From 1120ec73725ee029c2198454ef2590a45a5ea195 Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@oceanbox.io>
Date: Wed, 31 Jan 2024 18:40:11 +0100
Subject: [PATCH] fix: add cnp for idp:s

---
 dex/manifests/cnp.yaml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 dex/manifests/cnp.yaml

diff --git a/dex/manifests/cnp.yaml b/dex/manifests/cnp.yaml
new file mode 100644
index 00000000..f8e9cddf
--- /dev/null
+++ b/dex/manifests/cnp.yaml
@@ -0,0 +1,15 @@
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-external-idp
+spec:
+  egress:
+  - toFQDNs:
+    - matchName: gitlab.com
+    - matchPattern: '*.gitlab.com'
+    - matchName: login.microsoftonline.com
+    - matchName: graph.microsoft.com
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/name: cerbos
+