diff --git a/CHANGELOG.md b/CHANGELOG.md
index 805368e22d3b8e067315d12400cc83d54fd17a29..85a4ad3577efd9aac05781bf6b622c5cdff2dd2b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ---
 
+## [0.1.6-bb.1] - 2021-06-01
+### Changed
+- Moved tests to gluon library
+### Added
+- Default NetworkPolicies added
+
 ## [0.1.6-bb.0] - 2021-05-11
 ### Changed
 - Migrated Cypress tests to Helm tests
diff --git a/chart/Chart.lock b/chart/Chart.lock
index 042b2326021e186e4404306634d56e28d14c5de4..98d66a85e526c11eb55dc7bf1ea02d1fdc909f87 100644
--- a/chart/Chart.lock
+++ b/chart/Chart.lock
@@ -5,8 +5,8 @@ dependencies:
 - name: minio-instance
   repository: file://./deps/minio
   version: 2.0.9-bb.9
-- name: bb-test-lib
-  repository: oci://registry.dso.mil/platform-one/big-bang/pipeline-templates/pipeline-templates
-  version: 0.5.2
-digest: sha256:0a15fa5bcd2dafdc621740c7cd177210b2c875337f32fe78755af8806bba735a
-generated: "2021-05-13T10:38:37.154607-06:00"
+- name: gluon
+  repository: oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon
+  version: 0.1.1
+digest: sha256:d5a1399418dd0d20db43fc884acd0ac51b1f8a3272d81d1e2e4650092ec25d87
+generated: "2021-05-28T11:12:03.789056-06:00"
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 54b8cbec72703189434be6484519f2a193875583..85984aa0d9f3a6706d0f2c15f00cbeedc5ed07a1 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,15 +1,13 @@
---- 
 apiVersion: v2
 name: mattermost
 type: application
-version: "0.1.6-bb.0"
+version: "0.1.6-bb.1"
 appVersion: "5.34.2"
 description: "Deployment of mattermost"
-keywords: 
+keywords:
   - Mattermost
   - Instance
 kubeVersion: ">=1.12.0-0"
-
 dependencies:
   - name: postgresql
     version: 10.3.5
@@ -21,6 +19,6 @@ dependencies:
     alias: minio
     condition: minio.install
     repository: file://./deps/minio
-  - name: bb-test-lib
-    version: 0.5.2
-    repository: "oci://registry.dso.mil/platform-one/big-bang/pipeline-templates/pipeline-templates"
+  - name: gluon
+    version: 0.1.1
+    repository: oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon
diff --git a/chart/charts/bb-test-lib-0.5.2.tgz b/chart/charts/bb-test-lib-0.5.2.tgz
deleted file mode 100644
index 0df8143dd476200a3e95ccc1ddc9b52dac0bfae4..0000000000000000000000000000000000000000
Binary files a/chart/charts/bb-test-lib-0.5.2.tgz and /dev/null differ
diff --git a/chart/charts/gluon-0.1.1.tgz b/chart/charts/gluon-0.1.1.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..b4a4878dae126348cdee9d80977a15121ba59f9f
Binary files /dev/null and b/chart/charts/gluon-0.1.1.tgz differ
diff --git a/chart/charts/minio-instance-2.0.9-bb.9.tgz b/chart/charts/minio-instance-2.0.9-bb.9.tgz
index bbfa7b0d3abe6d2381694e9538bf214d1dbb934b..0e2c10f85f103dd00b79ab689d98e96302b9f1c2 100644
Binary files a/chart/charts/minio-instance-2.0.9-bb.9.tgz and b/chart/charts/minio-instance-2.0.9-bb.9.tgz differ
diff --git a/chart/charts/postgresql-10.3.5.tgz b/chart/charts/postgresql-10.3.5.tgz
index a90af7a853398f710107dc689d2ee464c97d70d8..63a6b8596f4e0d154cc4e70a321d74f5f25df8cf 100644
Binary files a/chart/charts/postgresql-10.3.5.tgz and b/chart/charts/postgresql-10.3.5.tgz differ
diff --git a/chart/templates/bigbang/networkpolicies/allow-elastic-egress.yaml b/chart/templates/bigbang/networkpolicies/allow-elastic-egress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..f704b0936a9189dfeb0c246c3a39a5660d382274
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-elastic-egress.yaml
@@ -0,0 +1,25 @@
+
+{{- if and .Values.networkPolicies.enabled .Values.elasticsearch.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-elastic-egress
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app: mattermost
+  policyTypes:
+  - Egress
+  egress:
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          app.kubernetes.io/name: logging
+      podSelector:
+        matchLabels:
+          common.k8s.elastic.co/type: elasticsearch
+    ports:
+    - port: 9200
+      protocol: TCP
