swh/production: Allow admin network to access graphql ingress

Related to swh/infra/sysadm-environment#5196 (closed)

Helm diff

./swh/helm-diff.sh
[swh] Comparing changes between branches production and ingress_graphql (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/ingress_graphql'.
[swh] Generate config in ingress_graphql branch for environment staging...
[swh] Generate config in ingress_graphql branch for environment staging...
[swh] Generate config in ingress_graphql branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/ingress_graphql'.
[swh] Generate config in ingress_graphql branch for environment production...
[swh] Generate config in ingress_graphql branch for environment production...
[swh] Generate config in ingress_graphql branch for environment production...


------------- diff for environment staging namespace swh -------------

No differences


------------- diff for environment staging namespace swh-cassandra -------------

No differences


------------- diff for environment staging namespace swh-cassandra-next-version -------------

No differences


------------- diff for environment production namespace swh -------------

--- /tmp/swh-chart.swh.Gvvrpe0Z/production-swh.before	2024-01-03 11:32:17.995567129 +0100
+++ /tmp/swh-chart.swh.Gvvrpe0Z/production-swh.after	2024-01-03 11:32:18.259571398 +0100
@@ -19584,21 +19584,21 @@
             port:
               number: 5013
 ---
 # Source: swh/templates/graphql/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh
   name: graphql-webapp1-ingress-default
   annotations:
-    nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
+    nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22,192.168.50.0/24
     nginx.ingress.kubernetes.io/rewrite-target: /
 
 spec:
   rules:
   - host: webapp1.internal.softwareheritage.org
     http:
       paths:
       - path: /graphql/
         pathType: Prefix
         backend:


------------- diff for environment production namespace swh-cassandra -------------

--- /tmp/swh-chart.swh.Gvvrpe0Z/production-swh-cassandra.before	2024-01-03 11:32:18.075568423 +0100
+++ /tmp/swh-chart.swh.Gvvrpe0Z/production-swh-cassandra.after	2024-01-03 11:32:18.339572689 +0100
@@ -4581,21 +4581,21 @@
         type: Utilization
         averageUtilization: 50
 ---
 # Source: swh/templates/graphql/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra
   name: graphql-cassandra-ingress-default
   annotations:
-    nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
+    nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22,192.168.50.0/24
     nginx.ingress.kubernetes.io/rewrite-target: /
 
 spec:
   rules:
   - host: webapp-cassandra.internal.softwareheritage.org
     http:
       paths:
       - path: /graphql/
         pathType: Prefix
         backend: