deploy/mysql.bak/templates/networkpolicy.yaml

{{- if .Values.networkPolicy.enabled }}
kind: NetworkPolicy
apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }}
metadata:
  name: {{ template "common.names.fullname" . }}
  namespace: {{ include "common.names.namespace" . | quote }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    {{- if .Values.commonLabels }}
    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
    {{- end }}
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
spec:
  podSelector:
    matchLabels:
      {{- include "common.labels.matchLabels" . | nindent 6 }}
  ingress:
    # Allow inbound connections
    - ports:
        - port: {{ .Values.primary.service.ports.mysql }}
      {{- if not .Values.networkPolicy.allowExternal }}
      from:
        - podSelector:
            matchLabels:
              {{ template "common.names.fullname" . }}-client: "true"
          {{- if .Values.networkPolicy.explicitNamespacesSelector }}
          namespaceSelector:
{{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }}
          {{- end }}
        - podSelector:
            matchLabels:
            {{- include "common.labels.matchLabels" . | nindent 14 }}
      {{- end }}
    {{- if .Values.metrics.enabled }}
    # Allow prometheus scrapes
    - ports:
        - port: 9104
    {{- end }}
{{- end }}