some fixes + new test (#36)

Author: adisos

pkg/analyzer/scan.go

@@ -188,7 +188,7 @@ func parseServiceResource(svcSpec v1.ServiceSpec, serviceCtx *common.Service) er
 	for _, p := range svcSpec.Ports {
 		n := common.SvcNetworkAttr{}
 		n.Port = int(p.Port)
-		n.TargetPort = int(p.TargetPort.IntVal)
+		n.TargetPort = p.TargetPort
 		n.Protocol = string(p.Protocol)
 		serviceCtx.Resource.Network = append(serviceCtx.Resource.Network, n)
 	}

pkg/common/types.go

@@ -1,5 +1,9 @@
 package common
 
+import (
+	"k8s.io/apimachinery/pkg/util/intstr"
+)
+
 //InArgs :
 type InArgs struct {
 	DirPath      *string
@@ -46,9 +50,9 @@ type NetworkAttr struct {
 
 //SvcNetworkAttr :
 type SvcNetworkAttr struct {
-	Port       int    `json:"port,omitempty"`
-	TargetPort int    `json:"target_port,omitempty"`
-	Protocol   string `json:"protocol,omitempty"`
+	Port       int                `json:"port,omitempty"`
+	TargetPort intstr.IntOrString `json:"target_port,omitempty"`
+	Protocol   string             `json:"protocol,omitempty"`
 }
 
 //Service :

pkg/controller/controller_test.go

@@ -57,25 +57,36 @@ func TestDirScan(t *testing.T) {
 	os.Remove(outFile)
 }
 
+type TestDetails struct {
+	dirPath        string
+	outFile        string
+	expectedOutput string
+}
+
 func TestNetpolsJsonOutput(t *testing.T) {
 	currentDir, _ := os.Getwd()
-	dirPath := filepath.Join(currentDir, "../../", "tests", "onlineboutique", "kubernetes-manifests.yaml")
-	outFile := filepath.Join(currentDir, "../../", "tests", "onlineboutique", "output.json")
-	expectedOutput := filepath.Join(currentDir, "../../", "tests", "onlineboutique", "expected_netpol_output.json")
-	args := getTestArgs(dirPath, outFile, true)
-
-	Start(args)
-
-	res, err := compareFiles(expectedOutput, outFile)
+	tests := map[string]TestDetails{} //map from test name to test details
+	tests["onlineboutique"] = TestDetails{dirPath: filepath.Join(currentDir, "../../", "tests", "onlineboutique", "kubernetes-manifests.yaml"),
+		outFile:        filepath.Join(currentDir, "../../", "tests", "onlineboutique", "output.json"),
+		expectedOutput: filepath.Join(currentDir, "../../", "tests", "onlineboutique", "expected_netpol_output.json")}
+	tests["sockshop"] = TestDetails{dirPath: filepath.Join(currentDir, "../../", "tests", "sockshop", "manifests"),
+		outFile:        filepath.Join(currentDir, "../../", "tests", "sockshop", "output.json"),
+		expectedOutput: filepath.Join(currentDir, "../../", "tests", "sockshop", "expected_netpol_output.json")}
+
+	for testName, testDetails := range tests {
+		args := getTestArgs(testDetails.dirPath, testDetails.outFile, true)
+		Start(args)
+		res, err := compareFiles(testDetails.expectedOutput, testDetails.outFile)
+		if err != nil {
+			t.Fatalf("Test %v: expected err to be nil, but got %v", testName, err)
+		}
+		if !res {
+			t.Fatalf("Test %v: expected res to be true, but got false", testName)
+		}
+		os.Remove(testDetails.outFile)
 
-	if err != nil {
-		t.Fatalf("expected err to be nil, but got %v", err)
-	}
-	if !res {
-		t.Fatalf("expected res to be true, but got false")
 	}
 
-	os.Remove(outFile)
 }
 
 func TestNetpolsInterface(t *testing.T) {

pkg/controller/synth_netpols.go

@@ -54,11 +54,13 @@ func determineConnectivityPerDeployment(connections []common.Connections) []*Dep
 		target_ports := toNetpolPorts(conn.Link.Resource.Network) // TODO: filter by src ports
 
 		egressNetpolPeer := []network.NetworkPolicyPeer{{PodSelector: getDeployConnSelector(dstDeploy)}}
-		srcDeploy.addEgressRule(egressNetpolPeer, target_ports)
+		if srcDeploy != nil {
+			srcDeploy.addEgressRule(egressNetpolPeer, target_ports)
+		}
 		var ingressNetpolPeer []network.NetworkPolicyPeer
 		if len(conn.Source.Resource.Name) == 0 {
 			ingressNetpolPeer = append(ingressNetpolPeer, network.NetworkPolicyPeer{})
-		} else if conn.Link.Resource.Type != "LoadBalancer" {
+		} else if conn.Link.Resource.Type != "LoadBalancer" && conn.Link.Resource.Type != "NodePort" {
 			netpolPeer := network.NetworkPolicyPeer{PodSelector: getDeployConnSelector(srcDeploy)}
 			ingressNetpolPeer = append(ingressNetpolPeer, netpolPeer)
 		}
@@ -77,6 +79,9 @@ func determineConnectivityPerDeployment(connections []common.Connections) []*Dep
 }
 
 func findOrAddDeploymentConn(resource common.Resource, deployConns map[string]*DeploymentConnectivity) *DeploymentConnectivity {
+	if len(resource.Resource.Name) == 0 {
+		return nil
+	}
 	if deployConn, found := deployConns[resource.Resource.Name]; found {
 		return deployConn
 	}
@@ -100,7 +105,7 @@ func toNetpolPorts(ports []common.SvcNetworkAttr) []network.NetworkPolicyPort {
 	var netpolPorts []network.NetworkPolicyPort
 	for _, port := range ports {
 		protocol := toCoreProtocol(port.Protocol)
-		portNum := intstr.FromInt(port.TargetPort)
+		portNum := port.TargetPort
 		netpolPort := network.NetworkPolicyPort{
 			Protocol: &protocol,
 			Port:     &portNum,