From 09a68c2625e02a26f8d78624bfffa03c16d51ddb Mon Sep 17 00:00:00 2001 From: Daniel Grunberger <84905812+Daniel-GrunbergerCA@users.noreply.github.com> Date: Wed, 1 Nov 2023 15:11:29 +0200 Subject: [PATCH] Generated network policy (#58) * add types Signed-off-by: Daniel Grunberger * add registry Signed-off-by: Daniel Grunberger * add merge strategy Signed-off-by: Daniel Grunberger * fix types Signed-off-by: Daniel Grunberger * pr fixes Signed-off-by: Daniel Grunberger * fix example Signed-off-by: Daniel Grunberger * feedback comments Signed-off-by: Daniel Grunberger * change to pointer Signed-off-by: Daniel Grunberger * regenerate Signed-off-by: Daniel Grunberger * use pointer pkg Signed-off-by: Daniel Grunberger * fix file name Signed-off-by: Daniel Grunberger * feat: add and expose the NetworkNeighbors custom resource * add types Signed-off-by: Daniel Grunberger * add registry Signed-off-by: Daniel Grunberger * add merge strategy Signed-off-by: Daniel Grunberger * fix types Signed-off-by: Daniel Grunberger * fix: shorten stored file names to sidestep FS limitation Signed-off-by: Vlad Klokun * style: remove redundant types from slice definitions Signed-off-by: Vlad Klokun * fix: typo in the vulnerability summary storage source file names Signed-off-by: Vlad Klokun * pr fixes Signed-off-by: Daniel Grunberger * fix example Signed-off-by: Daniel Grunberger * feedback comments Signed-off-by: Daniel Grunberger * change to pointer Signed-off-by: Daniel Grunberger * regenerate Signed-off-by: Daniel Grunberger * use pointer pkg Signed-off-by: Daniel Grunberger * fix file name Signed-off-by: Daniel Grunberger --------- Signed-off-by: Daniel Grunberger Signed-off-by: Vlad Klokun Co-authored-by: Daniel Grunberger Co-authored-by: Vlad Klokun Co-authored-by: rcohencyberarmor <84019060+rcohencyberarmor@users.noreply.github.com> * network neighborses for plural Signed-off-by: Daniel Grunberger * add types Signed-off-by: Daniel Grunberger * use local obj Signed-off-by: Daniel Grunberger * fix types Signed-off-by: Daniel Grunberger * add example Signed-off-by: Daniel Grunberger * implement custom storage Signed-off-by: Daniel Grunberger * pr cleaning Signed-off-by: Daniel Grunberger * go mod Signed-off-by: Daniel Grunberger * add creation time Signed-off-by: Daniel Grunberger * rm creation time from np Signed-off-by: Daniel Grunberger * pr fixes Signed-off-by: Daniel Grunberger * go mod Signed-off-by: Daniel Grunberger * Update pkg/registry/file/generatednetworkpolicy_test.go Co-authored-by: Vlad Klokun Signed-off-by: Daniel Grunberger <84905812+Daniel-GrunbergerCA@users.noreply.github.com> --------- Signed-off-by: Daniel Grunberger Signed-off-by: Vlad Klokun Signed-off-by: Daniel Grunberger <84905812+Daniel-GrunbergerCA@users.noreply.github.com> Co-authored-by: Daniel Grunberger Co-authored-by: Vlad Klokun Co-authored-by: rcohencyberarmor <84019060+rcohencyberarmor@users.noreply.github.com> Co-authored-by: Vlad Klokun --- .../generatednetworkpolicies/01-example.yaml | 48 + artifacts/networkneighborses/01-example.yaml | 40 + go.mod | 9 +- go.sum | 14 +- pkg/apis/softwarecomposition/network_types.go | 100 + pkg/apis/softwarecomposition/networkpolicy.go | 542 +++++ pkg/apis/softwarecomposition/register.go | 4 + .../v1beta1/network_types.go | 102 + .../v1beta1/networkpolicy.go | 621 ++++++ .../softwarecomposition/v1beta1/register.go | 4 + .../v1beta1/zz_generated.conversion.go | 1280 ++++++++++- .../v1beta1/zz_generated.deepcopy.go | 1097 +++++++++- .../validation/validation.go | 66 + .../validation/validation_test.go | 114 + .../zz_generated.deepcopy.go | 1097 +++++++++- pkg/apiserver/apiserver.go | 6 + .../fake/fake_generatednetworkpolicy.go | 129 ++ .../v1beta1/fake/fake_networkneighbors.go | 129 ++ .../fake/fake_softwarecomposition_client.go | 8 + .../v1beta1/generated_expansion.go | 4 + .../v1beta1/generatednetworkpolicy.go | 178 ++ .../v1beta1/networkneighbors.go | 178 ++ .../v1beta1/softwarecomposition_client.go | 10 + .../informers/externalversions/generic.go | 4 + .../v1beta1/generatednetworkpolicy.go | 90 + .../softwarecomposition/v1beta1/interface.go | 14 + .../v1beta1/networkneighbors.go | 90 + .../v1beta1/expansion_generated.go | 16 + .../v1beta1/generatednetworkpolicy.go | 99 + .../v1beta1/networkneighbors.go | 99 + pkg/generated/openapi/zz_generated.openapi.go | 1872 +++++++++++++++-- pkg/registry/file/generatednetworkpolicy.go | 389 ++++ .../file/generatednetworkpolicy_test.go | 1490 +++++++++++++ pkg/registry/file/storage.go | 8 + .../generatednetworkpolicy/etcd.go | 41 + .../generatednetworkpolicy/strategy.go | 93 + .../networkneighbors/etcd.go | 41 + .../networkneighbors/strategy.go | 93 + 38 files changed, 9856 insertions(+), 363 deletions(-) create mode 100644 artifacts/generatednetworkpolicies/01-example.yaml create mode 100644 artifacts/networkneighborses/01-example.yaml create mode 100644 pkg/apis/softwarecomposition/network_types.go create mode 100644 pkg/apis/softwarecomposition/networkpolicy.go create mode 100644 pkg/apis/softwarecomposition/v1beta1/network_types.go create mode 100644 pkg/apis/softwarecomposition/v1beta1/networkpolicy.go create mode 100644 pkg/apis/softwarecomposition/validation/validation_test.go create mode 100644 pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_generatednetworkpolicy.go create mode 100644 pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_networkneighbors.go create mode 100644 pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generatednetworkpolicy.go create mode 100644 pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/networkneighbors.go create mode 100644 pkg/generated/informers/externalversions/softwarecomposition/v1beta1/generatednetworkpolicy.go create mode 100644 pkg/generated/informers/externalversions/softwarecomposition/v1beta1/networkneighbors.go create mode 100644 pkg/generated/listers/softwarecomposition/v1beta1/generatednetworkpolicy.go create mode 100644 pkg/generated/listers/softwarecomposition/v1beta1/networkneighbors.go create mode 100644 pkg/registry/file/generatednetworkpolicy.go create mode 100644 pkg/registry/file/generatednetworkpolicy_test.go create mode 100644 pkg/registry/softwarecomposition/generatednetworkpolicy/etcd.go create mode 100644 pkg/registry/softwarecomposition/generatednetworkpolicy/strategy.go create mode 100644 pkg/registry/softwarecomposition/networkneighbors/etcd.go create mode 100644 pkg/registry/softwarecomposition/networkneighbors/strategy.go diff --git a/artifacts/generatednetworkpolicies/01-example.yaml b/artifacts/generatednetworkpolicies/01-example.yaml new file mode 100644 index 000000000..403d4cac8 --- /dev/null +++ b/artifacts/generatednetworkpolicies/01-example.yaml @@ -0,0 +1,48 @@ +kind: GeneratedNetworkPolicy +metadata: + labels: + kubescape.io/workload-api-group: apps + kubescape.io/workload-api-version: v1 + kubescape.io/workload-kind: deployment + kubescape.io/workload-name: nginx + kubescape.io/workload-namespace: kubescape + name: deployment-nginx + namespace: default +policyRef: +- dns: stripe.com + ipBlock: 123.5.2.3/32 + name: stripe.com + originalIP: 123.5.2.3 +spec: + apiVersion: networking.k8s.io/v1 + kind: NetworkPolicy + metadata: + annotations: + generated-by: kubescape + name: deployment-nginx + namespace: default + spec: + egress: + - ports: + - port: 5978 + protocol: TCP + to: + - ipBlock: + cidr: 123.5.2.3/32 + ingress: + - from: + - namespaceSelector: + matchLabels: + name: kubescape + podSelector: + matchLabels: + app: kubescape-ui + ports: + - port: 6379 + protocol: TCP + podSelector: + matchLabels: + app: nginx + policyTypes: + - Ingress + - Egress diff --git a/artifacts/networkneighborses/01-example.yaml b/artifacts/networkneighborses/01-example.yaml new file mode 100644 index 000000000..dbc3cff96 --- /dev/null +++ b/artifacts/networkneighborses/01-example.yaml @@ -0,0 +1,40 @@ +apiVersion: spdx.softwarecomposition.kubescape.io/v1beta1 +kind: NetworkNeighbors +metadata: + name: deployment-nginx + annotations: + status: incomplete + labels: + "kubescape.io/workload-api-group": "apps" + "kubescape.io/workload-api-version": "v1" + "kubescape.io/workload-name": "nginx" + "kubescape.io/workload-kind": "deployment" + "kubescape.io/workload-namespace": "kubescape" + +spec: + matchLabels: + app: nginx + + ingress: + - type: internal + identifier: bla + namespaceSelector: + matchLabels: + name: kubescape + podSelector: + matchLabels: + app: kubescape-ui + ports: + - name: TCP-6379 + protocol: TCP + port: 6379 + + egress: + - type: external + identifier: bla + ipAddress: 123.5.2.3 + dns: stripe.com + ports: + - name: TCP-5978 + protocol: TCP + port: 5978 diff --git a/go.mod b/go.mod index 67833a0f7..97a88d2ff 100644 --- a/go.mod +++ b/go.mod @@ -15,6 +15,8 @@ require ( github.com/spf13/cobra v1.6.0 github.com/stretchr/testify v1.8.4 go.opentelemetry.io/otel v1.13.0 + golang.org/x/exp v0.0.0-20231006140011-7918f672742d + k8s.io/api v0.26.2 k8s.io/apimachinery v0.26.2 k8s.io/apiserver v0.26.2 k8s.io/client-go v0.26.2 @@ -108,15 +110,15 @@ require ( go.uber.org/multierr v1.9.0 // indirect go.uber.org/zap v1.24.0 // indirect golang.org/x/crypto v0.14.0 // indirect - golang.org/x/mod v0.8.0 // indirect + golang.org/x/mod v0.13.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.7.0 // indirect - golang.org/x/sync v0.1.0 // indirect + golang.org/x/sync v0.4.0 // indirect golang.org/x/sys v0.13.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.1.0 // indirect - golang.org/x/tools v0.6.0 // indirect + golang.org/x/tools v0.14.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect google.golang.org/grpc v1.55.0 // indirect @@ -126,7 +128,6 @@ require ( gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.26.2 // indirect k8s.io/gengo v0.0.0-20220902162205-c0856e24416d // indirect k8s.io/kms v0.26.2 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1 // indirect diff --git a/go.sum b/go.sum index c172b54d1..5d45581ac 100644 --- a/go.sum +++ b/go.sum @@ -539,6 +539,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -563,8 +565,8 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= +golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -636,8 +638,8 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= +golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -768,8 +770,8 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= +golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/pkg/apis/softwarecomposition/network_types.go b/pkg/apis/softwarecomposition/network_types.go new file mode 100644 index 000000000..56b95ea07 --- /dev/null +++ b/pkg/apis/softwarecomposition/network_types.go @@ -0,0 +1,100 @@ +package softwarecomposition + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type Protocol string +type CommunicationType string + +const ( + ProtocolTCP Protocol = "TCP" + ProtocolUDP Protocol = "UDP" + ProtocolSCTP Protocol = "SCTP" + + CommunicationTypeIngress CommunicationType = "internal" + CommunicationTypeEgress CommunicationType = "external" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkNeighborsList is a list of NetworkNeighbors. +type NetworkNeighborsList struct { + metav1.TypeMeta + metav1.ListMeta + + Items []NetworkNeighbors +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkNeighbors represents a list of network communications for a specific workload. +type NetworkNeighbors struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec NetworkNeighborsSpec +} + +type NetworkNeighborsSpec struct { + metav1.LabelSelector // The labels which are inside spec.selector in the parent workload. + Ingress []NetworkNeighbor + Egress []NetworkNeighbor +} + +// NetworkNeighbor represents a single network communication made by this resource. +type NetworkNeighbor struct { + Identifier string + Type CommunicationType + DNS string + Ports []NetworkPort + PodSelector *metav1.LabelSelector + NamespaceSelector *metav1.LabelSelector + IPAddress string +} + +type NetworkPort struct { + // Name is an artificial identifier of the network port. We use it for merging keys with Strategic Merge Patch. + // Format is `{protocol}-{port}`. + // + // Example: tcp-6881 + Name string // protocol-port + Protocol Protocol + Port *int32 +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// GeneratedNetworkPolicyList is a list of GeneratedNetworkPolicies. +type GeneratedNetworkPolicyList struct { + metav1.TypeMeta + metav1.ListMeta + + Items []GeneratedNetworkPolicy +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// GeneratedNetworkPolicy represents a generated NetworkPolicy. +type GeneratedNetworkPolicy struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec NetworkPolicy + PoliciesRef []PolicyRef +} + +type PolicyRef struct { + IPBlock string + OriginalIP string + DNS string + Name string +} + +type KnownServers struct { + IPBlock string + DNS string + Name string +} diff --git a/pkg/apis/softwarecomposition/networkpolicy.go b/pkg/apis/softwarecomposition/networkpolicy.go new file mode 100644 index 000000000..23f4af427 --- /dev/null +++ b/pkg/apis/softwarecomposition/networkpolicy.go @@ -0,0 +1,542 @@ +package softwarecomposition + +import ( + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// NetworkPolicy describes what network traffic is allowed for a set of Pods +type NetworkPolicy struct { + Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"` + APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=apiVersion"` + + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec represents the specification of the desired behavior for this NetworkPolicy. + + Spec NetworkPolicySpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` +} + +// PolicyType string describes the NetworkPolicy type +// This type is beta-level in 1.8 +// +enum +type PolicyType string + +const ( + // PolicyTypeIngress is a NetworkPolicy that affects ingress traffic on selected pods + PolicyTypeIngress PolicyType = "Ingress" + // PolicyTypeEgress is a NetworkPolicy that affects egress traffic on selected pods + PolicyTypeEgress PolicyType = "Egress" +) + +// NetworkPolicySpec provides the specification of a NetworkPolicy +type NetworkPolicySpec struct { + PodSelector metav1.LabelSelector `json:"podSelector" protobuf:"bytes,1,opt,name=podSelector"` + Ingress []NetworkPolicyIngressRule `json:"ingress,omitempty" protobuf:"bytes,2,rep,name=ingress"` + + Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"` + + PolicyTypes []PolicyType `json:"policyTypes,omitempty" protobuf:"bytes,4,rep,name=policyTypes,casttype=PolicyType"` +} + +// NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods +// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from. +type NetworkPolicyIngressRule struct { + Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"` + + From []NetworkPolicyPeer `json:"from,omitempty" protobuf:"bytes,2,rep,name=from"` +} + +// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods +// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. +// This type is beta-level in 1.8 +type NetworkPolicyEgressRule struct { + Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"` + + To []NetworkPolicyPeer `json:"to,omitempty" protobuf:"bytes,2,rep,name=to"` +} + +// NetworkPolicyPort describes a port to allow traffic on +type NetworkPolicyPort struct { + Protocol *v1.Protocol `json:"protocol,omitempty" protobuf:"bytes,1,opt,name=protocol,casttype=k8s.io/api/core/v1.Protocol"` + + Port *int32 `json:"port,omitempty" protobuf:"bytes,2,opt,name=port"` + + EndPort *int32 `json:"endPort,omitempty" protobuf:"bytes,3,opt,name=endPort"` +} + +type Type int64 + +// IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed +// to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs +// that should not be included within this rule. +type IPBlock struct { + // cidr is a string representing the IPBlock + // Valid examples are "192.168.1.0/24" or "2001:db8::/64" + CIDR string `json:"cidr" protobuf:"bytes,1,name=cidr"` + + Except []string `json:"except,omitempty" protobuf:"bytes,2,rep,name=except"` +} + +// NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of +// fields are allowed +type NetworkPolicyPeer struct { + PodSelector *metav1.LabelSelector `json:"podSelector,omitempty" protobuf:"bytes,1,opt,name=podSelector"` + + // namespaceSelector selects namespaces using cluster-scoped labels. This field follows + // standard label selector semantics; if present but empty, it selects all namespaces. + // + // If podSelector is also set, then the NetworkPolicyPeer as a whole selects + // the pods matching podSelector in the namespaces selected by namespaceSelector. + // Otherwise it selects all pods in the namespaces selected by namespaceSelector. + + NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty" protobuf:"bytes,2,opt,name=namespaceSelector"` + + // ipBlock defines policy on a particular IPBlock. If this field is set then + // neither of the other fields can be. + + IPBlock *IPBlock `json:"ipBlock,omitempty" protobuf:"bytes,3,rep,name=ipBlock"` +} + +// NetworkPolicyConditionType is the type for status conditions on +// a NetworkPolicy. This type should be used with the +// NetworkPolicyStatus.Conditions field. +type NetworkPolicyConditionType string + +const ( + // NetworkPolicyConditionStatusAccepted represents status of a Network Policy that could be properly parsed by + // the Network Policy provider and will be implemented in the cluster + NetworkPolicyConditionStatusAccepted NetworkPolicyConditionType = "Accepted" + + // NetworkPolicyConditionStatusPartialFailure represents status of a Network Policy that could be partially + // parsed by the Network Policy provider and may not be completely implemented due to a lack of a feature or some + // other condition + NetworkPolicyConditionStatusPartialFailure NetworkPolicyConditionType = "PartialFailure" + + // NetworkPolicyConditionStatusFailure represents status of a Network Policy that could not be parsed by the + // Network Policy provider and will not be implemented in the cluster + NetworkPolicyConditionStatusFailure NetworkPolicyConditionType = "Failure" +) + +// NetworkPolicyConditionReason defines the set of reasons that explain why a +// particular NetworkPolicy condition type has been raised. +type NetworkPolicyConditionReason string + +const ( + // NetworkPolicyConditionReasonFeatureNotSupported represents a reason where the Network Policy may not have been + // implemented in the cluster due to a lack of some feature not supported by the Network Policy provider + NetworkPolicyConditionReasonFeatureNotSupported NetworkPolicyConditionReason = "FeatureNotSupported" +) + +// NetworkPolicyStatus describes the current state of the NetworkPolicy. +type NetworkPolicyStatus struct { + // conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. + // Current service state + + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` +} + +// NetworkPolicyList is a list of NetworkPolicy objects. +type NetworkPolicyList struct { + metav1.TypeMeta `json:",inline"` + + // Standard list metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // items is a list of schema objects. + Items []NetworkPolicy `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// Ingress is a collection of rules that allow inbound connections to reach the +// endpoints defined by a backend. An Ingress can be configured to give services +// externally-reachable urls, load balance traffic, terminate SSL, offer name +// based virtual hosting etc. +type Ingress struct { + metav1.TypeMeta `json:",inline"` + + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec is the desired state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + + Spec IngressSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` + + // status is the current state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + + Status IngressStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` +} + +// IngressList is a collection of Ingress. +type IngressList struct { + metav1.TypeMeta `json:",inline"` + + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // items is the list of Ingress. + Items []Ingress `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// IngressSpec describes the Ingress the user wishes to exist. +type IngressSpec struct { + // ingressClassName is the name of an IngressClass cluster resource. Ingress + // controller implementations use this field to know whether they should be + // serving this Ingress resource, by a transitive connection + // (controller -> IngressClass -> Ingress resource). Although the + // `kubernetes.io/ingress.class` annotation (simple constant name) was never + // formally defined, it was widely supported by Ingress controllers to create + // a direct binding between Ingress controller and Ingress resources. Newly + // created Ingress resources should prefer using the field. However, even + // though the annotation is officially deprecated, for backwards compatibility + // reasons, ingress controllers should still honor that annotation if present. + + IngressClassName *string `json:"ingressClassName,omitempty" protobuf:"bytes,4,opt,name=ingressClassName"` + + // defaultBackend is the backend that should handle requests that don't + // match any rule. If Rules are not specified, DefaultBackend must be specified. + // If DefaultBackend is not set, the handling of requests that do not match any + // of the rules will be up to the Ingress controller. + + DefaultBackend *IngressBackend `json:"defaultBackend,omitempty" protobuf:"bytes,1,opt,name=defaultBackend"` + + // tls represents the TLS configuration. Currently the Ingress only supports a + // single TLS port, 443. If multiple members of this list specify different hosts, + // they will be multiplexed on the same port according to the hostname specified + // through the SNI TLS extension, if the ingress controller fulfilling the + // ingress supports SNI. + // +listType=atomic + + TLS []IngressTLS `json:"tls,omitempty" protobuf:"bytes,2,rep,name=tls"` + + // rules is a list of host rules used to configure the Ingress. If unspecified, + // or no rule matches, all traffic is sent to the default backend. + // +listType=atomic + + Rules []IngressRule `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"` +} + +// IngressTLS describes the transport layer security associated with an ingress. +type IngressTLS struct { + // hosts is a list of hosts included in the TLS certificate. The values in + // this list must match the name/s used in the tlsSecret. Defaults to the + // wildcard host setting for the loadbalancer controller fulfilling this + // Ingress, if left unspecified. + // +listType=atomic + + Hosts []string `json:"hosts,omitempty" protobuf:"bytes,1,rep,name=hosts"` + + // secretName is the name of the secret used to terminate TLS traffic on + // port 443. Field is left optional to allow TLS routing based on SNI + // hostname alone. If the SNI host in a listener conflicts with the "Host" + // header field used by an IngressRule, the SNI host is used for termination + // and value of the "Host" header is used for routing. + + SecretName string `json:"secretName,omitempty" protobuf:"bytes,2,opt,name=secretName"` +} + +// IngressStatus describe the current state of the Ingress. +type IngressStatus struct { + // loadBalancer contains the current status of the load-balancer. + + LoadBalancer IngressLoadBalancerStatus `json:"loadBalancer,omitempty" protobuf:"bytes,1,opt,name=loadBalancer"` +} + +// IngressLoadBalancerStatus represents the status of a load-balancer. +type IngressLoadBalancerStatus struct { + // ingress is a list containing ingress points for the load-balancer. + + Ingress []IngressLoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"` +} + +// IngressLoadBalancerIngress represents the status of a load-balancer ingress point. +type IngressLoadBalancerIngress struct { + // ip is set for load-balancer ingress points that are IP based. + + IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` + + // hostname is set for load-balancer ingress points that are DNS based. + + Hostname string `json:"hostname,omitempty" protobuf:"bytes,2,opt,name=hostname"` + + // ports provides information about the ports exposed by this LoadBalancer. + // +listType=atomic + + Ports []IngressPortStatus `json:"ports,omitempty" protobuf:"bytes,4,rep,name=ports"` +} + +// IngressPortStatus represents the error condition of a service port +type IngressPortStatus struct { + // port is the port number of the ingress port. + Port int32 `json:"port" protobuf:"varint,1,opt,name=port"` + + // protocol is the protocol of the ingress port. + // The supported values are: "TCP", "UDP", "SCTP" + Protocol v1.Protocol `json:"protocol" protobuf:"bytes,2,opt,name=protocol,casttype=Protocol"` + + // error is to record the problem with the service port + // The format of the error shall comply with the following rules: + // - built-in error values shall be specified in this file and those shall use + // CamelCase names + // - cloud provider specific error values must have names that comply with the + // format foo.example.com/CamelCase. + // --- + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Error *string `json:"error,omitempty" protobuf:"bytes,3,opt,name=error"` +} + +// IngressRule represents the rules mapping the paths under a specified host to +// the related backend services. Incoming requests are first evaluated for a host +// match, then routed to the backend associated with the matching IngressRuleValue. +type IngressRule struct { + // host is the fully qualified domain name of a network host, as defined by RFC 3986. + // Note the following deviations from the "host" part of the + // URI as defined in RFC 3986: + // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to + // the IP in the Spec of the parent Ingress. + // 2. The `:` delimiter is not respected because ports are not allowed. + // Currently the port of an Ingress is implicitly :80 for http and + // :443 for https. + // Both these may change in the future. + // Incoming requests are matched against the host before the + // IngressRuleValue. If the host is unspecified, the Ingress routes all + // traffic based on the specified IngressRuleValue. + // + // host can be "precise" which is a domain name without the terminating dot of + // a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name + // prefixed with a single wildcard label (e.g. "*.foo.com"). + // The wildcard character '*' must appear by itself as the first DNS label and + // matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). + // Requests will be matched against the Host field in the following way: + // 1. If host is precise, the request matches this rule if the http host header is equal to Host. + // 2. If host is a wildcard, then the request matches this rule if the http host header + // is to equal to the suffix (removing the first label) of the wildcard rule. + + Host string `json:"host,omitempty" protobuf:"bytes,1,opt,name=host"` + // IngressRuleValue represents a rule to route requests for this IngressRule. + // If unspecified, the rule defaults to a http catch-all. Whether that sends + // just traffic matching the host to the default backend or all traffic to the + // default backend, is left to the controller fulfilling the Ingress. Http is + // currently the only supported IngressRuleValue. + + IngressRuleValue `json:",inline,omitempty" protobuf:"bytes,2,opt,name=ingressRuleValue"` +} + +// IngressRuleValue represents a rule to apply against incoming requests. If the +// rule is satisfied, the request is routed to the specified backend. Currently +// mixing different types of rules in a single Ingress is disallowed, so exactly +// one of the following must be set. +type IngressRuleValue struct { + HTTP *HTTPIngressRuleValue `json:"http,omitempty" protobuf:"bytes,1,opt,name=http"` +} + +// HTTPIngressRuleValue is a list of http selectors pointing to backends. +// In the example: http:///? -> backend where +// where parts of the url correspond to RFC 3986, this resource will be used +// to match against everything after the last '/' and before the first '?' +// or '#'. +type HTTPIngressRuleValue struct { + // paths is a collection of paths that map requests to backends. + // +listType=atomic + Paths []HTTPIngressPath `json:"paths" protobuf:"bytes,1,rep,name=paths"` +} + +// PathType represents the type of path referred to by a HTTPIngressPath. +// +enum +type PathType string + +const ( + // PathTypeExact matches the URL path exactly and with case sensitivity. + PathTypeExact = PathType("Exact") + + // PathTypePrefix matches based on a URL path prefix split by '/'. Matching + // is case sensitive and done on a path element by element basis. A path + // element refers to the list of labels in the path split by the '/' + // separator. A request is a match for path p if every p is an element-wise + // prefix of p of the request path. Note that if the last element of the + // path is a substring of the last element in request path, it is not a + // match (e.g. /foo/bar matches /foo/bar/baz, but does not match + // /foo/barbaz). If multiple matching paths exist in an Ingress spec, the + // longest matching path is given priority. + // Examples: + // - /foo/bar does not match requests to /foo/barbaz + // - /foo/bar matches request to /foo/bar and /foo/bar/baz + // - /foo and /foo/ both match requests to /foo and /foo/. If both paths are + // present in an Ingress spec, the longest matching path (/foo/) is given + // priority. + PathTypePrefix = PathType("Prefix") + + // PathTypeImplementationSpecific matching is up to the IngressClass. + // Implementations can treat this as a separate PathType or treat it + // identically to Prefix or Exact path types. + PathTypeImplementationSpecific = PathType("ImplementationSpecific") +) + +// HTTPIngressPath associates a path with a backend. Incoming urls matching the +// path are forwarded to the backend. +type HTTPIngressPath struct { + // path is matched against the path of an incoming request. Currently it can + // contain characters disallowed from the conventional "path" part of a URL + // as defined by RFC 3986. Paths must begin with a '/' and must be present + // when using PathType with value "Exact" or "Prefix". + + Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` + + // pathType determines the interpretation of the path matching. PathType can + // be one of the following values: + // * Exact: Matches the URL path exactly. + // * Prefix: Matches based on a URL path prefix split by '/'. Matching is + // done on a path element by element basis. A path element refers is the + // list of labels in the path split by the '/' separator. A request is a + // match for path p if every p is an element-wise prefix of p of the + // request path. Note that if the last element of the path is a substring + // of the last element in request path, it is not a match (e.g. /foo/bar + // matches /foo/bar/baz, but does not match /foo/barbaz). + // * ImplementationSpecific: Interpretation of the Path matching is up to + // the IngressClass. Implementations can treat this as a separate PathType + // or treat it identically to Prefix or Exact path types. + // Implementations are required to support all path types. + PathType *PathType `json:"pathType" protobuf:"bytes,3,opt,name=pathType"` + + // backend defines the referenced service endpoint to which the traffic + // will be forwarded to. + Backend IngressBackend `json:"backend" protobuf:"bytes,2,opt,name=backend"` +} + +// IngressBackend describes all endpoints for a given service and port. +type IngressBackend struct { + // service references a service as a backend. + // This is a mutually exclusive setting with "Resource". + + Service *IngressServiceBackend `json:"service,omitempty" protobuf:"bytes,4,opt,name=service"` + + // resource is an ObjectRef to another Kubernetes resource in the namespace + // of the Ingress object. If resource is specified, a service.Name and + // service.Port must not be specified. + // This is a mutually exclusive setting with "Service". + + Resource *v1.TypedLocalObjectReference `json:"resource,omitempty" protobuf:"bytes,3,opt,name=resource"` +} + +// IngressServiceBackend references a Kubernetes Service as a Backend. +type IngressServiceBackend struct { + // name is the referenced service. The service must exist in + // the same namespace as the Ingress object. + Name string `json:"name" protobuf:"bytes,1,opt,name=name"` + + // port of the referenced service. A port name or port number + // is required for a IngressServiceBackend. + Port ServiceBackendPort `json:"port,omitempty" protobuf:"bytes,2,opt,name=port"` +} + +// ServiceBackendPort is the service port being referenced. +type ServiceBackendPort struct { + // name is the name of the port on the Service. + // This is a mutually exclusive setting with "Number". + + Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` + + // number is the numerical port number (e.g. 80) on the Service. + // This is a mutually exclusive setting with "Name". + + Number int32 `json:"number,omitempty" protobuf:"bytes,2,opt,name=number"` +} + +// IngressClass represents the class of the Ingress, referenced by the Ingress +// Spec. The `ingressclass.kubernetes.io/is-default-class` annotation can be +// used to indicate that an IngressClass should be considered default. When a +// single IngressClass resource has this annotation set to true, new Ingress +// resources without a class specified will be assigned this default class. +type IngressClass struct { + metav1.TypeMeta `json:",inline"` + + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec is the desired state of the IngressClass. