From 31a71fd69d8cc5e0c68dc1296d74e95200ef9729 Mon Sep 17 00:00:00 2001
From: erjxsrn <surendar.raju@ericsson.com>
Date: Fri, 10 Oct 2025 12:51:46 +0100
Subject: [PATCH 1/3] Fixed duplicate data in metrics.

The port infomration in the network policy is modified.
---
 .../templates/deployment/deployment.yaml                     | 2 +-
 .../templates/network-policy/network-policy.yaml             | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml b/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml
index dd38d91..e4523a8 100644
--- a/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml
+++ b/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml
@@ -39,7 +39,7 @@ spec:
         {{- if not (semverCompare ">=1.30.0" .Capabilities.KubeVersion.GitVersion) }}
         container.apparmor.security.beta.kubernetes.io/eric-oss-hello-world-python-app: {{ include "eric-oss-hello-world-python-app.appArmorProfileAnnotation" . | default "runtime/default" }}
         {{- end }}
-        prometheus.io/port: "{{ .Values.service.port }}"
+        prometheus.io/port: '{{ index .Values.service "http-port" }}'
         prometheus.io/scrape: "{{ .Values.prometheus.scrape }}"
         prometheus.io/path: "{{ .Values.prometheus.path }}"
 {{- include "eric-oss-hello-world-python-app.product-info" . | indent 8 }}
diff --git a/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml b/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml
index 142bfe7..6dc9da5 100644
--- a/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml
+++ b/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml
@@ -25,5 +25,8 @@ spec:
         matchLabels:
           app: eric-pm-server
     ports:
-    - port: {{ .Values.service.port }}
+    - protocol: TCP
+      port: {{ index .Values.service "http-port" }}
+    - protocol: TCP
+      port: {{ index .Values.service "https-port" }}
 

From ac480e4c5c19ffe3cbd27967f531bea73912cbff Mon Sep 17 00:00:00 2001
From: erjxsrn <surendar.raju@ericsson.com>
Date: Mon, 20 Oct 2025 08:50:37 +0100
Subject: [PATCH 2/3] Added mTLS changes for metrics and independent namespace

Includes :
Deploy App in the custom namespace
Secure scrapping of metrics
---
 .../templates/configmap/envoy-configmap.yaml              | 8 ++++----
 .../templates/deployment/deployment.yaml                  | 5 +++--
 .../templates/network-policy/network-policy.yaml          | 3 +++
 charts/eric-oss-hello-world-python-app/values.yaml        | 3 +++
 4 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/charts/eric-oss-hello-world-python-app/templates/configmap/envoy-configmap.yaml b/charts/eric-oss-hello-world-python-app/templates/configmap/envoy-configmap.yaml
index ead96c9..422deac 100644
--- a/charts/eric-oss-hello-world-python-app/templates/configmap/envoy-configmap.yaml
+++ b/charts/eric-oss-hello-world-python-app/templates/configmap/envoy-configmap.yaml
@@ -35,6 +35,10 @@ data:
                                 path: "/sample-app/python/hello"
                               route:
                                 cluster: eric-oss-hello-world-python-app-cluster
+                            - match:
+                                path: "/sample-app/python/metrics"
+                              route:
+                                cluster: eric-oss-hello-world-python-app-cluster
                     http_filters:
                       - name: envoy.filters.http.router
                         typed_config:
@@ -74,10 +78,6 @@ data:
                                 path: "/sample-app/python/health"
                               route:
                                 cluster: eric-oss-hello-world-python-app-cluster
-                            - match:
-                                path: "/sample-app/python/metrics"
-                              route:
-                                cluster: eric-oss-hello-world-python-app-cluster
                     http_filters:
                       - name: envoy.filters.http.router
                         typed_config:
diff --git a/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml b/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml
index e4523a8..6dc21cd 100644
--- a/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml
+++ b/charts/eric-oss-hello-world-python-app/templates/deployment/deployment.yaml
@@ -29,17 +29,18 @@ spec:
   template:
     metadata:
       labels:
+        rapp-name: {{ include "eric-oss-hello-world-python-app.name" . }}
         app: {{ include "eric-oss-hello-world-python-app.name" . }}
         app.kubernetes.io/name: {{ include "eric-oss-hello-world-python-app.name" . }}
         app.kubernetes.io/version: {{ include "eric-oss-hello-world-python-app.version" . }}
         helm.sh/chart: {{ template "eric-oss-hello-world-python-app.chart" . }}
         app.kubernetes.io/instance: {{ .Release.Name }}
-        service.cleartext/scraping: "true"
+        rapp.metrics/scraping: "true"
       annotations:
         {{- if not (semverCompare ">=1.30.0" .Capabilities.KubeVersion.GitVersion) }}
         container.apparmor.security.beta.kubernetes.io/eric-oss-hello-world-python-app: {{ include "eric-oss-hello-world-python-app.appArmorProfileAnnotation" . | default "runtime/default" }}
         {{- end }}
-        prometheus.io/port: '{{ index .Values.service "http-port" }}'
+        prometheus.io/port: '{{ index .Values.service "https-port" }}'
         prometheus.io/scrape: "{{ .Values.prometheus.scrape }}"
         prometheus.io/path: "{{ .Values.prometheus.path }}"
 {{- include "eric-oss-hello-world-python-app.product-info" . | indent 8 }}
diff --git a/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml b/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml
index 6dc9da5..6b6fa2e 100644
--- a/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml
+++ b/charts/eric-oss-hello-world-python-app/templates/network-policy/network-policy.yaml
@@ -24,6 +24,9 @@ spec:
     - podSelector:
         matchLabels:
           app: eric-pm-server
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name:  {{ .Values.eic.namespace }}
     ports:
     - protocol: TCP
       port: {{ index .Values.service "http-port" }}
diff --git a/charts/eric-oss-hello-world-python-app/values.yaml b/charts/eric-oss-hello-world-python-app/values.yaml
index 112f0a7..bef06dc 100644
--- a/charts/eric-oss-hello-world-python-app/values.yaml
+++ b/charts/eric-oss-hello-world-python-app/values.yaml
@@ -135,3 +135,6 @@ global:
     secret:
       clientIdKey: "clientId"
       name: "<instance id>-cc"
+#TODO: Verify if this is needed and update if needed
+eic:
+  namespace: "sharpless015-eric-eic-11"

From 3db4faabe0b23f1324c7190375cb22c546ad645b Mon Sep 17 00:00:00 2001
From: erjxsrn <surendar.raju@ericsson.com>
Date: Mon, 20 Oct 2025 13:27:28 +0100
Subject: [PATCH 3/3] Updated the helm variable values

---
 charts/eric-oss-hello-world-python-app/values.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/charts/eric-oss-hello-world-python-app/values.yaml b/charts/eric-oss-hello-world-python-app/values.yaml
index bef06dc..eac714a 100644
--- a/charts/eric-oss-hello-world-python-app/values.yaml
+++ b/charts/eric-oss-hello-world-python-app/values.yaml
@@ -135,6 +135,7 @@ global:
     secret:
       clientIdKey: "clientId"
       name: "<instance id>-cc"
+
 #TODO: Verify if this is needed and update if needed
 eic:
-  namespace: "sharpless015-eric-eic-11"
+  namespace: "namespace"
\ No newline at end of file