From 55cd2fd6a3e64b4c8c41f4b611c88e4a855f8814 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 24 Apr 2022 20:32:38 +0200
Subject: [PATCH] feat(shared): Add monitoring rule for database network policy

This patch allows to monitor Postgresql Instances by allowing the
monitoring namespace to access a exporter container port by default for
spilo instances.
---
 shared/networkpolicies/allow-from-database.yaml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/shared/networkpolicies/allow-from-database.yaml b/shared/networkpolicies/allow-from-database.yaml
index c457b92f8..08c0713f9 100644
--- a/shared/networkpolicies/allow-from-database.yaml
+++ b/shared/networkpolicies/allow-from-database.yaml
@@ -20,6 +20,16 @@ spec:
       protocol: TCP
     - port: 8080
       protocol: TCP
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          monitoring.shivering-isles.com/network-access-required: "true"
+      podSelector:
+        matchLabels:
+          app.kubernetes.io/name: prometheus
+    ports:
+    - port: 9187
+      protocol: TCP
   podSelector:
     matchLabels:
       application: spilo
-- 
GitLab