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-external-filestore.yaml b/chart/templates/bigbang/networkpolicies/allow-external-filestore.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..738b7a3ca51485d8ac5e97cf07eadcb616455c44
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-external-filestore.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.networkPolicies.enabled (not .Values.minio.install) }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-external-filestore-egress
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app: mattermost
+  policyTypes:
+  - Egress
+  egress:
+  - to:
+    - ipBlock:
+        cidr: 0.0.0.0/0
+        # ONLY Block requests to AWS metadata IP
+        except:
+        - 169.254.169.254/32
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-external-postgres.yaml b/chart/templates/bigbang/networkpolicies/allow-external-postgres.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..bf112324976294213be04f8ccba2a62448e53b21
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-external-postgres.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.networkPolicies.enabled (not .Values.postgresql.install) }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-external-postgres-egress
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app: mattermost
+  policyTypes:
+  - Egress
+  egress:
+  - to:
+    - ipBlock:
+        cidr: 0.0.0.0/0
+        # ONLY Block requests to AWS metadata IP
+        except:
+        - 169.254.169.254/32
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-in-ns.yaml b/chart/templates/bigbang/networkpolicies/allow-in-ns.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..97a841cca7ca41fbbfe94e4f1415e4230d70f49b
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-in-ns.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-in-ns
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector: {}
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - from:
+        - podSelector: {}
+  egress:
+    - to:
+        - podSelector: {}
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-istio.yaml b/chart/templates/bigbang/networkpolicies/allow-istio.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..6c4c48ca2c873b93a7d7e0a753fd2f2ebbf7fb34
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-istio.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.networkPolicies.enabled .Values.istio.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-istio
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app: mattermost
+  policyTypes:
+  - Ingress
+  - Egress
+  ingress:
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          app.kubernetes.io/name: istio-controlplane
+      podSelector:
+        matchLabels:
+          {{- toYaml .Values.networkPolicies.ingressLabels | nindent 10}}
+    ports:
+    - port: 8065
+      protocol: TCP
+  egress:
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          app.kubernetes.io/name: istio-controlplane
+      podSelector:
+        matchLabels:
+          istio: pilot
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-monitoring-ingress.yaml b/chart/templates/bigbang/networkpolicies/allow-monitoring-ingress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b7389e8c591d0367195586c4d7ebd120b269054d
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-monitoring-ingress.yaml
@@ -0,0 +1,24 @@
+{{- if and .Values.networkPolicies.enabled .Values.monitoring.enabled .Values.enterprise.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-monitoring-ingress
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app: mattermost
+  policyTypes:
+  - Ingress
+  ingress:
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          app.kubernetes.io/name: monitoring
+      podSelector:
+        matchLabels:
+          app: prometheus
+    ports:
+    - port: 8067
+      protocol: TCP
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-sso-egress.yaml b/chart/templates/bigbang/networkpolicies/allow-sso-egress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..217238b5e9622e216d3fcc0486e02c6d093ccf67
