From e3630542527f41e2c8b6194fa4364182070810c9 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Tue, 21 Feb 2023 03:06:22 +0100
Subject: [PATCH] fix(cert-manager): Add missing kube-dns to http-challenge
 egress

---
 .../allow-to-public-web-http-challenge.yaml          | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/shared/networkpolicies/allow-to-public-web-http-challenge.yaml b/shared/networkpolicies/allow-to-public-web-http-challenge.yaml
index 12eef6c6f..e6b05d49f 100644
--- a/shared/networkpolicies/allow-to-public-web-http-challenge.yaml
+++ b/shared/networkpolicies/allow-to-public-web-http-challenge.yaml
@@ -17,6 +17,18 @@ spec:
     ports:
       - protocol: TCP
         port: 80
+  - to:
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: kube-system
+        podSelector:
+          matchLabels:
+            k8s-app: kube-dns
+    ports:
+      - port: 53
+        protocol: UDP
+      - port: 53
+        protocol: TCP
   policyTypes:
   - Egress
   podSelector:
-- 
GitLab