homelab-gitops/apps/tekton/pac-network-policy.yaml
gwg313 e507515766
Some checks are pending
Pipelines as Code CI / homelab-ci CI has Started
add pac
Signed-off-by: gwg313 <gwg313@pm.me>
2026-06-29 21:03:51 -04:00

46 lines
1.1 KiB
YAML

apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
name: allow-forgejo-webhook-ingress
namespace: pipelines-as-code
spec:
endpointSelector:
matchLabels:
app: pipelines-as-code-controller
ingress:
- fromEndpoints:
- matchLabels:
io.kubernetes.pod.namespace: forgejo
app: forgejo
toPorts:
- ports:
- port: "8082"
protocol: TCP
egress:
- toEndpoints:
- matchLabels:
io.kubernetes.pod.namespace: kube-system
k8s-app: kube-dns
toPorts:
- ports:
- port: "53"
protocol: UDP
- port: "53"
protocol: TCP
rules:
dns:
- matchPattern: "*"
- toEndpoints:
- matchLabels:
io.kubernetes.pod.namespace: forgejo
app: forgejo
toPorts:
- ports:
- port: "3000"
protocol: TCP
- toEntities:
- kube-apiserver
toPorts:
- ports:
- port: "6443"
protocol: TCP