From ece0b0936687049c465aa4255fc5378ae17c9b9d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=98ystein=20Bedin?= <oybed@users.noreply.github.com>
Date: Thu, 6 Apr 2023 07:46:05 -0600
Subject: [PATCH] [ocp-proxy-api] Adding LB Source Ranges to restrict access at
 SG level (#48)

* Adding LB Source Ranges to restrict access at SG level

* Adding LB Source Ranges to restrict access at SG level

* Update Chart.yaml
---
 charts/ocp-proxy-api/Chart.yaml             | 2 +-
 charts/ocp-proxy-api/templates/service.yaml | 4 ++++
 charts/ocp-proxy-api/values.yaml            | 3 +++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/charts/ocp-proxy-api/Chart.yaml b/charts/ocp-proxy-api/Chart.yaml
index e9de0d5..3c53615 100644
--- a/charts/ocp-proxy-api/Chart.yaml
+++ b/charts/ocp-proxy-api/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: ocp-proxy-api
 description: A Helm chart for Kubernetes to create and manage an nginx proxy for OCP API/Console
 type: application
-version: 0.1.1
+version: 0.1.2
 home: "https://rh-mobb.github.io/helm-charts/"
 maintainers:
   - name: rh-mobb
diff --git a/charts/ocp-proxy-api/templates/service.yaml b/charts/ocp-proxy-api/templates/service.yaml
index e51584d..04d4b09 100644
--- a/charts/ocp-proxy-api/templates/service.yaml
+++ b/charts/ocp-proxy-api/templates/service.yaml
@@ -20,3 +20,7 @@ spec:
       name: ingress
   selector:
     {{- include "ocp-proxy-api.selectorLabels" . | nindent 4 }}
+  {{- with .Values.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
diff --git a/charts/ocp-proxy-api/values.yaml b/charts/ocp-proxy-api/values.yaml
index 29967e0..ba9a71b 100644
--- a/charts/ocp-proxy-api/values.yaml
+++ b/charts/ocp-proxy-api/values.yaml
@@ -46,6 +46,9 @@ podAnnotations: {}
 service:
   type: LoadBalancer
   port: 80
+  loadBalancerSourceRanges: []
+    # - 192.168.1.0/24
+    # - 10.1.1.0/24
 
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious