summaryrefslogtreecommitdiff
path: root/lib/gitlab/kubernetes/cilium_network_policy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/kubernetes/cilium_network_policy.rb')
-rw-r--r--lib/gitlab/kubernetes/cilium_network_policy.rb141
1 files changed, 0 insertions, 141 deletions
diff --git a/lib/gitlab/kubernetes/cilium_network_policy.rb b/lib/gitlab/kubernetes/cilium_network_policy.rb
deleted file mode 100644
index 8a31e068c30..00000000000
--- a/lib/gitlab/kubernetes/cilium_network_policy.rb
+++ /dev/null
@@ -1,141 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
- module Kubernetes
- class CiliumNetworkPolicy
- include NetworkPolicyCommon
- extend ::Gitlab::Utils::Override
-
- API_VERSION = "cilium.io/v2"
- KIND = 'CiliumNetworkPolicy'
-
- PREDEFINED_POLICIES = {
- 'allow-inbound-http' => <<~YAML.rstrip,
- apiVersion: cilium.io/v2
- kind: CiliumNetworkPolicy
- metadata:
- name: allow-inbound-http
- spec:
- endpointSelector:
- matchLabels:
- network-policy.gitlab.com/disabled_by: gitlab
- ingress:
- - toPorts:
- - ports:
- - port: '80'
- - port: '443'
- YAML
- 'drop-outbound' => <<~YAML.rstrip
- apiVersion: cilium.io/v2
- kind: CiliumNetworkPolicy
- metadata:
- name: drop-outbound
- spec:
- endpointSelector:
- matchLabels:
- network-policy.gitlab.com/disabled_by: gitlab
- egress:
- - {}
- YAML
- }.freeze
-
- # We are modeling existing kubernetes resource and don't have
- # control over amount of parameters.
- # rubocop:disable Metrics/ParameterLists
- def initialize(name:, namespace:, selector:, ingress:, resource_version: nil, description: nil, labels: nil, creation_timestamp: nil, egress: nil, annotations: nil, environment_ids: [])
- @name = name
- @description = description
- @namespace = namespace
- @labels = labels
- @creation_timestamp = creation_timestamp
- @selector = selector
- @resource_version = resource_version
- @ingress = ingress
- @egress = egress
- @annotations = annotations
- @environment_ids = environment_ids
- end
- # rubocop:enable Metrics/ParameterLists
-
- def self.from_yaml(manifest)
- return unless manifest
-
- policy = YAML.safe_load(manifest, symbolize_names: true)
- return if !policy[:metadata] || !policy[:spec]
-
- metadata = policy[:metadata]
- spec = policy[:spec]
- self.new(
- name: metadata[:name],
- description: policy[:description],
- namespace: metadata[:namespace],
- annotations: metadata[:annotations],
- resource_version: metadata[:resourceVersion],
- labels: metadata[:labels],
- selector: spec[:endpointSelector],
- ingress: spec[:ingress],
- egress: spec[:egress]
- )
- rescue Psych::SyntaxError, Psych::DisallowedClass
- nil
- end
-
- def self.from_resource(resource, environment_ids = [])
- return unless resource
- return if !resource[:metadata] || !resource[:spec]
-
- metadata = resource[:metadata]
- spec = resource[:spec].to_h
- self.new(
- name: metadata[:name],
- description: resource[:description],
- namespace: metadata[:namespace],
- annotations: metadata[:annotations]&.to_h,
- resource_version: metadata[:resourceVersion],
- labels: metadata[:labels]&.to_h,
- creation_timestamp: metadata[:creationTimestamp],
- selector: spec[:endpointSelector],
- ingress: spec[:ingress],
- egress: spec[:egress],
- environment_ids: environment_ids
- )
- end
-
- override :resource
- def resource
- resource = {
- apiVersion: API_VERSION,
- kind: KIND,
- metadata: metadata,
- spec: spec
- }
- resource[:description] = description if description
- resource
- end
-
- private
-
- attr_reader :name, :description, :namespace, :labels, :creation_timestamp, :resource_version, :ingress, :egress, :annotations, :environment_ids
-
- def selector
- @selector ||= {}
- end
-
- def metadata
- meta = { name: name, namespace: namespace }
- meta[:labels] = labels if labels
- meta[:resourceVersion] = resource_version if resource_version
- meta[:annotations] = annotations if annotations
- meta
- end
-
- def spec
- {
- endpointSelector: selector,
- ingress: ingress,
- egress: egress
- }.compact
- end
- end
- end
-end
View Lorry Controller Status