Add ingress network policy for Nagios

This adds the ingress network policy to Nagios
using the helm-toolkit template

Change-Id: If6cc66330b24c3f79f9b5c29a94ea904d1eb37d4

nagios/values.yaml

@@ -185,6 +185,11 @@ network:
       enabled: false
       port: 30925
 
+network_policy:
+  nagios:
+    ingress:
+      - {}
+
 pod:
   lifecycle:
     upgrades:

tools/deployment/network-policy/110-nagios.sh

@@ -19,7 +19,7 @@ set -xe
 #NOTE: Lint and package chart
 make nagios
 
-tee /tmp/nagios.yaml <<EOF
+tee /tmp/nagios.yaml << EOF
 manifests:
   network_policy: true
 network_policy:
@@ -29,14 +29,18 @@ network_policy:
         - podSelector:
             matchLabels:
               application: nagios
+        - podSelector:
+            matchLabels:
+              application: ingress
         ports:
-        - protocol: TCP
-          port: 8000
         - protocol: TCP
           port: 80
+        - protocol: TCP
+          port: 8000
+        - protocol:
+          port: 443
 EOF
 
-
 #NOTE: Deploy command
 helm upgrade --install nagios ./nagios \
     --namespace=osh-infra \

tools/deployment/network-policy/901-test-networkpolicy.sh

@@ -52,6 +52,7 @@ function test_netpol {
 test_netpol osh-infra mariadb server elasticsearch.osh-infra.svc.cluster.local fail
 test_netpol osh-infra mariadb server nagios.osh-infra.svc.cluster.local fail
 test_netpol osh-infra mariadb server prometheus.osh-infra.svc.cluster.local fail
+test_netpol osh-infra mariadb server nagios.osh-infra.svc.cluster.local fail
 
 # Doing positive tests
 test_netpol osh-infra grafana dashboard mariadb.osh-infra.svc.cluster.local:3306 success