Add support for network policy k8s API resources

This patch adds new kube client for the networking.k8s.io API group and introduces support for NetworkPolicy resources through that client.

Add support for network policy k8s API resources
This patch adds new kube client for the networking.k8s.io API group and introduces support for NetworkPolicy resources through that client.
706f6c67 · ap4y · 40a0bf58 · 706f6c67 · 706f6c67
Commit 706f6c67 authored Apr 28, 2020 by ap4y
Showing with 48 additions and 1 deletion

lib/gitlab/kubernetes/kube_client.rb lib/gitlab/kubernetes/kube_client.rb +10 -1

spec/lib/gitlab/kubernetes/kube_client_spec.rb spec/lib/gitlab/kubernetes/kube_client_spec.rb +38 -0

No files found.
--- a/lib/gitlab/kubernetes/kube_client.rb
+++ b/lib/gitlab/kubernetes/kube_client.rb
@@ -19,7 +19,8 @@ module Gitlab
        apps: { group: 'apis/apps', version: 'v1' },
        extensions: { group: 'apis/extensions', version: 'v1beta1' },
        istio: { group: 'apis/networking.istio.io', version: 'v1alpha3' },
-        knative: { group: 'apis/serving.knative.dev', version: 'v1alpha1' }
+        knative: { group: 'apis/serving.knative.dev', version: 'v1alpha1' },
+        networking: { group: 'apis/networking.k8s.io', version: 'v1' }
      }.freeze

      SUPPORTED_API_GROUPS.each do |name, params|
@@ -88,6 +89,14 @@ module Gitlab
        :update_gateway,
        to: :istio_client

+      # NetworkPolicy methods delegate to the apis/networking.k8s.io api
+      # group client
+      delegate :create_network_policy,
+        :get_network_policies,
+        :update_network_policy,
+        :delete_network_policy,
+        to: :networking_client
+
      attr_reader :api_prefix, :kubeclient_options

      DEFAULT_KUBECLIENT_OPTIONS = {

--- a/spec/lib/gitlab/kubernetes/kube_client_spec.rb
+++ b/spec/lib/gitlab/kubernetes/kube_client_spec.rb
@@ -174,6 +174,20 @@ describe Gitlab::Kubernetes::KubeClient do
    end
  end

+  describe '#networking_client' do
+    subject { client.networking_client }
+
+    it_behaves_like 'a Kubeclient'
+
+    it 'has the networking API group endpoint' do
+      expect(subject.api_endpoint.to_s).to match(%r{\/apis\/networking.k8s.io\Z})
+    end
+
+    it 'has the api_version' do
+      expect(subject.instance_variable_get(:@api_version)).to eq('v1')
+    end
+  end
+
  describe 'core API' do
    let(:core_client) { client.core_client }

@@ -290,6 +304,30 @@ describe Gitlab::Kubernetes::KubeClient do
    end
  end

+  describe 'networking API group' do
+    let(:networking_client) { client.networking_client }
+
+    [
+      :create_network_policy,
+      :get_network_policies,
+      :update_network_policy,
+      :delete_network_policy
+    ].each do |method|
+      describe "##{method}" do
+        include_examples 'redirection not allowed', method
+        include_examples 'dns rebinding not allowed', method
+
+        it 'delegates to the networking client' do
+          expect(client).to delegate_method(method).to(:networking_client)
+        end
+
+        it 'responds to the method' do
+          expect(client).to respond_to method
+        end
+      end
+    end
+  end
+
  describe 'non-entity methods' do
    it 'does not proxy for non-entity methods' do
      expect(client).not_to respond_to :proxy_url