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + + Spec IngressClassSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` +} + +// IngressClassSpec provides information about the class of an Ingress. +type IngressClassSpec struct { + // controller refers to the name of the controller that should handle this + // class. This allows for different "flavors" that are controlled by the + // same controller. For example, you may have different parameters for the + // same implementing controller. This should be specified as a + // domain-prefixed path no more than 250 characters in length, e.g. + // "acme.io/ingress-controller". This field is immutable. + Controller string `json:"controller,omitempty" protobuf:"bytes,1,opt,name=controller"` + + // parameters is a link to a custom resource containing additional + // configuration for the controller. This is optional if the controller does + // not require extra parameters. + + Parameters *IngressClassParametersReference `json:"parameters,omitempty" protobuf:"bytes,2,opt,name=parameters"` +} + +const ( + // IngressClassParametersReferenceScopeNamespace indicates that the + // referenced Parameters resource is namespace-scoped. + IngressClassParametersReferenceScopeNamespace = "Namespace" + // IngressClassParametersReferenceScopeCluster indicates that the + // referenced Parameters resource is cluster-scoped. + IngressClassParametersReferenceScopeCluster = "Cluster" +) + +// IngressClassParametersReference identifies an API object. This can be used +// to specify a cluster or namespace-scoped resource. +type IngressClassParametersReference struct { + // apiGroup is the group for the resource being referenced. If APIGroup is + // not specified, the specified Kind must be in the core API group. For any + // other third-party types, APIGroup is required. + + APIGroup *string `json:"apiGroup,omitempty" protobuf:"bytes,1,opt,name=aPIGroup"` + + // kind is the type of resource being referenced. + Kind string `json:"kind" protobuf:"bytes,2,opt,name=kind"` + + // name is the name of resource being referenced. + Name string `json:"name" protobuf:"bytes,3,opt,name=name"` + + // scope represents if this refers to a cluster or namespace scoped resource. + // This may be set to "Cluster" (default) or "Namespace". + + Scope *string `json:"scope" protobuf:"bytes,4,opt,name=scope"` + + // namespace is the namespace of the resource being referenced. This field is + // required when scope is set to "Namespace" and must be unset when scope is set to + // "Cluster". + + Namespace *string `json:"namespace,omitempty" protobuf:"bytes,5,opt,name=namespace"` +} + +// IngressClassList is a collection of IngressClasses. +type IngressClassList struct { + metav1.TypeMeta `json:",inline"` + + // Standard list metadata. + + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // items is the list of IngressClasses. + Items []IngressClass `json:"items" protobuf:"bytes,2,rep,name=items"` +} diff --git a/pkg/apis/softwarecomposition/register.go b/pkg/apis/softwarecomposition/register.go index 48d64c6c7..58f79f47b 100644 --- a/pkg/apis/softwarecomposition/register.go +++ b/pkg/apis/softwarecomposition/register.go @@ -71,8 +71,12 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ApplicationProfileSummaryList{}, &ApplicationActivity{}, &ApplicationActivityList{}, + &NetworkNeighbors{}, + &NetworkNeighborsList{}, &OpenVulnerabilityExchangeContainer{}, &OpenVulnerabilityExchangeContainerList{}, + &GeneratedNetworkPolicyList{}, + &GeneratedNetworkPolicy{}, ) return nil } diff --git a/pkg/apis/softwarecomposition/v1beta1/network_types.go b/pkg/apis/softwarecomposition/v1beta1/network_types.go new file mode 100644 index 000000000..4d9045620 --- /dev/null +++ b/pkg/apis/softwarecomposition/v1beta1/network_types.go @@ -0,0 +1,102 @@ +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type Protocol string +type CommunicationType string + +const ( + ProtocolTCP Protocol = "TCP" + ProtocolUDP Protocol = "UDP" + ProtocolSCTP Protocol = "SCTP" + + CommunicationTypeIngress CommunicationType = "internal" + CommunicationTypeEgress CommunicationType = "external" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkNeighborsList is a list of NetworkNeighbors. +type NetworkNeighborsList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + Items []NetworkNeighbors `json:"items"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkNeighbors represents a list of network communications for a specific workload. +type NetworkNeighbors struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + Spec NetworkNeighborsSpec `json:"spec"` +} + +type NetworkNeighborsSpec struct { + metav1.LabelSelector `json:",inline"` + // +patchMergeKey=identifier + // +patchStrategy=merge + Ingress []NetworkNeighbor `json:"ingress" patchStrategy:"merge" patchMergeKey:"identifier"` + // +patchMergeKey=identifier + // +patchStrategy=merge + Egress []NetworkNeighbor `json:"egress" patchStrategy:"merge" patchMergeKey:"identifier"` +} + +// NetworkNeighbor represents a single network communication made by this resource. +type NetworkNeighbor struct { + Identifier string `json:"identifier"` // A unique identifier for this entry + Type CommunicationType `json:"type"` + DNS string `json:"dns"` + // +patchMergeKey=name + // +patchStrategy=merge + Ports []NetworkPort `json:"ports" patchStrategy:"merge" patchMergeKey:"name"` + PodSelector *metav1.LabelSelector `json:"podSelector"` + NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector"` + IPAddress string `json:"ipAddress"` +} + +type NetworkPort struct { + Name string `json:"name"` // protocol-port + Protocol Protocol `json:"protocol"` + Port *int32 `json:"port"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// GeneratedNetworkPolicyList is a list of GeneratedNetworkPolicies. +type GeneratedNetworkPolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + Items []GeneratedNetworkPolicy +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// GeneratedNetworkPolicy represents a generated NetworkPolicy. +type GeneratedNetworkPolicy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + Spec NetworkPolicy `json:"spec"` + PoliciesRef []PolicyRef `json:"policyRef"` +} + +type PolicyRef struct { + IPBlock string `json:"ipBlock"` + OriginalIP string `json:"originalIP"` + DNS string `json:"dns"` + Name string `json:"name"` +} + +type KnownServers struct { + IPBlock string `json:"ipBlock"` + DNS string `json:"dns"` + Name string `json:"name"` +} diff --git a/pkg/apis/softwarecomposition/v1beta1/networkpolicy.go b/pkg/apis/softwarecomposition/v1beta1/networkpolicy.go new file mode 100644 index 000000000..bae57729f --- /dev/null +++ b/pkg/apis/softwarecomposition/v1beta1/networkpolicy.go @@ -0,0 +1,621 @@ +package v1beta1 + +import ( + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type NetworkPolicy struct { + Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"` + APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=apiVersion"` + + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec represents the specification of the desired behavior for this NetworkPolicy. + + Spec NetworkPolicySpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` +} + +type PolicyType string + +const ( + // PolicyTypeIngress is a NetworkPolicy that affects ingress traffic on selected pods + PolicyTypeIngress PolicyType = "Ingress" + // PolicyTypeEgress is a NetworkPolicy that affects egress traffic on selected pods + PolicyTypeEgress PolicyType = "Egress" +) + +// NetworkPolicySpec provides the specification of a NetworkPolicy +type NetworkPolicySpec struct { + // podSelector selects the pods to which this NetworkPolicy object applies. + // The array of ingress rules is applied to any pods selected by this field. + // Multiple network policies can select the same set of pods. In this case, + // the ingress rules for each are combined additively. + // This field is NOT optional and follows standard label selector semantics. + // An empty podSelector matches all pods in this namespace. + PodSelector metav1.LabelSelector `json:"podSelector" protobuf:"bytes,1,opt,name=podSelector"` + + // ingress is a list of ingress rules to be applied to the selected pods. + // Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod + // (and cluster policy otherwise allows the traffic), OR if the traffic source is + // the pod's local node, OR if the traffic matches at least one ingress rule + // across all of the NetworkPolicy objects whose podSelector matches the pod. If + // this field is empty then this NetworkPolicy does not allow any traffic (and serves + // solely to ensure that the pods it selects are isolated by default) + + Ingress []NetworkPolicyIngressRule `json:"ingress,omitempty" protobuf:"bytes,2,rep,name=ingress"` + + // egress is a list of egress rules to be applied to the selected pods. Outgoing traffic + // is allowed if there are no NetworkPolicies selecting the pod (and cluster policy + // otherwise allows the traffic), OR if the traffic matches at least one egress rule + // across all of the NetworkPolicy objects whose podSelector matches the pod. If + // this field is empty then this NetworkPolicy limits all outgoing traffic (and serves + // solely to ensure that the pods it selects are isolated by default). + // This field is beta-level in 1.8 + + Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"` + + // policyTypes is a list of rule types that the NetworkPolicy relates to. + // Valid options are ["Ingress"], ["Egress"], or ["Ingress", "Egress"]. + // If this field is not specified, it will default based on the existence of ingress or egress rules; + // policies that contain an egress section are assumed to affect egress, and all policies + // (whether or not they contain an ingress section) are assumed to affect ingress. + // If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. + // Likewise, if you want to write a policy that specifies that no egress is allowed, + // you must specify a policyTypes value that include "Egress" (since such a policy would not include + // an egress section and would otherwise default to just [ "Ingress" ]). + // This field is beta-level in 1.8 + + PolicyTypes []PolicyType `json:"policyTypes,omitempty" protobuf:"bytes,4,rep,name=policyTypes,casttype=PolicyType"` +} + +// NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods +// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from. +type NetworkPolicyIngressRule struct { + // ports is a list of ports which should be made accessible on the pods selected for + // this rule. Each item in this list is combined using a logical OR. If this field is + // empty or missing, this rule matches all ports (traffic not restricted by port). + // If this field is present and contains at least one item, then this rule allows + // traffic only if the traffic matches at least one port in the list. + + Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"` + + // from is a list of sources which should be able to access the pods selected for this rule. + // Items in this list are combined using a logical OR operation. If this field is + // empty or missing, this rule matches all sources (traffic not restricted by + // source). If this field is present and contains at least one item, this rule + // allows traffic only if the traffic matches at least one item in the from list. + + From []NetworkPolicyPeer `json:"from,omitempty" protobuf:"bytes,2,rep,name=from"` +} + +// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods +// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. +// This type is beta-level in 1.8 +type NetworkPolicyEgressRule struct { + // ports is a list of destination ports for outgoing traffic. + // Each item in this list is combined using a logical OR. If this field is + // empty or missing, this rule matches all ports (traffic not restricted by port). + // If this field is present and contains at least one item, then this rule allows + // traffic only if the traffic matches at least one port in the list. + + Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"` + + // to is a list of destinations for outgoing traffic of pods selected for this rule. + // Items in this list are combined using a logical OR operation. If this field is + // empty or missing, this rule matches all destinations (traffic not restricted by + // destination). If this field is present and contains at least one item, this rule + // allows traffic only if the traffic matches at least one item in the to list. + + To []NetworkPolicyPeer `json:"to,omitempty" protobuf:"bytes,2,rep,name=to"` +} + +// NetworkPolicyPort describes a port to allow traffic on +type NetworkPolicyPort struct { + // protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. + // If not specified, this field defaults to TCP. + + Protocol *v1.Protocol `json:"protocol,omitempty" protobuf:"bytes,1,opt,name=protocol,casttype=k8s.io/api/core/v1.Protocol"` + + // port represents the port on the given protocol. This can either be a numerical or named + // port on a pod. If this field is not provided, this matches all port names and + // numbers. + // If present, only traffic on the specified protocol AND port will be matched. + + Port *int32 `json:"port,omitempty" protobuf:"bytes,2,opt,name=port"` + + // endPort indicates that the range of ports from port to endPort if set, inclusive, + // should be allowed by the policy. This field cannot be defined if the port field + // is not defined or if the port field is defined as a named (string) port. + // The endPort must be equal or greater than port. + + EndPort *int32 `json:"endPort,omitempty" protobuf:"bytes,3,opt,name=endPort"` +} + +// Type represents the stored type of IntOrString. +type Type int64 + +// IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed +// to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs +// that should not be included within this rule. +type IPBlock struct { + // cidr is a string representing the IPBlock + // Valid examples are "192.168.1.0/24" or "2001:db8::/64" + CIDR string `json:"cidr" protobuf:"bytes,1,name=cidr"` + + // except is a slice of CIDRs that should not be included within an IPBlock + // Valid examples are "192.168.1.0/24" or "2001:db8::/64" + // Except values will be rejected if they are outside the cidr range + + Except []string `json:"except,omitempty" protobuf:"bytes,2,rep,name=except"` +} + +// NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of +// fields are allowed +type NetworkPolicyPeer struct { + // podSelector is a label selector which selects pods. This field follows standard label + // selector semantics; if present but empty, it selects all pods. + // + // If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects + // the pods matching podSelector in the Namespaces selected by NamespaceSelector. + // Otherwise it selects the pods matching podSelector in the policy's own namespace. + + PodSelector *metav1.LabelSelector `json:"podSelector,omitempty" protobuf:"bytes,1,opt,name=podSelector"` + + // namespaceSelector selects namespaces using cluster-scoped labels. This field follows + // standard label selector semantics; if present but empty, it selects all namespaces. + // + // If podSelector is also set, then the NetworkPolicyPeer as a whole selects + // the pods matching podSelector in the namespaces selected by namespaceSelector. + // Otherwise it selects all pods in the namespaces selected by namespaceSelector. + + NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty" protobuf:"bytes,2,opt,name=namespaceSelector"` + + // ipBlock defines policy on a particular IPBlock. If this field is set then + // neither of the other fields can be. + + IPBlock *IPBlock `json:"ipBlock,omitempty" protobuf:"bytes,3,rep,name=ipBlock"` +} + +// NetworkPolicyConditionType is the type for status conditions on +// a NetworkPolicy. This type should be used with the +// NetworkPolicyStatus.Conditions field. +type NetworkPolicyConditionType string + +const ( + // NetworkPolicyConditionStatusAccepted represents status of a Network Policy that could be properly parsed by + // the Network Policy provider and will be implemented in the cluster + NetworkPolicyConditionStatusAccepted NetworkPolicyConditionType = "Accepted" + + // NetworkPolicyConditionStatusPartialFailure represents status of a Network Policy that could be partially + // parsed by the Network Policy provider and may not be completely implemented due to a lack of a feature or some + // other condition + NetworkPolicyConditionStatusPartialFailure NetworkPolicyConditionType = "PartialFailure" + + // NetworkPolicyConditionStatusFailure represents status of a Network Policy that could not be parsed by the + // Network Policy provider and will not be implemented in the cluster + NetworkPolicyConditionStatusFailure NetworkPolicyConditionType = "Failure" +) + +// NetworkPolicyConditionReason defines the set of reasons that explain why a +// particular NetworkPolicy condition type has been raised. +type NetworkPolicyConditionReason string + +const ( + // NetworkPolicyConditionReasonFeatureNotSupported represents a reason where the Network Policy may not have been + // implemented in the cluster due to a lack of some feature not supported by the Network Policy provider + NetworkPolicyConditionReasonFeatureNotSupported NetworkPolicyConditionReason = "FeatureNotSupported" +) + +// NetworkPolicyStatus describes the current state of the NetworkPolicy. +type NetworkPolicyStatus struct { + // conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. + // Current service state + + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` +} + +// NetworkPolicyList is a list of NetworkPolicy objects. +type NetworkPolicyList struct { + metav1.TypeMeta `json:",inline"` + + // Standard list metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // items is a list of schema objects. + Items []NetworkPolicy `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// Ingress is a collection of rules that allow inbound connections to reach the +// endpoints defined by a backend. An Ingress can be configured to give services +// externally-reachable urls, load balance traffic, terminate SSL, offer name +// based virtual hosting etc. +type Ingress struct { + metav1.TypeMeta `json:",inline"` + + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec is the desired state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + + Spec IngressSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` + + // status is the current state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + + Status IngressStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` +} + +// IngressList is a collection of Ingress. +type IngressList struct { + metav1.TypeMeta `json:",inline"` + + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // items is the list of Ingress. + Items []Ingress `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// IngressSpec describes the Ingress the user wishes to exist. +type IngressSpec struct { + // ingressClassName is the name of an IngressClass cluster resource. Ingress + // controller implementations use this field to know whether they should be + // serving this Ingress resource, by a transitive connection + // (controller -> IngressClass -> Ingress resource). Although the + // `kubernetes.io/ingress.class` annotation (simple constant name) was never + // formally defined, it was widely supported by Ingress controllers to create + // a direct binding between Ingress controller and Ingress resources. Newly + // created Ingress resources should prefer using the field. However, even + // though the annotation is officially deprecated, for backwards compatibility + // reasons, ingress controllers should still honor that annotation if present. + + IngressClassName *string `json:"ingressClassName,omitempty" protobuf:"bytes,4,opt,name=ingressClassName"` + + // defaultBackend is the backend that should handle requests that don't + // match any rule. If Rules are not specified, DefaultBackend must be specified. + // If DefaultBackend is not set, the handling of requests that do not match any + // of the rules will be up to the Ingress controller. + + DefaultBackend *IngressBackend `json:"defaultBackend,omitempty" protobuf:"bytes,1,opt,name=defaultBackend"` + + // tls represents the TLS configuration. Currently the Ingress only supports a + // single TLS port, 443. If multiple members of this list specify different hosts, + // they will be multiplexed on the same port according to the hostname specified + // through the SNI TLS extension, if the ingress controller fulfilling the + // ingress supports SNI. + // +listType=atomic + + TLS []IngressTLS `json:"tls,omitempty" protobuf:"bytes,2,rep,name=tls"` + + // rules is a list of host rules used to configure the Ingress. If unspecified, + // or no rule matches, all traffic is sent to the default backend. + // +listType=atomic + + Rules []IngressRule `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"` +} + +// IngressTLS describes the transport layer security associated with an ingress. +type IngressTLS struct { + // hosts is a list of hosts included in the TLS certificate. The values in + // this list must match the name/s used in the tlsSecret. Defaults to the + // wildcard host setting for the loadbalancer controller fulfilling this + // Ingress, if left unspecified. + // +listType=atomic + + Hosts []string `json:"hosts,omitempty" protobuf:"bytes,1,rep,name=hosts"` + + // secretName is the name of the secret used to terminate TLS traffic on + // port 443. Field is left optional to allow TLS routing based on SNI + // hostname alone. If the SNI host in a listener conflicts with the "Host" + // header field used by an IngressRule, the SNI host is used for termination + // and value of the "Host" header is used for routing. + + SecretName string `json:"secretName,omitempty" protobuf:"bytes,2,opt,name=secretName"` +} + +// IngressStatus describe the current state of the Ingress. +type IngressStatus struct { + // loadBalancer contains the current status of the load-balancer. + + LoadBalancer IngressLoadBalancerStatus `json:"loadBalancer,omitempty" protobuf:"bytes,1,opt,name=loadBalancer"` +} + +// IngressLoadBalancerStatus represents the status of a load-balancer. +type IngressLoadBalancerStatus struct { + // ingress is a list containing ingress points for the load-balancer. + + Ingress []IngressLoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"` +} + +// IngressLoadBalancerIngress represents the status of a load-balancer ingress point. +type IngressLoadBalancerIngress struct { + // ip is set for load-balancer ingress points that are IP based. + + IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"` + + // hostname is set for load-balancer ingress points that are DNS based. + + Hostname string `json:"hostname,omitempty" protobuf:"bytes,2,opt,name=hostname"` + + // ports provides information about the ports exposed by this LoadBalancer. + // +listType=atomic + + Ports []IngressPortStatus `json:"ports,omitempty" protobuf:"bytes,4,rep,name=ports"` +} + +// IngressPortStatus represents the error condition of a service port +type IngressPortStatus struct { + // port is the port number of the ingress port. + Port int32 `json:"port" protobuf:"varint,1,opt,name=port"` + + // protocol is the protocol of the ingress port. + // The supported values are: "TCP", "UDP", "SCTP" + Protocol v1.Protocol `json:"protocol" protobuf:"bytes,2,opt,name=protocol,casttype=Protocol"` + + // error is to record the problem with the service port + // The format of the error shall comply with the following rules: + // - built-in error values shall be specified in this file and those shall use + // CamelCase names + // - cloud provider specific error values must have names that comply with the + // format foo.example.com/CamelCase. + // --- + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Error *string `json:"error,omitempty" protobuf:"bytes,3,opt,name=error"` +} + +// IngressRule represents the rules mapping the paths under a specified host to +// the related backend services. Incoming requests are first evaluated for a host +// match, then routed to the backend associated with the matching IngressRuleValue. +type IngressRule struct { + // host is the fully qualified domain name of a network host, as defined by RFC 3986. + // Note the following deviations from the "host" part of the + // URI as defined in RFC 3986: + // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to + // the IP in the Spec of the parent Ingress. + // 2. The `:` delimiter is not respected because ports are not allowed. + // Currently the port of an Ingress is implicitly :80 for http and + // :443 for https. + // Both these may change in the future. + // Incoming requests are matched against the host before the + // IngressRuleValue. If the host is unspecified, the Ingress routes all + // traffic based on the specified IngressRuleValue. + // + // host can be "precise" which is a domain name without the terminating dot of + // a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name + // prefixed with a single wildcard label (e.g. "*.foo.com"). + // The wildcard character '*' must appear by itself as the first DNS label and + // matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). + // Requests will be matched against the Host field in the following way: + // 1. If host is precise, the request matches this rule if the http host header is equal to Host. + // 2. If host is a wildcard, then the request matches this rule if the http host header + // is to equal to the suffix (removing the first label) of the wildcard rule. + + Host string `json:"host,omitempty" protobuf:"bytes,1,opt,name=host"` + // IngressRuleValue represents a rule to route requests for this IngressRule. + // If unspecified, the rule defaults to a http catch-all. Whether that sends + // just traffic matching the host to the default backend or all traffic to the + // default backend, is left to the controller fulfilling the Ingress. Http is + // currently the only supported IngressRuleValue. + + IngressRuleValue `json:",inline,omitempty" protobuf:"bytes,2,opt,name=ingressRuleValue"` +} + +// IngressRuleValue represents a rule to apply against incoming requests. If the +// rule is satisfied, the request is routed to the specified backend. Currently +// mixing different types of rules in a single Ingress is disallowed, so exactly +// one of the following must be set. +type IngressRuleValue struct { + HTTP *HTTPIngressRuleValue `json:"http,omitempty" protobuf:"bytes,1,opt,name=http"` +} + +// HTTPIngressRuleValue is a list of http selectors pointing to backends. +// In the example: http:///? -> backend where +// where parts of the url correspond to RFC 3986, this resource will be used +// to match against everything after the last '/' and before the first '?' +// or '#'. +type HTTPIngressRuleValue struct { + // paths is a collection of paths that map requests to backends. + // +listType=atomic + Paths []HTTPIngressPath `json:"paths" protobuf:"bytes,1,rep,name=paths"` +} + +// PathType represents the type of path referred to by a HTTPIngressPath. +// +enum +type PathType string + +const ( + // PathTypeExact matches the URL path exactly and with case sensitivity. + PathTypeExact = PathType("Exact") + + // PathTypePrefix matches based on a URL path prefix split by '/'. Matching + // is case sensitive and done on a path element by element basis. A path + // element refers to the list of labels in the path split by the '/' + // separator. A request is a match for path p if every p is an element-wise + // prefix of p of the request path. Note that if the last element of the + // path is a substring of the last element in request path, it is not a + // match (e.g. /foo/bar matches /foo/bar/baz, but does not match + // /foo/barbaz). If multiple matching paths exist in an Ingress spec, the + // longest matching path is given priority. + // Examples: + // - /foo/bar does not match requests to /foo/barbaz + // - /foo/bar matches request to /foo/bar and /foo/bar/baz + // - /foo and /foo/ both match requests to /foo and /foo/. If both paths are + // present in an Ingress spec, the longest matching path (/foo/) is given + // priority. + PathTypePrefix = PathType("Prefix") + + // PathTypeImplementationSpecific matching is up to the IngressClass. + // Implementations can treat this as a separate PathType or treat it + // identically to Prefix or Exact path types. + PathTypeImplementationSpecific = PathType("ImplementationSpecific") +) + +// HTTPIngressPath associates a path with a backend. Incoming urls matching the +// path are forwarded to the backend. +type HTTPIngressPath struct { + // path is matched against the path of an incoming request. Currently it can + // contain characters disallowed from the conventional "path" part of a URL + // as defined by RFC 3986. Paths must begin with a '/' and must be present + // when using PathType with value "Exact" or "Prefix". + + Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` + + // pathType determines the interpretation of the path matching. PathType can + // be one of the following values: + // * Exact: Matches the URL path exactly. + // * Prefix: Matches based on a URL path prefix split by '/'. Matching is + // done on a path element by element basis. A path element refers is the + // list of labels in the path split by the '/' separator. A request is a + // match for path p if every p is an element-wise prefix of p of the + // request path. Note that if the last element of the path is a substring + // of the last element in request path, it is not a match (e.g. /foo/bar + // matches /foo/bar/baz, but does not match /foo/barbaz). + // * ImplementationSpecific: Interpretation of the Path matching is up to + // the IngressClass. Implementations can treat this as a separate PathType + // or treat it identically to Prefix or Exact path types. + // Implementations are required to support all path types. + PathType *PathType `json:"pathType" protobuf:"bytes,3,opt,name=pathType"` + + // backend defines the referenced service endpoint to which the traffic + // will be forwarded to. + Backend IngressBackend `json:"backend" protobuf:"bytes,2,opt,name=backend"` +} + +// IngressBackend describes all endpoints for a given service and port. +type IngressBackend struct { + // service references a service as a backend. + // This is a mutually exclusive setting with "Resource". + + Service *IngressServiceBackend `json:"service,omitempty" protobuf:"bytes,4,opt,name=service"` + + // resource is an ObjectRef to another Kubernetes resource in the namespace + // of the Ingress object. If resource is specified, a service.Name and + // service.Port must not be specified. + // This is a mutually exclusive setting with "Service". + + Resource *v1.TypedLocalObjectReference `json:"resource,omitempty" protobuf:"bytes,3,opt,name=resource"` +} + +// IngressServiceBackend references a Kubernetes Service as a Backend. +type IngressServiceBackend struct { + // name is the referenced service. The service must exist in + // the same namespace as the Ingress object. + Name string `json:"name" protobuf:"bytes,1,opt,name=name"` + + // port of the referenced service. A port name or port number + // is required for a IngressServiceBackend. + Port ServiceBackendPort `json:"port,omitempty" protobuf:"bytes,2,opt,name=port"` +} + +// ServiceBackendPort is the service port being referenced. +type ServiceBackendPort struct { + // name is the name of the port on the Service. + // This is a mutually exclusive setting with "Number". + + Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` + + // number is the numerical port number (e.g. 80) on the Service. + // This is a mutually exclusive setting with "Name". + + Number int32 `json:"number,omitempty" protobuf:"bytes,2,opt,name=number"` +} + +// IngressClass represents the class of the Ingress, referenced by the Ingress +// Spec. The `ingressclass.kubernetes.io/is-default-class` annotation can be +// used to indicate that an IngressClass should be considered default. When a +// single IngressClass resource has this annotation set to true, new Ingress +// resources without a class specified will be assigned this default class. +type IngressClass struct { + metav1.TypeMeta `json:",inline"` + + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec is the desired state of the IngressClass. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + + Spec IngressClassSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` +} + +// IngressClassSpec provides information about the class of an Ingress. +type IngressClassSpec struct { + // controller refers to the name of the controller that should handle this + // class. This allows for different "flavors" that are controlled by the + // same controller. For example, you may have different parameters for the + // same implementing controller. This should be specified as a + // domain-prefixed path no more than 250 characters in length, e.g. + // "acme.io/ingress-controller". This field is immutable. + Controller string `json:"controller,omitempty" protobuf:"bytes,1,opt,name=controller"` + + // parameters is a link to a custom resource containing additional + // configuration for the controller. This is optional if the controller does + // not require extra parameters. + + Parameters *IngressClassParametersReference `json:"parameters,omitempty" protobuf:"bytes,2,opt,name=parameters"` +} + +const ( + // IngressClassParametersReferenceScopeNamespace indicates that the + // referenced Parameters resource is namespace-scoped. + IngressClassParametersReferenceScopeNamespace = "Namespace" + // IngressClassParametersReferenceScopeCluster indicates that the + // referenced Parameters resource is cluster-scoped. + IngressClassParametersReferenceScopeCluster = "Cluster" +) + +// IngressClassParametersReference identifies an API object. This can be used +// to specify a cluster or namespace-scoped resource. +type IngressClassParametersReference struct { + // apiGroup is the group for the resource being referenced. If APIGroup is + // not specified, the specified Kind must be in the core API group. For any + // other third-party types, APIGroup is required. + + APIGroup *string `json:"apiGroup,omitempty" protobuf:"bytes,1,opt,name=aPIGroup"` + + // kind is the type of resource being referenced. + Kind string `json:"kind" protobuf:"bytes,2,opt,name=kind"` + + // name is the name of resource being referenced. + Name string `json:"name" protobuf:"bytes,3,opt,name=name"` + + // scope represents if this refers to a cluster or namespace scoped resource. + // This may be set to "Cluster" (default) or "Namespace". + + Scope *string `json:"scope" protobuf:"bytes,4,opt,name=scope"` + + // namespace is the namespace of the resource being referenced. This field is + // required when scope is set to "Namespace" and must be unset when scope is set to + // "Cluster". + + Namespace *string `json:"namespace,omitempty" protobuf:"bytes,5,opt,name=namespace"` +} + +// IngressClassList is a collection of IngressClasses. +type IngressClassList struct { + metav1.TypeMeta `json:",inline"` + + // Standard list metadata. + + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // items is the list of IngressClasses. + Items []IngressClass `json:"items" protobuf:"bytes,2,rep,name=items"` +} diff --git a/pkg/apis/softwarecomposition/v1beta1/register.go b/pkg/apis/softwarecomposition/v1beta1/register.go index a52f415b3..8271b8485 100644 --- a/pkg/apis/softwarecomposition/v1beta1/register.go +++ b/pkg/apis/softwarecomposition/v1beta1/register.go @@ -73,8 +73,12 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ApplicationProfileSummaryList{}, &ApplicationActivity{}, &ApplicationActivityList{}, + &NetworkNeighbors{}, + &NetworkNeighborsList{}, &OpenVulnerabilityExchangeContainer{}, &OpenVulnerabilityExchangeContainerList{}, + &GeneratedNetworkPolicyList{}, + &GeneratedNetworkPolicy{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/pkg/apis/softwarecomposition/v1beta1/zz_generated.conversion.go b/pkg/apis/softwarecomposition/v1beta1/zz_generated.conversion.go index 1aeda76ad..7de220074 100644 --- a/pkg/apis/softwarecomposition/v1beta1/zz_generated.conversion.go +++ b/pkg/apis/softwarecomposition/v1beta1/zz_generated.conversion.go @@ -26,6 +26,8 @@ import ( unsafe "unsafe" softwarecomposition "github.com/kubescape/storage/pkg/apis/softwarecomposition" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -357,6 +359,26 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*GeneratedNetworkPolicy)(nil), (*softwarecomposition.GeneratedNetworkPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_GeneratedNetworkPolicy_To_softwarecomposition_GeneratedNetworkPolicy(a.