feat: consider ingress and egress rules for networkpolicies

tthvo commented 3 months ago

What this PR does / why we need it?

This PR added consideration for discovering second-level unused NetworkPolicies with matching .spec.podSelector, but unmatched pods in Ingress/Egress rules.

See https://github.com/yonahd/kor/pull/296#issuecomment-2166571938

kor version: vdev

  _  _____  ____
 | |/ / _ \|  _ \
 | ' / | | | |_) |
 | . \ |_| |  _ <
 |_|\_\___/|_| \_\

Unused resources in namespace: "default"
+---+---------------+---------------------+---------------------------------------------------------+
| # | RESOURCE TYPE |    RESOURCE NAME    |                         REASON                          |
+---+---------------+---------------------+---------------------------------------------------------+
| 1 | NetworkPolicy | test-network-policy | NetworkPolicy Ingress and Egress rules apply to 0 pods |
+---+---------------+---------------------+---------------------------------------------------------+

PR Checklist

[ ] This PR adds K8s exceptions (false positives)
[x] This PR adds new code
[x] This PR includes tests for new/existing code
[x] This PR adds docs

GitHub Issue

Solves #312

Notes for your reviewers

Rules with ipBlock is considered "used" here.

codecov-commenter commented 3 months ago

:warning: Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

Attention: Patch coverage is 66.66667% with 24 lines in your changes missing coverage. Please review.

Project coverage is 42.39%. Comparing base (181141d) to head (4bb5cc4). Report is 1 commits behind head on main.

Files	Patch %	Lines
pkg/kor/networkpolicies.go	62.50%	11 Missing and 13 partials :warning:

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #310 +/- ## ========================================== + Coverage 42.01% 42.39% +0.38% ========================================== Files 61 61 Lines 3175 3236 +61 ========================================== + Hits 1334 1372 +38 - Misses 1633 1644 +11 - Partials 208 220 +12 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

doronkg commented 3 months ago

@tthvo I've created a new issue to address this enhancement - #312, please update the description and reference it. Let us know when the draft is ready to review 💪

tthvo commented 3 months ago

@doronkg @yonahd I think this is ready now for review. I have run some extensive tests but might miss some cases. Please let me know what you think :D

yonahd commented 2 months ago

@tthvo Sorry for the late review.

tthvo commented 2 months ago

@tthvo Sorry for the late review.

All good! I addressed the reviews in the latest commit :D

yonahd / kor