Improve support for description field on CiliumNetworkPolicy
What does this MR do?
This commit fixes position of the description
field in CiliumNetworkPolicy resource to be top level as
per specification. Current implementation assumed that description
field is a part of the spec
payload which is not true. This change resulted in introduction of the #resource
method and related changes in the common mixin. I have also spotted erroneous compact!
call and added a spec that ensures related issue is being checked.
related to #223623 (closed)
To observe existing erroneous behavior:
- Add kubernetes cluster to a project: https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html
- Install Cilium: https://docs.gitlab.com/ee/user/clusters/applications.html#install-cilium-using-gitlab-cicd
- Deploy a policy that has a
description
field inside thespec
using service or kube client: https://gitlab.com/gitlab-org/gitlab/-/blob/91e923748cffd31dbea04381d91ac2d18efb48b2/ee/app/services/network_policies/deploy_resource_service.rb - Observe that returned policy doesn't have description in it.
- Deploy a policy with description patch from this MR and observe that it's returned correctly.
- Similarly deploy a policy with a
spec
withoutnil
values (i.e. that has both ingress, egress and selector) and observe that we get Kubernetes error aboutspec
beingnil
. - Try the same with this patch and observe that policy is deployed correctly.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Arthur Evstifeev