From 60ebbf0ef4ddbb38f9372fb9f6dbc16aaebee95d Mon Sep 17 00:00:00 2001
From: Erik Brakkee <erik@brakkee.org>
Date: Sun, 19 Jan 2025 16:33:21 +0100
Subject: [PATCH] to generate network policy, 'generate netpol' shoul dbe used
 now. Also added subcommand for linkerd ('generate linkerd'

---
 cmd/policygen/config.go          |  9 ++++----
 cmd/policygen/configvalidator.go |  2 ++
 cmd/policygen/main.go            | 36 +++++++++++++++++++++++++-------
 go.mod                           |  6 +++---
 4 files changed, 38 insertions(+), 15 deletions(-)

diff --git a/cmd/policygen/config.go b/cmd/policygen/config.go
index b8c682d..377a701 100644
--- a/cmd/policygen/config.go
+++ b/cmd/policygen/config.go
@@ -6,7 +6,6 @@ import (
 	"fmt"
 	"github.com/goccy/go-yaml"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"log"
 	"net"
 	"os"
 	"slices"
@@ -187,13 +186,15 @@ func (c *Config) Infer(resolver Resolver) {
 		for _, app := range ns.Applications {
 			if len(app.ServiceAccounts) == 0 {
 				app.ServiceAccounts = resolver.ServiceAccounts(app)
-				log.Printf("Inferred service accounts: %s/%s: %v", app.Namespace.Name, app.Name,
+				fmt.Fprintf(os.Stderr, "Inferred service accounts: %s/%s: %v\n", app.Namespace.Name, app.Name,
 					app.ServiceAccounts)
 			}
 			if len(app.Ports) == 0 && !strings.HasPrefix(ns.Name, "linkerd") {
 				app.Ports = resolver.PortNumbers(app)
-				log.Printf("Inferred ports: %s/%s: %v", app.Namespace.Name, app.Name,
-					app.Ports)
+				if len(app.Ports) > 0 {
+					fmt.Fprintf(os.Stderr, "Inferred ports: %s/%s: %v\n", app.Namespace.Name, app.Name,
+						app.Ports)
+				}
 			}
 		}
 	}
diff --git a/cmd/policygen/configvalidator.go b/cmd/policygen/configvalidator.go
index 369b034..fc89a58 100644
--- a/cmd/policygen/configvalidator.go
+++ b/cmd/policygen/configvalidator.go
@@ -56,6 +56,8 @@ func validate(files []string, options *Options) error {
 
 	config.Infer(cluster)
 
+	fmt.Fprintln(os.Stderr, "")
+
 	// map  applname1 -> appname2 where appname1 is in an open namespace and app2 is in a closed namespace.
 	// Exclusing when 'from' side is a CIDR.
 	openToClosedAccess := make(map[string]string)
diff --git a/cmd/policygen/main.go b/cmd/policygen/main.go
index f0ea6bc..5dac714 100644
--- a/cmd/policygen/main.go
+++ b/cmd/policygen/main.go
@@ -3,7 +3,6 @@ package main
 import (
 	"fmt"
 	"github.com/spf13/cobra"
-	"log"
 	"os"
 )
 
@@ -15,7 +14,7 @@ type Options struct {
 func readConfig(files []string) (*Config, error) {
 	config := &Config{}
 	for _, file := range files {
-		log.Printf("LOADING %s\n", file)
+		fmt.Fprintf(os.Stderr, "Reading %s\n", file)
 		configNew, err := LoadConfig(file)
 		if err != nil {
 			return nil, fmt.Errorf("%s: %w", file, err)
@@ -29,7 +28,7 @@ func readConfig(files []string) (*Config, error) {
 	return config, nil
 }
 
-func generate(files []string, options *Options) error {
+func generateNetworkPolicy(files []string, options *Options) error {
 	if len(files) == 0 {
 		return fmt.Errorf("File expected")
 	}
@@ -55,6 +54,10 @@ func generate(files []string, options *Options) error {
 	return nil
 }
 
+func generateLinkerdPolicies(files []string, options *Options) error {
+	return fmt.Errorf(("Not yet implemented"))
+}
+
 func main() {
 
 	options := Options{
@@ -69,14 +72,31 @@ func main() {
 
 	generate := &cobra.Command{
 		Use:   "generate",
-		Short: "Generate policies",
-		Long:  "Generate policies",
-		RunE: func(cmd *cobra.Command, args []string) error {
-			return generate(args, &options)
-		},
+		Short: "Generate configuration",
+		Long:  "Generate configuration",
 	}
 	cmd.AddCommand(generate)
 
+	netpol := &cobra.Command{
+		Use:   "netpol",
+		Short: "Generate NetworkPolicyp",
+		Long:  "Generate NetworkPolicy",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return generateNetworkPolicy(args, &options)
+		},
+	}
+	generate.AddCommand(netpol)
+
+	linkerd := &cobra.Command{
+		Use:   "linkerd",
+		Short: "Generate linkerd authorization policies",
+		Long:  "Generate linkerd authorization policies",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return generateLinkerdPolicies(args, &options)
+		},
+	}
+	generate.AddCommand(linkerd)
+
 	validate := &cobra.Command{
 		Use:   "validate",
 		Short: "Validate configuration",
diff --git a/go.mod b/go.mod
index 67a91a4..0049dba 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module git.wamblee.org/public/policy-generator
 
-go 1.23.4
+go 1.23.5
 
 require (
 	github.com/Masterminds/sprig/v3 v3.3.0
@@ -9,6 +9,8 @@ require (
 	github.com/go-playground/validator/v10 v10.23.0
 	github.com/goccy/go-yaml v1.15.13
 	github.com/spf13/cobra v1.8.1
+	k8s.io/api v0.32.0
+	k8s.io/apimachinery v0.32.0
 	k8s.io/client-go v0.32.0
 )
 
@@ -57,8 +59,6 @@ require (
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/api v0.32.0 // indirect
-	k8s.io/apimachinery v0.32.0 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect
 	k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect