mirror of
https://github.com/FairwindsOps/polaris.git
synced 2026-05-07 01:36:41 +00:00
50 lines
1.4 KiB
YAML
50 lines
1.4 KiB
YAML
successMessage: A NetworkPolicy matches pod labels and contains egress and ingress rules
|
|
failureMessage: A NetworkPolicy should match pod labels and contain applied egress and ingress rules
|
|
category: Security
|
|
target: PodTemplate
|
|
schema:
|
|
'$schema': http://json-schema.org/draft-07/schema
|
|
type: object
|
|
properties:
|
|
metadata:
|
|
type: object
|
|
properties:
|
|
labels:
|
|
type: object
|
|
minProperties: 1
|
|
additionalSchemaStrings:
|
|
networking.k8s.io/NetworkPolicy: |
|
|
type: object
|
|
properties:
|
|
spec:
|
|
type: object
|
|
required: ["podSelector", "egress", "ingress"]
|
|
properties:
|
|
podSelector:
|
|
type: object
|
|
required: ["matchLabels"]
|
|
properties:
|
|
matchLabels:
|
|
type: object
|
|
oneOf:
|
|
{{ range $key, $value := .Polaris.PodTemplate.metadata.labels }}
|
|
- properties:
|
|
"{{ $key }}":
|
|
type: string
|
|
const: {{ $value }}
|
|
required: ["{{ $key }}"]
|
|
{{ end }}
|
|
egress:
|
|
type: array
|
|
minItems: 1
|
|
ingress:
|
|
minItems: 1
|
|
type: array
|
|
policyTypes:
|
|
type: array
|
|
allOf:
|
|
- contains:
|
|
pattern: '^(?i)Egress$'
|
|
- contains:
|
|
pattern: '^(?i)Ingress$'
|