Create network policies

[keyvaann]

Currently our applications have free outbound access to internet and other services, it will be a good practice to limit them.
List of applications that need internet access and what services they're trying to access:

• Radar-fitbit-connector, radar-rest-sources-backend: Fitbit
• Radar-grafana: Fetch plugins and optionally email
• Management-portal: Email
• Alertmanager: Notifications via Slack or other sources
• Appserver: Firebase
• Cert-manager: Lets encrypt certificates
• Radar-push-endpoint: Garmin

If you using managed services that are outside of the cluster more applications need to have access:

• radar-rest-source-backend, management-portal and appconfig need to access the PostgreSQL database
• radar-output and radar-rest-source-backend need to access Redis
• radar-jdbc-connector and radar-grafana need to reach a Timescaledb instance
• radar-s3-connector, catalog-server, radar-jdbc-connector, radar-fitbit-connecotr, schema-registry, radar-gateway, radar-backend need to reach Kafka
• radar-gateway, radar-rest-sources-backend, app-config, radar-grafana, radar-output, radar-fitbit-connector, radar-push-endpoint need to access ManagementPortal

These lists are not exhaustive but they should be a good start.
We can define some general policies but they probably won't cover every use case so there also be some documentation on how to customize the network access.

More information:
https://kubernetes.io/docs/concepts/services-networking/network-policies/