(*GeneratedNetworkPolicy), b.(*softwarecomposition.GeneratedNetworkPolicy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.GeneratedNetworkPolicy)(nil), (*GeneratedNetworkPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_GeneratedNetworkPolicy_To_v1beta1_GeneratedNetworkPolicy(a.(*softwarecomposition.GeneratedNetworkPolicy), b.(*GeneratedNetworkPolicy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*GeneratedNetworkPolicyList)(nil), (*softwarecomposition.GeneratedNetworkPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_GeneratedNetworkPolicyList_To_softwarecomposition_GeneratedNetworkPolicyList(a.(*GeneratedNetworkPolicyList), b.(*softwarecomposition.GeneratedNetworkPolicyList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.GeneratedNetworkPolicyList)(nil), (*GeneratedNetworkPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_GeneratedNetworkPolicyList_To_v1beta1_GeneratedNetworkPolicyList(a.(*softwarecomposition.GeneratedNetworkPolicyList), b.(*GeneratedNetworkPolicyList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*GrypeDocument)(nil), (*softwarecomposition.GrypeDocument)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_GrypeDocument_To_softwarecomposition_GrypeDocument(a.(*GrypeDocument), b.(*softwarecomposition.GrypeDocument), scope) }); err != nil { @@ -377,6 +399,36 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*HTTPIngressPath)(nil), (*softwarecomposition.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_HTTPIngressPath_To_softwarecomposition_HTTPIngressPath(a.(*HTTPIngressPath), b.(*softwarecomposition.HTTPIngressPath), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.HTTPIngressPath)(nil), (*HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_HTTPIngressPath_To_v1beta1_HTTPIngressPath(a.(*softwarecomposition.HTTPIngressPath), b.(*HTTPIngressPath), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*HTTPIngressRuleValue)(nil), (*softwarecomposition.HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_HTTPIngressRuleValue_To_softwarecomposition_HTTPIngressRuleValue(a.(*HTTPIngressRuleValue), b.(*softwarecomposition.HTTPIngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.HTTPIngressRuleValue)(nil), (*HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(a.(*softwarecomposition.HTTPIngressRuleValue), b.(*HTTPIngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IPBlock)(nil), (*softwarecomposition.IPBlock)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IPBlock_To_softwarecomposition_IPBlock(a.(*IPBlock), b.(*softwarecomposition.IPBlock), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IPBlock)(nil), (*IPBlock)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IPBlock_To_v1beta1_IPBlock(a.(*softwarecomposition.IPBlock), b.(*IPBlock), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*IgnoreRule)(nil), (*softwarecomposition.IgnoreRule)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_IgnoreRule_To_softwarecomposition_IgnoreRule(a.(*IgnoreRule), b.(*softwarecomposition.IgnoreRule), scope) }); err != nil { @@ -407,6 +459,176 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*Ingress)(nil), (*softwarecomposition.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_Ingress_To_softwarecomposition_Ingress(a.(*Ingress), b.(*softwarecomposition.Ingress), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.Ingress)(nil), (*Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_Ingress_To_v1beta1_Ingress(a.(*softwarecomposition.Ingress), b.(*Ingress), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressBackend)(nil), (*softwarecomposition.IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressBackend_To_softwarecomposition_IngressBackend(a.(*IngressBackend), b.(*softwarecomposition.IngressBackend), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressBackend)(nil), (*IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressBackend_To_v1beta1_IngressBackend(a.(*softwarecomposition.IngressBackend), b.(*IngressBackend), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressClass)(nil), (*softwarecomposition.IngressClass)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressClass_To_softwarecomposition_IngressClass(a.(*IngressClass), b.(*softwarecomposition.IngressClass), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressClass)(nil), (*IngressClass)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressClass_To_v1beta1_IngressClass(a.(*softwarecomposition.IngressClass), b.(*IngressClass), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressClassList)(nil), (*softwarecomposition.IngressClassList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressClassList_To_softwarecomposition_IngressClassList(a.(*IngressClassList), b.(*softwarecomposition.IngressClassList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressClassList)(nil), (*IngressClassList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressClassList_To_v1beta1_IngressClassList(a.(*softwarecomposition.IngressClassList), b.(*IngressClassList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressClassParametersReference)(nil), (*softwarecomposition.IngressClassParametersReference)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressClassParametersReference_To_softwarecomposition_IngressClassParametersReference(a.(*IngressClassParametersReference), b.(*softwarecomposition.IngressClassParametersReference), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressClassParametersReference)(nil), (*IngressClassParametersReference)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressClassParametersReference_To_v1beta1_IngressClassParametersReference(a.(*softwarecomposition.IngressClassParametersReference), b.(*IngressClassParametersReference), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressClassSpec)(nil), (*softwarecomposition.IngressClassSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressClassSpec_To_softwarecomposition_IngressClassSpec(a.(*IngressClassSpec), b.(*softwarecomposition.IngressClassSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressClassSpec)(nil), (*IngressClassSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressClassSpec_To_v1beta1_IngressClassSpec(a.(*softwarecomposition.IngressClassSpec), b.(*IngressClassSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressList)(nil), (*softwarecomposition.IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressList_To_softwarecomposition_IngressList(a.(*IngressList), b.(*softwarecomposition.IngressList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressList)(nil), (*IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressList_To_v1beta1_IngressList(a.(*softwarecomposition.IngressList), b.(*IngressList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressLoadBalancerIngress)(nil), (*softwarecomposition.IngressLoadBalancerIngress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressLoadBalancerIngress_To_softwarecomposition_IngressLoadBalancerIngress(a.(*IngressLoadBalancerIngress), b.(*softwarecomposition.IngressLoadBalancerIngress), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressLoadBalancerIngress)(nil), (*IngressLoadBalancerIngress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressLoadBalancerIngress_To_v1beta1_IngressLoadBalancerIngress(a.(*softwarecomposition.IngressLoadBalancerIngress), b.(*IngressLoadBalancerIngress), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressLoadBalancerStatus)(nil), (*softwarecomposition.IngressLoadBalancerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressLoadBalancerStatus_To_softwarecomposition_IngressLoadBalancerStatus(a.(*IngressLoadBalancerStatus), b.(*softwarecomposition.IngressLoadBalancerStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressLoadBalancerStatus)(nil), (*IngressLoadBalancerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressLoadBalancerStatus_To_v1beta1_IngressLoadBalancerStatus(a.(*softwarecomposition.IngressLoadBalancerStatus), b.(*IngressLoadBalancerStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressPortStatus)(nil), (*softwarecomposition.IngressPortStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressPortStatus_To_softwarecomposition_IngressPortStatus(a.(*IngressPortStatus), b.(*softwarecomposition.IngressPortStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressPortStatus)(nil), (*IngressPortStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressPortStatus_To_v1beta1_IngressPortStatus(a.(*softwarecomposition.IngressPortStatus), b.(*IngressPortStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressRule)(nil), (*softwarecomposition.IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressRule_To_softwarecomposition_IngressRule(a.(*IngressRule), b.(*softwarecomposition.IngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressRule)(nil), (*IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressRule_To_v1beta1_IngressRule(a.(*softwarecomposition.IngressRule), b.(*IngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressRuleValue)(nil), (*softwarecomposition.IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressRuleValue_To_softwarecomposition_IngressRuleValue(a.(*IngressRuleValue), b.(*softwarecomposition.IngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressRuleValue)(nil), (*IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressRuleValue_To_v1beta1_IngressRuleValue(a.(*softwarecomposition.IngressRuleValue), b.(*IngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressServiceBackend)(nil), (*softwarecomposition.IngressServiceBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressServiceBackend_To_softwarecomposition_IngressServiceBackend(a.(*IngressServiceBackend), b.(*softwarecomposition.IngressServiceBackend), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressServiceBackend)(nil), (*IngressServiceBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressServiceBackend_To_v1beta1_IngressServiceBackend(a.(*softwarecomposition.IngressServiceBackend), b.(*IngressServiceBackend), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressSpec)(nil), (*softwarecomposition.IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressSpec_To_softwarecomposition_IngressSpec(a.(*IngressSpec), b.(*softwarecomposition.IngressSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressSpec)(nil), (*IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressSpec_To_v1beta1_IngressSpec(a.(*softwarecomposition.IngressSpec), b.(*IngressSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressStatus)(nil), (*softwarecomposition.IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressStatus_To_softwarecomposition_IngressStatus(a.(*IngressStatus), b.(*softwarecomposition.IngressStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressStatus)(nil), (*IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressStatus_To_v1beta1_IngressStatus(a.(*softwarecomposition.IngressStatus), b.(*IngressStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*IngressTLS)(nil), (*softwarecomposition.IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressTLS_To_softwarecomposition_IngressTLS(a.(*IngressTLS), b.(*softwarecomposition.IngressTLS), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.IngressTLS)(nil), (*IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_IngressTLS_To_v1beta1_IngressTLS(a.(*softwarecomposition.IngressTLS), b.(*IngressTLS), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*KnownServers)(nil), (*softwarecomposition.KnownServers)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_KnownServers_To_softwarecomposition_KnownServers(a.(*KnownServers), b.(*softwarecomposition.KnownServers), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.KnownServers)(nil), (*KnownServers)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_KnownServers_To_v1beta1_KnownServers(a.(*softwarecomposition.KnownServers), b.(*KnownServers), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*Match)(nil), (*softwarecomposition.Match)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_Match_To_softwarecomposition_Match(a.(*Match), b.(*softwarecomposition.Match), scope) }); err != nil { @@ -437,6 +659,136 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*NetworkNeighbor)(nil), (*softwarecomposition.NetworkNeighbor)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkNeighbor_To_softwarecomposition_NetworkNeighbor(a.(*NetworkNeighbor), b.(*softwarecomposition.NetworkNeighbor), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkNeighbor)(nil), (*NetworkNeighbor)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkNeighbor_To_v1beta1_NetworkNeighbor(a.(*softwarecomposition.NetworkNeighbor), b.(*NetworkNeighbor), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkNeighbors)(nil), (*softwarecomposition.NetworkNeighbors)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkNeighbors_To_softwarecomposition_NetworkNeighbors(a.(*NetworkNeighbors), b.(*softwarecomposition.NetworkNeighbors), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkNeighbors)(nil), (*NetworkNeighbors)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkNeighbors_To_v1beta1_NetworkNeighbors(a.(*softwarecomposition.NetworkNeighbors), b.(*NetworkNeighbors), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkNeighborsList)(nil), (*softwarecomposition.NetworkNeighborsList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkNeighborsList_To_softwarecomposition_NetworkNeighborsList(a.(*NetworkNeighborsList), b.(*softwarecomposition.NetworkNeighborsList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkNeighborsList)(nil), (*NetworkNeighborsList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkNeighborsList_To_v1beta1_NetworkNeighborsList(a.(*softwarecomposition.NetworkNeighborsList), b.(*NetworkNeighborsList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkNeighborsSpec)(nil), (*softwarecomposition.NetworkNeighborsSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkNeighborsSpec_To_softwarecomposition_NetworkNeighborsSpec(a.(*NetworkNeighborsSpec), b.(*softwarecomposition.NetworkNeighborsSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkNeighborsSpec)(nil), (*NetworkNeighborsSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkNeighborsSpec_To_v1beta1_NetworkNeighborsSpec(a.(*softwarecomposition.NetworkNeighborsSpec), b.(*NetworkNeighborsSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicy)(nil), (*softwarecomposition.NetworkPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicy_To_softwarecomposition_NetworkPolicy(a.(*NetworkPolicy), b.(*softwarecomposition.NetworkPolicy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicy)(nil), (*NetworkPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicy_To_v1beta1_NetworkPolicy(a.(*softwarecomposition.NetworkPolicy), b.(*NetworkPolicy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicyEgressRule)(nil), (*softwarecomposition.NetworkPolicyEgressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyEgressRule_To_softwarecomposition_NetworkPolicyEgressRule(a.(*NetworkPolicyEgressRule), b.(*softwarecomposition.NetworkPolicyEgressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicyEgressRule)(nil), (*NetworkPolicyEgressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule(a.(*softwarecomposition.NetworkPolicyEgressRule), b.(*NetworkPolicyEgressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicyIngressRule)(nil), (*softwarecomposition.NetworkPolicyIngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyIngressRule_To_softwarecomposition_NetworkPolicyIngressRule(a.(*NetworkPolicyIngressRule), b.(*softwarecomposition.NetworkPolicyIngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicyIngressRule)(nil), (*NetworkPolicyIngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule(a.(*softwarecomposition.NetworkPolicyIngressRule), b.(*NetworkPolicyIngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicyList)(nil), (*softwarecomposition.NetworkPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyList_To_softwarecomposition_NetworkPolicyList(a.(*NetworkPolicyList), b.(*softwarecomposition.NetworkPolicyList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicyList)(nil), (*NetworkPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicyList_To_v1beta1_NetworkPolicyList(a.(*softwarecomposition.NetworkPolicyList), b.(*NetworkPolicyList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicyPeer)(nil), (*softwarecomposition.NetworkPolicyPeer)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyPeer_To_softwarecomposition_NetworkPolicyPeer(a.(*NetworkPolicyPeer), b.(*softwarecomposition.NetworkPolicyPeer), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicyPeer)(nil), (*NetworkPolicyPeer)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(a.(*softwarecomposition.NetworkPolicyPeer), b.(*NetworkPolicyPeer), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicyPort)(nil), (*softwarecomposition.NetworkPolicyPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyPort_To_softwarecomposition_NetworkPolicyPort(a.(*NetworkPolicyPort), b.(*softwarecomposition.NetworkPolicyPort), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicyPort)(nil), (*NetworkPolicyPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(a.(*softwarecomposition.NetworkPolicyPort), b.(*NetworkPolicyPort), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicySpec)(nil), (*softwarecomposition.NetworkPolicySpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicySpec_To_softwarecomposition_NetworkPolicySpec(a.(*NetworkPolicySpec), b.(*softwarecomposition.NetworkPolicySpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicySpec)(nil), (*NetworkPolicySpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(a.(*softwarecomposition.NetworkPolicySpec), b.(*NetworkPolicySpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPolicyStatus)(nil), (*softwarecomposition.NetworkPolicyStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyStatus_To_softwarecomposition_NetworkPolicyStatus(a.(*NetworkPolicyStatus), b.(*softwarecomposition.NetworkPolicyStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPolicyStatus)(nil), (*NetworkPolicyStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPolicyStatus_To_v1beta1_NetworkPolicyStatus(a.(*softwarecomposition.NetworkPolicyStatus), b.(*NetworkPolicyStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*NetworkPort)(nil), (*softwarecomposition.NetworkPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPort_To_softwarecomposition_NetworkPort(a.(*NetworkPort), b.(*softwarecomposition.NetworkPort), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.NetworkPort)(nil), (*NetworkPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_NetworkPort_To_v1beta1_NetworkPort(a.(*softwarecomposition.NetworkPort), b.(*NetworkPort), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OpenCalls)(nil), (*softwarecomposition.OpenCalls)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_OpenCalls_To_softwarecomposition_OpenCalls(a.(*OpenCalls), b.(*softwarecomposition.OpenCalls), scope) }); err != nil { @@ -517,6 +869,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*PolicyRef)(nil), (*softwarecomposition.PolicyRef)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_PolicyRef_To_softwarecomposition_PolicyRef(a.(*PolicyRef), b.(*softwarecomposition.PolicyRef), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.PolicyRef)(nil), (*PolicyRef)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_PolicyRef_To_v1beta1_PolicyRef(a.(*softwarecomposition.PolicyRef), b.(*PolicyRef), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*Product)(nil), (*softwarecomposition.Product)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_Product_To_softwarecomposition_Product(a.(*Product), b.(*softwarecomposition.Product), scope) }); err != nil { @@ -717,6 +1079,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*ServiceBackendPort)(nil), (*softwarecomposition.ServiceBackendPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_ServiceBackendPort_To_softwarecomposition_ServiceBackendPort(a.(*ServiceBackendPort), b.(*softwarecomposition.ServiceBackendPort), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*softwarecomposition.ServiceBackendPort)(nil), (*ServiceBackendPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_softwarecomposition_ServiceBackendPort_To_v1beta1_ServiceBackendPort(a.(*softwarecomposition.ServiceBackendPort), b.(*ServiceBackendPort), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*SeveritySummary)(nil), (*softwarecomposition.SeveritySummary)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1beta1_SeveritySummary_To_softwarecomposition_SeveritySummary(a.(*SeveritySummary), b.(*softwarecomposition.SeveritySummary), scope) }); err != nil { @@ -1958,6 +2330,56 @@ func Convert_softwarecomposition_Fix_To_v1beta1_Fix(in *softwarecomposition.Fix, return autoConvert_softwarecomposition_Fix_To_v1beta1_Fix(in, out, s) } +func autoConvert_v1beta1_GeneratedNetworkPolicy_To_softwarecomposition_GeneratedNetworkPolicy(in *GeneratedNetworkPolicy, out *softwarecomposition.GeneratedNetworkPolicy, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1beta1_NetworkPolicy_To_softwarecomposition_NetworkPolicy(&in.Spec, &out.Spec, s); err != nil { + return err + } + out.PoliciesRef = *(*[]softwarecomposition.PolicyRef)(unsafe.Pointer(&in.PoliciesRef)) + return nil +} + +// Convert_v1beta1_GeneratedNetworkPolicy_To_softwarecomposition_GeneratedNetworkPolicy is an autogenerated conversion function. +func Convert_v1beta1_GeneratedNetworkPolicy_To_softwarecomposition_GeneratedNetworkPolicy(in *GeneratedNetworkPolicy, out *softwarecomposition.GeneratedNetworkPolicy, s conversion.Scope) error { + return autoConvert_v1beta1_GeneratedNetworkPolicy_To_softwarecomposition_GeneratedNetworkPolicy(in, out, s) +} + +func autoConvert_softwarecomposition_GeneratedNetworkPolicy_To_v1beta1_GeneratedNetworkPolicy(in *softwarecomposition.GeneratedNetworkPolicy, out *GeneratedNetworkPolicy, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_softwarecomposition_NetworkPolicy_To_v1beta1_NetworkPolicy(&in.Spec, &out.Spec, s); err != nil { + return err + } + out.PoliciesRef = *(*[]PolicyRef)(unsafe.Pointer(&in.PoliciesRef)) + return nil +} + +// Convert_softwarecomposition_GeneratedNetworkPolicy_To_v1beta1_GeneratedNetworkPolicy is an autogenerated conversion function. +func Convert_softwarecomposition_GeneratedNetworkPolicy_To_v1beta1_GeneratedNetworkPolicy(in *softwarecomposition.GeneratedNetworkPolicy, out *GeneratedNetworkPolicy, s conversion.Scope) error { + return autoConvert_softwarecomposition_GeneratedNetworkPolicy_To_v1beta1_GeneratedNetworkPolicy(in, out, s) +} + +func autoConvert_v1beta1_GeneratedNetworkPolicyList_To_softwarecomposition_GeneratedNetworkPolicyList(in *GeneratedNetworkPolicyList, out *softwarecomposition.GeneratedNetworkPolicyList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]softwarecomposition.GeneratedNetworkPolicy)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1beta1_GeneratedNetworkPolicyList_To_softwarecomposition_GeneratedNetworkPolicyList is an autogenerated conversion function. +func Convert_v1beta1_GeneratedNetworkPolicyList_To_softwarecomposition_GeneratedNetworkPolicyList(in *GeneratedNetworkPolicyList, out *softwarecomposition.GeneratedNetworkPolicyList, s conversion.Scope) error { + return autoConvert_v1beta1_GeneratedNetworkPolicyList_To_softwarecomposition_GeneratedNetworkPolicyList(in, out, s) +} + +func autoConvert_softwarecomposition_GeneratedNetworkPolicyList_To_v1beta1_GeneratedNetworkPolicyList(in *softwarecomposition.GeneratedNetworkPolicyList, out *GeneratedNetworkPolicyList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]GeneratedNetworkPolicy)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_softwarecomposition_GeneratedNetworkPolicyList_To_v1beta1_GeneratedNetworkPolicyList is an autogenerated conversion function. +func Convert_softwarecomposition_GeneratedNetworkPolicyList_To_v1beta1_GeneratedNetworkPolicyList(in *softwarecomposition.GeneratedNetworkPolicyList, out *GeneratedNetworkPolicyList, s conversion.Scope) error { + return autoConvert_softwarecomposition_GeneratedNetworkPolicyList_To_v1beta1_GeneratedNetworkPolicyList(in, out, s) +} + func autoConvert_v1beta1_GrypeDocument_To_softwarecomposition_GrypeDocument(in *GrypeDocument, out *softwarecomposition.GrypeDocument, s conversion.Scope) error { out.Matches = *(*[]softwarecomposition.Match)(unsafe.Pointer(&in.Matches)) out.IgnoredMatches = *(*[]softwarecomposition.IgnoredMatch)(unsafe.Pointer(&in.IgnoredMatches)) @@ -2034,12 +2456,82 @@ func Convert_softwarecomposition_GrypePackage_To_v1beta1_GrypePackage(in *softwa return autoConvert_softwarecomposition_GrypePackage_To_v1beta1_GrypePackage(in, out, s) } -func autoConvert_v1beta1_IgnoreRule_To_softwarecomposition_IgnoreRule(in *IgnoreRule, out *softwarecomposition.IgnoreRule, s conversion.Scope) error { - out.Vulnerability = in.Vulnerability - out.FixState = in.FixState - out.Package = (*softwarecomposition.IgnoreRulePackage)(unsafe.Pointer(in.Package)) - return nil -} +func autoConvert_v1beta1_HTTPIngressPath_To_softwarecomposition_HTTPIngressPath(in *HTTPIngressPath, out *softwarecomposition.HTTPIngressPath, s conversion.Scope) error { + out.Path = in.Path + out.PathType = (*softwarecomposition.PathType)(unsafe.Pointer(in.PathType)) + if err := Convert_v1beta1_IngressBackend_To_softwarecomposition_IngressBackend(&in.Backend, &out.Backend, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_HTTPIngressPath_To_softwarecomposition_HTTPIngressPath is an autogenerated conversion function. +func Convert_v1beta1_HTTPIngressPath_To_softwarecomposition_HTTPIngressPath(in *HTTPIngressPath, out *softwarecomposition.HTTPIngressPath, s conversion.Scope) error { + return autoConvert_v1beta1_HTTPIngressPath_To_softwarecomposition_HTTPIngressPath(in, out, s) +} + +func autoConvert_softwarecomposition_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *softwarecomposition.HTTPIngressPath, out *HTTPIngressPath, s conversion.Scope) error { + out.Path = in.Path + out.PathType = (*PathType)(unsafe.Pointer(in.PathType)) + if err := Convert_softwarecomposition_IngressBackend_To_v1beta1_IngressBackend(&in.Backend, &out.Backend, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_HTTPIngressPath_To_v1beta1_HTTPIngressPath is an autogenerated conversion function. +func Convert_softwarecomposition_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *softwarecomposition.HTTPIngressPath, out *HTTPIngressPath, s conversion.Scope) error { + return autoConvert_softwarecomposition_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in, out, s) +} + +func autoConvert_v1beta1_HTTPIngressRuleValue_To_softwarecomposition_HTTPIngressRuleValue(in *HTTPIngressRuleValue, out *softwarecomposition.HTTPIngressRuleValue, s conversion.Scope) error { + out.Paths = *(*[]softwarecomposition.HTTPIngressPath)(unsafe.Pointer(&in.Paths)) + return nil +} + +// Convert_v1beta1_HTTPIngressRuleValue_To_softwarecomposition_HTTPIngressRuleValue is an autogenerated conversion function. +func Convert_v1beta1_HTTPIngressRuleValue_To_softwarecomposition_HTTPIngressRuleValue(in *HTTPIngressRuleValue, out *softwarecomposition.HTTPIngressRuleValue, s conversion.Scope) error { + return autoConvert_v1beta1_HTTPIngressRuleValue_To_softwarecomposition_HTTPIngressRuleValue(in, out, s) +} + +func autoConvert_softwarecomposition_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *softwarecomposition.HTTPIngressRuleValue, out *HTTPIngressRuleValue, s conversion.Scope) error { + out.Paths = *(*[]HTTPIngressPath)(unsafe.Pointer(&in.Paths)) + return nil +} + +// Convert_softwarecomposition_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue is an autogenerated conversion function. +func Convert_softwarecomposition_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *softwarecomposition.HTTPIngressRuleValue, out *HTTPIngressRuleValue, s conversion.Scope) error { + return autoConvert_softwarecomposition_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in, out, s) +} + +func autoConvert_v1beta1_IPBlock_To_softwarecomposition_IPBlock(in *IPBlock, out *softwarecomposition.IPBlock, s conversion.Scope) error { + out.CIDR = in.CIDR + out.Except = *(*[]string)(unsafe.Pointer(&in.Except)) + return nil +} + +// Convert_v1beta1_IPBlock_To_softwarecomposition_IPBlock is an autogenerated conversion function. +func Convert_v1beta1_IPBlock_To_softwarecomposition_IPBlock(in *IPBlock, out *softwarecomposition.IPBlock, s conversion.Scope) error { + return autoConvert_v1beta1_IPBlock_To_softwarecomposition_IPBlock(in, out, s) +} + +func autoConvert_softwarecomposition_IPBlock_To_v1beta1_IPBlock(in *softwarecomposition.IPBlock, out *IPBlock, s conversion.Scope) error { + out.CIDR = in.CIDR + out.Except = *(*[]string)(unsafe.Pointer(&in.Except)) + return nil +} + +// Convert_softwarecomposition_IPBlock_To_v1beta1_IPBlock is an autogenerated conversion function. +func Convert_softwarecomposition_IPBlock_To_v1beta1_IPBlock(in *softwarecomposition.IPBlock, out *IPBlock, s conversion.Scope) error { + return autoConvert_softwarecomposition_IPBlock_To_v1beta1_IPBlock(in, out, s) +} + +func autoConvert_v1beta1_IgnoreRule_To_softwarecomposition_IgnoreRule(in *IgnoreRule, out *softwarecomposition.IgnoreRule, s conversion.Scope) error { + out.Vulnerability = in.Vulnerability + out.FixState = in.FixState + out.Package = (*softwarecomposition.IgnoreRulePackage)(unsafe.Pointer(in.Package)) + return nil +} // Convert_v1beta1_IgnoreRule_To_softwarecomposition_IgnoreRule is an autogenerated conversion function. func Convert_v1beta1_IgnoreRule_To_softwarecomposition_IgnoreRule(in *IgnoreRule, out *softwarecomposition.IgnoreRule, s conversion.Scope) error { @@ -2110,6 +2602,416 @@ func Convert_softwarecomposition_IgnoredMatch_To_v1beta1_IgnoredMatch(in *softwa return autoConvert_softwarecomposition_IgnoredMatch_To_v1beta1_IgnoredMatch(in, out, s) } +func autoConvert_v1beta1_Ingress_To_softwarecomposition_Ingress(in *Ingress, out *softwarecomposition.Ingress, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1beta1_IngressSpec_To_softwarecomposition_IngressSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1beta1_IngressStatus_To_softwarecomposition_IngressStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_Ingress_To_softwarecomposition_Ingress is an autogenerated conversion function. +func Convert_v1beta1_Ingress_To_softwarecomposition_Ingress(in *Ingress, out *softwarecomposition.Ingress, s conversion.Scope) error { + return autoConvert_v1beta1_Ingress_To_softwarecomposition_Ingress(in, out, s) +} + +func autoConvert_softwarecomposition_Ingress_To_v1beta1_Ingress(in *softwarecomposition.Ingress, out *Ingress, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_softwarecomposition_IngressSpec_To_v1beta1_IngressSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_softwarecomposition_IngressStatus_To_v1beta1_IngressStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_Ingress_To_v1beta1_Ingress is an autogenerated conversion function. +func Convert_softwarecomposition_Ingress_To_v1beta1_Ingress(in *softwarecomposition.Ingress, out *Ingress, s conversion.Scope) error { + return autoConvert_softwarecomposition_Ingress_To_v1beta1_Ingress(in, out, s) +} + +func autoConvert_v1beta1_IngressBackend_To_softwarecomposition_IngressBackend(in *IngressBackend, out *softwarecomposition.IngressBackend, s conversion.Scope) error { + out.Service = (*softwarecomposition.IngressServiceBackend)(unsafe.Pointer(in.Service)) + out.Resource = (*v1.TypedLocalObjectReference)(unsafe.Pointer(in.Resource)) + return nil +} + +// Convert_v1beta1_IngressBackend_To_softwarecomposition_IngressBackend is an autogenerated conversion function. +func Convert_v1beta1_IngressBackend_To_softwarecomposition_IngressBackend(in *IngressBackend, out *softwarecomposition.IngressBackend, s conversion.Scope) error { + return autoConvert_v1beta1_IngressBackend_To_softwarecomposition_IngressBackend(in, out, s) +} + +func autoConvert_softwarecomposition_IngressBackend_To_v1beta1_IngressBackend(in *softwarecomposition.IngressBackend, out *IngressBackend, s conversion.Scope) error { + out.Service = (*IngressServiceBackend)(unsafe.Pointer(in.Service)) + out.Resource = (*v1.TypedLocalObjectReference)(unsafe.Pointer(in.Resource)) + return nil +} + +// Convert_softwarecomposition_IngressBackend_To_v1beta1_IngressBackend is an autogenerated conversion function. +func Convert_softwarecomposition_IngressBackend_To_v1beta1_IngressBackend(in *softwarecomposition.IngressBackend, out *IngressBackend, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressBackend_To_v1beta1_IngressBackend(in, out, s) +} + +func autoConvert_v1beta1_IngressClass_To_softwarecomposition_IngressClass(in *IngressClass, out *softwarecomposition.IngressClass, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1beta1_IngressClassSpec_To_softwarecomposition_IngressClassSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_IngressClass_To_softwarecomposition_IngressClass is an autogenerated conversion function. +func Convert_v1beta1_IngressClass_To_softwarecomposition_IngressClass(in *IngressClass, out *softwarecomposition.IngressClass, s conversion.Scope) error { + return autoConvert_v1beta1_IngressClass_To_softwarecomposition_IngressClass(in, out, s) +} + +func autoConvert_softwarecomposition_IngressClass_To_v1beta1_IngressClass(in *softwarecomposition.IngressClass, out *IngressClass, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_softwarecomposition_IngressClassSpec_To_v1beta1_IngressClassSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_IngressClass_To_v1beta1_IngressClass is an autogenerated conversion function. +func Convert_softwarecomposition_IngressClass_To_v1beta1_IngressClass(in *softwarecomposition.IngressClass, out *IngressClass, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressClass_To_v1beta1_IngressClass(in, out, s) +} + +func autoConvert_v1beta1_IngressClassList_To_softwarecomposition_IngressClassList(in *IngressClassList, out *softwarecomposition.IngressClassList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]softwarecomposition.IngressClass)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1beta1_IngressClassList_To_softwarecomposition_IngressClassList is an autogenerated conversion function. +func Convert_v1beta1_IngressClassList_To_softwarecomposition_IngressClassList(in *IngressClassList, out *softwarecomposition.IngressClassList, s