From 2f40412d51ecc4cb4a64f02b9225577298cb720a Mon Sep 17 00:00:00 2001 From: Veaceslav Doina <20563034+veaceslavdoina@users.noreply.github.com> Date: Wed, 31 May 2023 18:36:40 +0300 Subject: [PATCH] Allow access from runner namespace (#12) --- KubernetesWorkflow/K8sController.cs | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/KubernetesWorkflow/K8sController.cs b/KubernetesWorkflow/K8sController.cs index 782632d..90d0b32 100644 --- a/KubernetesWorkflow/K8sController.cs +++ b/KubernetesWorkflow/K8sController.cs @@ -165,6 +165,19 @@ namespace KubernetesWorkflow PodSelector = new V1LabelSelector {} } } + }, + new V1NetworkPolicyIngressRule + { + FromProperty = new List + { + new V1NetworkPolicyPeer + { + NamespaceSelector = new V1LabelSelector + { + MatchLabels = GetRunnerNamespaceSelector() + } + } + } } }, Egress = new List @@ -310,6 +323,11 @@ namespace KubernetesWorkflow return new Dictionary { { "codex-test-node", "dist-test-" + workflowNumberSource.WorkflowNumber } }; } + private IDictionary GetRunnerNamespaceSelector() + { + return new Dictionary { { "kubernetes.io/metadata.name", "default" } }; + } + private V1ObjectMeta CreateDeploymentMetadata() { return new V1ObjectMeta