Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions internal/networkpolicy/networkpolicy.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,13 @@ import (
"fmt"

"github.com/rh-ecosystem-edge/kernel-module-management/internal/pod"
v1 "k8s.io/api/core/v1"
networkingv1 "k8s.io/api/networking/v1"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/intstr"
"k8s.io/utils/ptr"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
"sigs.k8s.io/controller-runtime/pkg/log"
Expand Down Expand Up @@ -201,6 +204,19 @@ func (np *networkPolicy) DRANetworkPolicy(namespace string) *networkingv1.Networ
"app.kubernetes.io/component": "dra",
},
},
Egress: []networkingv1.NetworkPolicyEgressRule{
{
Ports: []networkingv1.NetworkPolicyPort{
{Protocol: ptr.To(v1.ProtocolTCP), Port: ptr.To(intstr.FromInt32(443))},
},
},
{
Ports: []networkingv1.NetworkPolicyPort{
{Protocol: ptr.To(v1.ProtocolTCP), Port: ptr.To(intstr.FromInt32(53))},
{Protocol: ptr.To(v1.ProtocolUDP), Port: ptr.To(intstr.FromInt32(53))},
},
},
},
Comment on lines +207 to +219

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Find the DRANetworkPolicy test and its Egress assertions
fd -t f 'networkpolicy_test.go' internal/networkpolicy --exec rg -n -C2 'Spec.Egress' {}

Repository: rh-ecosystem-edge/kernel-module-management

Length of output: 823


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the relevant portion of the test file with names and assertions
sed -n '150,235p' internal/networkpolicy/networkpolicy_test.go | cat -n

printf '\n---\n'

# Inspect the implementation around the allow-all egress rule
sed -n '180,225p' internal/networkpolicy/networkpolicy.go | cat -n

Repository: rh-ecosystem-edge/kernel-module-management

Length of output: 5099


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Locate the DRANetworkPolicy test and show its surrounding assertions
rg -n -C6 'DRANetworkPolicy|draNetworkPolicy' internal/networkpolicy/networkpolicy_test.go

Repository: rh-ecosystem-edge/kernel-module-management

Length of output: 1340


Update the DRA network policy test expectation
internal/networkpolicy/networkpolicy_test.go still asserts Expect(result.Spec.Egress).To(BeEmpty()), but DRANetworkPolicy now returns a single empty egress rule. Assert the allow-all egress rule instead.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/networkpolicy/networkpolicy.go` around lines 204 - 206, Update the
network policy test expectation to match DRANetworkPolicy’s current egress
behavior: the test in networkpolicy_test.go should no longer assert that
result.Spec.Egress is empty, and instead should verify that it contains a single
empty networkingv1.NetworkPolicyEgressRule representing allow-all egress. Use
the DRANetworkPolicy symbol and the egress assertion in the test to locate the
check and adjust it accordingly.

PolicyTypes: []networkingv1.PolicyType{
networkingv1.PolicyTypeIngress,
networkingv1.PolicyTypeEgress,
Expand Down
12 changes: 11 additions & 1 deletion internal/networkpolicy/networkpolicy_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,13 @@ import (
"github.com/rh-ecosystem-edge/kernel-module-management/internal/client"
"github.com/rh-ecosystem-edge/kernel-module-management/internal/pod"
"go.uber.org/mock/gomock"
v1 "k8s.io/api/core/v1"
networkingv1 "k8s.io/api/networking/v1"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/util/intstr"
"k8s.io/utils/ptr"
ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
)

Expand Down Expand Up @@ -268,7 +271,14 @@ var _ = Describe("NetworkPolicy", func() {
))

Expect(result.Spec.Ingress).To(BeEmpty())
Expect(result.Spec.Egress).To(BeEmpty())
Expect(result.Spec.Egress).To(HaveLen(2))
Expect(result.Spec.Egress[0].Ports).To(ConsistOf(
networkingv1.NetworkPolicyPort{Protocol: ptr.To(v1.ProtocolTCP), Port: ptr.To(intstr.FromInt32(443))},
))
Expect(result.Spec.Egress[1].Ports).To(ConsistOf(
networkingv1.NetworkPolicyPort{Protocol: ptr.To(v1.ProtocolTCP), Port: ptr.To(intstr.FromInt32(53))},
networkingv1.NetworkPolicyPort{Protocol: ptr.To(v1.ProtocolUDP), Port: ptr.To(intstr.FromInt32(53))},
))
})

It("should use default namespace when empty namespace is provided", func() {
Expand Down