AdminNetworkPolicy : extend `AdminNetworkPolicyEgressPeer` fields support

np-guard / netpol-analyzer

A Golang library for analyzing k8s connectivity-configuration resources (a.k.a. network policies)

Apache License 2.0

9 stars 2 forks source link

AdminNetworkPolicy : extend `AdminNetworkPolicyEgressPeer` fields support #442

Open shireenf-ibm opened 5 days ago

shireenf-ibm commented 5 days ago

extend the egress rulePeers (AdminNetworkPolicyEgressPeer) to support also Nodes and Networks fields.

[x] support Networks field ( []CIDR)
[ ] import/add logger to k8s pkg too:
- return a warning we don't support `Nodes
- add warning where needed (@todo)

shireenf-ibm commented 4 days ago

hi @adisos , according to this :

// Each item in Networks should be provided in the CIDR format and should be // IPv4 or IPv6, for example "10.0.0.0/8" or "fd00::/8".

I see that our peers are IPv4 addresses; but Does IPBlock support also IPv6? how to implement if the rule contains a CIDR with IPv6 format? should raise a warning ? or parse locally and convert to IPv4 (if possible?)

adisos commented 4 days ago

I see that our peers are IPv4 addresses; but Does IPBlock support also IPv6?

currently no

how to implement if the rule contains a CIDR with IPv6 format? should raise a warning ? or parse locally and convert to IPv4 (if possible?)

let's ignore IPv6 and raise a warning