search

np-guard / netpol-analyzer

A Golang library for analyzing k8s connectivity-configuration resources (a.k.a. network policies)
Apache License 2.0
9 stars 2 forks source link

Optimize representative peers generation #314

Closed shireenf-ibm closed 6 months ago

shireenf-ibm commented 6 months ago

236

sub-task :

    • [ ] optimize fake-pods generations
  • first add fake pods for all non-empty rules while policies upsert
  • refine pods that has a match in the resources

in this PR:

  1. created a representative peer for each rule with only non-empty namespaceSelector in the policies
  2. refined while upserting pods and workloads (policies upserted first)
adisos commented 6 months ago

peers in the exposureMap to be excluded from the final result []ExposedPeer

why is this related to the next PR? it cannot be done in this PR?

to handle the case of two different representative peers with same labels

what does this mean? (what was the planned handling?) it should not be possible to generate multiple representative peers with same labels.. consider add caching by labels hash in this PR?

adisos commented 6 months ago

I would prioritize as the next sub task basic tests for exposure analysis results, before the next optimization task

shireenf-ibm commented 6 months ago

peers in the exposureMap to be excluded from the final result []ExposedPeer

why is this related to the next PR? it cannot be done in this PR?

to handle the case of two different representative peers with same labels

what does this mean? (what was the planned handling?) it should not be possible to generate multiple representative peers with same labels.. consider add caching by labels hash in this PR?

no further todo's like those related to this PR