irc/znc/authorizationpolicy.yaml at 84ee1fa8b874619773d2aa86b4b79adc7cc198b0 - irc - Gitea

farhoodliquor/irc

Archived

This repository has been archived on 2026-05-26. You can view files and clone it. You cannot open issues or pull requests or push a commit.

Files

T

Chris Farhood 31e6864a2a

Best Practices / Polaris Audit (push) Has been cancelled

Details

Best Practices / Resource Usage Analysis (push) Has been cancelled

Details

Best Practices / PR Summary Report (push) Has been cancelled

Details

Best Practices / Polaris PR Review (push) Has been cancelled

Details

Security Scan / Trivy PR Review (push) Has been cancelled

Details

Security Scan / Checkov IaC Scan (push) Has been cancelled

Details

Security Scan / Checkov PR Review (push) Has been cancelled

Details

Validate Manifests / YAML Lint (push) Has been cancelled

Details

Validate Manifests / Kustomize Build Test (push) Has been cancelled

Details

Validate Manifests / Kubernetes Schema Validation (push) Has been cancelled

Details

Best Practices / Kube-score Analysis (push) Has been cancelled

Details

Security Scan / Trivy Security Scan (push) Has been cancelled

Details

fix(irc): switch AuthorizationPolicies to selector-based for ztunnel L4 enforcement

targetRefs: kind: Service policies require waypoint binding which is not
working in Istio 1.29.2 — WaypointAccepted: False and ztunnel routes
directly to pods bypassing the waypoint. Selector-based policies are
enforced at ztunnel L4 without requiring waypoint.

2026-05-15 22:53:56 -04:00

20 lines

307 B

YAML

Raw Blame History

 apiVersion: security.istio.io/v1
 kind: AuthorizationPolicy
 metadata:
   name: znc
   namespace: irc
 spec:
   selector:
     matchLabels:
       app.kubernetes.io/name: znc
   action: ALLOW
   rules:
   - from:
     - source:
         namespaces:
         - irc
   - to:
     - operation:
         ports:
         - "6501"