Skip to content

Remove Network Policies

Why are we doing this work

Container Network Security has been deprecated and will be removed in %15.0. As part of the removal, we need to remove the Network Security UI elements at Security & Compliance > Policies as well as the backend code.

Screen_Shot_2022-02-08_at_10.33.19_AM

Relevant links

Non-functional requirements

  • Documentation:
  • Feature flag:
  • Performance:
  • Testing:

Implementation plan

  • frontend
    • delete networkPolicy-related policy list code in ee/app/assets/javascripts/threat_monitoring/components/policies
    • delete networkPolicy-related policy drawer code in ee/app/assets/javascripts/threat_monitoring/components/policy_drawer
    • delete networkPolicy-related policy editor code in ee/app/assets/javascripts/threat_monitoring/components/policy_editor/network_policy/network_policy_editor.vue
    • delete networkPolicies-related Vuex store in ee/app/assets/javascripts/threat_monitoring/store
    • delete networkPolicy-related strings from locale/gitlab.pot
    • delete networkPolicy-related constants in ee/app/assets/javascripts/threat_monitoring/**/constants.js
    • delete networkPolicy-related mock data in ee/spec/frontend/threat_monitoring/mocks
    • delete networkPolicy-related snapshots in ee/spec/frontend/threat_monitoring/components/__snapshots__
    • delete networkIllustration from '@gitlab/svgs/dist/illustrations/network.svg';
  • backend
    • Delete network policy services in ee/app/services/network_policies/
    • Delete network policy-specific client code from lib/gitlab/kubernetes/kube_client.rb
    • Delete classes in lib/gitlab/kubernetes/
      • CiliumNetworkPolicy
      • NetworkPolicyCommon
      • NetworkPolicy
    • Delete ee/app/controllers/projects/security/network_policies_controller.rb
    • Delete :network_policies resource in ee/config/routes/project.rb
    • Remove network policy support (referred to as container_policy in this code) from ee/app/controllers/projects/security/policies_controller.rb and ee/app/services/security/security_orchestration_policies/policy_configuration_validation_service.rb
    • GraphQL
      • Delete ee/app/graphql/resolvers/network_policy_resolver.rb
      • Delete ee/app/graphql/types/network_policy_type.rb
      • Delete ee/app/graphql/types/network_policy_kind_enum.rb
      • Delete :network_policy connection from ee/app/graphql/ee/types/project_type.rb
    • [-] Delete :read_threat_monitoring authorization policy (potentially do this as part of #352287 (closed) ?)
    • Delete Network Policy metrics
      • e/app/workers/network_policy_metrics_worker.rb
      • ee/lib/ee/gitlab/usage_data_counters.rb
      • ee/lib/gitlab/usage_data_counters/network_policy_counter.rb
Edited by Alexander Turinske