feat: disable network policies generation by default (#1629)

* feat: disable network policies default generation Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com> * docs: add the generate-network-policies flag to user guide Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com> * test: add unit tests of the network policies generation Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com> --------- Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-07-05 11:26:37 +01:00 · 2023-07-05 11:26:37 +01:00 · f7bee839ce
commit f7bee839ce
parent 485cd2f163
28 changed files with 112 additions and 423 deletions
--- a/cmd/convert.go
+++ b/cmd/convert.go
@ -50,6 +50,7 @@ var (
 	ConvertPushImageRegistry     string
 	ConvertOpt                   kobject.ConvertOptions
 	ConvertYAMLIndent            int
 	GenerateNetworkPolicies      bool
 	UpBuild string
@ -116,6 +117,7 @@ var convertCmd = &cobra.Command{
 			ServiceGroupMode:            ServiceGroupMode,
 			ServiceGroupName:            ServiceGroupName,
 			SecretsAsFiles:              SecretsAsFiles,
 			GenerateNetworkPolicies:     GenerateNetworkPolicies,
 		}
 		if ServiceGroupMode == "" && MultipleContainerMode {
@ -178,6 +180,7 @@ func init() {
 	convertCmd.Flags().IntVar(&ConvertReplicas, "replicas", 1, "Specify the number of replicas in the generated resource spec")
 	convertCmd.Flags().StringVar(&ConvertVolumes, "volumes", "persistentVolumeClaim", `Volumes to be generated ("persistentVolumeClaim"|"emptyDir"|"hostPath" | "configMap")`)
 	convertCmd.Flags().StringVar(&ConvertPVCRequestSize, "pvc-request-size", "", `Specify the size of pvc storage requests in the generated resource spec`)
 	convertCmd.Flags().BoolVar(&GenerateNetworkPolicies, "generate-network-policies", false, "Specify whether to generate network policies or not.")
 	convertCmd.Flags().BoolVar(&WithKomposeAnnotation, "with-kompose-annotation", true, "Add kompose annotations to generated resource")
--- a/docs/user-guide.md
+++ b/docs/user-guide.md
@ -495,6 +495,10 @@ If the Docker Compose file has service name with `_` or `.` in it (eg.`web_servi
 Please note that changing service name might break some `docker-compose` files.
 ## Network policies generation
 [Network policies](https://kubernetes.io/docs/concepts/services-networking/network-policies) are not generated by default, because it's not mandatory to deploy your application. However, it's one of the best practices when it comes to deploy secure applications on top of Kubernetes.
 To generate network policies, all you need is to use the `--generate-network-policies` flag.
 ## Build and push image
 If the Docker Compose file has `build` or `build:context, build:dockerfile` keys, build will run when `--build` specified.
@ -503,6 +507,7 @@ And Image will push to _docker.io_ (default) when `--push-image=true` specified.
 It is possible to push to custom registry by specify `--push-image-registry`, which will override the registry from image name.
 ### Authentication on registry
 Kompose uses the docker authentication from file `$DOCKER_CONFIG/config.json`, `$HOME/.docker/config.json`, and `$HOME/.dockercfg` after `docker login`.
--- a/pkg/kobject/kobject.go
+++ b/pkg/kobject/kobject.go
@ -83,6 +83,7 @@ type ConvertOptions struct {
 	ServiceGroupMode        string
 	ServiceGroupName        string
 	SecretsAsFiles          bool
 	GenerateNetworkPolicies bool
 }
 // IsPodController indicate if the user want to use a controller
--- a/pkg/transformer/kubernetes/kubernetes.go
+++ b/pkg/transformer/kubernetes/kubernetes.go
@ -1519,10 +1519,12 @@ func (k *Kubernetes) Transform(komposeObject kobject.KomposeObject, opt kobject.
 					return nil, errors.Wrap(err, "Error transforming Kubernetes objects")
 				}
 				if opt.GenerateNetworkPolicies {
 					if err = k.configNetworkPolicyForService(service, service.Name, &objects); err != nil {
 						return nil, err
 					}
 				}
 			}
 			allobjects = append(allobjects, objects...)
 		}
@ -1560,9 +1562,11 @@ func (k *Kubernetes) Transform(komposeObject kobject.KomposeObject, opt kobject.
 		if err != nil {
 			return nil, errors.Wrap(err, "Error transforming Kubernetes objects")
 		}
 		if opt.GenerateNetworkPolicies {
 			if err := k.configNetworkPolicyForService(service, name, &objects); err != nil {
 				return nil, err
 			}
 		}
 		allobjects = append(allobjects, objects...)
