Allow explicit network policy enablement (#381)
* Disable default network policy * Make network policy configurable by explicit flag only
This commit is contained in:
Volodymyr Stoiko
GitHub
parent
fc8ebfdd4e
commit
66ea34c702
3 changed files with 9 additions and 5 deletions
|
|
@ -1,4 +1,4 @@
|
|||
{{- if .Values.global.openshift }}
|
||||
{{- if eq (.Values.server.networkPolicy.enabled | toString) "true" }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
load _helpers
|
||||
|
||||
@test "server/network-policy: OpenShift - disabled by default" {
|
||||
@test "server/network-policy: disabled by default" {
|
||||
cd `chart_dir`
|
||||
local actual=$( (helm template \
|
||||
--show-only templates/server-network-policy.yaml \
|
||||
|
|
@ -11,10 +11,10 @@ load _helpers
|
|||
[ "${actual}" = "false" ]
|
||||
}
|
||||
|
||||
@test "server/network-policy: OpenShift - enabled if OpenShift" {
|
||||
@test "server/network-policy: enabled by server.networkPolicy.enabled" {
|
||||
cd `chart_dir`
|
||||
local actual=$( (helm template \
|
||||
--set 'global.openshift=true' \
|
||||
--set 'server.networkPolicy.enabled=true' \
|
||||
--show-only templates/server-network-policy.yaml \
|
||||
. || echo "---") | tee /dev/stderr |
|
||||
yq 'length > 0' | tee /dev/stderr)
|
||||
|
|
|
|||
|
|
@ -318,6 +318,10 @@ server:
|
|||
# beta.kubernetes.io/arch: amd64
|
||||
nodeSelector: null
|
||||
|
||||
# Enables network policy for server pods
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
|
||||
# Priority class for server pods
|
||||
priorityClassName: ""
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue