diff --git a/cmd/convert.go b/cmd/convert.go index 7854c2ac..dc327ee1 100644 --- a/cmd/convert.go +++ b/cmd/convert.go @@ -50,6 +50,7 @@ var ( ConvertPushImageRegistry string ConvertOpt kobject.ConvertOptions ConvertYAMLIndent int + GenerateNetworkPolicies bool UpBuild string @@ -116,6 +117,7 @@ var convertCmd = &cobra.Command{ ServiceGroupMode: ServiceGroupMode, ServiceGroupName: ServiceGroupName, SecretsAsFiles: SecretsAsFiles, + GenerateNetworkPolicies: GenerateNetworkPolicies, } if ServiceGroupMode == "" && MultipleContainerMode { @@ -178,6 +180,7 @@ func init() { convertCmd.Flags().IntVar(&ConvertReplicas, "replicas", 1, "Specify the number of replicas in the generated resource spec") convertCmd.Flags().StringVar(&ConvertVolumes, "volumes", "persistentVolumeClaim", `Volumes to be generated ("persistentVolumeClaim"|"emptyDir"|"hostPath" | "configMap")`) convertCmd.Flags().StringVar(&ConvertPVCRequestSize, "pvc-request-size", "", `Specify the size of pvc storage requests in the generated resource spec`) + convertCmd.Flags().BoolVar(&GenerateNetworkPolicies, "generate-network-policies", false, "Specify whether to generate network policies or not.") convertCmd.Flags().BoolVar(&WithKomposeAnnotation, "with-kompose-annotation", true, "Add kompose annotations to generated resource") diff --git a/docs/user-guide.md b/docs/user-guide.md index f943f0d7..d0073371 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -495,6 +495,10 @@ If the Docker Compose file has service name with `_` or `.` in it (eg.`web_servi Please note that changing service name might break some `docker-compose` files. +## Network policies generation +[Network policies](https://kubernetes.io/docs/concepts/services-networking/network-policies) are not generated by default, because it's not mandatory to deploy your application. However, it's one of the best practices when it comes to deploy secure applications on top of Kubernetes. +To generate network policies, all you need is to use the `--generate-network-policies` flag. + ## Build and push image If the Docker Compose file has `build` or `build:context, build:dockerfile` keys, build will run when `--build` specified. @@ -503,6 +507,7 @@ And Image will push to _docker.io_ (default) when `--push-image=true` specified. It is possible to push to custom registry by specify `--push-image-registry`, which will override the registry from image name. + ### Authentication on registry Kompose uses the docker authentication from file `$DOCKER_CONFIG/config.json`, `$HOME/.docker/config.json`, and `$HOME/.dockercfg` after `docker login`. diff --git a/pkg/kobject/kobject.go b/pkg/kobject/kobject.go index 7c2065a4..8b6567c1 100644 --- a/pkg/kobject/kobject.go +++ b/pkg/kobject/kobject.go @@ -79,10 +79,11 @@ type ConvertOptions struct { WithKomposeAnnotation bool - MultipleContainerMode bool - ServiceGroupMode string - ServiceGroupName string - SecretsAsFiles bool + MultipleContainerMode bool + ServiceGroupMode string + ServiceGroupName string + SecretsAsFiles bool + GenerateNetworkPolicies bool } // IsPodController indicate if the user want to use a controller diff --git a/pkg/transformer/kubernetes/kubernetes.go b/pkg/transformer/kubernetes/kubernetes.go index d3b5cf9d..2226f3de 100644 --- a/pkg/transformer/kubernetes/kubernetes.go +++ b/pkg/transformer/kubernetes/kubernetes.go @@ -1519,8 +1519,10 @@ func (k *Kubernetes) Transform(komposeObject kobject.KomposeObject, opt kobject. return nil, errors.Wrap(err, "Error transforming Kubernetes objects") } - if err = k.configNetworkPolicyForService(service, service.Name, &objects); err != nil { - return nil, err + if opt.GenerateNetworkPolicies { + if err = k.configNetworkPolicyForService(service, service.Name, &objects); err != nil { + return nil, err + } } } @@ -1560,8 +1562,10 @@ func (k *Kubernetes) Transform(komposeObject kobject.KomposeObject, opt kobject. if err != nil { return nil, errors.Wrap(err, "Error transforming Kubernetes objects") } - if err := k.configNetworkPolicyForService(service, name, &objects); err != nil { - return nil, err + if opt.GenerateNetworkPolicies { + if err := k.configNetworkPolicyForService(service, name, &objects); err != nil { + return nil, err + } } allobjects = append(allobjects, objects...) } diff --git a/pkg/transformer/kubernetes/kubernetes_test.go b/pkg/transformer/kubernetes/kubernetes_test.go index c4deb3fb..712d45db 100644 --- a/pkg/transformer/kubernetes/kubernetes_test.go +++ b/pkg/transformer/kubernetes/kubernetes_test.go @@ -32,6 +32,7 @@ import ( "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" api "k8s.io/api/core/v1" + networkingv1 "k8s.io/api/networking/v1" networkingv1beta1 "k8s.io/api/networking/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -327,15 +328,15 @@ func TestKomposeConvert(t *testing.T) { expectedNumObjs int }{ // objects generated are deployment, service nework policies (2) and pvc - "Convert to Deployments (D)": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, Replicas: replicas, IsReplicaSetFlag: true}, 6}, - "Convert to Deployments (D) with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true}, 6}, - "Convert to DaemonSets (DS)": {newKomposeObject(), kobject.ConvertOptions{CreateDS: true}, 6}, + "Convert to Deployments (D)": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, Replicas: replicas, IsReplicaSetFlag: true}, 4}, + "Convert to Deployments (D) with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true}, 4}, + "Convert to DaemonSets (DS)": {newKomposeObject(), kobject.ConvertOptions{CreateDS: true}, 4}, // objects generated are deployment, daemonset, ReplicationController, service and pvc - "Convert to D, DS, and RC": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true, Replicas: replicas, IsReplicaSetFlag: true}, 7}, - "Convert to D, DS, and RC with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true}, 7}, + "Convert to D, DS, and RC": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true, Replicas: replicas, IsReplicaSetFlag: true}, 5}, + "Convert to D, DS, and RC with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true}, 5}, // objects generated are statefulset - "Convert to SS with replicas ": {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController, Replicas: replicas, IsReplicaSetFlag: true}, 5}, - "Convert to SS without replicas": {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController}, 5}, + "Convert to SS with replicas ": {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController, Replicas: replicas, IsReplicaSetFlag: true}, 3}, + "Convert to SS without replicas": {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController}, 3}, } for name, test := range testCases { @@ -1051,3 +1052,23 @@ func TestVolumeMountSubPath(t *testing.T) { } } } + +func TestNetworkPoliciesGeneration(t *testing.T) { + groupName := "pod_group" + komposeObject := kobject.KomposeObject{ + ServiceConfigs: map[string]kobject.ServiceConfig{"app": newServiceConfig()}, + } + k := Kubernetes{} + objs, err := k.Transform(komposeObject, kobject.ConvertOptions{ServiceGroupMode: groupName, GenerateNetworkPolicies: true}) + if err != nil { + t.Error(errors.Wrap(err, "k.Transform failed")) + } + for _, obj := range objs { + if np, ok := obj.(*networkingv1.NetworkPolicy); ok { + matchLabelsLength := len(np.Spec.PodSelector.MatchLabels) + if matchLabelsLength == 0 { + t.Errorf("Expected length of Network Policy PodSelector to be greater than 0, got %v", matchLabelsLength) + } + } + } +} diff --git a/script/test/cmd/tests_new.sh b/script/test/cmd/tests_new.sh index 876392c6..e93ac645 100755 --- a/script/test/cmd/tests_new.sh +++ b/script/test/cmd/tests_new.sh @@ -267,3 +267,8 @@ os_cmd="kompose --provider=openshift -f $KOMPOSE_ROOT/script/test/fixtures/vols- os_output="$KOMPOSE_ROOT/script/test/fixtures/vols-subpath/output-os.yaml" convert::expect_success_and_warning "$k8s_cmd" "$k8s_output" convert::expect_success "$os_cmd" "$os_output" + +# Test support for network policies generation +k8s_cmd="kompose -f $KOMPOSE_ROOT/script/test/fixtures/network-policies/docker-compose.yaml convert --generate-network-policies --stdout --with-kompose-annotation=false" +k8s_output="$KOMPOSE_ROOT/script/test/fixtures/network-policies/output-k8s.yaml" +convert::expect_success "$os_cmd" "$os_output" diff --git a/script/test/cmd/update-e2e.sh b/script/test/cmd/update-e2e.sh index 10b8182a..4fd089bb 100755 --- a/script/test/cmd/update-e2e.sh +++ b/script/test/cmd/update-e2e.sh @@ -27,6 +27,7 @@ $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/single-file-output/d $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/host-port-protocol/docker-compose.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/host-port-protocol/output-k8s.yaml $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/docker-compose-v1.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/docker-compose-v2.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml +$KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/compose-file-support/compose.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/compose-file-support/output-k8s.yaml fi if $UPDATE_OS ; then diff --git a/script/test/fixtures/change-in-volume/output-k8s-empty-vols-template.yaml b/script/test/fixtures/change-in-volume/output-k8s-empty-vols-template.yaml index 1691599d..673e998f 100644 --- a/script/test/fixtures/change-in-volume/output-k8s-empty-vols-template.yaml +++ b/script/test/fixtures/change-in-volume/output-k8s-empty-vols-template.yaml @@ -69,22 +69,6 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: change-in-volume-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/change-in-volume-default: "true" - podSelector: - matchLabels: - io.kompose.network/change-in-volume-default: "true" - --- apiVersion: apps/v1 kind: Deployment diff --git a/script/test/fixtures/change-in-volume/output-k8s.yaml b/script/test/fixtures/change-in-volume/output-k8s.yaml index 905b4d8e..673e998f 100644 --- a/script/test/fixtures/change-in-volume/output-k8s.yaml +++ b/script/test/fixtures/change-in-volume/output-k8s.yaml @@ -69,22 +69,6 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: change-in-volume-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/change-in-volume-default: "true" - podSelector: - matchLabels: - io.kompose.network/change-in-volume-default: "true" - --- apiVersion: apps/v1 kind: Deployment @@ -115,6 +99,8 @@ spec: name: web ports: - containerPort: 5000 + hostPort: 5000 + protocol: TCP resources: {} volumeMounts: - mountPath: /code diff --git a/script/test/fixtures/compose-file-support/output-k8s.yaml b/script/test/fixtures/compose-file-support/output-k8s.yaml index 0c883886..1ca00e60 100644 --- a/script/test/fixtures/compose-file-support/output-k8s.yaml +++ b/script/test/fixtures/compose-file-support/output-k8s.yaml @@ -2,9 +2,6 @@ apiVersion: v1 kind: Service metadata: - annotations: - kompose.cmd: ./kompose convert --stdout - kompose.version: 1.28.0 (4d1ce961) creationTimestamp: null labels: io.kompose.service: web @@ -23,9 +20,6 @@ status: apiVersion: apps/v1 kind: Deployment metadata: - annotations: - kompose.cmd: ./kompose convert --stdout - kompose.version: 1.28.0 (4d1ce961) creationTimestamp: null labels: io.kompose.service: web @@ -38,12 +32,9 @@ spec: strategy: {} template: metadata: - annotations: - kompose.cmd: ./kompose convert --stdout - kompose.version: 1.28.0 (4d1ce961) creationTimestamp: null labels: - io.kompose.network/kompose-default: "true" + io.kompose.network/compose-file-support-default: "true" io.kompose.service: web spec: containers: @@ -57,19 +48,3 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: kompose-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/kompose-default: "true" - podSelector: - matchLabels: - io.kompose.network/kompose-default: "true" - diff --git a/script/test/fixtures/configmap-volume/output-k8s-withlabel.yaml b/script/test/fixtures/configmap-volume/output-k8s-withlabel.yaml index d29f5373..5e3c9d33 100644 --- a/script/test/fixtures/configmap-volume/output-k8s-withlabel.yaml +++ b/script/test/fixtures/configmap-volume/output-k8s-withlabel.yaml @@ -55,22 +55,6 @@ metadata: io.kompose.service: db name: db-cm0 ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: configmap-volume-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/configmap-volume-default: "true" - podSelector: - matchLabels: - io.kompose.network/configmap-volume-default: "true" - --- apiVersion: apps/v1 kind: Deployment diff --git a/script/test/fixtures/configmap-volume/output-k8s.yaml b/script/test/fixtures/configmap-volume/output-k8s.yaml index 97be9ce9..4baf157a 100644 --- a/script/test/fixtures/configmap-volume/output-k8s.yaml +++ b/script/test/fixtures/configmap-volume/output-k8s.yaml @@ -51,22 +51,6 @@ metadata: io.kompose.service: db name: db-cm0 ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: configmap-volume-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/configmap-volume-default: "true" - podSelector: - matchLabels: - io.kompose.network/configmap-volume-default: "true" - --- apiVersion: apps/v1 kind: Deployment diff --git a/script/test/fixtures/deploy/placement/output-placement-k8s.yaml b/script/test/fixtures/deploy/placement/output-placement-k8s.yaml index 3e259159..8005d35e 100644 --- a/script/test/fixtures/deploy/placement/output-placement-k8s.yaml +++ b/script/test/fixtures/deploy/placement/output-placement-k8s.yaml @@ -77,19 +77,3 @@ spec: whenUnsatisfiable: ScheduleAnyway status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: placement-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/placement-default: "true" - podSelector: - matchLabels: - io.kompose.network/placement-default: "true" - diff --git a/script/test/fixtures/envvars-interpolation/output-k8s.yaml b/script/test/fixtures/envvars-interpolation/output-k8s.yaml index e34faff0..9ab44673 100644 --- a/script/test/fixtures/envvars-interpolation/output-k8s.yaml +++ b/script/test/fixtures/envvars-interpolation/output-k8s.yaml @@ -34,19 +34,3 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: envvars-interpolation-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/envvars-interpolation-default: "true" - podSelector: - matchLabels: - io.kompose.network/envvars-interpolation-default: "true" - diff --git a/script/test/fixtures/expose/output-k8s.yaml