KubeZero/charts/kubezero-ci/templates/jenkins/istio-authorization-policy.yaml

19 lines
513 B
YAML
Raw Normal View History

{{- if and .Values.jenkins.enabled .Values.jenkins.istio.enabled .Values.jenkins.istio.allowBlocks }}
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
name: {{ .Release.Name }}-jenkins-allowlist
namespace: istio-ingress
spec:
selector:
matchLabels:
app: istio-ingressgateway
rules:
- from:
- source:
ipBlocks: {{ .Values.jenkins.istio.allowBlocks | toYaml | nindent 8 }}
to:
- operation:
hosts: [{{ .Values.jenkins.istio.url }}]
{{- end }}