Allow access from runner namespace (#12)

2023-05-31 18:36:40 +03:00 · 2023-05-31 18:36:40 +03:00 · 2f40412d51
parent 1d919544af
commit 2f40412d51
1 changed files with 18 additions and 0 deletions
--- a/KubernetesWorkflow/K8sController.cs
+++ b/KubernetesWorkflow/K8sController.cs
@ -165,6 +165,19 @@ namespace KubernetesWorkflow
                                        PodSelector = new V1LabelSelector {}
                                    }
                                }
+                            },
+                            new V1NetworkPolicyIngressRule
+                            {
+                                FromProperty = new List<V1NetworkPolicyPeer>
+                                {
+                                    new V1NetworkPolicyPeer
+                                    {
+                                        NamespaceSelector = new V1LabelSelector
+                                        {
+                                            MatchLabels = GetRunnerNamespaceSelector()
+                                        }
+                                    }
+                                }
                            }
                        },
                        Egress = new List<V1NetworkPolicyEgressRule>
@ -310,6 +323,11 @@ namespace KubernetesWorkflow
            return new Dictionary<string, string> { { "codex-test-node", "dist-test-" + workflowNumberSource.WorkflowNumber } };
        }

+        private IDictionary<string, string> GetRunnerNamespaceSelector()
+        {
+            return new Dictionary<string, string> { { "kubernetes.io/metadata.name", "default" } };
+        }
+
        private V1ObjectMeta CreateDeploymentMetadata()
        {
            return new V1ObjectMeta