From 70c535f34fb71645ab0f31392430060645ebeeec Mon Sep 17 00:00:00 2001
From: makefunstuff <plugatariov@gmail.com>
Date: Fri, 28 Jun 2024 22:19:56 +0300
Subject: allow ingress to grafana

---
 tools/monitoring/templates/network-policy.yaml | 27 +++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

(limited to 'tools/monitoring')

diff --git a/tools/monitoring/templates/network-policy.yaml b/tools/monitoring/templates/network-policy.yaml
index c7696cb..9e8bd65 100644
--- a/tools/monitoring/templates/network-policy.yaml
+++ b/tools/monitoring/templates/network-policy.yaml
@@ -11,7 +11,28 @@ spec:
   ingress:
   - from:
     - podSelector: {}
-  egress:
-  - to:
-    - podSelector: {}
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          name: monitoring
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-ingress-to-grafana
+  namespace: monitoring
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: grafana
+  ingress:
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          name: kube-system
+    - podSelector:
+        matchLabels:
+          app: traefik
+  policyTypes:
+  - Ingress
 
-- 
cgit 1.4.1-2-gfad0