From 983e1b84ccadf65ed9db29a375a3df9b85acede2 Mon Sep 17 00:00:00 2001 From: Slava <20563034+veaceslavdoina@users.noreply.github.com> Date: Mon, 4 Sep 2023 15:58:43 +0300 Subject: [PATCH] Allow access from Prometheus namespace (#51) (#52) --- KubernetesWorkflow/K8sController.cs | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/KubernetesWorkflow/K8sController.cs b/KubernetesWorkflow/K8sController.cs index 4e324f9..d06070d 100644 --- a/KubernetesWorkflow/K8sController.cs +++ b/KubernetesWorkflow/K8sController.cs @@ -219,6 +219,19 @@ namespace KubernetesWorkflow } } } + }, + new V1NetworkPolicyIngressRule + { + FromProperty = new List + { + new V1NetworkPolicyPeer + { + NamespaceSelector = new V1LabelSelector + { + MatchLabels = GetPrometheusNamespaceSelector() + } + } + } } }, Egress = new List @@ -371,6 +384,11 @@ namespace KubernetesWorkflow return new Dictionary { { "kubernetes.io/metadata.name", "default" } }; } + private IDictionary GetPrometheusNamespaceSelector() + { + return new Dictionary { { "kubernetes.io/metadata.name", "monitoring" } }; + } + private IDictionary GetAnnotations(ContainerRecipe[] containerRecipes) { return containerRecipes.First().PodAnnotations.GetAnnotations();