diff options
Diffstat (limited to 'lib/gitlab/kubernetes/cilium_network_policy.rb')
-rw-r--r-- | lib/gitlab/kubernetes/cilium_network_policy.rb | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/lib/gitlab/kubernetes/cilium_network_policy.rb b/lib/gitlab/kubernetes/cilium_network_policy.rb index e333d3818b9..8a31e068c30 100644 --- a/lib/gitlab/kubernetes/cilium_network_policy.rb +++ b/lib/gitlab/kubernetes/cilium_network_policy.rb @@ -9,6 +9,36 @@ module Gitlab API_VERSION = "cilium.io/v2" KIND = 'CiliumNetworkPolicy' + PREDEFINED_POLICIES = { + 'allow-inbound-http' => <<~YAML.rstrip, + apiVersion: cilium.io/v2 + kind: CiliumNetworkPolicy + metadata: + name: allow-inbound-http + spec: + endpointSelector: + matchLabels: + network-policy.gitlab.com/disabled_by: gitlab + ingress: + - toPorts: + - ports: + - port: '80' + - port: '443' + YAML + 'drop-outbound' => <<~YAML.rstrip + apiVersion: cilium.io/v2 + kind: CiliumNetworkPolicy + metadata: + name: drop-outbound + spec: + endpointSelector: + matchLabels: + network-policy.gitlab.com/disabled_by: gitlab + egress: + - {} + YAML + }.freeze + # We are modeling existing kubernetes resource and don't have # control over amount of parameters. # rubocop:disable Metrics/ParameterLists |