From b8a1d7fbd6b69780ad6d82b254d3b4da52af3f67 Mon Sep 17 00:00:00 2001
From: Ram81 <ramramrakhya81@gmail.com>
Date: Sat, 21 Aug 2021 21:30:05 -0400
Subject: [PATCH] Enable cilium network policy

---
 .../code_upload_worker_utils/install_dependencies.sh      | 8 +++++---
 .../code_upload_worker_utils/network_policies.yaml        | 1 +
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/scripts/workers/code_upload_worker_utils/install_dependencies.sh b/scripts/workers/code_upload_worker_utils/install_dependencies.sh
index e8f4dcc8fd..dadf1d35a8 100755
--- a/scripts/workers/code_upload_worker_utils/install_dependencies.sh
+++ b/scripts/workers/code_upload_worker_utils/install_dependencies.sh
@@ -39,13 +39,15 @@ kubectl apply -f /code/scripts/workers/code_upload_worker_utils/persistent_volum
 
 # Install cilium
 # Cilium is being used to provide networking and network policy
-# kubectl create -f https://raw.githubusercontent.com/cilium/cilium/v1.9/install/kubernetes/quick-install.yaml
-# echo "### Cilium Installed"
+kubectl create -f https://raw.githubusercontent.com/cilium/cilium/v1.9/install/kubernetes/quick-install.yaml
+echo "### Cilium Installed"
 
 sleep 120s;
 
 # Apply cilium network policy
-# cat /code/scripts/workers/code_upload_worker_utils/network_policies.yaml | sed "s/{{EVALAI_DNS}}/$EVALAI_DNS/" | kubectl apply -f -
+echo "### Setting up Cilium Network Policy..."
+cat /code/scripts/workers/code_upload_worker_utils/network_policies.yaml | sed "s/{{EVALAI_DNS}}/$EVALAI_DNS/" | kubectl apply -f -
+echo "### Cilium EvalAI Network Policy Installed"
 
 # Set ssl-certificate
 echo $CERTIFICATE | base64 --decode > scripts/workers/certificate.crt
diff --git a/scripts/workers/code_upload_worker_utils/network_policies.yaml b/scripts/workers/code_upload_worker_utils/network_policies.yaml
index 8e2bb20baf..4c318106fa 100644
--- a/scripts/workers/code_upload_worker_utils/network_policies.yaml
+++ b/scripts/workers/code_upload_worker_utils/network_policies.yaml
@@ -8,6 +8,7 @@ spec:
       {}
   egress:
   - toFQDNs:
+    - matchName: archive.ubuntu.com
     - matchName: {{EVALAI_DNS}}
   - toEndpoints:
     - matchLabels: