26 lines
614 B
YAML
26 lines
614 B
YAML
{{- if index .Values "argo-cd" "istio" "enabled" }}
|
|
apiVersion: security.istio.io/v1beta1
|
|
kind: AuthorizationPolicy
|
|
metadata:
|
|
name: argocd-allow-only
|
|
namespace: istio-system
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: istio-ingressgateway
|
|
rules:
|
|
{{- if index .Values "argo-cd" "istio" "ipBlocks" }}
|
|
- from:
|
|
- source:
|
|
ipBlocks:
|
|
{{- with index .Values "argo-cd" "istio" "ipBlocks" }}
|
|
{{- . | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
to:
|
|
- operation:
|
|
hosts: ["{{ index .Values "argo-cd" "server" "config" "url" }}"]
|
|
{{- else }}
|
|
- {}
|
|
{{- end }}
|
|
{{- end }}
|