Skip to content

feat: add NetworkPolicy template #8052

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: add NetworkPolicy template #8052

wants to merge 3 commits into from

Conversation

GabboPenna
Copy link

@GabboPenna GabboPenna commented Jul 21, 2025
edited
Loading

Proposed changes

This PR adds optional NetworkPolicy support to the nginx-ingress Helm chart. It introduces:

  • A new networkPolicy section in values.yaml:
    • Enable/disable flag (enabled)
    • Configurable policyTypes (Ingress/Egress)
    • podSelector, ingress and egress rule definitions
  • A new template charts/nginx-ingress/templates/controller-networkpolicy.yaml that renders a Kubernetes NetworkPolicy resource when networkPolicy.enabled = true

With this change, chart consumers can declare fine‑grained network controls for their Ingress controller pods without external manifests.

If this PR addresses a GitHub issue, please replace the placeholder below with the real issue link.
Fixes: #

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING doc
  • I have added tests that prove my feature works
  • I have checked that all unit tests pass after adding my changes (helm lint .)
  • I have updated necessary documentation (e.g. README, values comments)
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my fork’s branch
  • I have hereby read the F5 CLA and agree to its terms

@GabboPenna GabboPenna requested a review from a team as a code owner July 21, 2025 13:05
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 21, 2025
edited
Loading

✅ All required contributors have signed the F5 CLA for this PR. Thank you!
Posted by the CLA Assistant Lite bot.

@GabboPenna
Copy link
Author

I have hereby read the F5 CLA and agree to its terms

@AlexFenlon
Copy link
Contributor

Hi @GabboPenna,

Thanks for this PR,

Can you please create an issue for this so we can track it appropriately.

@GabboPenna GabboPenna mentioned this pull request Jul 22, 2025
Open
@GabboPenna
Copy link
Author

Hi @GabboPenna,

Thanks for this PR,

Can you please create an issue for this so we can track it appropriately.

Hi @AlexFenlon, i open a new issue: #8060

@vepatel
Copy link
Contributor

vepatel commented Jul 28, 2025
edited
Loading

hi @GabboPenna, can you please also update:

  1. helm schema files for NetworkPolicy: https://github.com/GabboPenna/kubernetes-ingress/blob/add-networkpolicy-support/charts/nginx-ingress/values.schema.json
  2. helm tests for NetworkPolicy https://github.com/GabboPenna/kubernetes-ingress/blob/add-networkpolicy-support/charts/tests/helmunit_test.go, you can run make test-update-snaps from project root to generate new snapshots based off of helm values in /testdata

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@GabboPenna @AlexFenlon @vepatel