feat(helm): add NetworkPolicy for agent-redis connectivity

[juanxiu]

What does this PR do / why we need it:

This PR adds a NetworkPolicy to enable secure communication between ArgoCD Agent and Redis. Previously, agent pods were unable to connect to Redis due to network restrictions, causing connectivity issues in environments with strict network policies enabled.

The changes include:

• Add agent-networkpolicy-redis.yaml template for NetworkPolicy resource
• Configure pod selectors to allow argocd-agent-agent pods to connect to argocd-redis pods
• Enable network policy by default in values.yaml with proper configuration

Which issue(s) this PR fixes:

Fixes #566

How to test changes / Special notes to the reviewer:

Testing Steps:

1. Template Validation:

   cd install/helm-repo/argocd-agent-agent
   helm template argocd-agent-agent . --values values.yaml -s templates/agent-networkpolicy-redis.yaml | kubectl apply --dry-run=client -f -

2. Deploy and Verify:

   helm install argocd-agent-agent . --values values.yaml
   kubectl get networkpolicy -n <namespace>
   kubectl describe networkpolicy allow-agent-to-redis -n <namespace>

3. Connectivity Test:

   kubectl exec -it <agent-pod> -n <namespace> -- redis-cli -h argocd-redis ping

Special Notes:

• NetworkPolicy only allows ingress traffic from agent pods to Redis
• All ports are allowed (Redis default 6379 + any additional ports)
• Policy is applied to pods matching app.kubernetes.io/name: argocd-redis label
• Agent pods must have app.kubernetes.io/name: argocd-agent-agent label

Checklist

• Documentation update is required by this PR (and has been updated) OR no documentation update is required.

[jannfis]

Thanks! However, to fix #566, this change is not complete. The same goes for the principal, and there are kustomize manifests that need to be adapted for both, agent and principal.