From fb7f5052d035cc288318daeabf9d038cf3ad7a3f Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 17 Dec 2023 18:54:07 +0100
Subject: [PATCH] feat(shared): Add kube-dns to outgoing network policies

---
 shared/networkpolicies/allow-to-mailbox-org.yaml | 12 ++++++++++++
 shared/networkpolicies/allow-to-public-web.yaml  | 12 ++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/shared/networkpolicies/allow-to-mailbox-org.yaml b/shared/networkpolicies/allow-to-mailbox-org.yaml
index a17464858..f302e1d83 100644
--- a/shared/networkpolicies/allow-to-mailbox-org.yaml
+++ b/shared/networkpolicies/allow-to-mailbox-org.yaml
@@ -13,5 +13,17 @@ spec:
         port: 993
       - protocol: TCP
         port: 465
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: kube-system
+      podSelector:
+        matchLabels:
+          k8s-app: kube-dns
+      ports:
+        - port: 53
+          protocol: UDP
+        - port: 53
+          protocol: TCP
   policyTypes:
   - Egress
diff --git a/shared/networkpolicies/allow-to-public-web.yaml b/shared/networkpolicies/allow-to-public-web.yaml
index 25b619eed..b1f260c72 100644
--- a/shared/networkpolicies/allow-to-public-web.yaml
+++ b/shared/networkpolicies/allow-to-public-web.yaml
@@ -31,5 +31,17 @@ spec:
         port: 80
       - protocol: TCP
         port: 443
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: kube-system
+      podSelector:
+        matchLabels:
+          k8s-app: kube-dns
+      ports:
+        - port: 53
+          protocol: UDP
+        - port: 53
+          protocol: TCP
   policyTypes:
   - Egress
\ No newline at end of file
-- 
GitLab