conversion.Scope) error { + return autoConvert_v1beta1_IngressClassList_To_softwarecomposition_IngressClassList(in, out, s) +} + +func autoConvert_softwarecomposition_IngressClassList_To_v1beta1_IngressClassList(in *softwarecomposition.IngressClassList, out *IngressClassList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]IngressClass)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_softwarecomposition_IngressClassList_To_v1beta1_IngressClassList is an autogenerated conversion function. +func Convert_softwarecomposition_IngressClassList_To_v1beta1_IngressClassList(in *softwarecomposition.IngressClassList, out *IngressClassList, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressClassList_To_v1beta1_IngressClassList(in, out, s) +} + +func autoConvert_v1beta1_IngressClassParametersReference_To_softwarecomposition_IngressClassParametersReference(in *IngressClassParametersReference, out *softwarecomposition.IngressClassParametersReference, s conversion.Scope) error { + out.APIGroup = (*string)(unsafe.Pointer(in.APIGroup)) + out.Kind = in.Kind + out.Name = in.Name + out.Scope = (*string)(unsafe.Pointer(in.Scope)) + out.Namespace = (*string)(unsafe.Pointer(in.Namespace)) + return nil +} + +// Convert_v1beta1_IngressClassParametersReference_To_softwarecomposition_IngressClassParametersReference is an autogenerated conversion function. +func Convert_v1beta1_IngressClassParametersReference_To_softwarecomposition_IngressClassParametersReference(in *IngressClassParametersReference, out *softwarecomposition.IngressClassParametersReference, s conversion.Scope) error { + return autoConvert_v1beta1_IngressClassParametersReference_To_softwarecomposition_IngressClassParametersReference(in, out, s) +} + +func autoConvert_softwarecomposition_IngressClassParametersReference_To_v1beta1_IngressClassParametersReference(in *softwarecomposition.IngressClassParametersReference, out *IngressClassParametersReference, s conversion.Scope) error { + out.APIGroup = (*string)(unsafe.Pointer(in.APIGroup)) + out.Kind = in.Kind + out.Name = in.Name + out.Scope = (*string)(unsafe.Pointer(in.Scope)) + out.Namespace = (*string)(unsafe.Pointer(in.Namespace)) + return nil +} + +// Convert_softwarecomposition_IngressClassParametersReference_To_v1beta1_IngressClassParametersReference is an autogenerated conversion function. +func Convert_softwarecomposition_IngressClassParametersReference_To_v1beta1_IngressClassParametersReference(in *softwarecomposition.IngressClassParametersReference, out *IngressClassParametersReference, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressClassParametersReference_To_v1beta1_IngressClassParametersReference(in, out, s) +} + +func autoConvert_v1beta1_IngressClassSpec_To_softwarecomposition_IngressClassSpec(in *IngressClassSpec, out *softwarecomposition.IngressClassSpec, s conversion.Scope) error { + out.Controller = in.Controller + out.Parameters = (*softwarecomposition.IngressClassParametersReference)(unsafe.Pointer(in.Parameters)) + return nil +} + +// Convert_v1beta1_IngressClassSpec_To_softwarecomposition_IngressClassSpec is an autogenerated conversion function. +func Convert_v1beta1_IngressClassSpec_To_softwarecomposition_IngressClassSpec(in *IngressClassSpec, out *softwarecomposition.IngressClassSpec, s conversion.Scope) error { + return autoConvert_v1beta1_IngressClassSpec_To_softwarecomposition_IngressClassSpec(in, out, s) +} + +func autoConvert_softwarecomposition_IngressClassSpec_To_v1beta1_IngressClassSpec(in *softwarecomposition.IngressClassSpec, out *IngressClassSpec, s conversion.Scope) error { + out.Controller = in.Controller + out.Parameters = (*IngressClassParametersReference)(unsafe.Pointer(in.Parameters)) + return nil +} + +// Convert_softwarecomposition_IngressClassSpec_To_v1beta1_IngressClassSpec is an autogenerated conversion function. +func Convert_softwarecomposition_IngressClassSpec_To_v1beta1_IngressClassSpec(in *softwarecomposition.IngressClassSpec, out *IngressClassSpec, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressClassSpec_To_v1beta1_IngressClassSpec(in, out, s) +} + +func autoConvert_v1beta1_IngressList_To_softwarecomposition_IngressList(in *IngressList, out *softwarecomposition.IngressList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]softwarecomposition.Ingress)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1beta1_IngressList_To_softwarecomposition_IngressList is an autogenerated conversion function. +func Convert_v1beta1_IngressList_To_softwarecomposition_IngressList(in *IngressList, out *softwarecomposition.IngressList, s conversion.Scope) error { + return autoConvert_v1beta1_IngressList_To_softwarecomposition_IngressList(in, out, s) +} + +func autoConvert_softwarecomposition_IngressList_To_v1beta1_IngressList(in *softwarecomposition.IngressList, out *IngressList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]Ingress)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_softwarecomposition_IngressList_To_v1beta1_IngressList is an autogenerated conversion function. +func Convert_softwarecomposition_IngressList_To_v1beta1_IngressList(in *softwarecomposition.IngressList, out *IngressList, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressList_To_v1beta1_IngressList(in, out, s) +} + +func autoConvert_v1beta1_IngressLoadBalancerIngress_To_softwarecomposition_IngressLoadBalancerIngress(in *IngressLoadBalancerIngress, out *softwarecomposition.IngressLoadBalancerIngress, s conversion.Scope) error { + out.IP = in.IP + out.Hostname = in.Hostname + out.Ports = *(*[]softwarecomposition.IngressPortStatus)(unsafe.Pointer(&in.Ports)) + return nil +} + +// Convert_v1beta1_IngressLoadBalancerIngress_To_softwarecomposition_IngressLoadBalancerIngress is an autogenerated conversion function. +func Convert_v1beta1_IngressLoadBalancerIngress_To_softwarecomposition_IngressLoadBalancerIngress(in *IngressLoadBalancerIngress, out *softwarecomposition.IngressLoadBalancerIngress, s conversion.Scope) error { + return autoConvert_v1beta1_IngressLoadBalancerIngress_To_softwarecomposition_IngressLoadBalancerIngress(in, out, s) +} + +func autoConvert_softwarecomposition_IngressLoadBalancerIngress_To_v1beta1_IngressLoadBalancerIngress(in *softwarecomposition.IngressLoadBalancerIngress, out *IngressLoadBalancerIngress, s conversion.Scope) error { + out.IP = in.IP + out.Hostname = in.Hostname + out.Ports = *(*[]IngressPortStatus)(unsafe.Pointer(&in.Ports)) + return nil +} + +// Convert_softwarecomposition_IngressLoadBalancerIngress_To_v1beta1_IngressLoadBalancerIngress is an autogenerated conversion function. +func Convert_softwarecomposition_IngressLoadBalancerIngress_To_v1beta1_IngressLoadBalancerIngress(in *softwarecomposition.IngressLoadBalancerIngress, out *IngressLoadBalancerIngress, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressLoadBalancerIngress_To_v1beta1_IngressLoadBalancerIngress(in, out, s) +} + +func autoConvert_v1beta1_IngressLoadBalancerStatus_To_softwarecomposition_IngressLoadBalancerStatus(in *IngressLoadBalancerStatus, out *softwarecomposition.IngressLoadBalancerStatus, s conversion.Scope) error { + out.Ingress = *(*[]softwarecomposition.IngressLoadBalancerIngress)(unsafe.Pointer(&in.Ingress)) + return nil +} + +// Convert_v1beta1_IngressLoadBalancerStatus_To_softwarecomposition_IngressLoadBalancerStatus is an autogenerated conversion function. +func Convert_v1beta1_IngressLoadBalancerStatus_To_softwarecomposition_IngressLoadBalancerStatus(in *IngressLoadBalancerStatus, out *softwarecomposition.IngressLoadBalancerStatus, s conversion.Scope) error { + return autoConvert_v1beta1_IngressLoadBalancerStatus_To_softwarecomposition_IngressLoadBalancerStatus(in, out, s) +} + +func autoConvert_softwarecomposition_IngressLoadBalancerStatus_To_v1beta1_IngressLoadBalancerStatus(in *softwarecomposition.IngressLoadBalancerStatus, out *IngressLoadBalancerStatus, s conversion.Scope) error { + out.Ingress = *(*[]IngressLoadBalancerIngress)(unsafe.Pointer(&in.Ingress)) + return nil +} + +// Convert_softwarecomposition_IngressLoadBalancerStatus_To_v1beta1_IngressLoadBalancerStatus is an autogenerated conversion function. +func Convert_softwarecomposition_IngressLoadBalancerStatus_To_v1beta1_IngressLoadBalancerStatus(in *softwarecomposition.IngressLoadBalancerStatus, out *IngressLoadBalancerStatus, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressLoadBalancerStatus_To_v1beta1_IngressLoadBalancerStatus(in, out, s) +} + +func autoConvert_v1beta1_IngressPortStatus_To_softwarecomposition_IngressPortStatus(in *IngressPortStatus, out *softwarecomposition.IngressPortStatus, s conversion.Scope) error { + out.Port = in.Port + out.Protocol = v1.Protocol(in.Protocol) + out.Error = (*string)(unsafe.Pointer(in.Error)) + return nil +} + +// Convert_v1beta1_IngressPortStatus_To_softwarecomposition_IngressPortStatus is an autogenerated conversion function. +func Convert_v1beta1_IngressPortStatus_To_softwarecomposition_IngressPortStatus(in *IngressPortStatus, out *softwarecomposition.IngressPortStatus, s conversion.Scope) error { + return autoConvert_v1beta1_IngressPortStatus_To_softwarecomposition_IngressPortStatus(in, out, s) +} + +func autoConvert_softwarecomposition_IngressPortStatus_To_v1beta1_IngressPortStatus(in *softwarecomposition.IngressPortStatus, out *IngressPortStatus, s conversion.Scope) error { + out.Port = in.Port + out.Protocol = v1.Protocol(in.Protocol) + out.Error = (*string)(unsafe.Pointer(in.Error)) + return nil +} + +// Convert_softwarecomposition_IngressPortStatus_To_v1beta1_IngressPortStatus is an autogenerated conversion function. +func Convert_softwarecomposition_IngressPortStatus_To_v1beta1_IngressPortStatus(in *softwarecomposition.IngressPortStatus, out *IngressPortStatus, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressPortStatus_To_v1beta1_IngressPortStatus(in, out, s) +} + +func autoConvert_v1beta1_IngressRule_To_softwarecomposition_IngressRule(in *IngressRule, out *softwarecomposition.IngressRule, s conversion.Scope) error { + out.Host = in.Host + if err := Convert_v1beta1_IngressRuleValue_To_softwarecomposition_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_IngressRule_To_softwarecomposition_IngressRule is an autogenerated conversion function. +func Convert_v1beta1_IngressRule_To_softwarecomposition_IngressRule(in *IngressRule, out *softwarecomposition.IngressRule, s conversion.Scope) error { + return autoConvert_v1beta1_IngressRule_To_softwarecomposition_IngressRule(in, out, s) +} + +func autoConvert_softwarecomposition_IngressRule_To_v1beta1_IngressRule(in *softwarecomposition.IngressRule, out *IngressRule, s conversion.Scope) error { + out.Host = in.Host + if err := Convert_softwarecomposition_IngressRuleValue_To_v1beta1_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_IngressRule_To_v1beta1_IngressRule is an autogenerated conversion function. +func Convert_softwarecomposition_IngressRule_To_v1beta1_IngressRule(in *softwarecomposition.IngressRule, out *IngressRule, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressRule_To_v1beta1_IngressRule(in, out, s) +} + +func autoConvert_v1beta1_IngressRuleValue_To_softwarecomposition_IngressRuleValue(in *IngressRuleValue, out *softwarecomposition.IngressRuleValue, s conversion.Scope) error { + out.HTTP = (*softwarecomposition.HTTPIngressRuleValue)(unsafe.Pointer(in.HTTP)) + return nil +} + +// Convert_v1beta1_IngressRuleValue_To_softwarecomposition_IngressRuleValue is an autogenerated conversion function. +func Convert_v1beta1_IngressRuleValue_To_softwarecomposition_IngressRuleValue(in *IngressRuleValue, out *softwarecomposition.IngressRuleValue, s conversion.Scope) error { + return autoConvert_v1beta1_IngressRuleValue_To_softwarecomposition_IngressRuleValue(in, out, s) +} + +func autoConvert_softwarecomposition_IngressRuleValue_To_v1beta1_IngressRuleValue(in *softwarecomposition.IngressRuleValue, out *IngressRuleValue, s conversion.Scope) error { + out.HTTP = (*HTTPIngressRuleValue)(unsafe.Pointer(in.HTTP)) + return nil +} + +// Convert_softwarecomposition_IngressRuleValue_To_v1beta1_IngressRuleValue is an autogenerated conversion function. +func Convert_softwarecomposition_IngressRuleValue_To_v1beta1_IngressRuleValue(in *softwarecomposition.IngressRuleValue, out *IngressRuleValue, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressRuleValue_To_v1beta1_IngressRuleValue(in, out, s) +} + +func autoConvert_v1beta1_IngressServiceBackend_To_softwarecomposition_IngressServiceBackend(in *IngressServiceBackend, out *softwarecomposition.IngressServiceBackend, s conversion.Scope) error { + out.Name = in.Name + if err := Convert_v1beta1_ServiceBackendPort_To_softwarecomposition_ServiceBackendPort(&in.Port, &out.Port, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_IngressServiceBackend_To_softwarecomposition_IngressServiceBackend is an autogenerated conversion function. +func Convert_v1beta1_IngressServiceBackend_To_softwarecomposition_IngressServiceBackend(in *IngressServiceBackend, out *softwarecomposition.IngressServiceBackend, s conversion.Scope) error { + return autoConvert_v1beta1_IngressServiceBackend_To_softwarecomposition_IngressServiceBackend(in, out, s) +} + +func autoConvert_softwarecomposition_IngressServiceBackend_To_v1beta1_IngressServiceBackend(in *softwarecomposition.IngressServiceBackend, out *IngressServiceBackend, s conversion.Scope) error { + out.Name = in.Name + if err := Convert_softwarecomposition_ServiceBackendPort_To_v1beta1_ServiceBackendPort(&in.Port, &out.Port, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_IngressServiceBackend_To_v1beta1_IngressServiceBackend is an autogenerated conversion function. +func Convert_softwarecomposition_IngressServiceBackend_To_v1beta1_IngressServiceBackend(in *softwarecomposition.IngressServiceBackend, out *IngressServiceBackend, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressServiceBackend_To_v1beta1_IngressServiceBackend(in, out, s) +} + +func autoConvert_v1beta1_IngressSpec_To_softwarecomposition_IngressSpec(in *IngressSpec, out *softwarecomposition.IngressSpec, s conversion.Scope) error { + out.IngressClassName = (*string)(unsafe.Pointer(in.IngressClassName)) + out.DefaultBackend = (*softwarecomposition.IngressBackend)(unsafe.Pointer(in.DefaultBackend)) + out.TLS = *(*[]softwarecomposition.IngressTLS)(unsafe.Pointer(&in.TLS)) + out.Rules = *(*[]softwarecomposition.IngressRule)(unsafe.Pointer(&in.Rules)) + return nil +} + +// Convert_v1beta1_IngressSpec_To_softwarecomposition_IngressSpec is an autogenerated conversion function. +func Convert_v1beta1_IngressSpec_To_softwarecomposition_IngressSpec(in *IngressSpec, out *softwarecomposition.IngressSpec, s conversion.Scope) error { + return autoConvert_v1beta1_IngressSpec_To_softwarecomposition_IngressSpec(in, out, s) +} + +func autoConvert_softwarecomposition_IngressSpec_To_v1beta1_IngressSpec(in *softwarecomposition.IngressSpec, out *IngressSpec, s conversion.Scope) error { + out.IngressClassName = (*string)(unsafe.Pointer(in.IngressClassName)) + out.DefaultBackend = (*IngressBackend)(unsafe.Pointer(in.DefaultBackend)) + out.TLS = *(*[]IngressTLS)(unsafe.Pointer(&in.TLS)) + out.Rules = *(*[]IngressRule)(unsafe.Pointer(&in.Rules)) + return nil +} + +// Convert_softwarecomposition_IngressSpec_To_v1beta1_IngressSpec is an autogenerated conversion function. +func Convert_softwarecomposition_IngressSpec_To_v1beta1_IngressSpec(in *softwarecomposition.IngressSpec, out *IngressSpec, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressSpec_To_v1beta1_IngressSpec(in, out, s) +} + +func autoConvert_v1beta1_IngressStatus_To_softwarecomposition_IngressStatus(in *IngressStatus, out *softwarecomposition.IngressStatus, s conversion.Scope) error { + if err := Convert_v1beta1_IngressLoadBalancerStatus_To_softwarecomposition_IngressLoadBalancerStatus(&in.LoadBalancer, &out.LoadBalancer, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_IngressStatus_To_softwarecomposition_IngressStatus is an autogenerated conversion function. +func Convert_v1beta1_IngressStatus_To_softwarecomposition_IngressStatus(in *IngressStatus, out *softwarecomposition.IngressStatus, s conversion.Scope) error { + return autoConvert_v1beta1_IngressStatus_To_softwarecomposition_IngressStatus(in, out, s) +} + +func autoConvert_softwarecomposition_IngressStatus_To_v1beta1_IngressStatus(in *softwarecomposition.IngressStatus, out *IngressStatus, s conversion.Scope) error { + if err := Convert_softwarecomposition_IngressLoadBalancerStatus_To_v1beta1_IngressLoadBalancerStatus(&in.LoadBalancer, &out.LoadBalancer, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_IngressStatus_To_v1beta1_IngressStatus is an autogenerated conversion function. +func Convert_softwarecomposition_IngressStatus_To_v1beta1_IngressStatus(in *softwarecomposition.IngressStatus, out *IngressStatus, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressStatus_To_v1beta1_IngressStatus(in, out, s) +} + +func autoConvert_v1beta1_IngressTLS_To_softwarecomposition_IngressTLS(in *IngressTLS, out *softwarecomposition.IngressTLS, s conversion.Scope) error { + out.Hosts = *(*[]string)(unsafe.Pointer(&in.Hosts)) + out.SecretName = in.SecretName + return nil +} + +// Convert_v1beta1_IngressTLS_To_softwarecomposition_IngressTLS is an autogenerated conversion function. +func Convert_v1beta1_IngressTLS_To_softwarecomposition_IngressTLS(in *IngressTLS, out *softwarecomposition.IngressTLS, s conversion.Scope) error { + return autoConvert_v1beta1_IngressTLS_To_softwarecomposition_IngressTLS(in, out, s) +} + +func autoConvert_softwarecomposition_IngressTLS_To_v1beta1_IngressTLS(in *softwarecomposition.IngressTLS, out *IngressTLS, s conversion.Scope) error { + out.Hosts = *(*[]string)(unsafe.Pointer(&in.Hosts)) + out.SecretName = in.SecretName + return nil +} + +// Convert_softwarecomposition_IngressTLS_To_v1beta1_IngressTLS is an autogenerated conversion function. +func Convert_softwarecomposition_IngressTLS_To_v1beta1_IngressTLS(in *softwarecomposition.IngressTLS, out *IngressTLS, s conversion.Scope) error { + return autoConvert_softwarecomposition_IngressTLS_To_v1beta1_IngressTLS(in, out, s) +} + +func autoConvert_v1beta1_KnownServers_To_softwarecomposition_KnownServers(in *KnownServers, out *softwarecomposition.KnownServers, s conversion.Scope) error { + out.IPBlock = in.IPBlock + out.DNS = in.DNS + out.Name = in.Name + return nil +} + +// Convert_v1beta1_KnownServers_To_softwarecomposition_KnownServers is an autogenerated conversion function. +func Convert_v1beta1_KnownServers_To_softwarecomposition_KnownServers(in *KnownServers, out *softwarecomposition.KnownServers, s conversion.Scope) error { + return autoConvert_v1beta1_KnownServers_To_softwarecomposition_KnownServers(in, out, s) +} + +func autoConvert_softwarecomposition_KnownServers_To_v1beta1_KnownServers(in *softwarecomposition.KnownServers, out *KnownServers, s conversion.Scope) error { + out.IPBlock = in.IPBlock + out.DNS = in.DNS + out.Name = in.Name + return nil +} + +// Convert_softwarecomposition_KnownServers_To_v1beta1_KnownServers is an autogenerated conversion function. +func Convert_softwarecomposition_KnownServers_To_v1beta1_KnownServers(in *softwarecomposition.KnownServers, out *KnownServers, s conversion.Scope) error { + return autoConvert_softwarecomposition_KnownServers_To_v1beta1_KnownServers(in, out, s) +} + func autoConvert_v1beta1_Match_To_softwarecomposition_Match(in *Match, out *softwarecomposition.Match, s conversion.Scope) error { if err := Convert_v1beta1_Vulnerability_To_softwarecomposition_Vulnerability(&in.Vulnerability, &out.Vulnerability, s); err != nil { return err @@ -2206,6 +3108,324 @@ func Convert_softwarecomposition_Metadata_To_v1beta1_Metadata(in *softwarecompos return autoConvert_softwarecomposition_Metadata_To_v1beta1_Metadata(in, out, s) } +func autoConvert_v1beta1_NetworkNeighbor_To_softwarecomposition_NetworkNeighbor(in *NetworkNeighbor, out *softwarecomposition.NetworkNeighbor, s conversion.Scope) error { + out.Identifier = in.Identifier + out.Type = softwarecomposition.CommunicationType(in.Type) + out.DNS = in.DNS + out.Ports = *(*[]softwarecomposition.NetworkPort)(unsafe.Pointer(&in.Ports)) + out.PodSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.PodSelector)) + out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) + out.IPAddress = in.IPAddress + return nil +} + +// Convert_v1beta1_NetworkNeighbor_To_softwarecomposition_NetworkNeighbor is an autogenerated conversion function. +func Convert_v1beta1_NetworkNeighbor_To_softwarecomposition_NetworkNeighbor(in *NetworkNeighbor, out *softwarecomposition.NetworkNeighbor, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkNeighbor_To_softwarecomposition_NetworkNeighbor(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkNeighbor_To_v1beta1_NetworkNeighbor(in *softwarecomposition.NetworkNeighbor, out *NetworkNeighbor, s conversion.Scope) error { + out.Identifier = in.Identifier + out.Type = CommunicationType(in.Type) + out.DNS = in.DNS + out.Ports = *(*[]NetworkPort)(unsafe.Pointer(&in.Ports)) + out.PodSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.PodSelector)) + out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) + out.IPAddress = in.IPAddress + return nil +} + +// Convert_softwarecomposition_NetworkNeighbor_To_v1beta1_NetworkNeighbor is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkNeighbor_To_v1beta1_NetworkNeighbor(in *softwarecomposition.NetworkNeighbor, out *NetworkNeighbor, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkNeighbor_To_v1beta1_NetworkNeighbor(in, out, s) +} + +func autoConvert_v1beta1_NetworkNeighbors_To_softwarecomposition_NetworkNeighbors(in *NetworkNeighbors, out *softwarecomposition.NetworkNeighbors, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1beta1_NetworkNeighborsSpec_To_softwarecomposition_NetworkNeighborsSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_NetworkNeighbors_To_softwarecomposition_NetworkNeighbors is an autogenerated conversion function. +func Convert_v1beta1_NetworkNeighbors_To_softwarecomposition_NetworkNeighbors(in *NetworkNeighbors, out *softwarecomposition.NetworkNeighbors, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkNeighbors_To_softwarecomposition_NetworkNeighbors(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkNeighbors_To_v1beta1_NetworkNeighbors(in *softwarecomposition.NetworkNeighbors, out *NetworkNeighbors, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_softwarecomposition_NetworkNeighborsSpec_To_v1beta1_NetworkNeighborsSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_NetworkNeighbors_To_v1beta1_NetworkNeighbors is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkNeighbors_To_v1beta1_NetworkNeighbors(in *softwarecomposition.NetworkNeighbors, out *NetworkNeighbors, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkNeighbors_To_v1beta1_NetworkNeighbors(in, out, s) +} + +func autoConvert_v1beta1_NetworkNeighborsList_To_softwarecomposition_NetworkNeighborsList(in *NetworkNeighborsList, out *softwarecomposition.NetworkNeighborsList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]softwarecomposition.NetworkNeighbors)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1beta1_NetworkNeighborsList_To_softwarecomposition_NetworkNeighborsList is an autogenerated conversion function. +func Convert_v1beta1_NetworkNeighborsList_To_softwarecomposition_NetworkNeighborsList(in *NetworkNeighborsList, out *softwarecomposition.NetworkNeighborsList, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkNeighborsList_To_softwarecomposition_NetworkNeighborsList(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkNeighborsList_To_v1beta1_NetworkNeighborsList(in *softwarecomposition.NetworkNeighborsList, out *NetworkNeighborsList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]NetworkNeighbors)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_softwarecomposition_NetworkNeighborsList_To_v1beta1_NetworkNeighborsList is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkNeighborsList_To_v1beta1_NetworkNeighborsList(in *softwarecomposition.NetworkNeighborsList, out *NetworkNeighborsList, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkNeighborsList_To_v1beta1_NetworkNeighborsList(in, out, s) +} + +func autoConvert_v1beta1_NetworkNeighborsSpec_To_softwarecomposition_NetworkNeighborsSpec(in *NetworkNeighborsSpec, out *softwarecomposition.NetworkNeighborsSpec, s conversion.Scope) error { + out.LabelSelector = in.LabelSelector + out.Ingress = *(*[]softwarecomposition.NetworkNeighbor)(unsafe.Pointer(&in.Ingress)) + out.Egress = *(*[]softwarecomposition.NetworkNeighbor)(unsafe.Pointer(&in.Egress)) + return nil +} + +// Convert_v1beta1_NetworkNeighborsSpec_To_softwarecomposition_NetworkNeighborsSpec is an autogenerated conversion function. +func Convert_v1beta1_NetworkNeighborsSpec_To_softwarecomposition_NetworkNeighborsSpec(in *NetworkNeighborsSpec, out *softwarecomposition.NetworkNeighborsSpec, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkNeighborsSpec_To_softwarecomposition_NetworkNeighborsSpec(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkNeighborsSpec_To_v1beta1_NetworkNeighborsSpec(in *softwarecomposition.NetworkNeighborsSpec, out *NetworkNeighborsSpec, s conversion.Scope) error { + out.LabelSelector = in.LabelSelector + out.Ingress = *(*[]NetworkNeighbor)(unsafe.Pointer(&in.Ingress)) + out.Egress = *(*[]NetworkNeighbor)(unsafe.Pointer(&in.Egress)) + return nil +} + +// Convert_softwarecomposition_NetworkNeighborsSpec_To_v1beta1_NetworkNeighborsSpec is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkNeighborsSpec_To_v1beta1_NetworkNeighborsSpec(in *softwarecomposition.NetworkNeighborsSpec, out *NetworkNeighborsSpec, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkNeighborsSpec_To_v1beta1_NetworkNeighborsSpec(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicy_To_softwarecomposition_NetworkPolicy(in *NetworkPolicy, out *softwarecomposition.NetworkPolicy, s conversion.Scope) error { + out.Kind = in.Kind + out.APIVersion = in.APIVersion + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1beta1_NetworkPolicySpec_To_softwarecomposition_NetworkPolicySpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_NetworkPolicy_To_softwarecomposition_NetworkPolicy is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicy_To_softwarecomposition_NetworkPolicy(in *NetworkPolicy, out *softwarecomposition.NetworkPolicy, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicy_To_softwarecomposition_NetworkPolicy(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicy_To_v1beta1_NetworkPolicy(in *softwarecomposition.NetworkPolicy, out *NetworkPolicy, s conversion.Scope) error { + out.Kind = in.Kind + out.APIVersion = in.APIVersion + out.ObjectMeta = in.ObjectMeta + if err := Convert_softwarecomposition_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_softwarecomposition_NetworkPolicy_To_v1beta1_NetworkPolicy is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicy_To_v1beta1_NetworkPolicy(in *softwarecomposition.NetworkPolicy, out *NetworkPolicy, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicy_To_v1beta1_NetworkPolicy(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicyEgressRule_To_softwarecomposition_NetworkPolicyEgressRule(in *NetworkPolicyEgressRule, out *softwarecomposition.NetworkPolicyEgressRule, s conversion.Scope) error { + out.Ports = *(*[]softwarecomposition.NetworkPolicyPort)(unsafe.Pointer(&in.Ports)) + out.To = *(*[]softwarecomposition.NetworkPolicyPeer)(unsafe.Pointer(&in.To)) + return nil +} + +// Convert_v1beta1_NetworkPolicyEgressRule_To_softwarecomposition_NetworkPolicyEgressRule is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicyEgressRule_To_softwarecomposition_NetworkPolicyEgressRule(in *NetworkPolicyEgressRule, out *softwarecomposition.NetworkPolicyEgressRule, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicyEgressRule_To_softwarecomposition_NetworkPolicyEgressRule(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule(in *softwarecomposition.NetworkPolicyEgressRule, out *NetworkPolicyEgressRule, s conversion.Scope) error { + out.Ports = *(*[]NetworkPolicyPort)(unsafe.Pointer(&in.Ports)) + out.To = *(*[]NetworkPolicyPeer)(unsafe.Pointer(&in.To)) + return nil +} + +// Convert_softwarecomposition_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule(in *softwarecomposition.NetworkPolicyEgressRule, out *NetworkPolicyEgressRule, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicyIngressRule_To_softwarecomposition_NetworkPolicyIngressRule(in *NetworkPolicyIngressRule, out *softwarecomposition.NetworkPolicyIngressRule, s conversion.Scope) error { + out.Ports = *(*[]softwarecomposition.NetworkPolicyPort)(unsafe.Pointer(&in.Ports)) + out.From = *(*[]softwarecomposition.NetworkPolicyPeer)(unsafe.Pointer(&in.From)) + return nil +} + +// Convert_v1beta1_NetworkPolicyIngressRule_To_softwarecomposition_NetworkPolicyIngressRule is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicyIngressRule_To_softwarecomposition_NetworkPolicyIngressRule(in *NetworkPolicyIngressRule, out *softwarecomposition.NetworkPolicyIngressRule, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicyIngressRule_To_softwarecomposition_NetworkPolicyIngressRule(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule(in *softwarecomposition.NetworkPolicyIngressRule, out *NetworkPolicyIngressRule, s conversion.Scope) error { + out.Ports = *(*[]NetworkPolicyPort)(unsafe.Pointer(&in.Ports)) + out.From = *(*[]NetworkPolicyPeer)(unsafe.Pointer(&in.From)) + return nil +} + +// Convert_softwarecomposition_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule(in *softwarecomposition.NetworkPolicyIngressRule, out *NetworkPolicyIngressRule, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicyList_To_softwarecomposition_NetworkPolicyList(in *NetworkPolicyList, out *softwarecomposition.NetworkPolicyList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]softwarecomposition.NetworkPolicy)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1beta1_NetworkPolicyList_To_softwarecomposition_NetworkPolicyList is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicyList_To_softwarecomposition_NetworkPolicyList(in *NetworkPolicyList, out *softwarecomposition.NetworkPolicyList, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicyList_To_softwarecomposition_NetworkPolicyList(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicyList_To_v1beta1_NetworkPolicyList(in *softwarecomposition.NetworkPolicyList, out *NetworkPolicyList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]NetworkPolicy)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_softwarecomposition_NetworkPolicyList_To_v1beta1_NetworkPolicyList is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicyList_To_v1beta1_NetworkPolicyList(in *softwarecomposition.NetworkPolicyList, out *NetworkPolicyList, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicyList_To_v1beta1_NetworkPolicyList(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicyPeer_To_softwarecomposition_NetworkPolicyPeer(in *NetworkPolicyPeer, out *softwarecomposition.NetworkPolicyPeer, s conversion.Scope) error { + out.PodSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.PodSelector)) + out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) + out.IPBlock = (*softwarecomposition.IPBlock)(unsafe.Pointer(in.IPBlock)) + return nil +} + +// Convert_v1beta1_NetworkPolicyPeer_To_softwarecomposition_NetworkPolicyPeer is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicyPeer_To_softwarecomposition_NetworkPolicyPeer(in *NetworkPolicyPeer, out *softwarecomposition.NetworkPolicyPeer, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicyPeer_To_softwarecomposition_NetworkPolicyPeer(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(in *softwarecomposition.NetworkPolicyPeer, out *NetworkPolicyPeer, s conversion.Scope) error { + out.PodSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.PodSelector)) + out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) + out.IPBlock = (*IPBlock)(unsafe.Pointer(in.IPBlock)) + return nil +} + +// Convert_softwarecomposition_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(in *softwarecomposition.NetworkPolicyPeer, out *NetworkPolicyPeer, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicyPort_To_softwarecomposition_NetworkPolicyPort(in *NetworkPolicyPort, out *softwarecomposition.NetworkPolicyPort, s conversion.Scope) error { + out.Protocol = (*v1.Protocol)(unsafe.Pointer(in.Protocol)) + out.Port = (*int32)(unsafe.Pointer(in.Port)) + out.EndPort = (*int32)(unsafe.Pointer(in.EndPort)) + return nil +} + +// Convert_v1beta1_NetworkPolicyPort_To_softwarecomposition_NetworkPolicyPort is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicyPort_To_softwarecomposition_NetworkPolicyPort(in *NetworkPolicyPort, out *softwarecomposition.NetworkPolicyPort, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicyPort_To_softwarecomposition_NetworkPolicyPort(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(in *softwarecomposition.NetworkPolicyPort, out *NetworkPolicyPort, s conversion.Scope) error { + out.Protocol = (*v1.Protocol)(unsafe.Pointer(in.Protocol)) + out.Port = (*int32)(unsafe.Pointer(in.Port)) + out.EndPort = (*int32)(unsafe.Pointer(in.EndPort)) + return nil +} + +// Convert_softwarecomposition_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(in *softwarecomposition.NetworkPolicyPort, out *NetworkPolicyPort, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicySpec_To_softwarecomposition_NetworkPolicySpec(in *NetworkPolicySpec, out *softwarecomposition.NetworkPolicySpec, s conversion.Scope) error { + out.PodSelector = in.PodSelector + out.Ingress = *(*[]softwarecomposition.NetworkPolicyIngressRule)(unsafe.Pointer(&in.Ingress)) + out.Egress = *(*[]softwarecomposition.NetworkPolicyEgressRule)(unsafe.Pointer(&in.Egress)) + out.PolicyTypes = *(*[]softwarecomposition.PolicyType)(unsafe.Pointer(&in.PolicyTypes)) + return nil +} + +// Convert_v1beta1_NetworkPolicySpec_To_softwarecomposition_NetworkPolicySpec is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicySpec_To_softwarecomposition_NetworkPolicySpec(in *NetworkPolicySpec, out *softwarecomposition.NetworkPolicySpec, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicySpec_To_softwarecomposition_NetworkPolicySpec(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(in *softwarecomposition.NetworkPolicySpec, out *NetworkPolicySpec, s conversion.Scope) error { + out.PodSelector = in.PodSelector + out.Ingress = *(*[]NetworkPolicyIngressRule)(unsafe.Pointer(&in.Ingress)) + out.Egress = *(*[]NetworkPolicyEgressRule)(unsafe.Pointer(&in.Egress)) + out.PolicyTypes = *(*[]PolicyType)(unsafe.Pointer(&in.PolicyTypes)) + return nil +} + +// Convert_softwarecomposition_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(in *softwarecomposition.NetworkPolicySpec, out *NetworkPolicySpec, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicyStatus_To_softwarecomposition_NetworkPolicyStatus(in *NetworkPolicyStatus, out *softwarecomposition.NetworkPolicyStatus, s conversion.Scope) error { + out.Conditions = *(*[]metav1.Condition)(unsafe.Pointer(&in.Conditions)) + return nil +} + +// Convert_v1beta1_NetworkPolicyStatus_To_softwarecomposition_NetworkPolicyStatus is an autogenerated conversion function. +func Convert_v1beta1_NetworkPolicyStatus_To_softwarecomposition_NetworkPolicyStatus(in *NetworkPolicyStatus, out *softwarecomposition.NetworkPolicyStatus, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPolicyStatus_To_softwarecomposition_NetworkPolicyStatus(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPolicyStatus_To_v1beta1_NetworkPolicyStatus(in *softwarecomposition.NetworkPolicyStatus, out *NetworkPolicyStatus, s conversion.Scope) error { + out.Conditions = *(*[]metav1.Condition)(unsafe.Pointer(&in.Conditions)) + return nil +} + +// Convert_softwarecomposition_NetworkPolicyStatus_To_v1beta1_NetworkPolicyStatus is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPolicyStatus_To_v1beta1_NetworkPolicyStatus(in *softwarecomposition.NetworkPolicyStatus, out *NetworkPolicyStatus, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPolicyStatus_To_v1beta1_NetworkPolicyStatus(in, out, s) +} + +func autoConvert_v1beta1_NetworkPort_To_softwarecomposition_NetworkPort(in *NetworkPort, out *softwarecomposition.NetworkPort, s conversion.Scope) error { + out.Name = in.Name + out.Protocol = softwarecomposition.Protocol(in.Protocol) + out.Port = (*int32)(unsafe.Pointer(in.Port)) + return nil +} + +// Convert_v1beta1_NetworkPort_To_softwarecomposition_NetworkPort is an autogenerated conversion function. +func Convert_v1beta1_NetworkPort_To_softwarecomposition_NetworkPort(in *NetworkPort, out *softwarecomposition.NetworkPort, s conversion.Scope) error { + return autoConvert_v1beta1_NetworkPort_To_softwarecomposition_NetworkPort(in, out, s) +} + +func autoConvert_softwarecomposition_NetworkPort_To_v1beta1_NetworkPort(in *softwarecomposition.NetworkPort, out *NetworkPort, s conversion.Scope) error { + out.Name = in.Name + out.Protocol = Protocol(in.Protocol) + out.Port = (*int32)(unsafe.Pointer(in.Port)) + return nil +} + +// Convert_softwarecomposition_NetworkPort_To_v1beta1_NetworkPort is an autogenerated conversion function. +func Convert_softwarecomposition_NetworkPort_To_v1beta1_NetworkPort(in *softwarecomposition.NetworkPort, out *NetworkPort, s conversion.Scope) error { + return autoConvert_softwarecomposition_NetworkPort_To_v1beta1_NetworkPort(in, out, s) +} + func autoConvert_v1beta1_OpenCalls_To_softwarecomposition_OpenCalls(in *OpenCalls, out *softwarecomposition.OpenCalls, s conversion.Scope) error { out.Path = in.Path out.Flags = *(*[]string)(unsafe.Pointer(&in.Flags)) @@ -2454,6 +3674,32 @@ func Convert_softwarecomposition_PackageVerificationCode_To_v1beta1_PackageVerif return autoConvert_softwarecomposition_PackageVerificationCode_To_v1beta1_PackageVerificationCode(in, out, s) } +func autoConvert_v1beta1_PolicyRef_To_softwarecomposition_PolicyRef(in *PolicyRef, out *softwarecomposition.PolicyRef, s conversion.Scope) error { + out.IPBlock = in.IPBlock + out.OriginalIP = in.OriginalIP + out.DNS = in.DNS + out.Name = in.Name + return nil +} + +// Convert_v1beta1_PolicyRef_To_softwarecomposition_PolicyRef is an autogenerated conversion function. +func Convert_v1beta1_PolicyRef_To_softwarecomposition_PolicyRef(in *PolicyRef, out *softwarecomposition.PolicyRef, s conversion.Scope) error { + return autoConvert_v1beta1_PolicyRef_To_softwarecomposition_PolicyRef(in, out, s) +} + +func autoConvert_softwarecomposition_PolicyRef_To_v1beta1_PolicyRef(in *softwarecomposition.PolicyRef, out *PolicyRef, s conversion.Scope) error { + out.IPBlock = in.IPBlock + out.OriginalIP = in.OriginalIP + out.DNS = in.DNS + out.Name = in.Name + return nil +} + +// Convert_softwarecomposition_PolicyRef_To_v1beta1_PolicyRef is an autogenerated conversion function. +func Convert_softwarecomposition_PolicyRef_To_v1beta1_PolicyRef(in *softwarecomposition.PolicyRef, out *PolicyRef, s conversion.Scope) error { + return autoConvert_softwarecomposition_PolicyRef_To_v1beta1_PolicyRef(in, out, s) +} + func autoConvert_v1beta1_Product_To_softwarecomposition_Product(in *Product, out *softwarecomposition.Product, s conversion.Scope) error { if err := Convert_v1beta1_Component_To_softwarecomposition_Component(&in.Component, &out.Component, s); err != nil { return err @@ -2992,6 +4238,28 @@ func Convert_softwarecomposition_ScannedControlSummary_To_v1beta1_ScannedControl return autoConvert_softwarecomposition_ScannedControlSummary_To_v1beta1_ScannedControlSummary(in, out, s) } +func autoConvert_v1beta1_ServiceBackendPort_To_softwarecomposition_ServiceBackendPort(in *ServiceBackendPort, out *softwarecomposition.ServiceBackendPort, s conversion.Scope) error { + out.Name = in.Name + out.Number = in.Number + return nil +} + +// Convert_v1beta1_ServiceBackendPort_To_softwarecomposition_ServiceBackendPort is an autogenerated conversion function. +func Convert_v1beta1_ServiceBackendPort_To_softwarecomposition_ServiceBackendPort(in *ServiceBackendPort, out *softwarecomposition.ServiceBackendPort, s conversion.Scope) error { + return autoConvert_v1beta1_ServiceBackendPort_To_softwarecomposition_ServiceBackendPort(in, out, s) +} + +func autoConvert_softwarecomposition_ServiceBackendPort_To_v1beta1_ServiceBackendPort(in *softwarecomposition.ServiceBackendPort, out *ServiceBackendPort, s conversion.Scope) error { + out.Name = in.Name + out.Number = in.Number + return nil +} + +// Convert_softwarecomposition_ServiceBackendPort_To_v1beta1_ServiceBackendPort is an autogenerated conversion function. +func Convert_softwarecomposition_ServiceBackendPort_To_v1beta1_ServiceBackendPort(in *softwarecomposition.ServiceBackendPort, out *ServiceBackendPort, s conversion.Scope) error { + return autoConvert_softwarecomposition_ServiceBackendPort_To_v1beta1_ServiceBackendPort(in, out, s) +} + func autoConvert_v1beta1_SeveritySummary_To_softwarecomposition_SeveritySummary(in *SeveritySummary, out *softwarecomposition.SeveritySummary, s conversion.Scope) error { if err := Convert_v1beta1_VulnerabilityCounters_To_softwarecomposition_VulnerabilityCounters(&in.Critical, &out.Critical, s); err != nil { return err diff --git a/pkg/apis/softwarecomposition/v1beta1/zz_generated.deepcopy.go b/pkg/apis/softwarecomposition/v1beta1/zz_generated.deepcopy.go index a9337c6c2..3619a6717 100644 --- a/pkg/apis/softwarecomposition/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/softwarecomposition/v1beta1/zz_generated.deepcopy.go @@ -24,6 +24,8 @@ package v1beta1 import ( json "encoding/json" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -893,128 +895,888 @@ func (in *Fix) DeepCopy() *Fix { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GeneratedNetworkPolicy) DeepCopyInto(out *GeneratedNetworkPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + if in.PoliciesRef != nil { + in, out := &in.PoliciesRef, &out.PoliciesRef + *out = make([]PolicyRef, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GeneratedNetworkPolicy. +func (in *GeneratedNetworkPolicy) DeepCopy() *GeneratedNetworkPolicy { + if in == nil { + return nil + } + out := new(GeneratedNetworkPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GeneratedNetworkPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GeneratedNetworkPolicyList) DeepCopyInto(out *GeneratedNetworkPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]GeneratedNetworkPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GeneratedNetworkPolicyList. +func (in *GeneratedNetworkPolicyList) DeepCopy() *GeneratedNetworkPolicyList { + if in == nil { + return nil + } + out := new(GeneratedNetworkPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GeneratedNetworkPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GrypeDocument) DeepCopyInto(out *GrypeDocument) { *out = *in - if in.Matches != nil { - in, out := &in.Matches, &out.Matches - *out = make([]Match, len(*in)) + if in.Matches != nil { + in, out := &in.Matches, &out.Matches + *out = make([]Match, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IgnoredMatches != nil { + in, out := &in.IgnoredMatches, &out.IgnoredMatches + *out = make([]IgnoredMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = new(Source) + (*in).DeepCopyInto(*out) + } + in.Distro.DeepCopyInto(&out.Distro) + in.Descriptor.DeepCopyInto(&out.Descriptor) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypeDocument. +func (in *GrypeDocument) DeepCopy() *GrypeDocument { + if in == nil { + return nil + } + out := new(GrypeDocument) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GrypePackage) DeepCopyInto(out *GrypePackage) { + *out = *in + if in.Locations != nil { + in, out := &in.Locations, &out.Locations + *out = make([]SyftCoordinates, len(*in)) + copy(*out, *in) + } + if in.Licenses != nil { + in, out := &in.Licenses, &out.Licenses + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.CPEs != nil { + in, out := &in.CPEs, &out.CPEs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Upstreams != nil { + in, out := &in.Upstreams, &out.Upstreams + *out = make([]UpstreamPackage, len(*in)) + copy(*out, *in) + } + if in.Metadata != nil { + in, out := &in.Metadata, &out.Metadata + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypePackage. +func (in *GrypePackage) DeepCopy() *GrypePackage { + if in == nil { + return nil + } + out := new(GrypePackage) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressPath) DeepCopyInto(out *HTTPIngressPath) { + *out = *in + if in.PathType != nil { + in, out := &in.PathType, &out.PathType + *out = new(PathType) + **out = **in + } + in.Backend.DeepCopyInto(&out.Backend) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressPath. +func (in *HTTPIngressPath) DeepCopy() *HTTPIngressPath { + if in == nil { + return nil + } + out := new(HTTPIngressPath) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressRuleValue) DeepCopyInto(out *HTTPIngressRuleValue) { + *out = *in + if in.Paths != nil { + in, out := &in.Paths, &out.Paths + *out = make([]HTTPIngressPath, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressRuleValue. +func (in *HTTPIngressRuleValue) DeepCopy() *HTTPIngressRuleValue { + if in == nil { + return nil + } + out := new(HTTPIngressRuleValue) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPBlock) DeepCopyInto(out *IPBlock) { + *out = *in + if in.Except != nil { + in, out := &in.Except, &out.Except + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPBlock. +func (in *IPBlock) DeepCopy() *IPBlock { + if in == nil { + return nil + } + out := new(IPBlock) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IgnoreRule) DeepCopyInto(out *IgnoreRule) { + *out = *in + if in.Package != nil { + in, out := &in.Package, &out.Package + *out = new(IgnoreRulePackage) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRule. +func (in *IgnoreRule) DeepCopy() *IgnoreRule { + if in == nil { + return nil + } + out := new(IgnoreRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IgnoreRulePackage) DeepCopyInto(out *IgnoreRulePackage) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRulePackage. +func (in *IgnoreRulePackage) DeepCopy() *IgnoreRulePackage { + if in == nil { + return nil + } + out := new(IgnoreRulePackage) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IgnoredMatch) DeepCopyInto(out *IgnoredMatch) { + *out = *in + in.Match.DeepCopyInto(&out.Match) + if in.AppliedIgnoreRules != nil { + in, out := &in.AppliedIgnoreRules, &out.AppliedIgnoreRules + *out = make([]IgnoreRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoredMatch. +func (in *IgnoredMatch) DeepCopy() *IgnoredMatch { + if in == nil { + return nil + } + out := new(IgnoredMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Ingress) DeepCopyInto(out *Ingress) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. +func (in *Ingress) DeepCopy() *Ingress { + if in == nil { + return nil + } + out := new(Ingress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressBackend) DeepCopyInto(out *IngressBackend) { + *out = *in + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(IngressServiceBackend) + **out = **in + } + if in.Resource != nil { + in, out := &in.Resource, &out.Resource + *out = new(v1.TypedLocalObjectReference) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressBackend. +func (in *IngressBackend) DeepCopy() *IngressBackend { + if in == nil { + return nil + } + out := new(IngressBackend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClass) DeepCopyInto(out *IngressClass) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClass. +func (in *IngressClass) DeepCopy() *IngressClass { + if in == nil { + return nil + } + out := new(IngressClass) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClassList) DeepCopyInto(out *IngressClassList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]IngressClass, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClassList. +func (in *IngressClassList) DeepCopy() *IngressClassList { + if in == nil { + return nil + } + out := new(IngressClassList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClassParametersReference) DeepCopyInto(out *IngressClassParametersReference) { + *out = *in + if in.APIGroup != nil { + in, out := &in.APIGroup, &out.APIGroup + *out = new(string) + **out = **in + } + if in.Scope != nil { + in, out := &in.Scope, &out.Scope + *out = new(string) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClassParametersReference. +func (in *IngressClassParametersReference) DeepCopy() *IngressClassParametersReference { + if in == nil { + return nil + } + out := new(IngressClassParametersReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClassSpec) DeepCopyInto(out *IngressClassSpec) { + *out = *in + if in.Parameters != nil { + in, out := &in.Parameters, &out.Parameters + *out = new(IngressClassParametersReference) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClassSpec. +func (in *IngressClassSpec) DeepCopy() *IngressClassSpec { + if in == nil { + return nil + } + out := new(IngressClassSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressList) DeepCopyInto(out *IngressList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Ingress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList. +func (in *IngressList) DeepCopy() *IngressList { + if in == nil { + return nil + } + out := new(IngressList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressLoadBalancerIngress) DeepCopyInto(out *IngressLoadBalancerIngress) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]IngressPortStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressLoadBalancerIngress. +func (in *IngressLoadBalancerIngress) DeepCopy() *IngressLoadBalancerIngress { + if in == nil { + return nil + } + out := new(IngressLoadBalancerIngress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressLoadBalancerStatus) DeepCopyInto(out *IngressLoadBalancerStatus) { + *out = *in + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]IngressLoadBalancerIngress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressLoadBalancerStatus. +func (in *IngressLoadBalancerStatus) DeepCopy() *IngressLoadBalancerStatus { + if in == nil { + return nil + } + out := new(IngressLoadBalancerStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressPortStatus) DeepCopyInto(out *IngressPortStatus) { + *out = *in + if in.Error != nil { + in, out := &in.Error, &out.Error + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressPortStatus. +func (in *IngressPortStatus) DeepCopy() *IngressPortStatus { + if in == nil { + return nil + } + out := new(IngressPortStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRule) DeepCopyInto(out *IngressRule) { + *out = *in + in.IngressRuleValue.DeepCopyInto(&out.IngressRuleValue) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRule. +func (in *IngressRule) DeepCopy() *IngressRule { + if in == nil { + return nil + } + out := new(IngressRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRuleValue) DeepCopyInto(out *IngressRuleValue) { + *out = *in + if in.HTTP != nil { + in, out := &in.HTTP, &out.HTTP + *out = new(HTTPIngressRuleValue) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleValue. +func (in *IngressRuleValue) DeepCopy() *IngressRuleValue { + if in == nil { + return nil + } + out := new(IngressRuleValue) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressServiceBackend) DeepCopyInto(out *IngressServiceBackend) { + *out = *in + out.Port = in.Port + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressServiceBackend. +func (in *IngressServiceBackend) DeepCopy() *IngressServiceBackend { + if in == nil { + return nil + } + out := new(IngressServiceBackend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressSpec) DeepCopyInto(out *IngressSpec) { + *out = *in + if in.IngressClassName != nil { + in, out := &in.IngressClassName, &out.IngressClassName + *out = new(string) + **out = **in + } + if in.DefaultBackend != nil { + in, out := &in.DefaultBackend, &out.DefaultBackend + *out = new(IngressBackend) + (*in).DeepCopyInto(*out) + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = make([]IngressTLS, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]IngressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec. +func (in *IngressSpec) DeepCopy() *IngressSpec { + if in == nil { + return nil + } + out := new(IngressSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressStatus) DeepCopyInto(out *IngressStatus) { + *out = *in + in.LoadBalancer.DeepCopyInto(&out.LoadBalancer) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus. +func (in *IngressStatus) DeepCopy() *IngressStatus { + if in == nil { + return nil + } + out := new(IngressStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressTLS) DeepCopyInto(out *IngressTLS) { + *out = *in + if in.Hosts != nil { + in, out := &in.Hosts, &out.Hosts + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressTLS. +func (in *IngressTLS) DeepCopy() *IngressTLS { + if in == nil { + return nil + } + out := new(IngressTLS) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KnownServers) DeepCopyInto(out *KnownServers) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KnownServers. +func (in *KnownServers) DeepCopy() *KnownServers { + if in == nil { + return nil + } + out := new(KnownServers) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Match) DeepCopyInto(out *Match) { + *out = *in + in.Vulnerability.DeepCopyInto(&out.Vulnerability) + if in.RelatedVulnerabilities != nil { + in, out := &in.RelatedVulnerabilities, &out.RelatedVulnerabilities + *out = make([]VulnerabilityMetadata, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.MatchDetails != nil { + in, out := &in.MatchDetails, &out.MatchDetails + *out = make([]MatchDetails, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.Artifact.DeepCopyInto(&out.Artifact) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Match. +func (in *Match) DeepCopy() *Match { + if in == nil { + return nil + } + out := new(Match) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchDetails) DeepCopyInto(out *MatchDetails) { + *out = *in + if in.SearchedBy != nil { + in, out := &in.SearchedBy, &out.SearchedBy + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } + if in.Found != nil { + in, out := &in.Found, &out.Found + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchDetails. +func (in *MatchDetails) DeepCopy() *MatchDetails { + if in == nil { + return nil + } + out := new(MatchDetails) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Metadata) DeepCopyInto(out *Metadata) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Metadata. +func (in *Metadata) DeepCopy() *Metadata { + if in == nil { + return nil + } + out := new(Metadata) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkNeighbor) DeepCopyInto(out *NetworkNeighbor) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPort, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.IgnoredMatches != nil { - in, out := &in.IgnoredMatches, &out.IgnoredMatches - *out = make([]IgnoredMatch, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.PodSelector != nil { + in, out := &in.PodSelector, &out.PodSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) } - if in.Source != nil { - in, out := &in.Source, &out.Source - *out = new(Source) + if in.NamespaceSelector != nil { + in, out := &in.NamespaceSelector, &out.NamespaceSelector + *out = new(metav1.LabelSelector) (*in).DeepCopyInto(*out) } - in.Distro.DeepCopyInto(&out.Distro) - in.Descriptor.DeepCopyInto(&out.Descriptor) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypeDocument. -func (in *GrypeDocument) DeepCopy() *GrypeDocument { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighbor. +func (in *NetworkNeighbor) DeepCopy() *NetworkNeighbor { if in == nil { return nil } - out := new(GrypeDocument) + out := new(NetworkNeighbor) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GrypePackage) DeepCopyInto(out *GrypePackage) { +func (in *NetworkNeighbors) DeepCopyInto(out *NetworkNeighbors) { *out = *in - if in.Locations != nil { - in, out := &in.Locations, &out.Locations - *out = make([]SyftCoordinates, len(*in)) - copy(*out, *in) - } - if in.Licenses != nil { - in, out := &in.Licenses, &out.Licenses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.CPEs != nil { - in, out := &in.CPEs, &out.CPEs - *out = make([]string, len(*in)) - copy(*out, *in) + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighbors. +func (in *NetworkNeighbors) DeepCopy() *NetworkNeighbors { + if in == nil { + return nil } - if in.Upstreams != nil { - in, out := &in.Upstreams, &out.Upstreams - *out = make([]UpstreamPackage, len(*in)) - copy(*out, *in) + out := new(NetworkNeighbors) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkNeighbors) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c } - if in.Metadata != nil { - in, out := &in.Metadata, &out.Metadata - *out = make(json.RawMessage, len(*in)) - copy(*out, *in) + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkNeighborsList) DeepCopyInto(out *NetworkNeighborsList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NetworkNeighbors, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypePackage. -func (in *GrypePackage) DeepCopy() *GrypePackage { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighborsList. +func (in *NetworkNeighborsList) DeepCopy() *NetworkNeighborsList { if in == nil { return nil } - out := new(GrypePackage) + out := new(NetworkNeighborsList) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkNeighborsList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IgnoreRule) DeepCopyInto(out *IgnoreRule) { +func (in *NetworkNeighborsSpec) DeepCopyInto(out *NetworkNeighborsSpec) { *out = *in - if in.Package != nil { - in, out := &in.Package, &out.Package - *out = new(IgnoreRulePackage) - **out = **in + in.LabelSelector.DeepCopyInto(&out.LabelSelector) + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]NetworkNeighbor, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = make([]NetworkNeighbor, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRule. -func (in *IgnoreRule) DeepCopy() *IgnoreRule { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighborsSpec. +func (in *NetworkNeighborsSpec) DeepCopy() *NetworkNeighborsSpec { if in == nil { return nil } - out := new(IgnoreRule) + out := new(NetworkNeighborsSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IgnoreRulePackage) DeepCopyInto(out *IgnoreRulePackage) { +func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) { *out = *in + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRulePackage. -func (in *IgnoreRulePackage) DeepCopy() *IgnoreRulePackage { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy. +func (in *NetworkPolicy) DeepCopy() *NetworkPolicy { if in == nil { return nil } - out := new(IgnoreRulePackage) + out := new(NetworkPolicy) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IgnoredMatch) DeepCopyInto(out *IgnoredMatch) { +func (in *NetworkPolicyEgressRule) DeepCopyInto(out *NetworkPolicyEgressRule) { *out = *in - in.Match.DeepCopyInto(&out.Match) - if in.AppliedIgnoreRules != nil { - in, out := &in.AppliedIgnoreRules, &out.AppliedIgnoreRules - *out = make([]IgnoreRule, len(*in)) + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPolicyPort, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]NetworkPolicyPeer, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1022,86 +1784,209 @@ func (in *IgnoredMatch) DeepCopyInto(out *IgnoredMatch) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoredMatch. -func (in *IgnoredMatch) DeepCopy() *IgnoredMatch { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyEgressRule. +func (in *NetworkPolicyEgressRule) DeepCopy() *NetworkPolicyEgressRule { if in == nil { return nil } - out := new(IgnoredMatch) + out := new(NetworkPolicyEgressRule) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Match) DeepCopyInto(out *Match) { +func (in *NetworkPolicyIngressRule) DeepCopyInto(out *NetworkPolicyIngressRule) { *out = *in - in.Vulnerability.DeepCopyInto(&out.Vulnerability) - if in.RelatedVulnerabilities != nil { - in, out := &in.RelatedVulnerabilities, &out.RelatedVulnerabilities - *out = make([]VulnerabilityMetadata, len(*in)) + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPolicyPort, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.MatchDetails != nil { - in, out := &in.MatchDetails, &out.MatchDetails - *out = make([]MatchDetails, len(*in)) + if in.From != nil { + in, out := &in.From, &out.From + *out = make([]NetworkPolicyPeer, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - in.Artifact.DeepCopyInto(&out.Artifact) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Match. -func (in *Match) DeepCopy() *Match { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyIngressRule. +func (in *NetworkPolicyIngressRule) DeepCopy() *NetworkPolicyIngressRule { if in == nil { return nil } - out := new(Match) + out := new(NetworkPolicyIngressRule) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MatchDetails) DeepCopyInto(out *MatchDetails) { +func (in *NetworkPolicyList) DeepCopyInto(out *NetworkPolicyList) { *out = *in - if in.SearchedBy != nil { - in, out := &in.SearchedBy, &out.SearchedBy - *out = make(json.RawMessage, len(*in)) - copy(*out, *in) + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NetworkPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - if in.Found != nil { - in, out := &in.Found, &out.Found - *out = make(json.RawMessage, len(*in)) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList. +func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList { + if in == nil { + return nil + } + out := new(NetworkPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyPeer) DeepCopyInto(out *NetworkPolicyPeer) { + *out = *in + if in.PodSelector != nil { + in, out := &in.PodSelector, &out.PodSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.NamespaceSelector != nil { + in, out := &in.NamespaceSelector, &out.NamespaceSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.IPBlock != nil { + in, out := &in.IPBlock, &out.IPBlock + *out = new(IPBlock) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPeer. +func (in *NetworkPolicyPeer) DeepCopy() *NetworkPolicyPeer { + if in == nil { + return nil + } + out := new(NetworkPolicyPeer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyPort) DeepCopyInto(out *NetworkPolicyPort) { + *out = *in + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(v1.Protocol) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(int32) + **out = **in + } + if in.EndPort != nil { + in, out := &in.EndPort, &out.EndPort + *out = new(int32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPort. +func (in *NetworkPolicyPort) DeepCopy() *NetworkPolicyPort { + if in == nil { + return nil + } + out := new(NetworkPolicyPort) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicySpec) DeepCopyInto(out *NetworkPolicySpec) { + *out = *in + in.PodSelector.DeepCopyInto(&out.PodSelector) + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]NetworkPolicyIngressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = make([]NetworkPolicyEgressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PolicyTypes != nil { + in, out := &in.PolicyTypes, &out.PolicyTypes + *out = make([]PolicyType, len(*in)) copy(*out, *in) } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchDetails. -func (in *MatchDetails) DeepCopy() *MatchDetails { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec. +func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec { if in == nil { return nil } - out := new(MatchDetails) + out := new(NetworkPolicySpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Metadata) DeepCopyInto(out *Metadata) { +func (in *NetworkPolicyStatus) DeepCopyInto(out *NetworkPolicyStatus) { *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Metadata. -func (in *Metadata) DeepCopy() *Metadata { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyStatus. +func (in *NetworkPolicyStatus) DeepCopy() *NetworkPolicyStatus { if in == nil { return nil } - out := new(Metadata) + out := new(NetworkPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPort) DeepCopyInto(out *NetworkPort) { + *out = *in + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(int32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPort. +func (in *NetworkPort) DeepCopy() *NetworkPort { + if in == nil { + return nil + } + out := new(NetworkPort) in.DeepCopyInto(out) return out } @@ -1339,6 +2224,22 @@ func (in *PackageVerificationCode) DeepCopy() *PackageVerificationCode { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyRef) DeepCopyInto(out *PolicyRef) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRef. +func (in *PolicyRef) DeepCopy() *PolicyRef { + if in == nil { + return nil + } + out := new(PolicyRef) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Product) DeepCopyInto(out *Product) { *out = *in @@ -1803,6 +2704,22 @@ func (in *ScannedControlSummary) DeepCopy() *ScannedControlSummary { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceBackendPort) DeepCopyInto(out *ServiceBackendPort) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceBackendPort. +func (in *ServiceBackendPort) DeepCopy() *ServiceBackendPort { + if in == nil { + return nil + } + out := new(ServiceBackendPort) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SeveritySummary) DeepCopyInto(out *SeveritySummary) { *out = *in diff --git a/pkg/apis/softwarecomposition/validation/validation.go b/pkg/apis/softwarecomposition/validation/validation.go index 757173fea..f41b8059c 100644 --- a/pkg/apis/softwarecomposition/validation/validation.go +++ b/pkg/apis/softwarecomposition/validation/validation.go @@ -17,6 +17,8 @@ limitations under the License. package validation import ( + "fmt" + "github.com/kubescape/storage/pkg/apis/softwarecomposition" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/validation/field" @@ -88,6 +90,70 @@ func ValidateVulnerabilityManifestSummary(v *softwarecomposition.VulnerabilityMa return allErrs } +func ValidateGeneratedNetworkPolicy(v *softwarecomposition.GeneratedNetworkPolicy) field.ErrorList { + return AlwaysValid(v) +} + +func ValidateNetworkNeighbors(v *softwarecomposition.NetworkNeighbors) field.ErrorList { + allErrs := field.ErrorList{} + + allErrs = append(allErrs, ValidateNetworkNeighborsSpec(&v.Spec, field.NewPath("spec"))...) + + return allErrs +} + +func ValidateNetworkNeighborsSpec(nns *softwarecomposition.NetworkNeighborsSpec, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + + for i, ingress := range nns.Ingress { + allErrs = append(allErrs, ValidateNetworkNeighbor(&ingress, fldPath.Child("ingress").Index(i))...) + } + + for i, egress := range nns.Egress { + allErrs = append(allErrs, ValidateNetworkNeighbor(&egress, fldPath.Child("egress").Index(i))...) + } + + return allErrs + +} + +func ValidateNetworkNeighbor(nns *softwarecomposition.NetworkNeighbor, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + for i, networkPort := range nns.Ports { + allErrs = append(allErrs, ValidateNetworkNeighborsPort(&networkPort, fldPath.Child("ports").Index(i))...) + } + return allErrs +} + +func ValidateNetworkNeighborsPort(p *softwarecomposition.NetworkPort, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + + allErrs = append(allErrs, validatePortNumber(*p.Port, fldPath.Child("port"))...) + + allErrs = append(allErrs, validatePortName(p, fldPath.Child("name"))...) + + return allErrs +} + +func validatePortNumber(port int32, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + if port < 0 || port > 65535 { + allErrs = append(allErrs, field.Invalid(fldPath, port, "port must be in range 0-65535")) + } + return allErrs +} + +func validatePortName(p *softwarecomposition.NetworkPort, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + + expectedPortName := fmt.Sprintf("%s-%d", p.Protocol, *p.Port) + if p.Name != expectedPortName { + allErrs = append(allErrs, field.Invalid(fldPath, p.Name, "port name must be in the format {protocol}-{port}")) + } + + return allErrs +} + func AlwaysValid(o runtime.Object) field.ErrorList { return field.ErrorList{} } diff --git a/pkg/apis/softwarecomposition/validation/validation_test.go b/pkg/apis/softwarecomposition/validation/validation_test.go new file mode 100644 index 000000000..cc007ec07 --- /dev/null +++ b/pkg/apis/softwarecomposition/validation/validation_test.go @@ -0,0 +1,114 @@ +package validation + +import ( + "testing" + + "github.com/kubescape/storage/pkg/apis/softwarecomposition" + "github.com/stretchr/testify/assert" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/utils/pointer" +) + +func TestValidateNetworkNeighbors(t *testing.T) { + tests := []struct { + name string + port int32 + networkNeighbors softwarecomposition.NetworkNeighbors + expectedErrors field.ErrorList + }{ + { + name: "valid", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + Spec: softwarecomposition.NetworkNeighborsSpec{ + Ingress: []softwarecomposition.NetworkNeighbor{ + { + Identifier: "test", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Name: "UDP-80", + Protocol: "UDP", + }, + }, + }, + }, + }, + }, + expectedErrors: field.ErrorList{}, + }, + { + name: "invalid port name", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + Spec: softwarecomposition.NetworkNeighborsSpec{ + Ingress: []softwarecomposition.NetworkNeighbor{ + { + Identifier: "test", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Name: "UDP", + Protocol: "UDP", + }, + }, + }, + }, + }, + }, + expectedErrors: field.ErrorList{ + field.Invalid(field.NewPath("spec").Child("ingress").Index(0).Child("ports").Index(0).Child("name"), "UDP", "port name must be in the format {protocol}-{port}"), + }, + }, + { + name: "invalid port number", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + Spec: softwarecomposition.NetworkNeighborsSpec{ + Ingress: []softwarecomposition.NetworkNeighbor{ + { + Identifier: "test", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(1000000), + Name: "UDP-1000000", + Protocol: "UDP", + }, + }, + }, + }, + }, + }, + expectedErrors: field.ErrorList{ + field.Invalid(field.NewPath("spec").Child("ingress").Index(0).Child("ports").Index(0).Child("port"), int32(1000000), "port must be in range 0-65535"), + }, + }, + { + name: "invalid port number and name", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + Spec: softwarecomposition.NetworkNeighborsSpec{ + Ingress: []softwarecomposition.NetworkNeighbor{ + { + Identifier: "test", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(1000000), + Name: "UDP-80", + Protocol: "UDP", + }, + }, + }, + }, + }, + }, + expectedErrors: field.ErrorList{ + field.Invalid(field.NewPath("spec").Child("ingress").Index(0).Child("ports").Index(0).Child("port"), int32(1000000), "port must be in range 0-65535"), + field.Invalid(field.NewPath("spec").Child("ingress").Index(0).Child("ports").Index(0).Child("name"), "UDP-80", "port name must be in the format {protocol}-{port}"), + }, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + actualErrors := ValidateNetworkNeighbors(&test.networkNeighbors) + assert.Equal(t, test.expectedErrors, actualErrors) + }) + } +} diff --git a/pkg/apis/softwarecomposition/zz_generated.deepcopy.go b/pkg/apis/softwarecomposition/zz_generated.deepcopy.go index 595cb3112..f07742b41 100644 --- a/pkg/apis/softwarecomposition/zz_generated.deepcopy.go +++ b/pkg/apis/softwarecomposition/zz_generated.deepcopy.go @@ -24,6 +24,8 @@ package softwarecomposition import ( json "encoding/json" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -893,128 +895,888 @@ func (in *Fix) DeepCopy() *Fix { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GeneratedNetworkPolicy) DeepCopyInto(out *GeneratedNetworkPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + if in.PoliciesRef != nil { + in, out := &in.PoliciesRef, &out.PoliciesRef + *out = make([]PolicyRef, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GeneratedNetworkPolicy. +func (in *GeneratedNetworkPolicy) DeepCopy() *GeneratedNetworkPolicy { + if in == nil { + return nil + } + out := new(GeneratedNetworkPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GeneratedNetworkPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GeneratedNetworkPolicyList) DeepCopyInto(out *GeneratedNetworkPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]GeneratedNetworkPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GeneratedNetworkPolicyList. +func (in *GeneratedNetworkPolicyList) DeepCopy() *GeneratedNetworkPolicyList { + if in == nil { + return nil + } + out := new(GeneratedNetworkPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GeneratedNetworkPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GrypeDocument) DeepCopyInto(out *GrypeDocument) { *out = *in - if in.Matches != nil { - in, out := &in.Matches, &out.Matches - *out = make([]Match, len(*in)) + if in.Matches != nil { + in, out := &in.Matches, &out.Matches + *out = make([]Match, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IgnoredMatches != nil { + in, out := &in.IgnoredMatches, &out.IgnoredMatches + *out = make([]IgnoredMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = new(Source) + (*in).DeepCopyInto(*out) + } + in.Distro.DeepCopyInto(&out.Distro) + in.Descriptor.DeepCopyInto(&out.Descriptor) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypeDocument. +func (in *GrypeDocument) DeepCopy() *GrypeDocument { + if in == nil { + return nil + } + out := new(GrypeDocument) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GrypePackage) DeepCopyInto(out *GrypePackage) { + *out = *in + if in.Locations != nil { + in, out := &in.Locations, &out.Locations + *out = make([]SyftCoordinates, len(*in)) + copy(*out, *in) + } + if in.Licenses != nil { + in, out := &in.Licenses, &out.Licenses + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.CPEs != nil { + in, out := &in.CPEs, &out.CPEs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Upstreams != nil { + in, out := &in.Upstreams, &out.Upstreams + *out = make([]UpstreamPackage, len(*in)) + copy(*out, *in) + } + if in.Metadata != nil { + in, out := &in.Metadata, &out.Metadata + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypePackage. +func (in *GrypePackage) DeepCopy() *GrypePackage { + if in == nil { + return nil + } + out := new(GrypePackage) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressPath) DeepCopyInto(out *HTTPIngressPath) { + *out = *in + if in.PathType != nil { + in, out := &in.PathType, &out.PathType + *out = new(PathType) + **out = **in + } + in.Backend.DeepCopyInto(&out.Backend) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressPath. +func (in *HTTPIngressPath) DeepCopy() *HTTPIngressPath { + if in == nil { + return nil + } + out := new(HTTPIngressPath) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressRuleValue) DeepCopyInto(out *HTTPIngressRuleValue) { + *out = *in + if in.Paths != nil { + in, out := &in.Paths, &out.Paths + *out = make([]HTTPIngressPath, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressRuleValue. +func (in *HTTPIngressRuleValue) DeepCopy() *HTTPIngressRuleValue { + if in == nil { + return nil + } + out := new(HTTPIngressRuleValue) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPBlock) DeepCopyInto(out *IPBlock) { + *out = *in + if in.Except != nil { + in, out := &in.Except, &out.Except + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPBlock. +func (in *IPBlock) DeepCopy() *IPBlock { + if in == nil { + return nil + } + out := new(IPBlock) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IgnoreRule) DeepCopyInto(out *IgnoreRule) { + *out = *in + if in.Package != nil { + in, out := &in.Package, &out.Package + *out = new(IgnoreRulePackage) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRule. +func (in *IgnoreRule) DeepCopy() *IgnoreRule { + if in == nil { + return nil + } + out := new(IgnoreRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IgnoreRulePackage) DeepCopyInto(out *IgnoreRulePackage) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRulePackage. +func (in *IgnoreRulePackage) DeepCopy() *IgnoreRulePackage { + if in == nil { + return nil + } + out := new(IgnoreRulePackage) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IgnoredMatch) DeepCopyInto(out *IgnoredMatch) { + *out = *in + in.Match.DeepCopyInto(&out.Match) + if in.AppliedIgnoreRules != nil { + in, out := &in.AppliedIgnoreRules, &out.AppliedIgnoreRules + *out = make([]IgnoreRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoredMatch. +func (in *IgnoredMatch) DeepCopy() *IgnoredMatch { + if in == nil { + return nil + } + out := new(IgnoredMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Ingress) DeepCopyInto(out *Ingress) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. +func (in *Ingress) DeepCopy() *Ingress { + if in == nil { + return nil + } + out := new(Ingress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressBackend) DeepCopyInto(out *IngressBackend) { + *out = *in + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(IngressServiceBackend) + **out = **in + } + if in.Resource != nil { + in, out := &in.Resource, &out.Resource + *out = new(v1.TypedLocalObjectReference) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressBackend. +func (in *IngressBackend) DeepCopy() *IngressBackend { + if in == nil { + return nil + } + out := new(IngressBackend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClass) DeepCopyInto(out *IngressClass) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClass. +func (in *IngressClass) DeepCopy() *IngressClass { + if in == nil { + return nil + } + out := new(IngressClass) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClassList) DeepCopyInto(out *IngressClassList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]IngressClass, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClassList. +func (in *IngressClassList) DeepCopy() *IngressClassList { + if in == nil { + return nil + } + out := new(IngressClassList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClassParametersReference) DeepCopyInto(out *IngressClassParametersReference) { + *out = *in + if in.APIGroup != nil { + in, out := &in.APIGroup, &out.APIGroup + *out = new(string) + **out = **in + } + if in.Scope != nil { + in, out := &in.Scope, &out.Scope + *out = new(string) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClassParametersReference. +func (in *IngressClassParametersReference) DeepCopy() *IngressClassParametersReference { + if in == nil { + return nil + } + out := new(IngressClassParametersReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressClassSpec) DeepCopyInto(out *IngressClassSpec) { + *out = *in + if in.Parameters != nil { + in, out := &in.Parameters, &out.Parameters + *out = new(IngressClassParametersReference) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressClassSpec. +func (in *IngressClassSpec) DeepCopy() *IngressClassSpec { + if in == nil { + return nil + } + out := new(IngressClassSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressList) DeepCopyInto(out *IngressList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Ingress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList. +func (in *IngressList) DeepCopy() *IngressList { + if in == nil { + return nil + } + out := new(IngressList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressLoadBalancerIngress) DeepCopyInto(out *IngressLoadBalancerIngress) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]IngressPortStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressLoadBalancerIngress. +func (in *IngressLoadBalancerIngress) DeepCopy() *IngressLoadBalancerIngress { + if in == nil { + return nil + } + out := new(IngressLoadBalancerIngress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressLoadBalancerStatus) DeepCopyInto(out *IngressLoadBalancerStatus) { + *out = *in + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]IngressLoadBalancerIngress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressLoadBalancerStatus. +func (in *IngressLoadBalancerStatus) DeepCopy() *IngressLoadBalancerStatus { + if in == nil { + return nil + } + out := new(IngressLoadBalancerStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressPortStatus) DeepCopyInto(out *IngressPortStatus) { + *out = *in + if in.Error != nil { + in, out := &in.Error, &out.Error + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressPortStatus. +func (in *IngressPortStatus) DeepCopy() *IngressPortStatus { + if in == nil { + return nil + } + out := new(IngressPortStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRule) DeepCopyInto(out *IngressRule) { + *out = *in + in.IngressRuleValue.DeepCopyInto(&out.IngressRuleValue) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRule. +func (in *IngressRule) DeepCopy() *IngressRule { + if in == nil { + return nil + } + out := new(IngressRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRuleValue) DeepCopyInto(out *IngressRuleValue) { + *out = *in + if in.HTTP != nil { + in, out := &in.HTTP, &out.HTTP + *out = new(HTTPIngressRuleValue) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleValue. +func (in *IngressRuleValue) DeepCopy() *IngressRuleValue { + if in == nil { + return nil + } + out := new(IngressRuleValue) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressServiceBackend) DeepCopyInto(out *IngressServiceBackend) { + *out = *in + out.Port = in.Port + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressServiceBackend. +func (in *IngressServiceBackend) DeepCopy() *IngressServiceBackend { + if in == nil { + return nil + } + out := new(IngressServiceBackend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressSpec) DeepCopyInto(out *IngressSpec) { + *out = *in + if in.IngressClassName != nil { + in, out := &in.IngressClassName, &out.IngressClassName + *out = new(string) + **out = **in + } + if in.DefaultBackend != nil { + in, out := &in.DefaultBackend, &out.DefaultBackend + *out = new(IngressBackend) + (*in).DeepCopyInto(*out) + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = make([]IngressTLS, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]IngressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec. +func (in *IngressSpec) DeepCopy() *IngressSpec { + if in == nil { + return nil + } + out := new(IngressSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressStatus) DeepCopyInto(out *IngressStatus) { + *out = *in + in.LoadBalancer.DeepCopyInto(&out.LoadBalancer) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus. +func (in *IngressStatus) DeepCopy() *IngressStatus { + if in == nil { + return nil + } + out := new(IngressStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressTLS) DeepCopyInto(out *IngressTLS) { + *out = *in + if in.Hosts != nil { + in, out := &in.Hosts, &out.Hosts + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressTLS. +func (in *IngressTLS) DeepCopy() *IngressTLS { + if in == nil { + return nil + } + out := new(IngressTLS) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KnownServers) DeepCopyInto(out *KnownServers) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KnownServers. +func (in *KnownServers) DeepCopy() *KnownServers { + if in == nil { + return nil + } + out := new(KnownServers) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Match) DeepCopyInto(out *Match) { + *out = *in + in.Vulnerability.DeepCopyInto(&out.Vulnerability) + if in.RelatedVulnerabilities != nil { + in, out := &in.RelatedVulnerabilities, &out.RelatedVulnerabilities + *out = make([]VulnerabilityMetadata, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.MatchDetails != nil { + in, out := &in.MatchDetails, &out.MatchDetails + *out = make([]MatchDetails, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.Artifact.DeepCopyInto(&out.Artifact) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Match. +func (in *Match) DeepCopy() *Match { + if in == nil { + return nil + } + out := new(Match) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchDetails) DeepCopyInto(out *MatchDetails) { + *out = *in + if in.SearchedBy != nil { + in, out := &in.SearchedBy, &out.SearchedBy + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } + if in.Found != nil { + in, out := &in.Found, &out.Found + *out = make(json.RawMessage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchDetails. +func (in *MatchDetails) DeepCopy() *MatchDetails { + if in == nil { + return nil + } + out := new(MatchDetails) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Metadata) DeepCopyInto(out *Metadata) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Metadata. +func (in *Metadata) DeepCopy() *Metadata { + if in == nil { + return nil + } + out := new(Metadata) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkNeighbor) DeepCopyInto(out *NetworkNeighbor) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPort, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.IgnoredMatches != nil { - in, out := &in.IgnoredMatches, &out.IgnoredMatches - *out = make([]IgnoredMatch, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.PodSelector != nil { + in, out := &in.PodSelector, &out.PodSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) } - if in.Source != nil { - in, out := &in.Source, &out.Source - *out = new(Source) + if in.NamespaceSelector != nil { + in, out := &in.NamespaceSelector, &out.NamespaceSelector + *out = new(metav1.LabelSelector) (*in).DeepCopyInto(*out) } - in.Distro.DeepCopyInto(&out.Distro) - in.Descriptor.DeepCopyInto(&out.Descriptor) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypeDocument. -func (in *GrypeDocument) DeepCopy() *GrypeDocument { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighbor. +func (in *NetworkNeighbor) DeepCopy() *NetworkNeighbor { if in == nil { return nil } - out := new(GrypeDocument) + out := new(NetworkNeighbor) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GrypePackage) DeepCopyInto(out *GrypePackage) { +func (in *NetworkNeighbors) DeepCopyInto(out *NetworkNeighbors) { *out = *in - if in.Locations != nil { - in, out := &in.Locations, &out.Locations - *out = make([]SyftCoordinates, len(*in)) - copy(*out, *in) - } - if in.Licenses != nil { - in, out := &in.Licenses, &out.Licenses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.CPEs != nil { - in, out := &in.CPEs, &out.CPEs - *out = make([]string, len(*in)) - copy(*out, *in) + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighbors. +func (in *NetworkNeighbors) DeepCopy() *NetworkNeighbors { + if in == nil { + return nil } - if in.Upstreams != nil { - in, out := &in.Upstreams, &out.Upstreams - *out = make([]UpstreamPackage, len(*in)) - copy(*out, *in) + out := new(NetworkNeighbors) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkNeighbors) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c } - if in.Metadata != nil { - in, out := &in.Metadata, &out.Metadata - *out = make(json.RawMessage, len(*in)) - copy(*out, *in) + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkNeighborsList) DeepCopyInto(out *NetworkNeighborsList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NetworkNeighbors, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrypePackage. -func (in *GrypePackage) DeepCopy() *GrypePackage { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighborsList. +func (in *NetworkNeighborsList) DeepCopy() *NetworkNeighborsList { if in == nil { return nil } - out := new(GrypePackage) + out := new(NetworkNeighborsList) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkNeighborsList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IgnoreRule) DeepCopyInto(out *IgnoreRule) { +func (in *NetworkNeighborsSpec) DeepCopyInto(out *NetworkNeighborsSpec) { *out = *in - if in.Package != nil { - in, out := &in.Package, &out.Package - *out = new(IgnoreRulePackage) - **out = **in + in.LabelSelector.DeepCopyInto(&out.LabelSelector) + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]NetworkNeighbor, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = make([]NetworkNeighbor, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRule. -func (in *IgnoreRule) DeepCopy() *IgnoreRule { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkNeighborsSpec. +func (in *NetworkNeighborsSpec) DeepCopy() *NetworkNeighborsSpec { if in == nil { return nil } - out := new(IgnoreRule) + out := new(NetworkNeighborsSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IgnoreRulePackage) DeepCopyInto(out *IgnoreRulePackage) { +func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) { *out = *in + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreRulePackage. -func (in *IgnoreRulePackage) DeepCopy() *IgnoreRulePackage { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy. +func (in *NetworkPolicy) DeepCopy() *NetworkPolicy { if in == nil { return nil } - out := new(IgnoreRulePackage) + out := new(NetworkPolicy) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IgnoredMatch) DeepCopyInto(out *IgnoredMatch) { +func (in *NetworkPolicyEgressRule) DeepCopyInto(out *NetworkPolicyEgressRule) { *out = *in - in.Match.DeepCopyInto(&out.Match) - if in.AppliedIgnoreRules != nil { - in, out := &in.AppliedIgnoreRules, &out.AppliedIgnoreRules - *out = make([]IgnoreRule, len(*in)) + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPolicyPort, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]NetworkPolicyPeer, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1022,86 +1784,209 @@ func (in *IgnoredMatch) DeepCopyInto(out *IgnoredMatch) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoredMatch. -func (in *IgnoredMatch) DeepCopy() *IgnoredMatch { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyEgressRule. +func (in *NetworkPolicyEgressRule) DeepCopy() *NetworkPolicyEgressRule { if in == nil { return nil } - out := new(IgnoredMatch) + out := new(NetworkPolicyEgressRule) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Match) DeepCopyInto(out *Match) { +func (in *NetworkPolicyIngressRule) DeepCopyInto(out *NetworkPolicyIngressRule) { *out = *in - in.Vulnerability.DeepCopyInto(&out.Vulnerability) - if in.RelatedVulnerabilities != nil { - in, out := &in.RelatedVulnerabilities, &out.RelatedVulnerabilities - *out = make([]VulnerabilityMetadata, len(*in)) + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPolicyPort, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.MatchDetails != nil { - in, out := &in.MatchDetails, &out.MatchDetails - *out = make([]MatchDetails, len(*in)) + if in.From != nil { + in, out := &in.From, &out.From + *out = make([]NetworkPolicyPeer, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - in.Artifact.DeepCopyInto(&out.Artifact) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Match. -func (in *Match) DeepCopy() *Match { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyIngressRule. +func (in *NetworkPolicyIngressRule) DeepCopy() *NetworkPolicyIngressRule { if in == nil { return nil } - out := new(Match) + out := new(NetworkPolicyIngressRule) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MatchDetails) DeepCopyInto(out *MatchDetails) { +func (in *NetworkPolicyList) DeepCopyInto(out *NetworkPolicyList) { *out = *in - if in.SearchedBy != nil { - in, out := &in.SearchedBy, &out.SearchedBy - *out = make(json.RawMessage, len(*in)) - copy(*out, *in) + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NetworkPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - if in.Found != nil { - in, out := &in.Found, &out.Found - *out = make(json.RawMessage, len(*in)) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList. +func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList { + if in == nil { + return nil + } + out := new(NetworkPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyPeer) DeepCopyInto(out *NetworkPolicyPeer) { + *out = *in + if in.PodSelector != nil { + in, out := &in.PodSelector, &out.PodSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.NamespaceSelector != nil { + in, out := &in.NamespaceSelector, &out.NamespaceSelector + *out = new(metav1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.IPBlock != nil { + in, out := &in.IPBlock, &out.IPBlock + *out = new(IPBlock) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPeer. +func (in *NetworkPolicyPeer) DeepCopy() *NetworkPolicyPeer { + if in == nil { + return nil + } + out := new(NetworkPolicyPeer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyPort) DeepCopyInto(out *NetworkPolicyPort) { + *out = *in + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(v1.Protocol) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(int32) + **out = **in + } + if in.EndPort != nil { + in, out := &in.EndPort, &out.EndPort + *out = new(int32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPort. +func (in *NetworkPolicyPort) DeepCopy() *NetworkPolicyPort { + if in == nil { + return nil + } + out := new(NetworkPolicyPort) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicySpec) DeepCopyInto(out *NetworkPolicySpec) { + *out = *in + in.PodSelector.DeepCopyInto(&out.PodSelector) + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]NetworkPolicyIngressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = make([]NetworkPolicyEgressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PolicyTypes != nil { + in, out := &in.PolicyTypes, &out.PolicyTypes + *out = make([]PolicyType, len(*in)) copy(*out, *in) } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchDetails. -func (in *MatchDetails) DeepCopy() *MatchDetails { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec. +func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec { if in == nil { return nil } - out := new(MatchDetails) + out := new(NetworkPolicySpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Metadata) DeepCopyInto(out *Metadata) { +func (in *NetworkPolicyStatus) DeepCopyInto(out *NetworkPolicyStatus) { *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Metadata. -func (in *Metadata) DeepCopy() *Metadata { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyStatus. +func (in *NetworkPolicyStatus) DeepCopy() *NetworkPolicyStatus { if in == nil { return nil } - out := new(Metadata) + out := new(NetworkPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPort) DeepCopyInto(out *NetworkPort) { + *out = *in + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(int32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPort. +func (in *NetworkPort) DeepCopy() *NetworkPort { + if in == nil { + return nil + } + out := new(NetworkPort) in.DeepCopyInto(out) return out } @@ -1339,6 +2224,22 @@ func (in *PackageVerificationCode) DeepCopy() *PackageVerificationCode { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyRef) DeepCopyInto(out *PolicyRef) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRef. +func (in *PolicyRef) DeepCopy() *PolicyRef { + if in == nil { + return nil + } + out := new(PolicyRef) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Product) DeepCopyInto(out *Product) { *out = *in @@ -1803,6 +2704,22 @@ func (in *ScannedControlSummary) DeepCopy() *ScannedControlSummary { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceBackendPort) DeepCopyInto(out *ServiceBackendPort) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceBackendPort. +func (in *ServiceBackendPort) DeepCopy() *ServiceBackendPort { + if in == nil { + return nil + } + out := new(ServiceBackendPort) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SeveritySummary) DeepCopyInto(out *SeveritySummary) { *out = *in diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go index aa19993e8..5bcecc1b4 100644 --- a/pkg/apiserver/apiserver.go +++ b/pkg/apiserver/apiserver.go @@ -21,6 +21,8 @@ import ( "github.com/kubescape/storage/pkg/registry/softwarecomposition/applicationactivity" "github.com/kubescape/storage/pkg/registry/softwarecomposition/applicationprofile" "github.com/kubescape/storage/pkg/registry/softwarecomposition/applicationprofilesummary" + "github.com/kubescape/storage/pkg/registry/softwarecomposition/generatednetworkpolicy" + "github.com/kubescape/storage/pkg/registry/softwarecomposition/networkneighbors" "github.com/kubescape/storage/pkg/registry/softwarecomposition/openvulnerabilityexchange" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -146,6 +148,7 @@ func (c completedConfig) New() (*WardleServer, error) { configScanStorageImpl := file.NewConfigurationScanSummaryStorage(&storageImpl) vulnerabilitySummaryStorage := file.NewVulnerabilitySummaryStorage(&storageImpl) + generatedNetworkPolicyStorage := file.NewGeneratedNetworkPolicyStorage(&storageImpl) v1beta1storage := map[string]rest.Storage{} @@ -166,8 +169,11 @@ func (c completedConfig) New() (*WardleServer, error) { v1beta1storage["applicationprofilesummaries"] = sbomregistry.RESTInPeace(applicationprofilesummary.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter)) v1beta1storage["applicationactivities"] = sbomregistry.RESTInPeace(applicationactivity.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter)) + v1beta1storage["networkneighborses"] = sbomregistry.RESTInPeace(networkneighbors.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter)) v1beta1storage["openvulnerabilityexchangecontainers"] = sbomregistry.RESTInPeace(openvulnerabilityexchange.NewREST(Scheme, storageImpl, c.GenericConfig.RESTOptionsGetter)) + v1beta1storage["generatednetworkpolicies"] = sbomregistry.RESTInPeace(generatednetworkpolicy.NewREST(Scheme, generatedNetworkPolicyStorage, c.GenericConfig.RESTOptionsGetter)) + apiGroupInfo.VersionedResourcesStorageMap["v1beta1"] = v1beta1storage if err := s.GenericAPIServer.InstallAPIGroup(&apiGroupInfo); err != nil { diff --git a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_generatednetworkpolicy.go b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_generatednetworkpolicy.go new file mode 100644 index 000000000..5c3716de0 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_generatednetworkpolicy.go @@ -0,0 +1,129 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeGeneratedNetworkPolicies implements GeneratedNetworkPolicyInterface +type FakeGeneratedNetworkPolicies struct { + Fake *FakeSpdxV1beta1 + ns string +} + +var generatednetworkpoliciesResource = v1beta1.SchemeGroupVersion.WithResource("generatednetworkpolicies") + +var generatednetworkpoliciesKind = v1beta1.SchemeGroupVersion.WithKind("GeneratedNetworkPolicy") + +// Get takes name of the generatedNetworkPolicy, and returns the corresponding generatedNetworkPolicy object, and an error if there is any. +func (c *FakeGeneratedNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.GeneratedNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(generatednetworkpoliciesResource, c.ns, name), &v1beta1.GeneratedNetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.GeneratedNetworkPolicy), err +} + +// List takes label and field selectors, and returns the list of GeneratedNetworkPolicies that match those selectors. +func (c *FakeGeneratedNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.GeneratedNetworkPolicyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(generatednetworkpoliciesResource, generatednetworkpoliciesKind, c.ns, opts), &v1beta1.GeneratedNetworkPolicyList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.GeneratedNetworkPolicyList{ListMeta: obj.(*v1beta1.GeneratedNetworkPolicyList).ListMeta} + for _, item := range obj.(*v1beta1.GeneratedNetworkPolicyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested generatedNetworkPolicies. +func (c *FakeGeneratedNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(generatednetworkpoliciesResource, c.ns, opts)) + +} + +// Create takes the representation of a generatedNetworkPolicy and creates it. Returns the server's representation of the generatedNetworkPolicy, and an error, if there is any. +func (c *FakeGeneratedNetworkPolicies) Create(ctx context.Context, generatedNetworkPolicy *v1beta1.GeneratedNetworkPolicy, opts v1.CreateOptions) (result *v1beta1.GeneratedNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(generatednetworkpoliciesResource, c.ns, generatedNetworkPolicy), &v1beta1.GeneratedNetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.GeneratedNetworkPolicy), err +} + +// Update takes the representation of a generatedNetworkPolicy and updates it. Returns the server's representation of the generatedNetworkPolicy, and an error, if there is any. +func (c *FakeGeneratedNetworkPolicies) Update(ctx context.Context, generatedNetworkPolicy *v1beta1.GeneratedNetworkPolicy, opts v1.UpdateOptions) (result *v1beta1.GeneratedNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(generatednetworkpoliciesResource, c.ns, generatedNetworkPolicy), &v1beta1.GeneratedNetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.GeneratedNetworkPolicy), err +} + +// Delete takes name of the generatedNetworkPolicy and deletes it. Returns an error if one occurs. +func (c *FakeGeneratedNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(generatednetworkpoliciesResource, c.ns, name, opts), &v1beta1.GeneratedNetworkPolicy{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeGeneratedNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(generatednetworkpoliciesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.GeneratedNetworkPolicyList{}) + return err +} + +// Patch applies the patch and returns the patched generatedNetworkPolicy. +func (c *FakeGeneratedNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.GeneratedNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(generatednetworkpoliciesResource, c.ns, name, pt, data, subresources...), &v1beta1.GeneratedNetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.GeneratedNetworkPolicy), err +} diff --git a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_networkneighbors.go b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_networkneighbors.go new file mode 100644 index 000000000..02b201624 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_networkneighbors.go @@ -0,0 +1,129 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeNetworkNeighborses implements NetworkNeighborsInterface +type FakeNetworkNeighborses struct { + Fake *FakeSpdxV1beta1 + ns string +} + +var networkneighborsesResource = v1beta1.SchemeGroupVersion.WithResource("networkneighborses") + +var networkneighborsesKind = v1beta1.SchemeGroupVersion.WithKind("NetworkNeighbors") + +// Get takes name of the networkNeighbors, and returns the corresponding networkNeighbors object, and an error if there is any. +func (c *FakeNetworkNeighborses) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.NetworkNeighbors, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(networkneighborsesResource, c.ns, name), &v1beta1.NetworkNeighbors{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.NetworkNeighbors), err +} + +// List takes label and field selectors, and returns the list of NetworkNeighborses that match those selectors. +func (c *FakeNetworkNeighborses) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.NetworkNeighborsList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(networkneighborsesResource, networkneighborsesKind, c.ns, opts), &v1beta1.NetworkNeighborsList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.NetworkNeighborsList{ListMeta: obj.(*v1beta1.NetworkNeighborsList).ListMeta} + for _, item := range obj.