|
|
b41c92112e
|
renamed pod to application in the templates directory.
|
2025-01-19 19:02:36 +01:00 |
|
|
|
c696c24e31
|
detailed the meaning of the new unauthorized flag.
|
2025-01-19 17:17:23 +01:00 |
|
|
|
c9022a8036
|
added validation of application names to prevent conflicts at a later
stage with genrated resource names.
The Server resource names will use the -pNNNN suffix to indicates a
linkerd Server resource for port NNNN
|
2025-01-19 17:08:12 +01:00 |
|
|
|
60ebbf0ef4
|
to generate network policy, 'generate netpol' shoul dbe used now. Also
added subcommand for linkerd ('generate linkerd'
|
2025-01-19 16:33:21 +01:00 |
|
|
|
86572e8063
|
now checking whether a pod is not part of any application.
|
2025-01-18 11:40:12 +01:00 |
|
|
|
ee8c0a2204
|
inferring application ports in case not configure so that they
can be used for linkerd authorization.
|
2025-01-17 21:16:41 +01:00 |
|
|
|
2066aad656
|
open-> closed check not takingin to account annotation and filtering out
cases where the From is already a CIDR.
|
2025-01-17 20:43:55 +01:00 |
|
|
|
b7a0b6a557
|
open to closed not report anymore when from is a network.
|
2025-01-16 21:38:48 +01:00 |
|
|
|
6a2f1b9fee
|
fine tuning the error messages
|
2025-01-12 23:26:10 +01:00 |
|
|
|
95e7106dba
|
now inferring the service accounts from the network policy config.
|
2025-01-12 22:08:33 +01:00 |
|
|
|
b3c24048d6
|
minor change in log output (NOTICE prefix)
|
2025-01-12 16:42:11 +01:00 |
|
|
|
a640b726bf
|
loop over communication sis now outside loop over namespaces.
|
2025-01-12 16:32:20 +01:00 |
|
|
|
ea6eb4e9ae
|
container ports are not checked by the tool with the validation option.
|
2025-01-12 16:30:53 +01:00 |
|
|
|
ff816a02ae
|
integrated the parser with the validator to ge tbetter error messages.
|
2025-01-12 14:56:36 +01:00 |
|
|
|
548260d3ab
|
added more user-friendly validation messages.
|
2025-01-04 13:54:29 +01:00 |
|
|
|
93a743765d
|
rules appear to be working.
|
2025-01-04 00:16:25 +01:00 |
|
|
|
144a624985
|
exiting with an error when a capability cannot be found.
|
2025-01-03 20:40:28 +01:00 |
|
|
|
852833764c
|
addes support for matchExpressions
|
2025-01-03 17:59:11 +01:00 |
|
|
|
8c229f7a93
|
added playground validator to validate the input more.
|
2025-01-03 13:25:53 +01:00 |
|
|
|
e576e00456
|
more fixes for the netpolicy schema.
|
2025-01-03 00:31:03 +01:00 |
|
|
|
b8dfaa55a4
|
fixed issues with schema of network policy
also fixed encoding of matahLabels. Now using json format so that it
also works for empty maps.
|
2025-01-03 00:10:32 +01:00 |
|
|
|
d85baf3beb
|
deterministic ordering of output.
|
2025-01-02 23:00:11 +01:00 |
|
|
|
eba04ec132
|
Ports specified at communications now override the default ports of
the application.
Also added some comments to the generated output.
|
2025-01-02 22:49:47 +01:00 |
|
|
|
01700876cf
|
now also supporting linkerd
and some cleanup
|
2025-01-02 19:30:31 +01:00 |
|
|
|
c522f16d64
|
multiple config files to allow spreading of configuration
|
2025-01-02 19:21:04 +01:00 |
|
|
|
5659d7c18c
|
apiserver cilium rules.
|
2025-01-02 19:01:05 +01:00 |
|
|
|
933b46c68c
|
No more netpols fo pods in open namespaces.
|
2025-01-02 18:24:02 +01:00 |
|
|
|
6d05f0501f
|
network policy now fully generated
|
2025-01-02 18:16:24 +01:00 |
|
|
|
207043d38f
|
work in progress. working on pod templatest.
|
2025-01-02 17:14:06 +01:00 |
|
|
|
8c5a099082
|
full parsing of config file and validation logic.
|
2025-01-02 12:17:41 +01:00 |
|
|
|
f99e885f7a
|
initial version of confiuration is now parsed.
|
2025-01-02 11:44:32 +01:00 |
|
|
|
4d56d8ea21
|
first commit
|
2025-01-02 11:37:20 +01:00 |
|
