From a0977162b363b8b857e435e6a66faa7bec5b8822 Mon Sep 17 00:00:00 2001
From: Luca Bruno <luca.bruno@coreos.com>
Date: Fri, 21 Jun 2019 09:45:00 +0000
Subject: [PATCH] coreos-cincinnati: allow crates.io in egress policy (cont)

crates.io registry is organized in (and redirects to) separate
subdomains for cached static artifacts.
This continues crates.io white-listing effort, covering
static.crates.io too.

Follow-Up: https://infrastructure.fedoraproject.org/cgit/ansible.git/commit/roles/openshift-apps/coreos-cincinnati/templates/egresspolicy.yml?id=48a9d409a4ad1e5637ef7453dbac767c28e08f04
---
 .../coreos-cincinnati/templates/egresspolicy.yml               | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/openshift-apps/coreos-cincinnati/templates/egresspolicy.yml b/roles/openshift-apps/coreos-cincinnati/templates/egresspolicy.yml
index ff9919f322..0eaeca418c 100644
--- a/roles/openshift-apps/coreos-cincinnati/templates/egresspolicy.yml
+++ b/roles/openshift-apps/coreos-cincinnati/templates/egresspolicy.yml
@@ -14,6 +14,9 @@ spec:
   - type: Allow
     to:
       dnsName: crates.io
+  - type: Allow
+    to:
+      dnsName: static.crates.io
   - type: Allow
     to:
       dnsName: mirrors.fedoraproject.org