78 lines
1.8 KiB
YAML
78 lines
1.8 KiB
YAML
{{- with .Values.networkPolicy }}
|
|
{{- if .enabled }}
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: {{ include "ocrserver.fullname" $ }}
|
|
labels:
|
|
{{- include "ocrserver.labels" $ | nindent 4 }}
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
{{- include "ocrserver.selectorLabels" $ | nindent 6 }}
|
|
app.kubernetes.io/component: server
|
|
policyTypes:
|
|
- Ingress
|
|
{{- if .egress.enabled }}
|
|
- Egress
|
|
{{- end }}
|
|
ingress:
|
|
{{- with .ingress.http }}
|
|
- ports:
|
|
- port: 8080
|
|
protocol: TCP
|
|
from:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}{{/* end-with .ingress.http */}}
|
|
|
|
{{- with .egress }}
|
|
{{- if .enabled }}
|
|
egress:
|
|
{{- with .extra }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- end }}{{/* end-if egress.enabled */}}
|
|
{{- end }}{{/* end-with .egress */}}
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: {{ include "ocrserver.fullname" $ }}-languagedownloader
|
|
labels:
|
|
{{- include "ocrserver.labels" $ | nindent 4 }}
|
|
annotations:
|
|
"helm.sh/hook": pre-install,pre-upgrade
|
|
"helm.sh/hook-weight": "5"
|
|
"helm.sh/hook-delete-policy": hook-failed
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
{{- include "ocrserver.selectorLabels" $ | nindent 6 }}
|
|
app.kubernetes.io/component: languages-downloader
|
|
policyTypes:
|
|
- Ingress
|
|
{{- if .egress.enabled }}
|
|
- Egress
|
|
{{- end }}
|
|
|
|
{{- with .egress }}
|
|
{{- if .enabled }}
|
|
egress:
|
|
{{- with .dns }}
|
|
- ports:
|
|
- port: 53
|
|
protocol: UDP
|
|
to:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .http }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- with .extra }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- end }}{{/* end-if egress.enabled */}}
|
|
{{- end }}{{/* end-with .egress */}}
|
|
{{- end }}
|
|
{{- end }}
|