Micah Nagel · michaelmcleroy · a8f41b04 · a8f41b04 · a8f41b04
Showing with 7 additions and 5 deletions

CHANGELOG.md CHANGELOG.md +4 -0

chart/Chart.yaml chart/Chart.yaml +1 -1

chart/templates/network-policy/egress-kube-api.yaml chart/templates/network-policy/egress-kube-api.yaml +2 -4

No files found.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,10 @@
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [1.8.4-bb.5]
+### Fixed
+- Kube API egress allowed for all pods, not just istiod
 ## [1.8.4-bb.4]
 ### Added
 - Kube API egress networkpolicy

--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
 apiVersion: v2
 name: istio
-version: 1.8.4-bb.4
+version: 1.8.4-bb.5
--- a/chart/templates/network-policy/egress-kube-api.yaml
+++ b/chart/templates/network-policy/egress-kube-api.yaml
@@ -2,12 +2,10 @@
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: allow-egress-api
+  name: egress-kube-api
  namespace: {{ .Release.Namespace }}
 spec:
-  podSelector:
+  podSelector: {}
-    matchLabels:
-      app: istiod
  egress:
  - to:
    - ipBlock: