Some checks are pending
Pipelines as Code CI / homelab-ci CI has Started
Signed-off-by: gwg313 <gwg313@pm.me>
36 lines
917 B
YAML
36 lines
917 B
YAML
apiVersion: cilium.io/v2
|
|
kind: CiliumNetworkPolicy
|
|
metadata:
|
|
name: cicd-egress
|
|
namespace: cicd
|
|
spec:
|
|
endpointSelector: {}
|
|
egress:
|
|
# Tekton entrypoint sidecar updates TaskRun status via the K8s API
|
|
- toEntities:
|
|
- kube-apiserver
|
|
toPorts:
|
|
- ports:
|
|
- port: "443"
|
|
protocol: TCP
|
|
# Push built images to Harbor registry in-cluster
|
|
- toEndpoints:
|
|
- matchLabels:
|
|
io.kubernetes.pod.namespace: harbor
|
|
app: harbor
|
|
toPorts:
|
|
- ports:
|
|
- port: "80"
|
|
protocol: TCP
|
|
# Git clone from internal Forgejo
|
|
- toEndpoints:
|
|
- matchLabels:
|
|
io.kubernetes.pod.namespace: forgejo
|
|
app: forgejo
|
|
toPorts:
|
|
- ports:
|
|
- port: "3000"
|
|
protocol: TCP
|
|
# Tool downloads (kubeconform), schema lookups
|
|
- toEntities:
|
|
- world
|