github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/helm/test/mysql/templates/networkpolicy.yaml

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/helm/test/mysql/templates/networkpolicy.yaml (about)

     1  {{- if .Values.networkPolicy.enabled }}
     2  kind: NetworkPolicy
     3  apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }}
     4  metadata:
     5    name: {{ template "common.names.fullname" . }}
     6    labels:
     7    {{- include "common.labels.standard" . | nindent 4 }}
     8    {{- if .Values.commonAnnotations }}
     9    annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
    10    {{- end }}
    11    namespace: {{ .Release.Namespace }}
    12  spec:
    13    podSelector:
    14      matchLabels:
    15        {{- include "common.labels.matchLabels" . | nindent 6 }}
    16    ingress:
    17      # Allow inbound connections
    18      - ports:
    19          - port: {{ .Values.primary.service.port }}
    20        {{- if not .Values.networkPolicy.allowExternal }}
    21        from:
    22          - podSelector:
    23              matchLabels:
    24                {{ template "common.names.fullname" . }}-client: "true"
    25            {{- if .Values.networkPolicy.explicitNamespacesSelector }}
    26            namespaceSelector:
    27  {{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }}
    28            {{- end }}
    29          - podSelector:
    30              matchLabels:
    31              {{- include "common.labels.matchLabels" . | nindent 14 }}
    32        {{- end }}
    33      {{- if .Values.metrics.enabled }}
    34      # Allow prometheus scrapes
    35      - ports:
    36          - port: 9104
    37      {{- end }}
    38  {{- end }}