b/script/test/fixtures/expose/output-k8s.yaml index f3d48c3a..52ad4c7d 100644 --- a/script/test/fixtures/expose/output-k8s.yaml +++ b/script/test/fixtures/expose/output-k8s.yaml @@ -69,22 +69,6 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: expose-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/expose-default: "true" - podSelector: - matchLabels: - io.kompose.network/expose-default: "true" - --- apiVersion: apps/v1 kind: Deployment diff --git a/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml b/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml index 9a15d201..aabc5a9a 100644 --- a/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml +++ b/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml @@ -68,18 +68,3 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: external-traffic-policy-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/external-traffic-policy-default: "true" - podSelector: - matchLabels: - io.kompose.network/external-traffic-policy-default: "true" diff --git a/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml b/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml index d1d71e8d..391e21bb 100644 --- a/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml +++ b/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml @@ -97,19 +97,3 @@ spec: status: loadBalancer: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: external-traffic-policy-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/external-traffic-policy-default: "true" - podSelector: - matchLabels: - io.kompose.network/external-traffic-policy-default: "true" - diff --git a/script/test/fixtures/healthcheck/output-healthcheck-k8s.yaml b/script/test/fixtures/healthcheck/output-healthcheck-k8s.yaml index e0a1cf13..2e3d7070 100644 --- a/script/test/fixtures/healthcheck/output-healthcheck-k8s.yaml +++ b/script/test/fixtures/healthcheck/output-healthcheck-k8s.yaml @@ -172,22 +172,6 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: healthcheck-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/healthcheck-default: "true" - podSelector: - matchLabels: - io.kompose.network/healthcheck-default: "true" - --- apiVersion: apps/v1 kind: Deployment diff --git a/script/test/fixtures/host-port-protocol/output-k8s.yaml b/script/test/fixtures/host-port-protocol/output-k8s.yaml index ae32c029..8af386f1 100644 --- a/script/test/fixtures/host-port-protocol/output-k8s.yaml +++ b/script/test/fixtures/host-port-protocol/output-k8s.yaml @@ -48,19 +48,3 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: host-port-protocol-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/host-port-protocol-default: "true" - podSelector: - matchLabels: - io.kompose.network/host-port-protocol-default: "true" - diff --git a/script/test/fixtures/multiple-files/output-k8s.yaml b/script/test/fixtures/multiple-files/output-k8s.yaml index 8275916c..165a54c8 100644 --- a/script/test/fixtures/multiple-files/output-k8s.yaml +++ b/script/test/fixtures/multiple-files/output-k8s.yaml @@ -26,22 +26,6 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: multiple-files-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/multiple-files-default: "true" - podSelector: - matchLabels: - io.kompose.network/multiple-files-default: "true" - --- apiVersion: apps/v1 kind: Deployment diff --git a/script/test/fixtures/multiple-type-volumes/output-k8s.yaml b/script/test/fixtures/multiple-type-volumes/output-k8s.yaml index 65877e89..40690d2a 100644 --- a/script/test/fixtures/multiple-type-volumes/output-k8s.yaml +++ b/script/test/fixtures/multiple-type-volumes/output-k8s.yaml @@ -54,22 +54,6 @@ spec: storage: 100Mi status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: multiple-type-volumes-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/multiple-type-volumes-default: "true" - podSelector: - matchLabels: - io.kompose.network/multiple-type-volumes-default: "true" - --- apiVersion: apps/v1 kind: Deployment diff --git a/script/test/fixtures/network-policies/docker-compose.yaml b/script/test/fixtures/network-policies/docker-compose.yaml new file mode 100644 index 00000000..8b24f656 --- /dev/null +++ b/script/test/fixtures/network-policies/docker-compose.yaml @@ -0,0 +1,10 @@ +version: '3.8' + +networks: + web: + +services: + nginx: + image: nginx + networks: + - web diff --git a/script/test/fixtures/network-policies/output-k8s.yaml b/script/test/fixtures/network-policies/output-k8s.yaml new file mode 100644 index 00000000..049edeab --- /dev/null +++ b/script/test/fixtures/network-policies/output-k8s.