From 7a0d2dded5ab7f8ee893f570ce3cc929afc59fa3 Mon Sep 17 00:00:00 2001 From: Artur Zheludkov Date: Wed, 7 Feb 2024 13:58:25 -0500 Subject: [PATCH] remove redis networkpolicy --- .../service/RedisFailoverClient.go | 14 - operator/redisfailover/ensurer.go | 3 - operator/redisfailover/service/client.go | 9 - .../redisfailover/service/generator_test.go | 246 ------------------ 4 files changed, 272 deletions(-) diff --git a/mocks/operator/redisfailover/service/RedisFailoverClient.go b/mocks/operator/redisfailover/service/RedisFailoverClient.go index 794f43cbb..de464abb9 100644 --- a/mocks/operator/redisfailover/service/RedisFailoverClient.go +++ b/mocks/operator/redisfailover/service/RedisFailoverClient.go @@ -168,20 +168,6 @@ func (_m *RedisFailoverClient) EnsureRedisMasterService(rFailover *v1.RedisFailo return r0 } -// EnsureRedisNetworkPolicy provides a mock function with given fields: rFailover, labels, ownerRefs -func (_m *RedisFailoverClient) EnsureRedisNetworkPolicy(rFailover *v1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error { - ret := _m.Called(rFailover, labels, ownerRefs) - - var r0 error - if rf, ok := ret.Get(0).(func(*v1.RedisFailover, map[string]string, []metav1.OwnerReference) error); ok { - r0 = rf(rFailover, labels, ownerRefs) - } else { - r0 = ret.Error(0) - } - - return r0 -} - // EnsureRedisReadinessConfigMap provides a mock function with given fields: rFailover, labels, ownerRefs func (_m *RedisFailoverClient) EnsureRedisReadinessConfigMap(rFailover *v1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error { ret := _m.Called(rFailover, labels, ownerRefs) diff --git a/operator/redisfailover/ensurer.go b/operator/redisfailover/ensurer.go index 392309b76..ee008eb9b 100644 --- a/operator/redisfailover/ensurer.go +++ b/operator/redisfailover/ensurer.go @@ -20,9 +20,6 @@ func (w *RedisFailoverHandler) Ensure(rf *redisfailoverv1.RedisFailover, labels } if !(len(rf.Spec.NetworkPolicyNsList) == 0) { - if err := w.rfService.EnsureRedisNetworkPolicy(rf, labels, or); err != nil { - return err - } if err := w.rfService.EnsureSentinelNetworkPolicy(rf, labels, or); err != nil { return err } diff --git a/operator/redisfailover/service/client.go b/operator/redisfailover/service/client.go index 41ab26ec1..3e6b52f99 100644 --- a/operator/redisfailover/service/client.go +++ b/operator/redisfailover/service/client.go @@ -19,7 +19,6 @@ type RedisFailoverClient interface { EnsureHAProxyRedisMasterConfigmap(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error EnsureHAProxyRedisMasterService(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error EnsureRedisHeadlessService(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error - EnsureRedisNetworkPolicy(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error EnsureSentinelNetworkPolicy(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error EnsureSentinelService(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error EnsureSentinelConfigMap(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error @@ -87,14 +86,6 @@ func generateComponentLabel(componentType string) map[string]string { } } -// EnsureRedisNetworkPolicy makes sure the redis network policy exists -func (r *RedisFailoverKubeClient) EnsureRedisNetworkPolicy(rf *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error { - svc := generateRedisNetworkPolicy(rf, labels, ownerRefs) - err := r.K8SService.CreateOrUpdateNetworkPolicy(rf.Namespace, svc) - r.setEnsureOperationMetrics(svc.Namespace, svc.Name, "EnsureRedisNetworkPolicy", rf.Name, err) - return err -} - // EnsureSentinelNetworkPolicy makes sure the redis network policy exists func (r *RedisFailoverKubeClient) EnsureSentinelNetworkPolicy(rf *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error { svc := generateSentinelNetworkPolicy(rf, labels, ownerRefs) diff --git a/operator/redisfailover/service/generator_test.go b/operator/redisfailover/service/generator_test.go index 888b4b353..cfa80bd4b 100644 --- a/operator/redisfailover/service/generator_test.go +++ b/operator/redisfailover/service/generator_test.go @@ -1416,252 +1416,6 @@ func TestHaproxyService(t *testing.T) { } } -func TestRedisNetworkPolicy(t *testing.T) { - tests := []struct { - name string - rfName string - rfNamespace string - rfRedisPort int - rfNetworkPolicyNamespaceEntries []redisfailoverv1.NetworkPolicyNamespaceEntry - rfLabels map[string]string - expected networkingv1.NetworkPolicy - }{ - { - name: "with defaults", - rfNetworkPolicyNamespaceEntries: []redisfailoverv1.NetworkPolicyNamespaceEntry{ - redisfailoverv1.NetworkPolicyNamespaceEntry{ - MatchLabelKey: "app.kubernetes.io/instance", - MatchLabelValue: namespace, - }, - }, - expected: networkingv1.NetworkPolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: "rfr-np-" + name, - Namespace: namespace, - Labels: map[string]string{ - "app.kubernetes.io/component": "redis", - "app.kubernetes.io/name": name, - "app.kubernetes.io/part-of": "redis-failover", - }, - Annotations: nil, - OwnerReferences: []metav1.OwnerReference{ - { - Name: "testing", - }, - }, - }, - Spec: networkingv1.NetworkPolicySpec{ - PodSelector: metav1.LabelSelector{ - MatchLabels: map[string]string{ - "redisfailovers.databases.spotahome.com/component": "redis", - "redisfailovers.databases.spotahome.com/name": name, - }, - }, - Ingress: []networkingv1.NetworkPolicyIngressRule{ - networkingv1.NetworkPolicyIngressRule{ - From: []networkingv1.NetworkPolicyPeer{ - networkingv1.NetworkPolicyPeer{ - NamespaceSelector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "app.kubernetes.io/instance": namespace, - }, - }, - }, - }, - Ports: []networkingv1.NetworkPolicyPort{ - networkingv1.NetworkPolicyPort{ - Port: &intstr.IntOrString{ - IntVal: 6379, - Type: intstr.Int, - }, - }, - networkingv1.NetworkPolicyPort{ - Port: &intstr.IntOrString{ - IntVal: 9121, - Type: intstr.Int, - }, - }, - }, - }, - }, - }, - }, - }, - { - name: "with custom redis Port", - rfRedisPort: 6698, - rfNetworkPolicyNamespaceEntries: []redisfailoverv1.NetworkPolicyNamespaceEntry{ - redisfailoverv1.NetworkPolicyNamespaceEntry{ - MatchLabelKey: "app.kubernetes.io/instance", - MatchLabelValue: namespace, - }, - }, - expected: networkingv1.NetworkPolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: "rfr-np-" + name, - Namespace: namespace, - Labels: map[string]string{ - "app.kubernetes.io/component": "redis", - "app.kubernetes.io/name": name, - "app.kubernetes.io/part-of": "redis-failover", - }, - Annotations: nil, - OwnerReferences: []metav1.OwnerReference{ - { - Name: "testing", - }, - }, - }, - Spec: networkingv1.NetworkPolicySpec{ - PodSelector: metav1.LabelSelector{ - MatchLabels: map[string]string{ - "redisfailovers.databases.spotahome.com/component": "redis", - "redisfailovers.databases.spotahome.com/name": name, - }, - }, - Ingress: []networkingv1.NetworkPolicyIngressRule{ - networkingv1.NetworkPolicyIngressRule{ - From: []networkingv1.NetworkPolicyPeer{ - networkingv1.NetworkPolicyPeer{ - NamespaceSelector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "app.kubernetes.io/instance": namespace, - }, - }, - }, - }, - Ports: []networkingv1.NetworkPolicyPort{ - networkingv1.NetworkPolicyPort{ - Port: &intstr.IntOrString{ - IntVal: 6698, - Type: intstr.Int, - }, - }, - networkingv1.NetworkPolicyPort{ - Port: &intstr.IntOrString{ - IntVal: 9121, - Type: intstr.Int, - }, - }, - }, - }, - }, - }, - }, - }, - { - name: "with custom NetorkPolicyNamespaceEntries", - rfNetworkPolicyNamespaceEntries: []redisfailoverv1.NetworkPolicyNamespaceEntry{ - redisfailoverv1.NetworkPolicyNamespaceEntry{ - MatchLabelKey: "app.kubernetes.io/instance", - MatchLabelValue: namespace, - }, - redisfailoverv1.NetworkPolicyNamespaceEntry{ - MatchLabelKey: "app.kubernetes.io/instance", - MatchLabelValue: "extra-namespace", - }, - }, - expected: networkingv1.NetworkPolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: "rfr-np-" + name, - Namespace: namespace, - Labels: map[string]string{ - "app.kubernetes.io/component": "redis", - "app.kubernetes.io/name": name, - "app.kubernetes.io/part-of": "redis-failover", - }, - Annotations: nil, - OwnerReferences: []metav1.OwnerReference{ - { - Name: "testing", - }, - }, - }, - Spec: networkingv1.NetworkPolicySpec{ - PodSelector: metav1.LabelSelector{ - MatchLabels: map[string]string{ - "redisfailovers.databases.spotahome.com/component": "redis", - "redisfailovers.databases.spotahome.com/name": name, - }, - }, - Ingress: []networkingv1.NetworkPolicyIngressRule{ - networkingv1.NetworkPolicyIngressRule{ - From: []networkingv1.NetworkPolicyPeer{ - networkingv1.NetworkPolicyPeer{ - NamespaceSelector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "app.kubernetes.io/instance": namespace, - }, - }, - }, - networkingv1.NetworkPolicyPeer{ - NamespaceSelector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "app.kubernetes.io/instance": "extra-namespace", - }, - }, - }, - }, - Ports: []networkingv1.NetworkPolicyPort{ - networkingv1.NetworkPolicyPort{ - Port: &intstr.IntOrString{ - IntVal: 6379, - Type: intstr.Int, - }, - }, - networkingv1.NetworkPolicyPort{ - Port: &intstr.IntOrString{ - IntVal: 9121, - Type: intstr.Int, - }, - }, - }, - }, - }, - }, - }, - }, - } - - for _, test := range tests { - t.Run(test.name, func(t *testing.T) { - assert := assert.New(t) - - // Generate a default RedisFailover and attaching the required annotations - rf := generateRF() - if test.rfName != "" { - rf.Name = test.rfName - } - if test.rfNamespace != "" { - rf.Namespace = test.rfNamespace - } - if test.rfRedisPort <= 0 { - rf.Spec.Redis.Port = 6379 - - } else { - rf.Spec.Redis.Port = redisfailoverv1.Port(test.rfRedisPort) - } - if test.rfNetworkPolicyNamespaceEntries != nil { - rf.Spec.NetworkPolicyNsList = test.rfNetworkPolicyNamespaceEntries - } - - generated := networkingv1.NetworkPolicy{} - - ms := &mK8SService.Services{} - ms.On("CreateOrUpdateNetworkPolicy", rf.Namespace, mock.Anything).Once().Run(func(args mock.Arguments) { - s := args.Get(1).(*networkingv1.NetworkPolicy) - generated = *s - }).Return(nil) - - client := rfservice.NewRedisFailoverKubeClient(ms, log.Dummy, metrics.Dummy) - err := client.EnsureRedisNetworkPolicy(rf, test.rfLabels, []metav1.OwnerReference{{Name: "testing"}}) - - assert.Equal(test.expected, generated) - assert.NoError(err) - }) - } -} - func TestSentinelNetworkPolicy(t *testing.T) { tests := []struct { name string