 	}
--- a/pkg/transformer/kubernetes/kubernetes_test.go
+++ b/pkg/transformer/kubernetes/kubernetes_test.go
@ -32,6 +32,7 @@ import (
 	"github.com/pkg/errors"
 	appsv1 "k8s.io/api/apps/v1"
 	api "k8s.io/api/core/v1"
 	networkingv1 "k8s.io/api/networking/v1"
 	networkingv1beta1 "k8s.io/api/networking/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@ -327,15 +328,15 @@ func TestKomposeConvert(t *testing.T) {
 		expectedNumObjs int
 	}{
 		// objects generated are deployment, service nework policies (2) and pvc
-		"Convert to Deployments (D)":                  {newKomposeObject(), kobject.ConvertOptions{CreateD: true, Replicas: replicas, IsReplicaSetFlag: true}, 6},
+		"Convert to Deployments (D)":                  {newKomposeObject(), kobject.ConvertOptions{CreateD: true, Replicas: replicas, IsReplicaSetFlag: true}, 4},
-		"Convert to Deployments (D) with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true}, 6},
+		"Convert to Deployments (D) with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true}, 4},
-		"Convert to DaemonSets (DS)":                  {newKomposeObject(), kobject.ConvertOptions{CreateDS: true}, 6},
+		"Convert to DaemonSets (DS)":                  {newKomposeObject(), kobject.ConvertOptions{CreateDS: true}, 4},
 		// objects generated are deployment, daemonset, ReplicationController, service and pvc
-		"Convert to D, DS, and RC":                  {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true, Replicas: replicas, IsReplicaSetFlag: true}, 7},
+		"Convert to D, DS, and RC":                  {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true, Replicas: replicas, IsReplicaSetFlag: true}, 5},
-		"Convert to D, DS, and RC with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true}, 7},
+		"Convert to D, DS, and RC with v3 replicas": {newKomposeObject(), kobject.ConvertOptions{CreateD: true, CreateDS: true, CreateRC: true}, 5},
 		// objects generated are statefulset
-		"Convert to SS with replicas ":   {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController, Replicas: replicas, IsReplicaSetFlag: true}, 5},
+		"Convert to SS with replicas ":   {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController, Replicas: replicas, IsReplicaSetFlag: true}, 3},
-		"Convert to SS without replicas": {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController}, 5},
+		"Convert to SS without replicas": {newKomposeObject(), kobject.ConvertOptions{Controller: StatefulStateController}, 3},
 	}
 	for name, test := range testCases {
@ -1051,3 +1052,23 @@ func TestVolumeMountSubPath(t *testing.T) {
 		}
 	}
 }
 func TestNetworkPoliciesGeneration(t *testing.T) {
 	groupName := "pod_group"
 	komposeObject := kobject.KomposeObject{
 		ServiceConfigs: map[string]kobject.ServiceConfig{"app": newServiceConfig()},
 	}
 	k := Kubernetes{}
 	objs, err := k.Transform(komposeObject, kobject.ConvertOptions{ServiceGroupMode: groupName, GenerateNetworkPolicies: true})
 	if err != nil {
 		t.Error(errors.Wrap(err, "k.Transform failed"))
 	}
 	for _, obj := range objs {
 		if np, ok := obj.(*networkingv1.NetworkPolicy); ok {
 			matchLabelsLength := len(np.Spec.PodSelector.MatchLabels)
 			if matchLabelsLength == 0 {
 				t.Errorf("Expected length of Network Policy PodSelector to be greater than 0, got %v", matchLabelsLength)
 			}
 		}
 	}
 }
--- a/script/test/cmd/tests_new.sh
+++ b/script/test/cmd/tests_new.sh
@ -267,3 +267,8 @@ os_cmd="kompose --provider=openshift -f $KOMPOSE_ROOT/script/test/fixtures/vols-
 os_output="$KOMPOSE_ROOT/script/test/fixtures/vols-subpath/output-os.yaml"
 convert::expect_success_and_warning "$k8s_cmd" "$k8s_output"
 convert::expect_success "$os_cmd" "$os_output"
 # Test support for network policies generation
 k8s_cmd="kompose -f $KOMPOSE_ROOT/script/test/fixtures/network-policies/docker-compose.yaml convert --generate-network-policies --stdout --with-kompose-annotation=false"
 k8s_output="$KOMPOSE_ROOT/script/test/fixtures/network-policies/output-k8s.yaml"
 convert::expect_success "$os_cmd" "$os_output"
--- a/script/test/cmd/update-e2e.sh
+++ b/script/test/cmd/update-e2e.sh
@ -27,6 +27,7 @@ $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/single-file-output/d
 $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/host-port-protocol/docker-compose.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/host-port-protocol/output-k8s.yaml
 $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/docker-compose-v1.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml
 $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/docker-compose-v2.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml
 $KOMPOSE_ROOT/kompose -f $KOMPOSE_ROOT/script/test/fixtures/compose-file-support/compose.yaml convert --stdout --with-kompose-annotation=false > $KOMPOSE_ROOT/script/test/fixtures/compose-file-support/output-k8s.yaml
 fi
 if $UPDATE_OS ; then
--- a/script/test/fixtures/change-in-volume/output-k8s-empty-vols-template.yaml
+++ b/script/test/fixtures/change-in-volume/output-k8s-empty-vols-template.yaml
@ -69,22 +69,6 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: change-in-volume-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/change-in-volume-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/change-in-volume-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/script/test/fixtures/change-in-volume/output-k8s.yaml
