public/policy-generator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
496e58347c
policy-generator/cmd/policygen/netpol_generator.go

90 lines
2.0 KiB
Go
Raw Blame History

package main
import (
"fmt"
"io"
"os"
"slices"
)
type NetworkPolicyGenerator struct {
config *Config
policyTemplates *PolicyTemplates
}
func (g NetworkPolicyGenerator) Init(writer io.Writer) error {
return nil
}
func (g NetworkPolicyGenerator) GenerateNamespace(writer io.Writer, namespace *Namespace) error {
fmt.Fprintf(os.Stderr, "Namespace %s\n", namespace.Name)
templates := g.policyTemplates.NamespaceTemplates("netpol", namespace.Capabilities)
for _, template := range templates {
err := template.Execute(writer, &namespace)
if err != nil {
return fmt.Errorf("Error using template %s: %w", template.Name(), err)
}
}
return nil
}
func (g NetworkPolicyGenerator) GenerateCommunicationRule(
writer io.Writer,
app *Application,
ingress *Ingress,
egress *Egress) error {
if len(ingress.Applications)+
len(ingress.Networks)+
len(egress.Applications)+
len(egress.Networks) > 0 {
// non-trivial regular network policy
tmpl := g.policyTemplates.ApplicationTemplate("netpol")
if tmpl == nil {
return fmt.Errorf("Could not find policy template for 'netpol'")
}
err := tmpl.Execute(writer, map[string]any{
"app": app,
"ingress": ingress,
"egress": egress,
"labels": map[string]string{
"policy-generator": "1",
},
})
if err != nil {
return err
}
}
allPredefined := make(map[string]bool)
for _, pre := range ingress.Predefined {
allPredefined[pre] = true
}
for _, pre := range egress.Predefined {
allPredefined[pre] = true
}
for predefined, _ := range allPredefined {
tmpl := g.policyTemplates.PredefineApplicationPolicyTemplate("netpol", predefined)
if tmpl == nil {
return fmt.Errorf("Could not find predefined template for netpol/%s", predefined)
}
err := tmpl.Execute(writer, map[string]any{
"app": app,
"ingress": slices.Contains(ingress.Predefined, predefined),
"egress": slices.Contains(egress.Predefined, predefined),
"labels": map[string]string{
"policy-generator": "1",
},
})
if err != nil {
return err
}
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink