From e8a7abdfe7e34a3398cd7db90b0e6a251d15fab1 Mon Sep 17 00:00:00 2001
From: Anik Bhattacharjee <anbhatta@redhat.com>
Date: Wed, 21 May 2025 15:50:45 -0400
Subject: [PATCH 1/2] OPRUN-3895: Namespace wide default deny for
 ingress/egress

---
 config/base/common/kustomization.yaml  |  1 +
 config/base/common/network_policy.yaml | 10 ++++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 config/base/common/network_policy.yaml

diff --git a/config/base/common/kustomization.yaml b/config/base/common/kustomization.yaml
index c313b5408..be904a9ab 100644
--- a/config/base/common/kustomization.yaml
+++ b/config/base/common/kustomization.yaml
@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - namespace.yaml
+- network_policy.yaml
diff --git a/config/base/common/network_policy.yaml b/config/base/common/network_policy.yaml
new file mode 100644
index 000000000..027a333dc
--- /dev/null
+++ b/config/base/common/network_policy.yaml
@@ -0,0 +1,10 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-deny-all-traffic
+  namespace: system
+spec:
+  podSelector: { }
+  policyTypes:
+    - Ingress
+    - Egress
\ No newline at end of file

From af198e780ebcae13b8608029d08bf28780725eec Mon Sep 17 00:00:00 2001
From: Per Goncalves da Silva <pegoncal@redhat.com>
Date: Thu, 22 May 2025 08:50:19 +0200
Subject: [PATCH 2/2] Add space at end of network policy resource

Signed-off-by: Per Goncalves da Silva <pegoncal@redhat.com>
---
 config/base/common/network_policy.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/config/base/common/network_policy.yaml b/config/base/common/network_policy.yaml
index 027a333dc..86d352975 100644
--- a/config/base/common/network_policy.yaml
+++ b/config/base/common/network_policy.yaml
@@ -7,4 +7,5 @@ spec:
   podSelector: { }
   policyTypes:
     - Ingress
-    - Egress
\ No newline at end of file
+    - Egress
+