+++ b/script/test/fixtures/change-in-volume/output-k8s.yaml
@ -69,22 +69,6 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: change-in-volume-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/change-in-volume-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/change-in-volume-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -115,6 +99,8 @@ spec:
          name: web
          ports:
            - containerPort: 5000
              hostPort: 5000
              protocol: TCP
          resources: {}
          volumeMounts:
            - mountPath: /code
--- a/script/test/fixtures/compose-file-support/output-k8s.yaml
+++ b/script/test/fixtures/compose-file-support/output-k8s.yaml
@ -2,9 +2,6 @@
 apiVersion: v1
 kind: Service
 metadata:
  annotations:
    kompose.cmd: ./kompose convert --stdout
    kompose.version: 1.28.0 (4d1ce961)
  creationTimestamp: null
  labels:
    io.kompose.service: web
@ -23,9 +20,6 @@ status:
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  annotations:
    kompose.cmd: ./kompose convert --stdout
    kompose.version: 1.28.0 (4d1ce961)
  creationTimestamp: null
  labels:
    io.kompose.service: web
@ -38,12 +32,9 @@ spec:
  strategy: {}
  template:
    metadata:
      annotations:
        kompose.cmd: ./kompose convert --stdout
        kompose.version: 1.28.0 (4d1ce961)
      creationTimestamp: null
      labels:
-        io.kompose.network/kompose-default: "true"
+        io.kompose.network/compose-file-support-default: "true"
        io.kompose.service: web
    spec:
      containers:
@ -57,19 +48,3 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: kompose-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/kompose-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/kompose-default: "true"
--- a/script/test/fixtures/configmap-volume/output-k8s-withlabel.yaml
+++ b/script/test/fixtures/configmap-volume/output-k8s-withlabel.yaml
@ -55,22 +55,6 @@ metadata:
    io.kompose.service: db
  name: db-cm0
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: configmap-volume-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/configmap-volume-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/configmap-volume-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/script/test/fixtures/configmap-volume/output-k8s.yaml
+++ b/script/test/fixtures/configmap-volume/output-k8s.yaml
@ -51,22 +51,6 @@ metadata:
    io.kompose.service: db
  name: db-cm0
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: configmap-volume-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/configmap-volume-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/configmap-volume-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/script/test/fixtures/deploy/placement/output-placement-k8s.yaml
+++ b/script/test/fixtures/deploy/placement/output-placement-k8s.yaml
@ -77,19 +77,3 @@ spec:
          whenUnsatisfiable: ScheduleAnyway
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: placement-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/placement-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/placement-default: "true"
--- a/script/test/fixtures/envvars-interpolation/output-k8s.yaml
+++ b/script/test/fixtures/envvars-interpolation/output-k8s.yaml
@ -34,19 +34,3 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: envvars-interpolation-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/envvars-interpolation-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/envvars-interpolation-default: "true"
--- a/script/test/fixtures/expose/output-k8s.yaml
+++ b/script/test/fixtures/expose/output-k8s.yaml
@ -69,22 +69,6 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: expose-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/expose-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/expose-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml
+++ b/script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml
@ -68,18 +68,3 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: external-traffic-policy-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/external-traffic-policy-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/external-traffic-policy-default: "true"
--- a/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml
+++ b/script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml
@ -97,19 +97,3 @@ spec:
 status:
  loadBalancer: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: external-traffic-policy-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/external-traffic-policy-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/external-traffic-policy-default: "true"
--- a/script/test/fixtures/healthcheck/output-healthcheck-k8s.yaml
+++ b/script/test/fixtures/healthcheck/output-healthcheck-k8s.yaml
@ -172,22 +172,6 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: healthcheck-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/healthcheck-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/healthcheck-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/script/test/fixtures/host-port-protocol/output-k8s.yaml
+++ b/script/test/fixtures/host-port-protocol/output-k8s.yaml
@ -48,19 +48,3 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: host-port-protocol-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/host-port-protocol-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/host-port-protocol-default: "true"
--- a/script/test/fixtures/multiple-files/output-k8s.yaml
