apiVersion: cilium.io/v2 kind: CiliumNetworkPolicy metadata: name: allow-forgejo-webhook-ingress namespace: pipelines-as-code spec: endpointSelector: matchLabels: app: pipelines-as-code-controller ingress: - fromEndpoints: - matchLabels: io.kubernetes.pod.namespace: forgejo app: forgejo toPorts: - ports: - port: "8082" protocol: TCP egress: - toEndpoints: - matchLabels: io.kubernetes.pod.namespace: kube-system k8s-app: kube-dns toPorts: - ports: - port: "53" protocol: UDP - port: "53" protocol: TCP rules: dns: - matchPattern: "*" - toEndpoints: - matchLabels: io.kubernetes.pod.namespace: forgejo app: forgejo toPorts: - ports: - port: "3000" protocol: TCP - toEntities: - kube-apiserver toPorts: - ports: - port: "6443" protocol: TCP