Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow extra egress rules for the keda operator ciliumnetworkpolicy #610

Merged
merged 1 commit into from
Feb 23, 2024
Merged

Allow extra egress rules for the keda operator ciliumnetworkpolicy #610

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion keda/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ their default values.
| `certificates.certManager.duration` | string | `"8760h0m0s"` | Certificate duration |
| `certificates.certManager.enabled` | bool | `false` | Enables Cert-manager for certificate management |
| `certificates.certManager.generateCA` | bool | `true` | Generates a self-signed CA with Cert-manager. If generateCA is false, the secret with the CA has to be annotated with `cert-manager.io/allow-direct-injection: "true"` |
| `certificates.certManager.issuer` | object | `{"generate":true,"group":"cert-manager.io","kind":"ClusterIssuer","name":"foo-org-ca"}` | Reference to custom Issuer. If issuer.generate is false, then issuer.group, issuer.kind and issuer.name are required |
| `certificates.certManager.issuer` | object | `{"generate":true,"group":"cert-manager.io","kind":"ClusterIssuer","name":"foo-org-ca"}` | Reference to custom Issuer. |
| `certificates.certManager.issuer.generate` | bool | `true` | Generates an Issuer resource with Cert-manager |
| `certificates.certManager.issuer.group` | string | `"cert-manager.io"` | Custom Issuer group. Required when generate: false |
| `certificates.certManager.issuer.kind` | string | `"ClusterIssuer"` | Custom Issuer kind. Required when generate: false |
Expand All @@ -90,6 +90,7 @@ their default values.
| `http.timeout` | int | `3000` | The default HTTP timeout to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and the timeout does not necessarily apply to them) |
| `image.pullPolicy` | string | `"Always"` | Image pullPolicy for all KEDA components |
| `imagePullSecrets` | list | `[]` | Name of secret to use to pull images to use to pull Docker images |
| `networkPolicy.cilium` | object | `{"operator":{"extraEgressRules":[]}}` | Allow use of extra egress rules for cilium network policies |
| `networkPolicy.enabled` | bool | `false` | Enable network policies |
| `networkPolicy.flavor` | string | `"cilium"` | Flavor of the network policies (cilium) |
| `nodeSelector` | object | `{}` | Node selector for pod scheduling ([docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/)) |
Expand Down
3 changes: 3 additions & 0 deletions keda/templates/manager/ciliumnetworkpolicy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ spec:
- toEntities:
- kube-apiserver
- cluster
{{- if and .Values.networkPolicy.cilium.operator.extraEgressRules }}
{{ toYaml .Values.networkPolicy.cilium.operator.extraEgressRules | nindent 4 }}
{{- end }}
ingress:
- fromEntities:
- cluster
Expand Down
4 changes: 4 additions & 0 deletions keda/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,10 @@ networkPolicy:
enabled: false
# -- Flavor of the network policies (cilium)
flavor: "cilium"
# -- Allow use of extra egress rules for cilium network policies
cilium:
operator:
extraEgressRules: []

operator:
# -- Name of the KEDA operator
Expand Down
Loading