From 84dad3090bd3071d1600c086370ef4cfdd9cbce7 Mon Sep 17 00:00:00 2001
From: Philip Laine <philip.laine@xenit.se>
Date: Wed, 24 Feb 2021 23:01:42 +0100
Subject: [PATCH 1/3] Move config secret to be created in the chart

---
 charts/azdo-proxy/Chart.yaml                      |  4 ++--
 charts/azdo-proxy/templates/deployment.yaml       |  2 +-
 charts/azdo-proxy/templates/secret.yaml           |  8 ++++++++
 .../templates/tests/test-connection.yaml          | 15 ---------------
 charts/azdo-proxy/values.yaml                     |  2 +-
 5 files changed, 12 insertions(+), 19 deletions(-)
 create mode 100644 charts/azdo-proxy/templates/secret.yaml
 delete mode 100644 charts/azdo-proxy/templates/tests/test-connection.yaml

diff --git a/charts/azdo-proxy/Chart.yaml b/charts/azdo-proxy/Chart.yaml
index 5690df0..3c47f68 100644
--- a/charts/azdo-proxy/Chart.yaml
+++ b/charts/azdo-proxy/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: azdo-proxy
 description: A Helm chart for azdo-proxy
 type: application
-version: v0.3.2
-appVersion: v0.3.2
+version: v0.3.3
+appVersion: v0.3.3
diff --git a/charts/azdo-proxy/templates/deployment.yaml b/charts/azdo-proxy/templates/deployment.yaml
index ec15dfa..2071f34 100644
--- a/charts/azdo-proxy/templates/deployment.yaml
+++ b/charts/azdo-proxy/templates/deployment.yaml
@@ -56,7 +56,7 @@ spec:
       volumes:
         - name: config
           secret:
-            secretName: {{ .Values.configSecretName }}
+            secretName: {{ include "azdo-proxy.fullname" . }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
diff --git a/charts/azdo-proxy/templates/secret.yaml b/charts/azdo-proxy/templates/secret.yaml
new file mode 100644
index 0000000..c2c3d4d
--- /dev/null
+++ b/charts/azdo-proxy/templates/secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "azdo-proxy.fullname" . }}
+  labels:
+    {{- include "azdo-proxy.labels" . | nindent 4 }}
+data:
+  config.json: {{ required "Config has to be set." .Values.config }}
diff --git a/charts/azdo-proxy/templates/tests/test-connection.yaml b/charts/azdo-proxy/templates/tests/test-connection.yaml
deleted file mode 100644
index b11b03b..0000000
--- a/charts/azdo-proxy/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "azdo-proxy.fullname" . }}-test-connection"
-  labels:
-    {{- include "azdo-proxy.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test-success
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "azdo-proxy.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never
diff --git a/charts/azdo-proxy/values.yaml b/charts/azdo-proxy/values.yaml
index 9110747..a1aebd9 100644
--- a/charts/azdo-proxy/values.yaml
+++ b/charts/azdo-proxy/values.yaml
@@ -44,4 +44,4 @@ tolerations: []
 
 affinity: {}
 
-configSecretName: ""
+config: ""

From c1ac5d5cbbed3ec7a86cef0b44c3bb3cded23718 Mon Sep 17 00:00:00 2001
From: Philip Laine <philip.laine@xenit.se>
Date: Wed, 24 Feb 2021 23:27:09 +0100
Subject: [PATCH 2/3] ADd network policy

---
 charts/azdo-proxy/templates/networkpolicy.yaml | 18 ++++++++++++++++++
 charts/azdo-proxy/values.yaml                  |  3 +++
 2 files changed, 21 insertions(+)
 create mode 100644 charts/azdo-proxy/templates/networkpolicy.yaml

diff --git a/charts/azdo-proxy/templates/networkpolicy.yaml b/charts/azdo-proxy/templates/networkpolicy.yaml
new file mode 100644
index 0000000..1d6e045
--- /dev/null
+++ b/charts/azdo-proxy/templates/networkpolicy.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "azdo-proxy.fullname" . }}-deny-ingress
+  labels:
+    {{- include "azdo-proxy.labels" . | nindent 4 }}
+spec:
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+  - from:
+    - podSelector: {}
+  egress:
+    - {}
+  podSelector: {}
+{{- end }}
diff --git a/charts/azdo-proxy/values.yaml b/charts/azdo-proxy/values.yaml
index a1aebd9..f14bdf2 100644
--- a/charts/azdo-proxy/values.yaml
+++ b/charts/azdo-proxy/values.yaml
@@ -44,4 +44,7 @@ tolerations: []
 
 affinity: {}
 
+networkPolicy:
+  enabled: true
+
 config: ""

From 4d0247636e4f4fc117d2188d672ae1f66c044d9c Mon Sep 17 00:00:00 2001
From: Philip Laine <philip.laine@xenit.se>
Date: Wed, 24 Feb 2021 23:27:39 +0100
Subject: [PATCH 3/3] Disable network policy by default

---
 charts/azdo-proxy/values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/azdo-proxy/values.yaml b/charts/azdo-proxy/values.yaml
index f14bdf2..183bc97 100644
--- a/charts/azdo-proxy/values.yaml
+++ b/charts/azdo-proxy/values.yaml
@@ -45,6 +45,6 @@ tolerations: []
 affinity: {}
 
 networkPolicy:
-  enabled: true
+  enabled: false
 
 config: ""