farhoodliquor/irc
Archived
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-05-26. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
main
irc/znc/authorizationpolicy.yaml
T
Chris Farhood 060ac76748
Best Practices / Kube-score Analysis (push) Failing after 6s
Details
Security Scan / Trivy PR Review (push) Has been skipped
Details
Best Practices / Polaris PR Review (push) Has been skipped
Details
Security Scan / Checkov PR Review (push) Has been skipped
Details
Validate Manifests / YAML Lint (push) Successful in 4s
Details
Validate Manifests / Kustomize Build Test (push) Successful in 3s
Details
Security Scan / Trivy Security Scan (push) Successful in 12s
Details
Best Practices / Polaris Audit (push) Failing after 9s
Details
Best Practices / Resource Usage Analysis (push) Successful in 5s
Details
Best Practices / PR Summary Report (push) Has been skipped
Details
Validate Manifests / Kubernetes Schema Validation (push) Successful in 6s
Details
Security Scan / Checkov IaC Scan (push) Failing after 52s
Details
feat(irc): migrate from Cilium to Istio AuthorizationPolicies 
Replace CiliumNetworkPolicies with Istio AuthorizationPolicies, point
the thelounge HTTPRoute at the istio-external gateway, and give each
workload a dedicated ServiceAccount for precise mTLS identity.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-22 11:31:28 -04:00

16 lines
296 B
YAML
Raw Permalink Blame History

apiVersion: security.istio.io/v1
kind: AuthorizationPolicy
metadata:
name: znc
namespace: irc
spec:
selector:
matchLabels:
app.kubernetes.io/name: znc
action: ALLOW
rules:
- from:
- source:
principals:
- cluster.local/ns/irc/sa/thelounge
Reference in New Issue View Git Blame Copy Permalink