From 2bedb0e61875e39cf3015c1452645813e05a3950 Mon Sep 17 00:00:00 2001
From: "garcia.ryan" <garcia.ryan@solute.us>
Date: Thu, 10 Jun 2021 15:09:07 -0600
Subject: [PATCH 1/3] feat: Cleaning up Network Policy Templates

---
 CHANGELOG.md                                         |  5 +++++
 chart/Chart.yaml                                     |  2 +-
 chart/templates/bigbang/networkpolicies/istio.yaml   | 12 ++++++++----
 .../bigbang/networkpolicies/kube-api-egress.yaml     |  4 +++-
 4 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1e04781..6362577 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## [29.1.0-bb.4]
+# Changed
+* kube-api network policy toggle
+* istio network policy stricter podSelector values
+
 ## [29.1.0-bb.3] - 2021-06-08
 ### Modified
 - Modified CI tests to use new library and infrastructure
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index ed5e087..9e9aac2 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: nexus-repository-manager
-version: 29.1.0-bb.3
+version: 29.1.0-bb.4
 appVersion: 3.29.0
 description: Sonatype Nexus Repository Manager - Universal Binary repository
 type: application
diff --git a/chart/templates/bigbang/networkpolicies/istio.yaml b/chart/templates/bigbang/networkpolicies/istio.yaml
index 5c6c341..4ae1e25 100644
--- a/chart/templates/bigbang/networkpolicies/istio.yaml
+++ b/chart/templates/bigbang/networkpolicies/istio.yaml
@@ -1,11 +1,13 @@
-{{ if .Values.networkPolicies.enabled }}
+{{ if and .Values.networkPolicies.enabled .Values.istio.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: allow-to-istio-ingressgateway
+  name: allow-from-istio-ingressgateway
   namespace: {{ .Release.Namespace }}
 spec:
-  podSelector: {}
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: nexus-repository-manager
   policyTypes:
     - Ingress
   ingress:
@@ -28,7 +30,9 @@ metadata:
   name: allow-to-istio-egress
   namespace: {{ .Release.Namespace }}
 spec:
-  podSelector: {}
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: nexus-repository-manager
   policyTypes:
     - Egress
   egress:
diff --git a/chart/templates/bigbang/networkpolicies/kube-api-egress.yaml b/chart/templates/bigbang/networkpolicies/kube-api-egress.yaml
index 708f312..04ed264 100644
--- a/chart/templates/bigbang/networkpolicies/kube-api-egress.yaml
+++ b/chart/templates/bigbang/networkpolicies/kube-api-egress.yaml
@@ -1,3 +1,4 @@
+{{ if .Values.networkPolicies.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
@@ -16,4 +17,5 @@ spec:
     matchLabels:
       app.kubernetes.io/name: nexus-repository-manager
   policyTypes:
-  - Egress
\ No newline at end of file
+  - Egress
+{{- end }}
-- 
GitLab


From 9c9678abc6627a8ab089e665cc9c70ca5545f5fa Mon Sep 17 00:00:00 2001
From: "garcia.ryan" <garcia.ryan@solute.us>
Date: Thu, 10 Jun 2021 15:17:06 -0600
Subject: [PATCH 2/3] feat: Cleaning up Network Policy Templates 2

---
 CHANGELOG.md                                       | 10 +++++-----
 chart/templates/bigbang/networkpolicies/istio.yaml |  4 +---
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6362577..a5f06f6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,8 +2,8 @@
 
 ## [29.1.0-bb.4]
 # Changed
-* kube-api network policy toggle
-* istio network policy stricter podSelector values
+- kube-api network policy toggle
+- istio network policy stricter podSelector values
 
 ## [29.1.0-bb.3] - 2021-06-08
 ### Modified
@@ -14,6 +14,6 @@
 
 ## [29.1.0-bb.2]
 # Added
-* default-deny-all network policy
-* istio network policy
-* monitoring network policy
+- default-deny-all network policy
+- istio network policy
+- monitoring network policy
diff --git a/chart/templates/bigbang/networkpolicies/istio.yaml b/chart/templates/bigbang/networkpolicies/istio.yaml
index 4ae1e25..bf47c59 100644
--- a/chart/templates/bigbang/networkpolicies/istio.yaml
+++ b/chart/templates/bigbang/networkpolicies/istio.yaml
@@ -30,9 +30,7 @@ metadata:
   name: allow-to-istio-egress
   namespace: {{ .Release.Namespace }}
 spec:
-  podSelector:
-    matchLabels:
-      app.kubernetes.io/name: nexus-repository-manager
+  podSelector: {}
   policyTypes:
     - Egress
   egress:
-- 
GitLab


From b7bc22b6d9d88740373f479848cb94bc9e830909 Mon Sep 17 00:00:00 2001
From: "garcia.ryan" <garcia.ryan@solute.us>
Date: Thu, 10 Jun 2021 15:33:18 -0600
Subject: [PATCH 3/3] docs: Changelog formatting

---
 CHANGELOG.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a5f06f6..618a676 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,7 @@
 # Changelog
 
 ## [29.1.0-bb.4]
-# Changed
+### Changed
 - kube-api network policy toggle
 - istio network policy stricter podSelector values
 
@@ -13,7 +13,7 @@
 - Network policy for helm-tests to save artifacts
 
 ## [29.1.0-bb.2]
-# Added
+### Added
 - default-deny-all network policy
 - istio network policy
 - monitoring network policy
-- 
GitLab