fixes #67 (closed) : Add support for additional networkPolicies in jira
In order to add additional networkPolicies in your bigbang JIRA deployment, add the following type of datastructure into your jira package definition:
packages:
jira:
enabled: true
values:
networkPolicies:
enabled: true
additionalPolicies:
- name: POLICY_NAME
spec:
# YAML FOR NETWORKPOLICY OBJECTS GO HERE
# See the NetworkPolicy spec for the structure. The data is passed through directly.This works with and without the JIRA wrapper.
Relevant logs/screenshots
With this override, specifying two networkpolicies:
values:
networkPolicies:
controlPlaneCidr: 0.0.0.0/0
enabled: true
additionalPolicies:
- name: this-is-a-jira-job-test-test
spec:
podSelector: {}
policyTypes:
- Egress
egress:
- to:
- ipBlock:
cidr: 172.20.0.0/12
- name: this-is-a-zwei-jira-job-test-test
spec:
podSelector: {}
policyTypes:
- Ingress
ingress:
- from:
- ipBlock:
cidr: 172.20.0.0/12... here is the result when running with the wrapper (packages.jira.wrapper.enabled = true):
Every 2.0s: kubectl get NetworkPolicies -n jira BPH-MAC21.local: Tue Apr 9 09:46:34 2024
NAME POD-SELECTOR AGE
jira-istio-sidecar <none> 4m5s
jira-dns <none> 4m5s
jira-intranamespace <none> 4m5s
jira-defaultdeny <none> 4m5s
this-is-a-zwei-jira-job-test-test <none> 3m8s
default-deny-all <none> 3m8s
allow-in-ns <none> 3m8s
allow-istiod-egress <none> 3m8s
this-is-a-jira-job-test-test <none> 3m8s
egress-kube-api <none> 3m8s... and here is the result with the wrapper disabled (packages.jira.wrapper.disabled = true):
Every 2.0s: kubectl get NetworkPolicies -n jira BPH-MAC21.local: Tue Apr 9 09:56:34 2024
NAME POD-SELECTOR AGE
egress-kube-api <none> 8s
this-is-a-zwei-jira-job-test-test <none> 8s
allow-in-ns <none> 8s
default-deny-all <none> 8s
allow-istiod-egress <none> 8s
this-is-a-jira-job-test-test <none> 8sLinked Issue
Upgrade Notices
N/A
Edited by Andrew Kesterson