From 14710202a54fcf14ef1e751292a258e6ce4df796 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 24 Apr 2022 20:29:48 +0200
Subject: [PATCH] fix(shared): Reduce scope for monitoring NetworkPolicy

This patch reduces the network access from the monitoring namespaces to
only prometheus.
---
 shared/networkpolicies/allow-from-monitoring.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/shared/networkpolicies/allow-from-monitoring.yaml b/shared/networkpolicies/allow-from-monitoring.yaml
index 5ca30bd36..ec8e45902 100644
--- a/shared/networkpolicies/allow-from-monitoring.yaml
+++ b/shared/networkpolicies/allow-from-monitoring.yaml
@@ -10,3 +10,6 @@ spec:
     - namespaceSelector:
         matchLabels:
           monitoring.shivering-isles.com/network-access-required: "true"
+      podSelector:
+        matchLabels:
+          app.kubernetes.io/name: prometheus
-- 
GitLab