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + io.kompose.service: nginx + name: nginx +spec: + replicas: 1 + selector: + matchLabels: + io.kompose.service: nginx + strategy: {} + template: + metadata: + creationTimestamp: null + labels: + io.kompose.network/network-policies-web: "true" + io.kompose.service: nginx + spec: + containers: + - image: nginx + name: nginx + resources: {} + restartPolicy: Always +status: {} + +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + creationTimestamp: null + name: network-policies-web +spec: + ingress: + - from: + - podSelector: + matchLabels: + io.kompose.network/network-policies-web: "true" + podSelector: + matchLabels: + io.kompose.network/network-policies-web: "true" + diff --git a/script/test/fixtures/service-group/output-k8s.yaml b/script/test/fixtures/service-group/output-k8s.yaml index 290b1ac1..47005d42 100644 --- a/script/test/fixtures/service-group/output-k8s.yaml +++ b/script/test/fixtures/service-group/output-k8s.yaml @@ -85,19 +85,3 @@ spec: storage: 100Mi status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: service-group-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/service-group-default: "true" - podSelector: - matchLabels: - io.kompose.network/service-group-default: "true" - diff --git a/script/test/fixtures/single-file-output/output-k8s.yaml b/script/test/fixtures/single-file-output/output-k8s.yaml index bbd8d09d..39835492 100644 --- a/script/test/fixtures/single-file-output/output-k8s.yaml +++ b/script/test/fixtures/single-file-output/output-k8s.yaml @@ -87,19 +87,3 @@ spec: status: loadBalancer: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: single-file-output-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/single-file-output-default: "true" - podSelector: - matchLabels: - io.kompose.network/single-file-output-default: "true" - diff --git a/script/test/fixtures/statefulset/output-k8s.yaml b/script/test/fixtures/statefulset/output-k8s.yaml index 6a231ce7..d617a18d 100644 --- a/script/test/fixtures/statefulset/output-k8s.yaml +++ b/script/test/fixtures/statefulset/output-k8s.yaml @@ -97,22 +97,6 @@ spec: status: replicas: 0 ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: statefulset-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/statefulset-default: "true" - podSelector: - matchLabels: - io.kompose.network/statefulset-default: "true" - --- apiVersion: apps/v1 kind: StatefulSet diff --git a/script/test/fixtures/v3.0/output-k8s.yaml b/script/test/fixtures/v3.0/output-k8s.yaml index 0d04318a..ae6ee902 100644 --- a/script/test/fixtures/v3.0/output-k8s.yaml +++ b/script/test/fixtures/v3.0/output-k8s.yaml @@ -53,102 +53,6 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: normalized-network -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/normalized-network: "true" - podSelector: - matchLabels: - io.kompose.network/normalized-network: "true" - ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: v30-normalized-network -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/v30-normalized-network: "true" - podSelector: - matchLabels: - io.kompose.network/v30-normalized-network: "true" - ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: app-network -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/normalized-network: "true" - podSelector: - matchLabels: - io.kompose.network/normalized-network: "true" - ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: app-network -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/app-network: "true" - podSelector: - matchLabels: - io.kompose.network/app-network: "true" - ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: web-network -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/web-network: "true" - podSelector: - matchLabels: - io.kompose.network/web-network: "true" - ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: normalized-network -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/normalized-network: "true" - podSelector: - matchLabels: - io.kompose.network/normalized-network: "true" - --- apiVersion: apps/v1 kind: Deployment @@ -188,18 +92,3 @@ spec: restartPolicy: Always status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: v30-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/v30-default: "true" - podSelector: - matchLabels: - io.kompose.network/v30-default: "true" diff --git a/script/test/fixtures/volume-mounts/windows/output-k8s.yaml b/script/test/fixtures/volume-mounts/windows/output-k8s.yaml index adb67865..29a2eb65 100644 --- a/script/test/fixtures/volume-mounts/windows/output-k8s.yaml +++ b/script/test/fixtures/volume-mounts/windows/output-k8s.yaml @@ -71,19 +71,3 @@ spec: storage: 100Mi status: {} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - creationTimestamp: null - name: windows-default -spec: - ingress: - - from: - - podSelector: - matchLabels: - io.kompose.network/windows-default: "true" - podSelector: - matchLabels: - io.kompose.network/windows-default: "true" -