#96 : Support addiitonal network policies via the values yaml
General MR
Summary
Adds support to Nexus for custom network policies via values yaml.
This depends on big-bang/bigbang!4184 (merged) for a documentation reference
Relevant logs/screenshots
Given the following overrides:
addons:
nexusRepositoryManager:
enabled: true
git:
repo: https://repo1.dso.mil/big-bang/product/packages/nexus.git
tag: null
branch: "96_additional_network_policies"
values:
networkPolicies:
enabled: true
additionalPolicies:
- name: this-is-a-nexus-job-test-test
spec:
podSelector: {}
policyTypes:
- Egress
egress:
- to:
- ipBlock:
cidr: 172.20.0.0/12
- name: this-is-a-zwei-nexus-job-test-test
spec:
podSelector: {}
policyTypes:
- Ingress
ingress:
- from:
- ipBlock:
cidr: 172.20.0.0/12... we get additional network policies:
Every 2.0s: kubectl get NetworkPolicies -n nexus-repository-manager BPH-MAC21.local: Wed Apr 24 14:52:28 2024
NAME POD-SELECTOR AGE
allow-tempo-egress <none> 58s
egress-outreach-manager app.kubernetes.io/name=nexus-repository-manager 58s
default-deny-all <none> 58s
allow-to-istio-egress <none> 58s
allow-scraping app.kubernetes.io/name=nexus-repository-manager 58s
kube-api-dns-egress <none> 58s
allow-in-ns <none> 58s
allow-from-istio-ingressgateway app.kubernetes.io/name=nexus-repository-manager 58s
this-is-a-nexus-job-test-test <none> 58s
this-is-a-zwei-nexus-job-test-test <none> 58s
Linked Issue
Upgrade Notices
N/A
Edited by Andrew Kesterson