Incorrect label selector for monitoring authz policy
Bug
Description
When tested with Istio hardened, Prometheus could not access the gitlab-runner pod to retrieve metrics. The label selector for the gitlab-runner
monitoring authz policy is incorrect. Here is a patch to fix the issue:
diff --git a/chart/templates/bigbang/istio/authorization-policies/monitoring-authz-policy.yaml b/chart/templates/bigbang/istio/authorization-policies/monitoring-authz-policy.yaml
index ee8dc68..dba3868 100644
--- a/chart/templates/bigbang/istio/authorization-policies/monitoring-authz-policy.yaml
+++ b/chart/templates/bigbang/istio/authorization-policies/monitoring-authz-policy.yaml
@@ -7,7 +7,7 @@ metadata:
spec:
selector:
matchLabels:
- app.kubernetes.io/name: {{ $.Release.Name }}
+ app: {{ $.Release.Name }}
action: ALLOW
rules:
- from:
BigBang Version
What version of BigBang were you running?
2.28.1