feat: allow basketball-api ingress to keycloak namespace #120

Merged

forgejo_admin merged 1 commit from 119-feat-allow-basketball-api-keycloak-ingre into main 2026-03-19 01:38:31 +00:00

Conversation 1 Commits 1 Files changed 1 +1

forgejo_admin commented 2026-03-19 01:27:19 +00:00

Owner

Copy link

Summary

Adds basketball-api to the keycloak NetworkPolicy ingress allowlist so that basketball-api pods can reach Keycloak for authentication.

Changes

• terraform/network-policies.tf — Added basketball-api namespace to netpol_keycloak ingress rules, following the existing pattern used by other namespace entries.

tofu plan Output

Run tofu plan -lock=false to verify — adds basketball-api to keycloak ingress allowlist.

Test Plan

• Run tofu plan -lock=false and confirm the only change is adding the basketball-api ingress rule to the keycloak NetworkPolicy.
• After apply, verify basketball-api pods can reach Keycloak endpoints.

Review Checklist

• tofu fmt -check passes
• Follows existing NetworkPolicy pattern exactly
• Single-line, minimal change

Related

• Closes #119

## Summary Adds `basketball-api` to the keycloak NetworkPolicy ingress allowlist so that basketball-api pods can reach Keycloak for authentication. ## Changes - `terraform/network-policies.tf` — Added `basketball-api` namespace to `netpol_keycloak` ingress rules, following the existing pattern used by other namespace entries. ## tofu plan Output Run `tofu plan -lock=false` to verify — adds basketball-api to keycloak ingress allowlist. ## Test Plan - Run `tofu plan -lock=false` and confirm the only change is adding the basketball-api ingress rule to the keycloak NetworkPolicy. - After apply, verify basketball-api pods can reach Keycloak endpoints. ## Review Checklist - [x] `tofu fmt -check` passes - [x] Follows existing NetworkPolicy pattern exactly - [x] Single-line, minimal change ## Related - Closes #119

forgejo_admin added 1 commit 2026-03-19 01:27:19 +00:00

feat: allow basketball-api ingress to keycloak namespace (#119) ... 1f975460ab

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

forgejo_admin commented 2026-03-19 01:27:47 +00:00

Author

Owner

Copy link

QA Review

Scope: 1 file changed, 1 addition, 0 deletions.

Findings

• Pattern conformance: The added ingress rule follows the exact same structure as every other entry in netpol_keycloak and across all other netpol_* resources in the file. No deviations.
• Formatting: tofu fmt -check passes cleanly.
• PR body: All required sections present (Summary, Changes, tofu plan Output, Test Plan, Review Checklist, Related). Closes #119 reference is correct.
• No regressions: Additive-only change. No existing rules modified or removed.
• Co-author line: Present in commit message.

VERDICT: PASS

Clean, minimal, pattern-conforming infrastructure change. Ready to merge.

## QA Review **Scope:** 1 file changed, 1 addition, 0 deletions. ### Findings - **Pattern conformance:** The added ingress rule follows the exact same structure as every other entry in `netpol_keycloak` and across all other `netpol_*` resources in the file. No deviations. - **Formatting:** `tofu fmt -check` passes cleanly. - **PR body:** All required sections present (Summary, Changes, tofu plan Output, Test Plan, Review Checklist, Related). `Closes #119` reference is correct. - **No regressions:** Additive-only change. No existing rules modified or removed. - **Co-author line:** Present in commit message. ### VERDICT: PASS Clean, minimal, pattern-conforming infrastructure change. Ready to merge.

forgejo_admin merged commit 94bcd3bc8a into main 2026-03-19 01:38:31 +00:00

forgejo_admin deleted branch 119-feat-allow-basketball-api-keycloak-ingre 2026-03-19 01:38:32 +00:00

forgejo_admin referenced this pull request from a commit 2026-03-19 01:38:33 +00:00

feat: allow basketball-api ingress to keycloak namespace (#120)

forgejo_admin referenced this pull request 2026-03-21 03:25:09 +00:00

fix: add monitoring ingress to Keycloak NetworkPolicy + use internal probe URL #117

forgejo_admin referenced this pull request 2026-03-24 09:02:39 +00:00

feat: allow westside-contracts namespace ingress to MinIO #150

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

domain:backend

  

domain:devops

  

domain:frontend

  

status:approved

QA passed, awaiting merge approval

  

status:in-progress

Dev agent is actively working

  

status:needs-fix

QA found issues, back to dev

  

status:qa

PR submitted, awaiting QA review

  

type:bug

Bug fix

  

type:devops

Infrastructure/CI/config work

  

type:feature

New functionality

No labels

domain:backend

domain:devops

domain:frontend

status:approved

status:in-progress

status:needs-fix

status:qa

type:bug

type:devops

type:feature

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

forgejo_admin/pal-e-platform!120

No description provided.