fix operator network policy for admission controller port (#642)

* fix operator network policy for admission controller port Signed-off-by: Amir Malka <amirm@armosec.io> * update snapshot Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>
kubescape · Mar 11, 2025 · db3fad1 · db3fad1
1 parent e2fc96d
commit db3fad1
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/charts/kubescape-operator/templates/operator/networkpolicy.yaml b/charts/kubescape-operator/templates/operator/networkpolicy.yaml
@@ -45,6 +45,11 @@ spec:
 {{ tpl (.Files.Get "assets/common-egress-rules.yaml") . | indent 4 }}
   {{- end }}
   ingress:
+    {{- if eq .Values.capabilities.admissionController "enable" }}
+    - ports:
+      - port: admission-port
+        protocol: TCP
+    {{- end }}
     - from:
         - podSelector:
             matchLabels:

diff --git a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap
@@ -3498,6 +3498,9 @@ all capabilities:
             - ipBlock:
                 cidr: 1.1.1.1/32
       ingress:
+        - ports:
+            - port: admission-port
+              protocol: TCP
         - from:
             - podSelector:
                 matchLabels: