kubernetes/k8s-peterg/renovate-operator/policies.yaml

---
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  name: allow-internet-only
spec:
  podSelector: {}
  policyTypes:
    - Egress
  egress:
    - to:
        - ipBlock:
            cidr: 0.0.0.0/0
            except:
              - 10.0.0.0/8
              - 192.168.0.0/16
              - 172.16.0.0/12
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: kubernetes-egress
spec:
  podSelector: {}
  policyTypes:
    - Egress
  egress:
    - to:
        - namespaceSelector:
            matchLabels:
              kubernetes.io/metadata.name: kube-system
        - podSelector:
            matchLabels:
              k8s-app: kube-apiserver
    - ports:
        - protocol: TCP
          port: 6443
feat: Add renovate-operator 2026-05-06 17:12:49 +02:00			`---`
			`kind: NetworkPolicy`
			`apiVersion: networking.k8s.io/v1`
			`metadata:`
			`name: allow-internet-only`
			`spec:`
			`podSelector: {}`
			`policyTypes:`
			`- Egress`
			`egress:`
			`- to:`
			`- ipBlock:`
			`cidr: 0.0.0.0/0`
			`except:`
			`- 10.0.0.0/8`
			`- 192.168.0.0/16`
			`- 172.16.0.0/12`
add policy 2026-05-08 11:54:39 +02:00			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: NetworkPolicy`
			`metadata:`
			`name: kubernetes-egress`
			`spec:`
			`podSelector: {}`
			`policyTypes:`
			`- Egress`
			`egress:`
			`- to:`
			`- namespaceSelector:`
			`matchLabels:`
			`kubernetes.io/metadata.name: kube-system`
			`- podSelector:`
			`matchLabels:`
			`k8s-app: kube-apiserver`
			`- ports:`
			`- protocol: TCP`
			`port: 6443`