policy-generator/cmd/policygen/linkerd_generator.go

package main

import (
	"fmt"
	"io"
	"os"
)

type LinkerdPolicyGenerator struct {
	config          *Config
	policyTemplates *PolicyTemplates
}

func (g LinkerdPolicyGenerator) Init(writer io.Writer) error {
	// start by generating network authentications
	for _, network := range g.config.Networks {
		fmt.Fprintf(os.Stderr, "NetworkAuthentication default/%s\n", network.Name)
		template := g.policyTemplates.PredefineApplicationPolicyTemplate("linkerd", "network-authentication")
		if template == nil {
			return fmt.Errorf("Linkerd template for network authentication not found")
		}
		err := template.Execute(writer, network)
		if err != nil {
			return fmt.Errorf("Error executing network authentication template for %s", network.Name)
		}
	}
	return nil
}

func (g LinkerdPolicyGenerator) GenerateNamespace(writer io.Writer, namespace *Namespace) error {
	// and then the meshTLSAuthentications
	for _, app := range namespace.Applications {
		fmt.Fprintf(os.Stderr, "MeshTLSAuthentication %s/%s %v\n",
			namespace.Name, app.Name, app.ServiceAccounts)
	}
	return nil
}

func (g LinkerdPolicyGenerator) GenerateCommunicationRule(
	writer io.Writer,
	app *Application,
	ingress *Ingress,
	egress *Egress) error {

	if len(ingress.Applications)+
		len(ingress.Networks)+
		len(egress.Applications)+
		len(egress.Networks) > 0 {
		// non-trivial regular network policy

		// TODO
	}

	return nil
}