infra/charts/cert-manager/templates/networkpolicy-cert-manager.yaml

{{- if .Values.networkPolicy.enabled }}
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: {{ template "cert-manager.fullname" . }}-allow-ingress
  namespace: {{ include "cert-manager.namespace" . }}
spec:
  ingress:
    {{- with .Values.networkPolicy.ingress }}
      {{- toYaml . | nindent 2 }}
    {{- end }}
  podSelector:
    matchLabels:
      app.kubernetes.io/name: {{ include "cert-manager.name" . }}
      app.kubernetes.io/instance: {{ .Release.Name }}
      app.kubernetes.io/component: "controller"
  policyTypes:
  - Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: {{ template "cert-manager.fullname" . }}-allow-egress
  namespace: {{ include "cert-manager.namespace" . }}
spec:
  egress:
    {{- with .Values.networkPolicy.egress }}
      {{- toYaml . | nindent 2 }}
    {{- end }}
  podSelector:
    matchLabels:
      app.kubernetes.io/name: {{ include "cert-manager.name" . }}
      app.kubernetes.io/instance: {{ .Release.Name }}
      app.kubernetes.io/component: "controller"
  policyTypes:
  - Egress
{{- end }}