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-sso-egress.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.networkPolicies.enabled .Values.sso.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-sso-egress
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app: mattermost
+  policyTypes:
+  - Egress
+  egress:
+  - to:
+    - ipBlock:
+        cidr: 0.0.0.0/0
+        # ONLY Block requests to AWS metadata IP
+        except:
+        - 169.254.169.254/32
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/allow-test-egress.yaml b/chart/templates/bigbang/networkpolicies/allow-test-egress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1a9b59b404f39730dd6b18a1d3f18160ea0a6b85
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-test-egress.yaml
@@ -0,0 +1,26 @@
+{{- $bbtests := .Values.bbtests | default dict -}}
+{{- $cypress := $bbtests.cypress | default dict -}}
+{{- $enabled := (hasKey $bbtests "enabled") -}}
+{{- $artifacts := (hasKey $cypress "artifacts") -}}
+{{- if and $enabled $artifacts }}
+{{- if and .Values.networkPolicies.enabled .Values.bbtests.enabled .Values.bbtests.cypress.artifacts }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-test-egress
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      helm-test: enabled
+  policyTypes:
+  - Egress
+  egress:
+  - to:
+    - ipBlock:
+        cidr: 0.0.0.0/0
+        # ONLY Block requests to AWS metadata IP
+        except:
+          - 169.254.169.254/32
+{{- end }}
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/deny-default.yaml b/chart/templates/bigbang/networkpolicies/deny-default.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..2ee51fa07deac36d29a33d5bae8e63d53f3731cc
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/deny-default.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-deny
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector: {}
+  policyTypes:
+  - Ingress
+  - Egress
+  # Deny all ingress
+  ingress: []
+  # Deny egress by default
+  # Allow access to DNS and Kube API
+  egress:
+  - to:
+    - namespaceSelector: {}
+    ports:
+    - port: 53
+      protocol: UDP
+{{- end }}
diff --git a/chart/templates/tests/test-ui.yaml b/chart/templates/tests/test-ui.yaml
index 57f97717fa3416c85c53db25f8f04b7837fa6134..163bd16f97c275ce0d713081a0afdf6e07f0116d 100644
--- a/chart/templates/tests/test-ui.yaml
+++ b/chart/templates/tests/test-ui.yaml
@@ -1,11 +1,11 @@
-{{- include "bb-test-lib.cypress-configmap.overrides" (list . "mattermost-test.cypress-configmap") }}
+{{- include "gluon.tests.cypress-configmap.overrides" (list . "mattermost-test.cypress-configmap") }}
 {{- define "mattermost-test.cypress-configmap" }}
 metadata:
   labels:
     {{ include "mattermost.labels" . | nindent 4 }}
 {{- end }}
 ---
-{{- include "bb-test-lib.cypress-runner.overrides" (list . "mattermost-test.cypress-runner") -}}
+{{- include "gluon.tests.cypress-runner.overrides" (list . "mattermost-test.cypress-runner") -}}
 {{- define "mattermost-test.cypress-runner" -}}
 metadata:
   labels:
diff --git a/chart/values.yaml b/chart/values.yaml
index 67ed032aca4e71c44692922394470bad472cbeb9..6d7ad144d0cd9254f8affd30b84d7abb1bf6e5fe 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -18,6 +18,12 @@ monitoring:
   enabled: false
   namespace: monitoring
 
+networkPolicies:
+  enabled: false
+  ingressLabels:
+    app: istio-ingressgateway
+    istio: ingressgateway
+
 sso:
   enabled: false
   client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-mattermost
diff --git a/tests/test-values.yml b/tests/test-values.yml
index f180ba22f089d4c494ebb1c963a5f6c06f31f7ca..322ba781db69465531ef7e6305b95167d546e4e4 100644
--- a/tests/test-values.yml
+++ b/tests/test-values.yml
@@ -4,7 +4,11 @@ minio:
 postgresql:
   install: true
 
+networkPolicies:
+  enabled: true
+
 bbtests:
+  enabled: true
   cypress:
     artifacts: true
     envs: