From 1c22846ae97d2a38dbab085803dcef16262ed2b8 Mon Sep 17 00:00:00 2001
From: Brendon Lloyd <blloyd@revacomm.com>
Date: Fri, 23 Jul 2021 13:48:28 +0000
Subject: [PATCH] Add openshift toggle, conditionally add port 5353 egress.
 Changing "openshift:" to true in values.yaml will enable.

---
 CHANGELOG.md                                                | 4 ++++
 chart/Chart.yaml                                            | 2 +-
 chart/templates/bigbang/networkpolicies/allow-kube-dns.yaml | 6 +++++-
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6b0152c..e586c7e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ---
 
+## [1.13.0-bb.4]
+### Fixed
+- update allow-kube-dns NP to conditionally add port 5353 egress when `.Values.anchoreGlobal.openShiftDeployment` is `true`
+
 ## [1.13.0-bb.3]
 ### Fixed
 - incorrect label on `allow-egress-enterprise-engine-upgrade-job` network policy
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index fc5c4c8..eeeaaee 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: anchore-engine
-version: 1.13.0-bb.3
+version: 1.13.0-bb.4
 appVersion: 0.10.0
 description: Anchore container analysis and policy evaluation engine service
 keywords:
diff --git a/chart/templates/bigbang/networkpolicies/allow-kube-dns.yaml b/chart/templates/bigbang/networkpolicies/allow-kube-dns.yaml
index 17d27b1..87bb579 100644
--- a/chart/templates/bigbang/networkpolicies/allow-kube-dns.yaml
+++ b/chart/templates/bigbang/networkpolicies/allow-kube-dns.yaml
@@ -19,4 +19,8 @@ spec:
       protocol: UDP
     - port: 443
       protocol: TCP
-{{- end }}
\ No newline at end of file
+    {{- if .Values.anchoreGlobal.openShiftDeployment }}  
+    - port: 5353
+      protocol: UDP
+    {{- end }}
+{{- end }}
-- 
GitLab