From 1bba294a80c87b5e41a465cac5ce3a64acf82ad1 Mon Sep 17 00:00:00 2001
From: Ram Ramrakhya <ramramrakhya81@gmail.com>
Date: Mon, 23 Aug 2021 17:28:41 -0400
Subject: [PATCH] Code Upload Worker: Enable cilium network policy(#3578)

Co-authored-by: Rishabh Jain <rishabhjain2018@gmail.com>
---
 .../code_upload_worker_utils/install_dependencies.sh      | 8 +++++---
 .../code_upload_worker_utils/network_policies.yaml        | 1 +
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/scripts/workers/code_upload_worker_utils/install_dependencies.sh b/scripts/workers/code_upload_worker_utils/install_dependencies.sh
index e8f4dcc8fd..dadf1d35a8 100755
--- a/scripts/workers/code_upload_worker_utils/install_dependencies.sh
+++ b/scripts/workers/code_upload_worker_utils/install_dependencies.sh
@@ -39,13 +39,15 @@ kubectl apply -f /code/scripts/workers/code_upload_worker_utils/persistent_volum
 
 # Install cilium
 # Cilium is being used to provide networking and network policy
-# kubectl create -f https://raw.githubusercontent.com/cilium/cilium/v1.9/install/kubernetes/quick-install.yaml
-# echo "### Cilium Installed"
+kubectl create -f https://raw.githubusercontent.com/cilium/cilium/v1.9/install/kubernetes/quick-install.yaml
+echo "### Cilium Installed"
 
 sleep 120s;
 
 # Apply cilium network policy
-# cat /code/scripts/workers/code_upload_worker_utils/network_policies.yaml | sed "s/{{EVALAI_DNS}}/$EVALAI_DNS/" | kubectl apply -f -
+echo "### Setting up Cilium Network Policy..."
+cat /code/scripts/workers/code_upload_worker_utils/network_policies.yaml | sed "s/{{EVALAI_DNS}}/$EVALAI_DNS/" | kubectl apply -f -
+echo "### Cilium EvalAI Network Policy Installed"
 
 # Set ssl-certificate
 echo $CERTIFICATE | base64 --decode > scripts/workers/certificate.crt
diff --git a/scripts/workers/code_upload_worker_utils/network_policies.yaml b/scripts/workers/code_upload_worker_utils/network_policies.yaml
index 8e2bb20baf..4c318106fa 100644
--- a/scripts/workers/code_upload_worker_utils/network_policies.yaml
+++ b/scripts/workers/code_upload_worker_utils/network_policies.yaml
@@ -8,6 +8,7 @@ spec:
       {}
   egress:
   - toFQDNs:
+    - matchName: archive.ubuntu.com
     - matchName: {{EVALAI_DNS}}
   - toEndpoints:
     - matchLabels: