github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/keycloak/templates/networkpolicy.yaml (about) 1 {{- if .Values.networkPolicy.enabled }} 2 apiVersion: networking.k8s.io/v1 3 kind: NetworkPolicy 4 metadata: 5 name: {{ include "keycloak.fullname" . | quote }} 6 namespace: {{ .Release.Namespace }} 7 labels: 8 {{- include "keycloak.labels" . | nindent 4 }} 9 {{- range $key, $value := .Values.networkPolicy.labels }} 10 {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }} 11 {{- end }} 12 spec: 13 policyTypes: 14 - Ingress 15 {{- if .Values.networkPolicy.egress }} 16 - Egress 17 {{- end}} 18 podSelector: 19 matchLabels: 20 {{- include "keycloak.selectorLabels" . | nindent 6 }} 21 ingress: 22 {{- with .Values.networkPolicy.extraFrom }} 23 - from: 24 {{- toYaml . | nindent 8 }} 25 ports: 26 - protocol: TCP 27 port: 8080 28 - protocol: TCP 29 port: 8443 30 {{ range $.Values.extraPorts }} 31 - protocol: {{ default "TCP" .protocol }} 32 port: {{ .containerPort }} 33 {{- end }} 34 {{- end }} 35 - from: 36 - podSelector: 37 matchLabels: 38 {{- include "keycloak.selectorLabels" . | nindent 14 }} 39 ports: 40 - protocol: TCP 41 port: 8080 42 - protocol: TCP 43 port: 8443 44 {{ range .Values.extraPorts }} 45 - protocol: {{ default "TCP" .protocol }} 46 port: {{ .containerPort }} 47 {{- end }} 48 {{- if .Values.networkPolicy.egress }} 49 egress: 50 {{- .Values.networkPolicy.egress | toYaml | nindent 4 }} 51 {{- end }} 52 {{- end }}