Some checks are pending
Pipelines as Code CI / homelab-ci CI has Started
Signed-off-by: gwg313 <gwg313@pm.me>
46 lines
1.1 KiB
YAML
46 lines
1.1 KiB
YAML
apiVersion: cilium.io/v2
|
|
kind: CiliumNetworkPolicy
|
|
metadata:
|
|
name: allow-forgejo-webhook-ingress
|
|
namespace: pipelines-as-code
|
|
spec:
|
|
endpointSelector:
|
|
matchLabels:
|
|
app: pipelines-as-code-controller
|
|
ingress:
|
|
- fromEndpoints:
|
|
- matchLabels:
|
|
io.kubernetes.pod.namespace: forgejo
|
|
app: forgejo
|
|
toPorts:
|
|
- ports:
|
|
- port: "8082"
|
|
protocol: TCP
|
|
egress:
|
|
- toEndpoints:
|
|
- matchLabels:
|
|
io.kubernetes.pod.namespace: kube-system
|
|
k8s-app: kube-dns
|
|
toPorts:
|
|
- ports:
|
|
- port: "53"
|
|
protocol: UDP
|
|
- port: "53"
|
|
protocol: TCP
|
|
rules:
|
|
dns:
|
|
- matchPattern: "*"
|
|
- toEndpoints:
|
|
- matchLabels:
|
|
io.kubernetes.pod.namespace: forgejo
|
|
app: forgejo
|
|
toPorts:
|
|
- ports:
|
|
- port: "3000"
|
|
protocol: TCP
|
|
- toEntities:
|
|
- kube-apiserver
|
|
toPorts:
|
|
- ports:
|
|
- port: "6443"
|
|
protocol: TCP
|