Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
gitpod-io
GitHub Repository: gitpod-io/gitpod
 Path: blob/main/install/installer/pkg/components/redis/networkpolicy.go
2501 views
1
// Copyright (c) 2023 Gitpod GmbH. All rights reserved.

2
// Licensed under the GNU Affero General Public License (AGPL).

3
// See License.AGPL.txt in the project root for license information.

4


5
package redis

6


7
import (

8
	"github.com/gitpod-io/gitpod/installer/pkg/common"

9


10
	networkingv1 "k8s.io/api/networking/v1"

11
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

12
	"k8s.io/apimachinery/pkg/runtime"

13
	"k8s.io/apimachinery/pkg/util/intstr"

14
)

15


16
func networkpolicy(ctx *common.RenderContext) ([]runtime.Object, error) {

17
	labels := common.DefaultLabels(Component)

18


19
	return []runtime.Object{

20
		&networkingv1.NetworkPolicy{

21
			TypeMeta: common.TypeMetaNetworkPolicy,

22
			ObjectMeta: metav1.ObjectMeta{

23
				Name:      Component,

24
				Namespace: ctx.Namespace,

25
				Labels:    labels,

26
			},

27
			Spec: networkingv1.NetworkPolicySpec{

28
				PodSelector: metav1.LabelSelector{MatchLabels: labels},

29
				PolicyTypes: []networkingv1.PolicyType{"Ingress"},

30
				Ingress: []networkingv1.NetworkPolicyIngressRule{

31
					{

32
						Ports: []networkingv1.NetworkPolicyPort{

33
							{

34
								Protocol: common.TCPProtocol,

35
								Port:     &intstr.IntOrString{IntVal: Port},

36
							},

37
						},

38
						From: []networkingv1.NetworkPolicyPeer{

39
							{

40
								PodSelector: &metav1.LabelSelector{

41
									MatchLabels: map[string]string{

42
										"component": common.PublicApiComponent,

43
									},

44
								},

45
							},

46
							{

47
								PodSelector: &metav1.LabelSelector{

48
									MatchLabels: map[string]string{

49
										"component": common.ServerComponent,

50
									},

51
								},

52
							},

53
							{

54
								PodSelector: &metav1.LabelSelector{

55
									MatchLabels: map[string]string{

56
										"component": common.UsageComponent,

57
									},

58
								},

59
							},

60
							{

61
								PodSelector: &metav1.LabelSelector{

62
									MatchLabels: map[string]string{

63
										"component": common.WSManagerBridgeComponent,

64
									},

65
								},

66
							},

67
						},

68
					},

69
				},

70
			},

71
		},

72
	}, nil

73
}

74


75