Merge branch 'add_project_id_as_cnp_labels' into 'master'

Add alert related labels to CiliumNetworkPolicies See merge request gitlab-org/gitlab!53401

Merge branch 'add_project_id_as_cnp_labels' into 'master'
Add alert related labels to CiliumNetworkPolicies See merge request gitlab-org/gitlab!53401
4e0d770c · Savas Vedova · 5eb34b2f · 5f971862 · 4e0d770c · 4e0d770c
Commit 4e0d770c authored Feb 09, 2021 by Savas Vedova
12 changed files
--- a/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/constants.js
+++ b/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/constants.js
@@ -33,3 +33,5 @@ export const PortMatchModePortProtocol = 'port/protocol';
 export const DisabledByLabel = 'network-policy.gitlab.com/disabled_by';

 export const CiliumNetworkPolicyKind = 'CiliumNetworkPolicy';
+
+export const ProjectIdLabel = 'app.gitlab.com/proj';
--- a/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/lib/from_yaml.js
+++ b/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/lib/from_yaml.js
@@ -113,7 +113,7 @@ function parseRule(item, direction) {
 */
 export default function fromYaml(manifest) {
  const { description, metadata, spec } = safeLoad(manifest, { json: true });
-  const { name, resourceVersion, annotations } = metadata;
+  const { name, resourceVersion, annotations, labels } = metadata;
  const { endpointSelector = {}, ingress = [], egress = [] } = spec;
  const matchLabels = endpointSelector.matchLabels || {};

@@ -135,6 +135,7 @@ export default function fromYaml(manifest) {
    resourceVersion,
    description,
    annotations,
+    labels,
    isEnabled: !Object.keys(matchLabels).includes(DisabledByLabel),
    endpointMatchMode: endpointLabels.length > 0 ? EndpointMatchModeLabel : EndpointMatchModeAny,
    endpointLabels: endpointLabels.join(' '),

--- a/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/lib/to_yaml.js
+++ b/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/lib/to_yaml.js
@@ -33,11 +33,14 @@ function spec({ rules, isEnabled, endpointMatchMode, endpointLabels }) {
 Return yaml representation of a policy.
 */
 export default function toYaml(policy) {
-  const { annotations, name, resourceVersion, description } = policy;
+  const { annotations, name, resourceVersion, description, labels } = policy;
  const metadata = { name };
  if (annotations) {
    metadata.annotations = annotations;
  }
+  if (labels) {
+    metadata.labels = labels;
+  }
  if (resourceVersion) {
    metadata.resourceVersion = resourceVersion;
  }

--- a/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/policy_editor.vue
+++ b/ee/app/assets/javascripts/threat_monitoring/components/policy_editor/policy_editor.vue
@@ -27,6 +27,7 @@ import {
  EditorModeYAML,
  EndpointMatchModeAny,
  RuleTypeEndpoint,
+  ProjectIdLabel,
 } from './constants';
 import toYaml from './lib/to_yaml';
 import fromYaml from './lib/from_yaml';
@@ -64,6 +65,10 @@ export default {
      required: false,
      default: null,
    },
+    projectId: {
+      type: String,
+      required: true,
+    },
  },
  data() {
    const policy = this.existingPolicy
@@ -76,8 +81,9 @@ export default {
          endpointLabels: '',
          rules: [],
          annotations: '',
+          labels: '',
        };
-
+    policy.labels = { [ProjectIdLabel]: this.projectId };
    return {
      editorMode: EditorModeRule,
      yamlEditorValue: '',

--- a/ee/app/assets/javascripts/threat_monitoring/policy_editor.js
+++ b/ee/app/assets/javascripts/threat_monitoring/policy_editor.js
@@ -20,6 +20,7 @@ export default () => {
    threatMonitoringPath,
    policy,
    projectPath,
+    projectId,
    environmentId,
  } = el.dataset;

@@ -35,7 +36,7 @@ export default () => {
    store.dispatch('threatMonitoring/setCurrentEnvironmentId', parseInt(environmentId, 10));
  }

-  const props = { threatMonitoringPath };
+  const props = { threatMonitoringPath, projectId };
  if (policy) {
    props.existingPolicy = JSON.parse(policy);
  }

