From 197c5bed6c06d4fa02323934ca73f1d5d5ea28d5 Mon Sep 17 00:00:00 2001
From: Vasyl Saienko <vsaienko@mirantis.com>
Date: Mon, 13 Jan 2025 13:23:18 +0000
Subject: [PATCH] [helm-toolkit] Allow to pass raw network policy

Allow to pass raw network policy via values, labels
without spec are ingnored in this case.

values: |
  network_policy:
    myLabel:
      spec:
        <RAW SPEC>
Change-Id: I87fce44f143fbdf9771ad043133dee22daced3f3
---
 .../templates/manifests/_network_policy.tpl   | 43 +++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/helm-toolkit/templates/manifests/_network_policy.tpl b/helm-toolkit/templates/manifests/_network_policy.tpl
index 405197ab7..ae074502b 100644
--- a/helm-toolkit/templates/manifests/_network_policy.tpl
+++ b/helm-toolkit/templates/manifests/_network_policy.tpl
@@ -135,11 +135,53 @@ return: |
           port: 53
 */}}
 
+{{/*
+abstract: |
+  Creates a network policy manifest for services.
+values: |
+  network_policy:
+    myLabel:
+      spec:
+        <RAW SPEC>
+usage: |
+  {{ dict "envAll" . "name" "application" "label" "myLabel" | include "helm-toolkit.manifests.kubernetes_network_policy" }}
+
+return: |
+  ---
+  apiVersion: networking.k8s.io/v1
+  kind: NetworkPolicy
+  metadata:
+    name: RELEASE-NAME-myLabel-netpol
+    namespace: NAMESPACE
+  spec:
+    <RAW SPEC>
+*/}}
+
 {{- define "helm-toolkit.manifests.kubernetes_network_policy" -}}
 {{- $envAll := index . "envAll" -}}
 {{- $name := index . "name" -}}
 {{- $labels := index . "labels" | default nil -}}
 {{- $label := index . "key" | default (index . "label") -}}
+
+{{- $spec_labels := list  -}}
+{{- range $label, $value := $envAll.Values.network_policy }}
+{{- if hasKey $value "spec" }}
+{{- $spec_labels = append $spec_labels $label }}
+{{- end }}
+{{- end }}
+{{- if $spec_labels }}
+{{- range $label := $spec_labels }}
+{{- $raw_spec := (index $envAll.Values.network_policy $label "spec") }}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ $envAll.Release.Name }}-{{ $label | replace "_" "-" }}-netpol
+  namespace: {{ $envAll.Release.Namespace }}
+spec:
+{{ $raw_spec | toYaml | indent 2 }}
+{{- end }}
+{{- else }}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
@@ -236,3 +278,4 @@ spec:
 {{- end }}
 {{- end }}
 {{- end }}
+{{- end }}