Fixes #26 : Support setting additional custom network policies through the values yaml
General MR
Summary
Adds support to Renovate for custom network policies via values yaml.
Relevant logs/screenshots
With this yaml:
packages:
renovate:
enabled: true
git:
repo: https://repo1.dso.mil/big-bang/product/packages/renovate.git
tag: null
branch: 26_additional_network_policies
values:
redis:
enabled: true
renovate:
configIsSecret: true
config: |
{
"repositories": ["product/packages/harbor"],
"platform": 'gitlab',
"endpoint": 'https://repo1.dso.mil/api/v4',
"token": "**********",
"autodiscover": false,
"hostRules": [{
"hostType": "docker",
"matchHost": "registry1.dso.mil",
"username": "*******",
"password": "*******"
}]
}
networkPolicies:
enabled: true
additionalPolicies:
- name: this-is-a-renovate-job-test-test
spec:
podSelector: {}
policyTypes:
- Egress
egress:
- to:
- ipBlock:
cidr: 172.20.0.0/12
- name: this-is-a-zwei-renovate-job-test-test
spec:
podSelector: {}
policyTypes:
- Ingress
ingress:
- from:
- ipBlock:
cidr: 172.20.0.0/12
istio:
enabled: "{{ $.Values.istio.enabled }}"... we get additional custom network policies:
Every 2.0s: kubectl get NetworkPolicies -n renovate BPH-MAC21.local: Wed Apr 24 13:36:35 2024
NAME POD-SELECTOR AGE
default-deny-ingress <none> 15m
allow-https <none> 15m
default-deny-egress <none> 15m
egress-dns <none> 15m
allow-istiod-egress-renovate <none> 15m
allow-in-ns-renovate <none> 15m
this-is-a-renovate-job-test-test <none> 5m39s
this-is-a-zwei-renovate-job-test-test <none> 5m39sLinked Issue
Upgrade Notices
N/A