From 715b55161ad34e743e7cfed4cf82622c61ad29e1 Mon Sep 17 00:00:00 2001 From: Branden Cobb Date: Wed, 30 Jun 2021 21:12:49 +0000 Subject: [PATCH] Prometheus net policy --- CHANGELOG.md | 5 +++++ chart/Chart.yaml | 2 +- .../allow-ingress-prometheus.yaml | 22 +++++++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 chart/templates/bigbang/networkpolicies/allow-ingress-prometheus.yaml diff --git a/CHANGELOG.md b/CHANGELOG.md index 618a676..d4d5ae8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # Changelog +--- +## [29.1.0-bb.5] - 2021-06-30 +### Added +- Network policy to allow prometheus scraping of istio envoy sidecar + ## [29.1.0-bb.4] ### Changed - kube-api network policy toggle diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 9e9aac2..878cde7 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nexus-repository-manager -version: 29.1.0-bb.4 +version: 29.1.0-bb.5 appVersion: 3.29.0 description: Sonatype Nexus Repository Manager - Universal Binary repository type: application diff --git a/chart/templates/bigbang/networkpolicies/allow-ingress-prometheus.yaml b/chart/templates/bigbang/networkpolicies/allow-ingress-prometheus.yaml new file mode 100644 index 0000000..dd5e1d5 --- /dev/null +++ b/chart/templates/bigbang/networkpolicies/allow-ingress-prometheus.yaml @@ -0,0 +1,22 @@ +{{- if and .Values.networkPolicies.enabled .Values.monitoring.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-ingress-prometheus + namespace: {{ .Release.Namespace }} +spec: + podSelector: {} + policyTypes: + - Ingress + ingress: + - from: + - namespaceSelector: + matchLabels: + app.kubernetes.io/name: monitoring + podSelector: + matchLabels: + app: prometheus + ports: + - protocol: TCP + port: 15020 +{{- end }} -- GitLab