(*v1beta1.NetworkNeighborsList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested networkNeighborses. +func (c *FakeNetworkNeighborses) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(networkneighborsesResource, c.ns, opts)) + +} + +// Create takes the representation of a networkNeighbors and creates it. Returns the server's representation of the networkNeighbors, and an error, if there is any. +func (c *FakeNetworkNeighborses) Create(ctx context.Context, networkNeighbors *v1beta1.NetworkNeighbors, opts v1.CreateOptions) (result *v1beta1.NetworkNeighbors, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(networkneighborsesResource, c.ns, networkNeighbors), &v1beta1.NetworkNeighbors{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.NetworkNeighbors), err +} + +// Update takes the representation of a networkNeighbors and updates it. Returns the server's representation of the networkNeighbors, and an error, if there is any. +func (c *FakeNetworkNeighborses) Update(ctx context.Context, networkNeighbors *v1beta1.NetworkNeighbors, opts v1.UpdateOptions) (result *v1beta1.NetworkNeighbors, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(networkneighborsesResource, c.ns, networkNeighbors), &v1beta1.NetworkNeighbors{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.NetworkNeighbors), err +} + +// Delete takes name of the networkNeighbors and deletes it. Returns an error if one occurs. +func (c *FakeNetworkNeighborses) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(networkneighborsesResource, c.ns, name, opts), &v1beta1.NetworkNeighbors{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeNetworkNeighborses) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(networkneighborsesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.NetworkNeighborsList{}) + return err +} + +// Patch applies the patch and returns the patched networkNeighbors. +func (c *FakeNetworkNeighborses) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.NetworkNeighbors, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(networkneighborsesResource, c.ns, name, pt, data, subresources...), &v1beta1.NetworkNeighbors{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.NetworkNeighbors), err +} diff --git a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_softwarecomposition_client.go b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_softwarecomposition_client.go index fa2d5dfcf..8823d76c2 100644 --- a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_softwarecomposition_client.go +++ b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/fake/fake_softwarecomposition_client.go @@ -44,6 +44,14 @@ func (c *FakeSpdxV1beta1) ConfigurationScanSummaries(namespace string) v1beta1.C return &FakeConfigurationScanSummaries{c, namespace} } +func (c *FakeSpdxV1beta1) GeneratedNetworkPolicies(namespace string) v1beta1.GeneratedNetworkPolicyInterface { + return &FakeGeneratedNetworkPolicies{c, namespace} +} + +func (c *FakeSpdxV1beta1) NetworkNeighborses(namespace string) v1beta1.NetworkNeighborsInterface { + return &FakeNetworkNeighborses{c, namespace} +} + func (c *FakeSpdxV1beta1) OpenVulnerabilityExchangeContainers(namespace string) v1beta1.OpenVulnerabilityExchangeContainerInterface { return &FakeOpenVulnerabilityExchangeContainers{c, namespace} } diff --git a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generated_expansion.go b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generated_expansion.go index 07649121c..5c2f88e0f 100644 --- a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generated_expansion.go +++ b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generated_expansion.go @@ -26,6 +26,10 @@ type ApplicationProfileSummaryExpansion interface{} type ConfigurationScanSummaryExpansion interface{} +type GeneratedNetworkPolicyExpansion interface{} + +type NetworkNeighborsExpansion interface{} + type OpenVulnerabilityExchangeContainerExpansion interface{} type SBOMSPDXv2p3Expansion interface{} diff --git a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generatednetworkpolicy.go b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generatednetworkpolicy.go new file mode 100644 index 000000000..4cd9ea3f1 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/generatednetworkpolicy.go @@ -0,0 +1,178 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + scheme "github.com/kubescape/storage/pkg/generated/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// GeneratedNetworkPoliciesGetter has a method to return a GeneratedNetworkPolicyInterface. +// A group's client should implement this interface. +type GeneratedNetworkPoliciesGetter interface { + GeneratedNetworkPolicies(namespace string) GeneratedNetworkPolicyInterface +} + +// GeneratedNetworkPolicyInterface has methods to work with GeneratedNetworkPolicy resources. +type GeneratedNetworkPolicyInterface interface { + Create(ctx context.Context, generatedNetworkPolicy *v1beta1.GeneratedNetworkPolicy, opts v1.CreateOptions) (*v1beta1.GeneratedNetworkPolicy, error) + Update(ctx context.Context, generatedNetworkPolicy *v1beta1.GeneratedNetworkPolicy, opts v1.UpdateOptions) (*v1beta1.GeneratedNetworkPolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.GeneratedNetworkPolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.GeneratedNetworkPolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.GeneratedNetworkPolicy, err error) + GeneratedNetworkPolicyExpansion +} + +// generatedNetworkPolicies implements GeneratedNetworkPolicyInterface +type generatedNetworkPolicies struct { + client rest.Interface + ns string +} + +// newGeneratedNetworkPolicies returns a GeneratedNetworkPolicies +func newGeneratedNetworkPolicies(c *SpdxV1beta1Client, namespace string) *generatedNetworkPolicies { + return &generatedNetworkPolicies{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the generatedNetworkPolicy, and returns the corresponding generatedNetworkPolicy object, and an error if there is any. +func (c *generatedNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.GeneratedNetworkPolicy, err error) { + result = &v1beta1.GeneratedNetworkPolicy{} + err = c.client.Get(). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of GeneratedNetworkPolicies that match those selectors. +func (c *generatedNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.GeneratedNetworkPolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.GeneratedNetworkPolicyList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested generatedNetworkPolicies. +func (c *generatedNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a generatedNetworkPolicy and creates it. Returns the server's representation of the generatedNetworkPolicy, and an error, if there is any. +func (c *generatedNetworkPolicies) Create(ctx context.Context, generatedNetworkPolicy *v1beta1.GeneratedNetworkPolicy, opts v1.CreateOptions) (result *v1beta1.GeneratedNetworkPolicy, err error) { + result = &v1beta1.GeneratedNetworkPolicy{} + err = c.client.Post(). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(generatedNetworkPolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a generatedNetworkPolicy and updates it. Returns the server's representation of the generatedNetworkPolicy, and an error, if there is any. +func (c *generatedNetworkPolicies) Update(ctx context.Context, generatedNetworkPolicy *v1beta1.GeneratedNetworkPolicy, opts v1.UpdateOptions) (result *v1beta1.GeneratedNetworkPolicy, err error) { + result = &v1beta1.GeneratedNetworkPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + Name(generatedNetworkPolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(generatedNetworkPolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the generatedNetworkPolicy and deletes it. Returns an error if one occurs. +func (c *generatedNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *generatedNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched generatedNetworkPolicy. +func (c *generatedNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.GeneratedNetworkPolicy, err error) { + result = &v1beta1.GeneratedNetworkPolicy{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("generatednetworkpolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/networkneighbors.go b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/networkneighbors.go new file mode 100644 index 000000000..998d45c4c --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/networkneighbors.go @@ -0,0 +1,178 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + scheme "github.com/kubescape/storage/pkg/generated/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// NetworkNeighborsesGetter has a method to return a NetworkNeighborsInterface. +// A group's client should implement this interface. +type NetworkNeighborsesGetter interface { + NetworkNeighborses(namespace string) NetworkNeighborsInterface +} + +// NetworkNeighborsInterface has methods to work with NetworkNeighbors resources. +type NetworkNeighborsInterface interface { + Create(ctx context.Context, networkNeighbors *v1beta1.NetworkNeighbors, opts v1.CreateOptions) (*v1beta1.NetworkNeighbors, error) + Update(ctx context.Context, networkNeighbors *v1beta1.NetworkNeighbors, opts v1.UpdateOptions) (*v1beta1.NetworkNeighbors, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.NetworkNeighbors, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.NetworkNeighborsList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.NetworkNeighbors, err error) + NetworkNeighborsExpansion +} + +// networkNeighborses implements NetworkNeighborsInterface +type networkNeighborses struct { + client rest.Interface + ns string +} + +// newNetworkNeighborses returns a NetworkNeighborses +func newNetworkNeighborses(c *SpdxV1beta1Client, namespace string) *networkNeighborses { + return &networkNeighborses{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the networkNeighbors, and returns the corresponding networkNeighbors object, and an error if there is any. +func (c *networkNeighborses) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.NetworkNeighbors, err error) { + result = &v1beta1.NetworkNeighbors{} + err = c.client.Get(). + Namespace(c.ns). + Resource("networkneighborses"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of NetworkNeighborses that match those selectors. +func (c *networkNeighborses) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.NetworkNeighborsList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.NetworkNeighborsList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("networkneighborses"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested networkNeighborses. +func (c *networkNeighborses) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("networkneighborses"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a networkNeighbors and creates it. Returns the server's representation of the networkNeighbors, and an error, if there is any. +func (c *networkNeighborses) Create(ctx context.Context, networkNeighbors *v1beta1.NetworkNeighbors, opts v1.CreateOptions) (result *v1beta1.NetworkNeighbors, err error) { + result = &v1beta1.NetworkNeighbors{} + err = c.client.Post(). + Namespace(c.ns). + Resource("networkneighborses"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkNeighbors). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a networkNeighbors and updates it. Returns the server's representation of the networkNeighbors, and an error, if there is any. +func (c *networkNeighborses) Update(ctx context.Context, networkNeighbors *v1beta1.NetworkNeighbors, opts v1.UpdateOptions) (result *v1beta1.NetworkNeighbors, err error) { + result = &v1beta1.NetworkNeighbors{} + err = c.client.Put(). + Namespace(c.ns). + Resource("networkneighborses"). + Name(networkNeighbors.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkNeighbors). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the networkNeighbors and deletes it. Returns an error if one occurs. +func (c *networkNeighborses) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("networkneighborses"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *networkNeighborses) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("networkneighborses"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched networkNeighbors. +func (c *networkNeighborses) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.NetworkNeighbors, err error) { + result = &v1beta1.NetworkNeighbors{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("networkneighborses"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/softwarecomposition_client.go b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/softwarecomposition_client.go index 4c3a2611b..1b529a54f 100644 --- a/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/softwarecomposition_client.go +++ b/pkg/generated/clientset/versioned/typed/softwarecomposition/v1beta1/softwarecomposition_client.go @@ -32,6 +32,8 @@ type SpdxV1beta1Interface interface { ApplicationProfilesGetter ApplicationProfileSummariesGetter ConfigurationScanSummariesGetter + GeneratedNetworkPoliciesGetter + NetworkNeighborsesGetter OpenVulnerabilityExchangeContainersGetter SBOMSPDXv2p3sGetter SBOMSPDXv2p3FilteredsGetter @@ -64,6 +66,14 @@ func (c *SpdxV1beta1Client) ConfigurationScanSummaries(namespace string) Configu return newConfigurationScanSummaries(c, namespace) } +func (c *SpdxV1beta1Client) GeneratedNetworkPolicies(namespace string) GeneratedNetworkPolicyInterface { + return newGeneratedNetworkPolicies(c, namespace) +} + +func (c *SpdxV1beta1Client) NetworkNeighborses(namespace string) NetworkNeighborsInterface { + return newNetworkNeighborses(c, namespace) +} + func (c *SpdxV1beta1Client) OpenVulnerabilityExchangeContainers(namespace string) OpenVulnerabilityExchangeContainerInterface { return newOpenVulnerabilityExchangeContainers(c, namespace) } diff --git a/pkg/generated/informers/externalversions/generic.go b/pkg/generated/informers/externalversions/generic.go index 41a26cf51..231e7aaf5 100644 --- a/pkg/generated/informers/externalversions/generic.go +++ b/pkg/generated/informers/externalversions/generic.go @@ -61,6 +61,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Spdx().V1beta1().ApplicationProfileSummaries().Informer()}, nil case v1beta1.SchemeGroupVersion.WithResource("configurationscansummaries"): return &genericInformer{resource: resource.GroupResource(), informer: f.Spdx().V1beta1().ConfigurationScanSummaries().Informer()}, nil + case v1beta1.SchemeGroupVersion.WithResource("generatednetworkpolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Spdx().V1beta1().GeneratedNetworkPolicies().Informer()}, nil + case v1beta1.SchemeGroupVersion.WithResource("networkneighborses"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Spdx().V1beta1().NetworkNeighborses().Informer()}, nil case v1beta1.SchemeGroupVersion.WithResource("openvulnerabilityexchangecontainers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Spdx().V1beta1().OpenVulnerabilityExchangeContainers().Informer()}, nil case v1beta1.SchemeGroupVersion.WithResource("sbomspdxv2p3s"): diff --git a/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/generatednetworkpolicy.go b/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/generatednetworkpolicy.go new file mode 100644 index 000000000..038dcd6fe --- /dev/null +++ b/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/generatednetworkpolicy.go @@ -0,0 +1,90 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + time "time" + + softwarecompositionv1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + versioned "github.com/kubescape/storage/pkg/generated/clientset/versioned" + internalinterfaces "github.com/kubescape/storage/pkg/generated/informers/externalversions/internalinterfaces" + v1beta1 "github.com/kubescape/storage/pkg/generated/listers/softwarecomposition/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// GeneratedNetworkPolicyInformer provides access to a shared informer and lister for +// GeneratedNetworkPolicies. +type GeneratedNetworkPolicyInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1beta1.GeneratedNetworkPolicyLister +} + +type generatedNetworkPolicyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewGeneratedNetworkPolicyInformer constructs a new informer for GeneratedNetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewGeneratedNetworkPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredGeneratedNetworkPolicyInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredGeneratedNetworkPolicyInformer constructs a new informer for GeneratedNetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredGeneratedNetworkPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.SpdxV1beta1().GeneratedNetworkPolicies(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.SpdxV1beta1().GeneratedNetworkPolicies(namespace).Watch(context.TODO(), options) + }, + }, + &softwarecompositionv1beta1.GeneratedNetworkPolicy{}, + resyncPeriod, + indexers, + ) +} + +func (f *generatedNetworkPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredGeneratedNetworkPolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *generatedNetworkPolicyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&softwarecompositionv1beta1.GeneratedNetworkPolicy{}, f.defaultInformer) +} + +func (f *generatedNetworkPolicyInformer) Lister() v1beta1.GeneratedNetworkPolicyLister { + return v1beta1.NewGeneratedNetworkPolicyLister(f.Informer().GetIndexer()) +} diff --git a/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/interface.go b/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/interface.go index 5c4287409..16d51a9b7 100644 --- a/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/interface.go +++ b/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/interface.go @@ -32,6 +32,10 @@ type Interface interface { ApplicationProfileSummaries() ApplicationProfileSummaryInformer // ConfigurationScanSummaries returns a ConfigurationScanSummaryInformer. ConfigurationScanSummaries() ConfigurationScanSummaryInformer + // GeneratedNetworkPolicies returns a GeneratedNetworkPolicyInformer. + GeneratedNetworkPolicies() GeneratedNetworkPolicyInformer + // NetworkNeighborses returns a NetworkNeighborsInformer. + NetworkNeighborses() NetworkNeighborsInformer // OpenVulnerabilityExchangeContainers returns a OpenVulnerabilityExchangeContainerInformer. OpenVulnerabilityExchangeContainers() OpenVulnerabilityExchangeContainerInformer // SBOMSPDXv2p3s returns a SBOMSPDXv2p3Informer. @@ -83,6 +87,16 @@ func (v *version) ConfigurationScanSummaries() ConfigurationScanSummaryInformer return &configurationScanSummaryInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } +// GeneratedNetworkPolicies returns a GeneratedNetworkPolicyInformer. +func (v *version) GeneratedNetworkPolicies() GeneratedNetworkPolicyInformer { + return &generatedNetworkPolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// NetworkNeighborses returns a NetworkNeighborsInformer. +func (v *version) NetworkNeighborses() NetworkNeighborsInformer { + return &networkNeighborsInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + // OpenVulnerabilityExchangeContainers returns a OpenVulnerabilityExchangeContainerInformer. func (v *version) OpenVulnerabilityExchangeContainers() OpenVulnerabilityExchangeContainerInformer { return &openVulnerabilityExchangeContainerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} diff --git a/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/networkneighbors.go b/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/networkneighbors.go new file mode 100644 index 000000000..b7b5fe6b7 --- /dev/null +++ b/pkg/generated/informers/externalversions/softwarecomposition/v1beta1/networkneighbors.go @@ -0,0 +1,90 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + time "time" + + softwarecompositionv1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + versioned "github.com/kubescape/storage/pkg/generated/clientset/versioned" + internalinterfaces "github.com/kubescape/storage/pkg/generated/informers/externalversions/internalinterfaces" + v1beta1 "github.com/kubescape/storage/pkg/generated/listers/softwarecomposition/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// NetworkNeighborsInformer provides access to a shared informer and lister for +// NetworkNeighborses. +type NetworkNeighborsInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1beta1.NetworkNeighborsLister +} + +type networkNeighborsInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewNetworkNeighborsInformer constructs a new informer for NetworkNeighbors type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewNetworkNeighborsInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredNetworkNeighborsInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredNetworkNeighborsInformer constructs a new informer for NetworkNeighbors type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredNetworkNeighborsInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.SpdxV1beta1().NetworkNeighborses(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.SpdxV1beta1().NetworkNeighborses(namespace).Watch(context.TODO(), options) + }, + }, + &softwarecompositionv1beta1.NetworkNeighbors{}, + resyncPeriod, + indexers, + ) +} + +func (f *networkNeighborsInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredNetworkNeighborsInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *networkNeighborsInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&softwarecompositionv1beta1.NetworkNeighbors{}, f.defaultInformer) +} + +func (f *networkNeighborsInformer) Lister() v1beta1.NetworkNeighborsLister { + return v1beta1.NewNetworkNeighborsLister(f.Informer().GetIndexer()) +} diff --git a/pkg/generated/listers/softwarecomposition/v1beta1/expansion_generated.go b/pkg/generated/listers/softwarecomposition/v1beta1/expansion_generated.go index 6e026ebfc..9a9da342b 100644 --- a/pkg/generated/listers/softwarecomposition/v1beta1/expansion_generated.go +++ b/pkg/generated/listers/softwarecomposition/v1beta1/expansion_generated.go @@ -50,6 +50,22 @@ type ConfigurationScanSummaryListerExpansion interface{} // ConfigurationScanSummaryNamespaceLister. type ConfigurationScanSummaryNamespaceListerExpansion interface{} +// GeneratedNetworkPolicyListerExpansion allows custom methods to be added to +// GeneratedNetworkPolicyLister. +type GeneratedNetworkPolicyListerExpansion interface{} + +// GeneratedNetworkPolicyNamespaceListerExpansion allows custom methods to be added to +// GeneratedNetworkPolicyNamespaceLister. +type GeneratedNetworkPolicyNamespaceListerExpansion interface{} + +// NetworkNeighborsListerExpansion allows custom methods to be added to +// NetworkNeighborsLister. +type NetworkNeighborsListerExpansion interface{} + +// NetworkNeighborsNamespaceListerExpansion allows custom methods to be added to +// NetworkNeighborsNamespaceLister. +type NetworkNeighborsNamespaceListerExpansion interface{} + // OpenVulnerabilityExchangeContainerListerExpansion allows custom methods to be added to // OpenVulnerabilityExchangeContainerLister. type OpenVulnerabilityExchangeContainerListerExpansion interface{} diff --git a/pkg/generated/listers/softwarecomposition/v1beta1/generatednetworkpolicy.go b/pkg/generated/listers/softwarecomposition/v1beta1/generatednetworkpolicy.go new file mode 100644 index 000000000..75458e7f0 --- /dev/null +++ b/pkg/generated/listers/softwarecomposition/v1beta1/generatednetworkpolicy.go @@ -0,0 +1,99 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// GeneratedNetworkPolicyLister helps list GeneratedNetworkPolicies. +// All objects returned here must be treated as read-only. +type GeneratedNetworkPolicyLister interface { + // List lists all GeneratedNetworkPolicies in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1beta1.GeneratedNetworkPolicy, err error) + // GeneratedNetworkPolicies returns an object that can list and get GeneratedNetworkPolicies. + GeneratedNetworkPolicies(namespace string) GeneratedNetworkPolicyNamespaceLister + GeneratedNetworkPolicyListerExpansion +} + +// generatedNetworkPolicyLister implements the GeneratedNetworkPolicyLister interface. +type generatedNetworkPolicyLister struct { + indexer cache.Indexer +} + +// NewGeneratedNetworkPolicyLister returns a new GeneratedNetworkPolicyLister. +func NewGeneratedNetworkPolicyLister(indexer cache.Indexer) GeneratedNetworkPolicyLister { + return &generatedNetworkPolicyLister{indexer: indexer} +} + +// List lists all GeneratedNetworkPolicies in the indexer. +func (s *generatedNetworkPolicyLister) List(selector labels.Selector) (ret []*v1beta1.GeneratedNetworkPolicy, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.GeneratedNetworkPolicy)) + }) + return ret, err +} + +// GeneratedNetworkPolicies returns an object that can list and get GeneratedNetworkPolicies. +func (s *generatedNetworkPolicyLister) GeneratedNetworkPolicies(namespace string) GeneratedNetworkPolicyNamespaceLister { + return generatedNetworkPolicyNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// GeneratedNetworkPolicyNamespaceLister helps list and get GeneratedNetworkPolicies. +// All objects returned here must be treated as read-only. +type GeneratedNetworkPolicyNamespaceLister interface { + // List lists all GeneratedNetworkPolicies in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1beta1.GeneratedNetworkPolicy, err error) + // Get retrieves the GeneratedNetworkPolicy from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1beta1.GeneratedNetworkPolicy, error) + GeneratedNetworkPolicyNamespaceListerExpansion +} + +// generatedNetworkPolicyNamespaceLister implements the GeneratedNetworkPolicyNamespaceLister +// interface. +type generatedNetworkPolicyNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all GeneratedNetworkPolicies in the indexer for a given namespace. +func (s generatedNetworkPolicyNamespaceLister) List(selector labels.Selector) (ret []*v1beta1.GeneratedNetworkPolicy, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.GeneratedNetworkPolicy)) + }) + return ret, err +} + +// Get retrieves the GeneratedNetworkPolicy from the indexer for a given namespace and name. +func (s generatedNetworkPolicyNamespaceLister) Get(name string) (*v1beta1.GeneratedNetworkPolicy, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1beta1.Resource("generatednetworkpolicy"), name) + } + return obj.(*v1beta1.GeneratedNetworkPolicy), nil +} diff --git a/pkg/generated/listers/softwarecomposition/v1beta1/networkneighbors.go b/pkg/generated/listers/softwarecomposition/v1beta1/networkneighbors.go new file mode 100644 index 000000000..98befd2b4 --- /dev/null +++ b/pkg/generated/listers/softwarecomposition/v1beta1/networkneighbors.go @@ -0,0 +1,99 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// NetworkNeighborsLister helps list NetworkNeighborses. +// All objects returned here must be treated as read-only. +type NetworkNeighborsLister interface { + // List lists all NetworkNeighborses in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1beta1.NetworkNeighbors, err error) + // NetworkNeighborses returns an object that can list and get NetworkNeighborses. + NetworkNeighborses(namespace string) NetworkNeighborsNamespaceLister + NetworkNeighborsListerExpansion +} + +// networkNeighborsLister implements the NetworkNeighborsLister interface. +type networkNeighborsLister struct { + indexer cache.Indexer +} + +// NewNetworkNeighborsLister returns a new NetworkNeighborsLister. +func NewNetworkNeighborsLister(indexer cache.Indexer) NetworkNeighborsLister { + return &networkNeighborsLister{indexer: indexer} +} + +// List lists all NetworkNeighborses in the indexer. +func (s *networkNeighborsLister) List(selector labels.Selector) (ret []*v1beta1.NetworkNeighbors, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.NetworkNeighbors)) + }) + return ret, err +} + +// NetworkNeighborses returns an object that can list and get NetworkNeighborses. +func (s *networkNeighborsLister) NetworkNeighborses(namespace string) NetworkNeighborsNamespaceLister { + return networkNeighborsNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// NetworkNeighborsNamespaceLister helps list and get NetworkNeighborses. +// All objects returned here must be treated as read-only. +type NetworkNeighborsNamespaceLister interface { + // List lists all NetworkNeighborses in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1beta1.NetworkNeighbors, err error) + // Get retrieves the NetworkNeighbors from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1beta1.NetworkNeighbors, error) + NetworkNeighborsNamespaceListerExpansion +} + +// networkNeighborsNamespaceLister implements the NetworkNeighborsNamespaceLister +// interface. +type networkNeighborsNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all NetworkNeighborses in the indexer for a given namespace. +func (s networkNeighborsNamespaceLister) List(selector labels.Selector) (ret []*v1beta1.NetworkNeighbors, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.NetworkNeighbors)) + }) + return ret, err +} + +// Get retrieves the NetworkNeighbors from the indexer for a given namespace and name. +func (s networkNeighborsNamespaceLister) Get(name string) (*v1beta1.NetworkNeighbors, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1beta1.Resource("networkneighbors"), name) + } + return obj.(*v1beta1.NetworkNeighbors), nil +} diff --git a/pkg/generated/openapi/zz_generated.openapi.go b/pkg/generated/openapi/zz_generated.openapi.go index e93835fc7..22348053b 100644 --- a/pkg/generated/openapi/zz_generated.openapi.go +++ b/pkg/generated/openapi/zz_generated.openapi.go @@ -63,14 +63,49 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ExternalDocumentRef": schema_pkg_apis_softwarecomposition_v1beta1_ExternalDocumentRef(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.File": schema_pkg_apis_softwarecomposition_v1beta1_File(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Fix": schema_pkg_apis_softwarecomposition_v1beta1_Fix(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GeneratedNetworkPolicy": schema_pkg_apis_softwarecomposition_v1beta1_GeneratedNetworkPolicy(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GeneratedNetworkPolicyList": schema_pkg_apis_softwarecomposition_v1beta1_GeneratedNetworkPolicyList(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GrypeDocument": schema_pkg_apis_softwarecomposition_v1beta1_GrypeDocument(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GrypePackage": schema_pkg_apis_softwarecomposition_v1beta1_GrypePackage(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressPath": schema_pkg_apis_softwarecomposition_v1beta1_HTTPIngressPath(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressRuleValue": schema_pkg_apis_softwarecomposition_v1beta1_HTTPIngressRuleValue(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IPBlock": schema_pkg_apis_softwarecomposition_v1beta1_IPBlock(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRule": schema_pkg_apis_softwarecomposition_v1beta1_IgnoreRule(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRulePackage": schema_pkg_apis_softwarecomposition_v1beta1_IgnoreRulePackage(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoredMatch": schema_pkg_apis_softwarecomposition_v1beta1_IgnoredMatch(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Ingress": schema_pkg_apis_softwarecomposition_v1beta1_Ingress(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressBackend": schema_pkg_apis_softwarecomposition_v1beta1_IngressBackend(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClass": schema_pkg_apis_softwarecomposition_v1beta1_IngressClass(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClassList": schema_pkg_apis_softwarecomposition_v1beta1_IngressClassList(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClassParametersReference": schema_pkg_apis_softwarecomposition_v1beta1_IngressClassParametersReference(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClassSpec": schema_pkg_apis_softwarecomposition_v1beta1_IngressClassSpec(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressList": schema_pkg_apis_softwarecomposition_v1beta1_IngressList(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressLoadBalancerIngress": schema_pkg_apis_softwarecomposition_v1beta1_IngressLoadBalancerIngress(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressLoadBalancerStatus": schema_pkg_apis_softwarecomposition_v1beta1_IngressLoadBalancerStatus(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressPortStatus": schema_pkg_apis_softwarecomposition_v1beta1_IngressPortStatus(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressRule": schema_pkg_apis_softwarecomposition_v1beta1_IngressRule(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressRuleValue": schema_pkg_apis_softwarecomposition_v1beta1_IngressRuleValue(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressServiceBackend": schema_pkg_apis_softwarecomposition_v1beta1_IngressServiceBackend(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressSpec": schema_pkg_apis_softwarecomposition_v1beta1_IngressSpec(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressStatus": schema_pkg_apis_softwarecomposition_v1beta1_IngressStatus(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressTLS": schema_pkg_apis_softwarecomposition_v1beta1_IngressTLS(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.KnownServers": schema_pkg_apis_softwarecomposition_v1beta1_KnownServers(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Match": schema_pkg_apis_softwarecomposition_v1beta1_Match(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.MatchDetails": schema_pkg_apis_softwarecomposition_v1beta1_MatchDetails(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Metadata": schema_pkg_apis_softwarecomposition_v1beta1_Metadata(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighbor": schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighbor(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighbors": schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighbors(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighborsList": schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighborsList(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighborsSpec": schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighborsSpec(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicy": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicy(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyEgressRule": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyEgressRule(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyIngressRule": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyIngressRule(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyList": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyList(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPeer": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyPeer(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPort": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyPort(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicySpec": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicySpec(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyStatus": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyStatus(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPort": schema_pkg_apis_softwarecomposition_v1beta1_NetworkPort(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.OpenCalls": schema_pkg_apis_softwarecomposition_v1beta1_OpenCalls(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.OpenVulnerabilityExchangeContainer": schema_pkg_apis_softwarecomposition_v1beta1_OpenVulnerabilityExchangeContainer(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.OpenVulnerabilityExchangeContainerList": schema_pkg_apis_softwarecomposition_v1beta1_OpenVulnerabilityExchangeContainerList(ref), @@ -79,6 +114,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Package": schema_pkg_apis_softwarecomposition_v1beta1_Package(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.PackageExternalReference": schema_pkg_apis_softwarecomposition_v1beta1_PackageExternalReference(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.PackageVerificationCode": schema_pkg_apis_softwarecomposition_v1beta1_PackageVerificationCode(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.PolicyRef": schema_pkg_apis_softwarecomposition_v1beta1_PolicyRef(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Product": schema_pkg_apis_softwarecomposition_v1beta1_Product(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Relationship": schema_pkg_apis_softwarecomposition_v1beta1_Relationship(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ReportMeta": schema_pkg_apis_softwarecomposition_v1beta1_ReportMeta(ref), @@ -99,6 +135,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ScannedControlRule": schema_pkg_apis_softwarecomposition_v1beta1_ScannedControlRule(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ScannedControlStatus": schema_pkg_apis_softwarecomposition_v1beta1_ScannedControlStatus(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ScannedControlSummary": schema_pkg_apis_softwarecomposition_v1beta1_ScannedControlSummary(ref), + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ServiceBackendPort": schema_pkg_apis_softwarecomposition_v1beta1_ServiceBackendPort(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.SeveritySummary": schema_pkg_apis_softwarecomposition_v1beta1_SeveritySummary(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Snippet": schema_pkg_apis_softwarecomposition_v1beta1_Snippet(ref), "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.SnippetRange": schema_pkg_apis_softwarecomposition_v1beta1_SnippetRange(ref), @@ -1710,6 +1747,110 @@ func schema_pkg_apis_softwarecomposition_v1beta1_Fix(ref common.ReferenceCallbac } } +func schema_pkg_apis_softwarecomposition_v1beta1_GeneratedNetworkPolicy(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GeneratedNetworkPolicy represents a generated NetworkPolicy.