From a10c783f09adaa7edb9bf99ccfb8588f49eb73a1 Mon Sep 17 00:00:00 2001
From: Felipe Rios <felipe.rios.silva@outlook.com>
Date: Thu, 28 Nov 2024 15:55:43 -0500
Subject: [PATCH] feat(allow-list): added a new parameter in both services to
 create an allow list for desired IPs be allowed and rest blocked

Signed-off-by: Felipe Rios <felipe.rios.silva@outlook.com>
---
 charts/hyades/templates/api-server/service.yaml | 16 ++++++++++++----
 charts/hyades/templates/frontend/service.yaml   | 16 ++++++++++++----
 charts/hyades/values.yaml                       |  4 ++++
 3 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/charts/hyades/templates/api-server/service.yaml b/charts/hyades/templates/api-server/service.yaml
index 292a62c..fc7f4f6 100644
--- a/charts/hyades/templates/api-server/service.yaml
+++ b/charts/hyades/templates/api-server/service.yaml
@@ -12,11 +12,19 @@ metadata:
 spec:
   type: {{ .Values.apiServer.service.type | quote }}
   ports:
-  - name: web
-    port: {{ .Values.apiServer.service.port }}
-    targetPort: web
+    - name: web
+      port: {{ .Values.apiServer.service.port }}
+      targetPort: web
     {{- with .Values.apiServer.service.nodePort }}
-    nodePort: {{ . }}
+      nodePort: {{ . }}
     {{- end }}
   selector: {{- include "hyades.apiServerSelectorLabels" . | nindent 4 }}
+  {{- if eq .Values.apiServer.service.type "LoadBalancer" }}
+  {{- if .Values.apiServer.service.loadBalancerSourceRanges }}
+    loadBalancerSourceRanges:
+  {{- range .Values.apiServer.service.loadBalancerSourceRanges }}
+      - {{ . }}
+   {{- end }}
+  {{- end -}}
+  {{- end -}}
 {{- end }}
diff --git a/charts/hyades/templates/frontend/service.yaml b/charts/hyades/templates/frontend/service.yaml
index 6512507..7d52289 100644
--- a/charts/hyades/templates/frontend/service.yaml
+++ b/charts/hyades/templates/frontend/service.yaml
@@ -12,11 +12,19 @@ metadata:
 spec:
   type: {{ .Values.frontend.service.type | quote }}
   ports:
-  - name: web
-    port: {{ .Values.frontend.service.port }}
-    targetPort: web
+    - name: web
+      port: {{ .Values.frontend.service.port }}
+      targetPort: web
     {{- with .Values.frontend.service.nodePort }}
-    nodePort: {{ . }}
+      nodePort: {{ . }}
     {{- end }}
   selector: {{- include "hyades.frontendSelectorLabels" . | nindent 4 }}
+  {{- if eq .Values.frontend.service.type "LoadBalancer" }}
+  {{- if .Values.frontend.service.loadBalancerSourceRanges }}
+    loadBalancerSourceRanges:
+  {{- range .Values.frontend.service.loadBalancerSourceRanges }}
+      - {{ . }}
+   {{- end }}
+  {{- end -}}
+  {{- end -}}
 {{- end }}
diff --git a/charts/hyades/values.yaml b/charts/hyades/values.yaml
index 5666640..1b67791 100644
--- a/charts/hyades/values.yaml
+++ b/charts/hyades/values.yaml
@@ -90,6 +90,8 @@ apiServer:
     nodePort: ~
     port: 8080
     annotations: {}
+    # loadBalancerSourceRanges:
+    #   - 0.0.0.0/0
   serviceMonitor:
     enabled: false
     namespace: monitoring
@@ -233,6 +235,8 @@ frontend:
     nodePort: ~
     port: 8080
     annotations: {}
+    # loadBalancerSourceRanges:
+    #   - 0.0.0.0/0
   apiBaseUrl: ""
   # -- Additional init containers to deploy. Supports templating.
   initContainers: []