--- a/ee/app/helpers/policy_helper.rb
+++ b/ee/app/helpers/policy_helper.rb
@@ -23,6 +23,7 @@ module PolicyHelper
      create_agent_help_path: help_page_url('user/clusters/agent/index.md', anchor: 'create-an-agent-record-in-gitlab'),
      environments_endpoint: project_environments_path(project),
      project_path: project.full_path,
+      project_id: project.id,
      threat_monitoring_path: project_threat_monitoring_path(project)
    }
  end

--- a/ee/changelogs/unreleased/add_project_id_as_cnp_labels.yml
+++ b/ee/changelogs/unreleased/add_project_id_as_cnp_labels.yml
+---
+title: Add alert related labels to CiliumNetworkPolicies. The label will contain the
+  project id and will be applicable to both new and existing policies
+merge_request: 53401
+author:
+type: changed
--- a/ee/spec/frontend/threat_monitoring/components/policy_editor/__snapshots__/policy_editor_spec.js.snap
+++ b/ee/spec/frontend/threat_monitoring/components/policy_editor/__snapshots__/policy_editor_spec.js.snap
@@ -197,6 +197,8 @@ exports[`PolicyEditorApp component renders the policy editor layout 1`] = `
 kind: CiliumNetworkPolicy
 metadata:
  name: ''
+  labels:
+    app.gitlab.com/proj: '21'
 spec:
  endpointSelector:
    matchLabels:

--- a/ee/spec/frontend/threat_monitoring/components/policy_editor/lib/from_yaml_spec.js
+++ b/ee/spec/frontend/threat_monitoring/components/policy_editor/lib/from_yaml_spec.js
@@ -20,13 +20,14 @@ describe('fromYaml', () => {

  const cidrExample = '20.1.1.1/32 20.1.1.2/32';
  const portExample = '80 81/udp 82/tcp';
-
+  const labels = { 'app.gitlab.com/proj': '21' };
  beforeEach(() => {
    policy = {
      name: 'test-policy',
      endpointLabels: '',
      rules: [],
      isEnabled: true,
+      labels,
    };
  });

@@ -37,6 +38,7 @@ describe('fromYaml', () => {
      endpointMatchMode: EndpointMatchModeAny,
      endpointLabels: '',
      rules: [],
+      labels,
    });
  });


--- a/ee/spec/frontend/threat_monitoring/components/policy_editor/lib/to_yaml_spec.js
+++ b/ee/spec/frontend/threat_monitoring/components/policy_editor/lib/to_yaml_spec.js
@@ -139,6 +139,26 @@ spec:
  - fromEndpoints:
    - matchLabels:
        foo: bar
+`);
+    });
+  });
+
+  describe('when labels are not empty', () => {
+    beforeEach(() => {
+      policy.labels = { 'app.gitlab.com/proj': '21' };
+    });
+
+    it('returns yaml representation', () => {
+      expect(toYaml(policy)).toEqual(`apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: test-policy
+  labels:
+    app.gitlab.com/proj: '21'
+spec:
+  endpointSelector:
+    matchLabels:
+      network-policy.gitlab.com/disabled_by: gitlab
 `);
    });
  });

--- a/ee/spec/frontend/threat_monitoring/components/policy_editor/policy_editor_spec.js
+++ b/ee/spec/frontend/threat_monitoring/components/policy_editor/policy_editor_spec.js
@@ -38,6 +38,7 @@ describe('PolicyEditorApp component', () => {
    wrapper = shallowMount(PolicyEditorApp, {
      propsData: {
        threatMonitoringPath: '/threat-monitoring',
+        projectId: '21',
        ...propsData,
      },
      provide: {
@@ -124,6 +125,8 @@ kind: CiliumNetworkPolicy
 description: test description
 metadata:
  name: test-policy
+  labels:
+    app.gitlab.com/proj: '21'
 spec:
  endpointSelector:
    matchLabels:
@@ -147,6 +150,7 @@ spec:
            matchLabels: 'foo:bar',
          },
        ],
+        labels: { 'app.gitlab.com/proj': '21' },
      });
    });
  });

--- a/ee/spec/helpers/policy_helper_spec.rb
+++ b/ee/spec/helpers/policy_helper_spec.rb
@@ -22,6 +22,7 @@ RSpec.describe PolicyHelper do
      create_agent_help_path: kind_of(String),
      environments_endpoint: kind_of(String),
      project_path: project.full_path,
+      project_id: project.id,
      threat_monitoring_path: kind_of(String)
    }
  end