From da3b1f25b973790fdc7d95f6e3dc02d9f61ab1c4 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 5 Nov 2023 14:12:02 +0100
Subject: [PATCH] feat(shared): Add egress network policy for postgres operator

---
 shared/networkpolicies/allow-to-database.yaml | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 shared/networkpolicies/allow-to-database.yaml

diff --git a/shared/networkpolicies/allow-to-database.yaml b/shared/networkpolicies/allow-to-database.yaml
new file mode 100644
index 000000000..5048be934
--- /dev/null
+++ b/shared/networkpolicies/allow-to-database.yaml
@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-to-database
+spec:
+  policyTypes:
+  - Ingress
+  ingress:
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: nginx-system
+      podSelector:
+        matchLabels:
+          app.kubernetes.io/name: haproxy
+    ports:
+      - protocol: TCP
+        port: 80
+      - protocol: TCP
+        port: 443
+  - to:
+      podSelector:
+        matchLabels:
+          application: spilo
+  podSelector:
+    matchLabels:
+      application: spilo
-- 
GitLab