From 319f1d9b56684022282589076349b1e49ff75d12 Mon Sep 17 00:00:00 2001
From: OMPRAKASH MISHRA <omprakashmishra3978@gmail.com>
Date: Fri, 1 Dec 2023 16:49:47 -0800
Subject: [PATCH 1/2] feat(helm): changes to knp to add more specific network
 rules.

---
 .../quickstart-openshift/templates/knp.yaml   | 39 +++++++++++++++++--
 1 file changed, 35 insertions(+), 4 deletions(-)

diff --git a/charts/quickstart-openshift/templates/knp.yaml b/charts/quickstart-openshift/templates/knp.yaml
index dbd89d277..2e19832a0 100644
--- a/charts/quickstart-openshift/templates/knp.yaml
+++ b/charts/quickstart-openshift/templates/knp.yaml
@@ -17,13 +17,44 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: {{ .Release.Name }}-allow-same-namespace
+  name: {{ .Release.Name }}-allow-backend-to-db
   labels: {{- include "selectorLabels" . | nindent 4 }}
 spec:
-  podSelector: {}
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: {{ .Values.global.databaseAlias}}
+      app.kubernetes.io/instance: {{ .Release.Name }}
   ingress:
-    - from:
-        - podSelector: {}
+    - ports:
+        - protocol: TCP
+          port: 5432
+      from:
+        - podSelector:
+            matchLabels:
+              app.kubernetes.io/name: backend
+              app.kubernetes.io/instance: {{ .Release.Name }}
   policyTypes:
     - Ingress
 
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ .Release.Name }}-allow-frontend-to-backend
+  labels: {{- include "selectorLabels" . | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: backend
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 3000
+      from:
+        - podSelector:
+            matchLabels:
+              app.kubernetes.io/name: frontend
+              app.kubernetes.io/instance: {{ .Release.Name }}
+  policyTypes:
+    - Ingress

From 9073db5fd72bace82ed7679367422044c613ad6d Mon Sep 17 00:00:00 2001
From: OMPRAKASH MISHRA <omprakashmishra3978@gmail.com>
Date: Fri, 1 Dec 2023 16:58:43 -0800
Subject: [PATCH 2/2] feat(helm): changes to knp to add more specific network
 rules.

---
 charts/quickstart-openshift/templates/knp.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/charts/quickstart-openshift/templates/knp.yaml b/charts/quickstart-openshift/templates/knp.yaml
index 2e19832a0..6858889b8 100644
--- a/charts/quickstart-openshift/templates/knp.yaml
+++ b/charts/quickstart-openshift/templates/knp.yaml
@@ -2,10 +2,13 @@
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: {{ .Release.Name }}-openshift-ingress
+  name: {{ .Release.Name }}-openshift-ingress-to-frontend
   labels: {{- include "selectorLabels" . | nindent 4 }}
 spec:
-  podSelector: {}
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: frontend
+      app.kubernetes.io/instance: {{ .Release.Name }}
   ingress:
     - from:
         - namespaceSelector: