diff options
Diffstat (limited to 'lib/gitlab/kubernetes/cilium_network_policy.rb')
-rw-r--r-- | lib/gitlab/kubernetes/cilium_network_policy.rb | 141 |
1 files changed, 0 insertions, 141 deletions
diff --git a/lib/gitlab/kubernetes/cilium_network_policy.rb b/lib/gitlab/kubernetes/cilium_network_policy.rb deleted file mode 100644 index 8a31e068c30..00000000000 --- a/lib/gitlab/kubernetes/cilium_network_policy.rb +++ /dev/null @@ -1,141 +0,0 @@ -# frozen_string_literal: true - -module Gitlab - module Kubernetes - class CiliumNetworkPolicy - include NetworkPolicyCommon - extend ::Gitlab::Utils::Override - - API_VERSION = "cilium.io/v2" - KIND = 'CiliumNetworkPolicy' - - PREDEFINED_POLICIES = { - 'allow-inbound-http' => <<~YAML.rstrip, - apiVersion: cilium.io/v2 - kind: CiliumNetworkPolicy - metadata: - name: allow-inbound-http - spec: - endpointSelector: - matchLabels: - network-policy.gitlab.com/disabled_by: gitlab - ingress: - - toPorts: - - ports: - - port: '80' - - port: '443' - YAML - 'drop-outbound' => <<~YAML.rstrip - apiVersion: cilium.io/v2 - kind: CiliumNetworkPolicy - metadata: - name: drop-outbound - spec: - endpointSelector: - matchLabels: - network-policy.gitlab.com/disabled_by: gitlab - egress: - - {} - YAML - }.freeze - - # We are modeling existing kubernetes resource and don't have - # control over amount of parameters. - # rubocop:disable Metrics/ParameterLists - def initialize(name:, namespace:, selector:, ingress:, resource_version: nil, description: nil, labels: nil, creation_timestamp: nil, egress: nil, annotations: nil, environment_ids: []) - @name = name - @description = description - @namespace = namespace - @labels = labels - @creation_timestamp = creation_timestamp - @selector = selector - @resource_version = resource_version - @ingress = ingress - @egress = egress - @annotations = annotations - @environment_ids = environment_ids - end - # rubocop:enable Metrics/ParameterLists - - def self.from_yaml(manifest) - return unless manifest - - policy = YAML.safe_load(manifest, symbolize_names: true) - return if !policy[:metadata] || !policy[:spec] - - metadata = policy[:metadata] - spec = policy[:spec] - self.new( - name: metadata[:name], - description: policy[:description], - namespace: metadata[:namespace], - annotations: metadata[:annotations], - resource_version: metadata[:resourceVersion], - labels: metadata[:labels], - selector: spec[:endpointSelector], - ingress: spec[:ingress], - egress: spec[:egress] - ) - rescue Psych::SyntaxError, Psych::DisallowedClass - nil - end - - def self.from_resource(resource, environment_ids = []) - return unless resource - return if !resource[:metadata] || !resource[:spec] - - metadata = resource[:metadata] - spec = resource[:spec].to_h - self.new( - name: metadata[:name], - description: resource[:description], - namespace: metadata[:namespace], - annotations: metadata[:annotations]&.to_h, - resource_version: metadata[:resourceVersion], - labels: metadata[:labels]&.to_h, - creation_timestamp: metadata[:creationTimestamp], - selector: spec[:endpointSelector], - ingress: spec[:ingress], - egress: spec[:egress], - environment_ids: environment_ids - ) - end - - override :resource - def resource - resource = { - apiVersion: API_VERSION, - kind: KIND, - metadata: metadata, - spec: spec - } - resource[:description] = description if description - resource - end - - private - - attr_reader :name, :description, :namespace, :labels, :creation_timestamp, :resource_version, :ingress, :egress, :annotations, :environment_ids - - def selector - @selector ||= {} - end - - def metadata - meta = { name: name, namespace: namespace } - meta[:labels] = labels if labels - meta[:resourceVersion] = resource_version if resource_version - meta[:annotations] = annotations if annotations - meta - end - - def spec - { - endpointSelector: selector, - ingress: ingress, - egress: egress - }.compact - end - end - end -end |