+++ b/script/test/fixtures/multiple-files/output-k8s.yaml
@ -26,22 +26,6 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: multiple-files-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/multiple-files-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/multiple-files-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/script/test/fixtures/multiple-type-volumes/output-k8s.yaml
+++ b/script/test/fixtures/multiple-type-volumes/output-k8s.yaml
@ -54,22 +54,6 @@ spec:
      storage: 100Mi
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: multiple-type-volumes-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/multiple-type-volumes-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/multiple-type-volumes-default: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/script/test/fixtures/network-policies/docker-compose.yaml
+++ b/script/test/fixtures/network-policies/docker-compose.yaml
@ -0,0 +1,10 @@
 version: '3.8'
 networks:
  web:
 services:
  nginx:
    image: nginx
    networks: 
    - web
--- a/script/test/fixtures/network-policies/output-k8s.yaml
+++ b/script/test/fixtures/network-policies/output-k8s.yaml
@ -0,0 +1,44 @@
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  creationTimestamp: null
  labels:
    io.kompose.service: nginx
  name: nginx
 spec:
  replicas: 1
  selector:
    matchLabels:
      io.kompose.service: nginx
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        io.kompose.network/network-policies-web: "true"
        io.kompose.service: nginx
    spec:
      containers:
        - image: nginx
          name: nginx
          resources: {}
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: network-policies-web
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/network-policies-web: "true"
  podSelector:
    matchLabels:
      io.kompose.network/network-policies-web: "true"
--- a/script/test/fixtures/service-group/output-k8s.yaml
+++ b/script/test/fixtures/service-group/output-k8s.yaml
@ -85,19 +85,3 @@ spec:
      storage: 100Mi
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: service-group-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/service-group-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/service-group-default: "true"
--- a/script/test/fixtures/single-file-output/output-k8s.yaml
+++ b/script/test/fixtures/single-file-output/output-k8s.yaml
@ -87,19 +87,3 @@ spec:
 status:
  loadBalancer: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: single-file-output-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/single-file-output-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/single-file-output-default: "true"
--- a/script/test/fixtures/statefulset/output-k8s.yaml
+++ b/script/test/fixtures/statefulset/output-k8s.yaml
@ -97,22 +97,6 @@ spec:
 status:
  replicas: 0
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: statefulset-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/statefulset-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/statefulset-default: "true"
 ---
 apiVersion: apps/v1
 kind: StatefulSet
--- a/script/test/fixtures/v3.0/output-k8s.yaml
+++ b/script/test/fixtures/v3.0/output-k8s.yaml
@ -53,102 +53,6 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: normalized-network
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/normalized-network: "true"
  podSelector:
    matchLabels:
      io.kompose.network/normalized-network: "true"
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: v30-normalized-network
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/v30-normalized-network: "true"
  podSelector:
    matchLabels:
      io.kompose.network/v30-normalized-network: "true"
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: app-network
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/normalized-network: "true"
  podSelector:
    matchLabels:
      io.kompose.network/normalized-network: "true"
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: app-network
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/app-network: "true"
  podSelector:
    matchLabels:
      io.kompose.network/app-network: "true"
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: web-network
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/web-network: "true"
  podSelector:
    matchLabels:
      io.kompose.network/web-network: "true"
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: normalized-network
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/normalized-network: "true"
  podSelector:
    matchLabels:
      io.kompose.network/normalized-network: "true"
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -188,18 +92,3 @@ spec:
      restartPolicy: Always
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: v30-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/v30-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/v30-default: "true"
--- a/script/test/fixtures/volume-mounts/windows/output-k8s.yaml
+++ b/script/test/fixtures/volume-mounts/windows/output-k8s.yaml
@ -71,19 +71,3 @@ spec:
      storage: 100Mi
 status: {}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  creationTimestamp: null
  name: windows-default
 spec:
  ingress:
    - from:
        - podSelector:
            matchLabels:
              io.kompose.network/windows-default: "true"
  podSelector:
    matchLabels:
      io.kompose.network/windows-default: "true"