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicy"), + }, + }, + "policyRef": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.PolicyRef"), + }, + }, + }, + }, + }, + }, + Required: []string{"spec", "policyRef"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicy", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.PolicyRef", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_GeneratedNetworkPolicyList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GeneratedNetworkPolicyList is a list of GeneratedNetworkPolicies.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "Items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GeneratedNetworkPolicy"), + }, + }, + }, + }, + }, + }, + Required: []string{"Items"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GeneratedNetworkPolicy", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + func schema_pkg_apis_softwarecomposition_v1beta1_GrypeDocument(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -1851,99 +1992,1502 @@ func schema_pkg_apis_softwarecomposition_v1beta1_GrypePackage(ref common.Referen Format: "", }, }, - "upstreams": { + "upstreams": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.UpstreamPackage"), + }, + }, + }, + }, + }, + "metadataType": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + }, + Required: []string{"name", "version", "type", "locations", "language", "licenses", "cpes", "purl", "upstreams"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.SyftCoordinates", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.UpstreamPackage"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_HTTPIngressPath(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "path": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "pathType": { + SchemaProps: spec.SchemaProps{ + Description: "pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is\n done on a path element by element basis. A path element refers is the\n list of labels in the path split by the '/' separator. A request is a\n match for path p if every p is an element-wise prefix of p of the\n request path. Note that if the last element of the path is a substring\n of the last element in request path, it is not a match (e.g. /foo/bar\n matches /foo/bar/baz, but does not match /foo/barbaz).\n* ImplementationSpecific: Interpretation of the Path matching is up to\n the IngressClass. Implementations can treat this as a separate PathType\n or treat it identically to Prefix or Exact path types.\nImplementations are required to support all path types.\n\nPossible enum values:\n - `\"Exact\"` matches the URL path exactly and with case sensitivity.\n - `\"ImplementationSpecific\"` matching is up to the IngressClass. Implementations can treat this as a separate PathType or treat it identically to Prefix or Exact path types.\n - `\"Prefix\"` matches based on a URL path prefix split by '/'. Matching is case sensitive and done on a path element by element basis. A path element refers to the list of labels in the path split by the '/' separator. A request is a match for path p if every p is an element-wise prefix of p of the request path. Note that if the last element of the path is a substring of the last element in request path, it is not a match (e.g. /foo/bar matches /foo/bar/baz, but does not match /foo/barbaz). If multiple matching paths exist in an Ingress spec, the longest matching path is given priority. Examples: - /foo/bar does not match requests to /foo/barbaz - /foo/bar matches request to /foo/bar and /foo/bar/baz - /foo and /foo/ both match requests to /foo and /foo/. If both paths are present in an Ingress spec, the longest matching path (/foo/) is given priority.", + Type: []string{"string"}, + Format: "", + Enum: []interface{}{"Exact", "ImplementationSpecific", "Prefix"}, + }, + }, + "backend": { + SchemaProps: spec.SchemaProps{ + Description: "backend defines the referenced service endpoint to which the traffic will be forwarded to.", + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressBackend"), + }, + }, + }, + Required: []string{"pathType", "backend"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressBackend"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_HTTPIngressRuleValue(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "paths": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "paths is a collection of paths that map requests to backends.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressPath"), + }, + }, + }, + }, + }, + }, + Required: []string{"paths"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressPath"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IPBlock(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IPBlock describes a particular CIDR (Ex. \"192.168.1.0/24\",\"2001:db8::/64\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "cidr": { + SchemaProps: spec.SchemaProps{ + Description: "cidr is a string representing the IPBlock Valid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "except": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"cidr"}, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IgnoreRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "vulnerability": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "fix-state": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "package": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRulePackage"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRulePackage"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IgnoreRulePackage(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "type": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "location": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IgnoredMatch(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "Match": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Match"), + }, + }, + "appliedIgnoreRules": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRule"), + }, + }, + }, + }, + }, + }, + Required: []string{"Match", "appliedIgnoreRules"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRule", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Match"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_Ingress(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressStatus"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressSpec", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressBackend(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressBackend describes all endpoints for a given service and port.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "service": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressServiceBackend"), + }, + }, + "resource": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressServiceBackend", "k8s.io/api/core/v1.TypedLocalObjectReference"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressClass(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressClass represents the class of the Ingress, referenced by the Ingress Spec. The `ingressclass.kubernetes.io/is-default-class` annotation can be used to indicate that an IngressClass should be considered default. When a single IngressClass resource has this annotation set to true, new Ingress resources without a class specified will be assigned this default class.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClassSpec"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClassSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressClassList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressClassList is a collection of IngressClasses.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Description: "items is the list of IngressClasses.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClass"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClass", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressClassParametersReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressClassParametersReference identifies an API object. This can be used to specify a cluster or namespace-scoped resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "apiGroup": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "kind is the type of resource being referenced.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Description: "name is the name of resource being referenced.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "scope": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "namespace": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"kind", "name", "scope"}, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressClassSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressClassSpec provides information about the class of an Ingress.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "controller": { + SchemaProps: spec.SchemaProps{ + Description: "controller refers to the name of the controller that should handle this class. This allows for different \"flavors\" that are controlled by the same controller. For example, you may have different parameters for the same implementing controller. This should be specified as a domain-prefixed path no more than 250 characters in length, e.g. \"acme.io/ingress-controller\". This field is immutable.", + Type: []string{"string"}, + Format: "", + }, + }, + "parameters": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClassParametersReference"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressClassParametersReference"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressList is a collection of Ingress.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Description: "items is the list of Ingress.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Ingress"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Ingress", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressLoadBalancerIngress(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressLoadBalancerIngress represents the status of a load-balancer ingress point.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ip": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "hostname": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "ports": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressPortStatus"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressPortStatus"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressLoadBalancerStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressLoadBalancerStatus represents the status of a load-balancer.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ingress": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressLoadBalancerIngress"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressLoadBalancerIngress"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressPortStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressPortStatus represents the error condition of a service port", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "port": { + SchemaProps: spec.SchemaProps{ + Description: "port is the port number of the ingress port.", + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + "protocol": { + SchemaProps: spec.SchemaProps{ + Description: "protocol is the protocol of the ingress port. The supported values are: \"TCP\", \"UDP\", \"SCTP\"", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "error": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"port", "protocol"}, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "host": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "http": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressRuleValue"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressRuleValue"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressRuleValue(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressRuleValue represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. Currently mixing different types of rules in a single Ingress is disallowed, so exactly one of the following must be set.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "http": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressRuleValue"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.HTTPIngressRuleValue"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressServiceBackend(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressServiceBackend references a Kubernetes Service as a Backend.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "name is the referenced service. The service must exist in the same namespace as the Ingress object.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "port": { + SchemaProps: spec.SchemaProps{ + Description: "port of the referenced service. A port name or port number is required for a IngressServiceBackend.", + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ServiceBackendPort"), + }, + }, + }, + Required: []string{"name"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.ServiceBackendPort"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressSpec describes the Ingress the user wishes to exist.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ingressClassName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "defaultBackend": { + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressBackend"), + }, + }, + "tls": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressTLS"), + }, + }, + }, + }, + }, + "rules": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressRule"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressBackend", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressRule", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressTLS"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressStatus describe the current state of the Ingress.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "loadBalancer": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressLoadBalancerStatus"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IngressLoadBalancerStatus"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_IngressTLS(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IngressTLS describes the transport layer security associated with an ingress.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "hosts": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "secretName": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_KnownServers(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ipBlock": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "dns": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"ipBlock", "dns", "name"}, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_Match(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "vulnerability": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Vulnerability"), + }, + }, + "relatedVulnerabilities": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.VulnerabilityMetadata"), + }, + }, + }, + }, + }, + "matchDetails": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.MatchDetails"), + }, + }, + }, + }, + }, + "artifact": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GrypePackage"), + }, + }, + }, + Required: []string{"vulnerability", "relatedVulnerabilities", "matchDetails", "artifact"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GrypePackage", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.MatchDetails", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Vulnerability", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.VulnerabilityMetadata"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_MatchDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "matcher": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "searchedBy": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + "found": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + }, + Required: []string{"type", "matcher"}, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_Metadata(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "@context": { + SchemaProps: spec.SchemaProps{ + Description: "Context is the URL pointing to the jsonld context definition", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "@id": { + SchemaProps: spec.SchemaProps{ + Description: "ID is the identifying string for the VEX document. This should be unique per document.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "author": { + SchemaProps: spec.SchemaProps{ + Description: "Author is the identifier for the author of the VEX statement, ideally a common name, may be a URI. [author] is an individual or organization. [author] identity SHOULD be cryptographically associated with the signature of the VEX statement or document or transport.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "role": { + SchemaProps: spec.SchemaProps{ + Description: "AuthorRole describes the role of the document Author.", + Type: []string{"string"}, + Format: "", + }, + }, + "timestamp": { + SchemaProps: spec.SchemaProps{ + Description: "Timestamp defines the time at which the document was issued.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "last_updated": { + SchemaProps: spec.SchemaProps{ + Description: "LastUpdated marks the time when the document had its last update. When the document changes both version and this field should be updated.", + Type: []string{"string"}, + Format: "", + }, + }, + "version": { + SchemaProps: spec.SchemaProps{ + Description: "Version is the document version. It must be incremented when any content within the VEX document changes, including any VEX statements included within the VEX document.", + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, + "tooling": { + SchemaProps: spec.SchemaProps{ + Description: "Tooling expresses how the VEX document and contained VEX statements were generated. It's optional. It may specify tools or automated processes used in the document or statement generation.", + Type: []string{"string"}, + Format: "", + }, + }, + "supplier": { + SchemaProps: spec.SchemaProps{ + Description: "Supplier is an optional field.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"@context", "@id", "author", "timestamp", "version"}, + }, + }, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighbor(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkNeighbor represents a single network communication made by this resource.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "identifier": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "type": { + SchemaProps: spec.SchemaProps{ + Description: "A unique identifier for this entry", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "dns": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "ports": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPort"), + }, + }, + }, + }, + }, + "podSelector": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + }, + }, + "namespaceSelector": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + }, + }, + "ipAddress": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"identifier", "type", "dns", "ports", "podSelector", "namespaceSelector", "ipAddress"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPort", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighbors(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkNeighbors represents a list of network communications for a specific workload.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighborsSpec"), + }, + }, + }, + Required: []string{"spec"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighborsSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighborsList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkNeighborsList is a list of NetworkNeighbors.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighbors"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighbors", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkNeighborsSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "matchLabels": { + SchemaProps: spec.SchemaProps{ + Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "matchExpressions": { + SchemaProps: spec.SchemaProps{ + Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + }, + }, + }, + }, + }, + "ingress": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-patch-merge-key": "identifier", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighbor"), + }, + }, + }, + }, + }, + "egress": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-patch-merge-key": "identifier", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighbor"), + }, + }, + }, + }, + }, + }, + Required: []string{"ingress", "egress"}, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkNeighbor", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicy(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicySpec"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicySpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyEgressRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ports": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPort"), + }, + }, + }, + }, + }, + "to": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPeer"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPeer", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPort"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyIngressRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ports": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPort"), + }, + }, + }, + }, + }, + "from": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPeer"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPeer", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyPort"}, + } +} + +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyList is a list of NetworkPolicy objects.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, + Description: "items is a list of schema objects.", + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.UpstreamPackage"), + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicy"), }, }, }, }, }, - "metadataType": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "byte", - }, - }, }, - Required: []string{"name", "version", "type", "locations", "language", "licenses", "cpes", "purl", "upstreams"}, + Required: []string{"items"}, }, }, Dependencies: []string{ - "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.SyftCoordinates", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.UpstreamPackage"}, + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicy", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_softwarecomposition_v1beta1_IgnoreRule(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyPeer(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed", + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "vulnerability": { + "podSelector": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), }, }, - "fix-state": { + "namespaceSelector": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), }, }, - "package": { + "ipBlock": { SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRulePackage"), + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IPBlock"), }, }, }, }, }, Dependencies: []string{ - "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRulePackage"}, + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IPBlock", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, } } -func schema_pkg_apis_softwarecomposition_v1beta1_IgnoreRulePackage(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyPort(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "NetworkPolicyPort describes a port to allow traffic on", + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "version": { + "protocol": { SchemaProps: spec.SchemaProps{ Type: []string{"string"}, Format: "", }, }, - "type": { + "port": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Type: []string{"integer"}, + Format: "int32", }, }, - "location": { + "endPort": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Type: []string{"integer"}, + Format: "int32", }, }, }, @@ -1952,208 +3496,136 @@ func schema_pkg_apis_softwarecomposition_v1beta1_IgnoreRulePackage(ref common.Re } } -func schema_pkg_apis_softwarecomposition_v1beta1_IgnoredMatch(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicySpec(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "NetworkPolicySpec provides the specification of a NetworkPolicy", + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "Match": { + "podSelector": { SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Match"), + Description: "podSelector selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), }, }, - "appliedIgnoreRules": { + "ingress": { SchemaProps: spec.SchemaProps{ Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRule"), + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyIngressRule"), }, }, }, }, }, - }, - Required: []string{"Match", "appliedIgnoreRules"}, - }, - }, - Dependencies: []string{ - "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.IgnoreRule", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Match"}, - } -} - -func schema_pkg_apis_softwarecomposition_v1beta1_Match(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "vulnerability": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Vulnerability"), - }, - }, - "relatedVulnerabilities": { + "egress": { SchemaProps: spec.SchemaProps{ Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.VulnerabilityMetadata"), + Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyEgressRule"), }, }, }, }, }, - "matchDetails": { + "policyTypes": { SchemaProps: spec.SchemaProps{ Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.MatchDetails"), + Default: "", + Type: []string{"string"}, + Format: "", }, }, }, }, }, - "artifact": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GrypePackage"), - }, - }, }, - Required: []string{"vulnerability", "relatedVulnerabilities", "matchDetails", "artifact"}, + Required: []string{"podSelector"}, }, }, Dependencies: []string{ - "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.GrypePackage", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.MatchDetails", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.Vulnerability", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.VulnerabilityMetadata"}, + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyEgressRule", "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1.NetworkPolicyIngressRule", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, } } -func schema_pkg_apis_softwarecomposition_v1beta1_MatchDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPolicyStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "NetworkPolicyStatus describes the current state of the NetworkPolicy.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "matcher": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "searchedBy": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "byte", + "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge", + }, }, - }, - "found": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "byte", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"), + }, + }, + }, }, }, }, - Required: []string{"type", "matcher"}, }, }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"}, } } -func schema_pkg_apis_softwarecomposition_v1beta1_Metadata(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_softwarecomposition_v1beta1_NetworkPort(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Type: []string{"object"}, Properties: map[string]spec.Schema{ - "@context": { - SchemaProps: spec.SchemaProps{ - Description: "Context is the URL pointing to the jsonld context definition", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "@id": { - SchemaProps: spec.SchemaProps{ - Description: "ID is the identifying string for the VEX document. This should be unique per document.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "author": { - SchemaProps: spec.SchemaProps{ - Description: "Author is the identifier for the author of the VEX statement, ideally a common name, may be a URI. [author] is an individual or organization. [author] identity SHOULD be cryptographically associated with the signature of the VEX statement or document or transport.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "role": { + "name": { SchemaProps: spec.SchemaProps{ - Description: "AuthorRole describes the role of the document Author.", - Type: []string{"string"}, - Format: "", + Default: "", + Type: []string{"string"}, + Format: "", }, }, - "timestamp": { + "protocol": { SchemaProps: spec.SchemaProps{ - Description: "Timestamp defines the time at which the document was issued.", + Description: "protocol-port", Default: "", Type: []string{"string"}, Format: "", }, }, - "last_updated": { - SchemaProps: spec.SchemaProps{ - Description: "LastUpdated marks the time when the document had its last update. When the document changes both version and this field should be updated.", - Type: []string{"string"}, - Format: "", - }, - }, - "version": { - SchemaProps: spec.SchemaProps{ - Description: "Version is the document version. It must be incremented when any content within the VEX document changes, including any VEX statements included within the VEX document.", - Default: 0, - Type: []string{"integer"}, - Format: "int32", - }, - }, - "tooling": { - SchemaProps: spec.SchemaProps{ - Description: "Tooling expresses how the VEX document and contained VEX statements were generated. It's optional. It may specify tools or automated processes used in the document or statement generation.", - Type: []string{"string"}, - Format: "", - }, - }, - "supplier": { + "port": { SchemaProps: spec.SchemaProps{ - Description: "Supplier is an optional field.", - Type: []string{"string"}, - Format: "", + Type: []string{"integer"}, + Format: "int32", }, }, }, - Required: []string{"@context", "@id", "author", "timestamp", "version"}, + Required: []string{"name", "protocol", "port"}, }, }, } @@ -2737,6 +4209,47 @@ func schema_pkg_apis_softwarecomposition_v1beta1_PackageVerificationCode(ref com } } +func schema_pkg_apis_softwarecomposition_v1beta1_PolicyRef(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ipBlock": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "originalIP": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "dns": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"ipBlock", "originalIP", "dns", "name"}, + }, + }, + } +} + func schema_pkg_apis_softwarecomposition_v1beta1_Product(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -3530,6 +5043,31 @@ func schema_pkg_apis_softwarecomposition_v1beta1_ScannedControlSummary(ref commo } } +func schema_pkg_apis_softwarecomposition_v1beta1_ServiceBackendPort(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ServiceBackendPort is the service port being referenced.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "number": { + SchemaProps: spec.SchemaProps{ + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + } +} + func schema_pkg_apis_softwarecomposition_v1beta1_SeveritySummary(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/pkg/registry/file/generatednetworkpolicy.go b/pkg/registry/file/generatednetworkpolicy.go new file mode 100644 index 000000000..2b367fab0 --- /dev/null +++ b/pkg/registry/file/generatednetworkpolicy.go @@ -0,0 +1,389 @@ +package file + +import ( + "context" + "encoding/json" + "fmt" + "net" + "strings" + + "github.com/kubescape/go-logger" + "github.com/kubescape/go-logger/helpers" + "github.com/kubescape/storage/pkg/apis/softwarecomposition" + "go.opentelemetry.io/otel" + "go.opentelemetry.io/otel/attribute" + "golang.org/x/exp/maps" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/apiserver/pkg/storage" +) + +const ( + networkNeighborsResource = "networkneighborses" +) + +// GeneratedNetworkPolicyStorage offers a storage solution for GeneratedNetworkPolicy objects, implementing custom business logic for these objects and using the underlying default storage implementation. +type GeneratedNetworkPolicyStorage struct { + realStore StorageQuerier + versioner storage.Versioner +} + +var _ storage.Interface = &GeneratedNetworkPolicyStorage{} + +func NewGeneratedNetworkPolicyStorage(realStore *StorageQuerier) storage.Interface { + return &GeneratedNetworkPolicyStorage{ + realStore: *realStore, + versioner: storage.APIObjectVersioner{}, + } +} + +// Versioner Returns Versioner associated with this interface. +func (s *GeneratedNetworkPolicyStorage) Versioner() storage.Versioner { + return s.versioner +} + +// Create is not supported for GeneratedNetworkPolicy objects. Objects are generated on the fly and not stored. +func (s *GeneratedNetworkPolicyStorage) Create(ctx context.Context, key string, obj, out runtime.Object, _ uint64) error { + return storage.NewInvalidObjError(key, operationNotSupportedMsg) +} + +// Delete is not supported for GeneratedNetworkPolicy objects. Objects are generated on the fly and not stored. +func (s *GeneratedNetworkPolicyStorage) Delete(ctx context.Context, key string, out runtime.Object, _ *storage.Preconditions, _ storage.ValidateObjectFunc, _ runtime.Object) error { + return storage.NewInvalidObjError(key, operationNotSupportedMsg) +} + +// Watch is not supported for GeneratedNetworkPolicy objects. Objects are generated on the fly and not stored. +func (s *GeneratedNetworkPolicyStorage) Watch(ctx context.Context, key string, _ storage.ListOptions) (watch.Interface, error) { + return nil, storage.NewInvalidObjError(key, operationNotSupportedMsg) +} + +// Get generates and returns a single GeneratedNetworkPolicy object +func (s *GeneratedNetworkPolicyStorage) Get(ctx context.Context, key string, opts storage.GetOptions, objPtr runtime.Object) error { + ctx, span := otel.Tracer("").Start(ctx, "GeneratedNetworkPolicyStorage.Get") + span.SetAttributes(attribute.String("key", key)) + defer span.End() + + logger.L().Ctx(ctx).Debug("GeneratedNetworkPolicyStorage.Get", helpers.String("key", key)) + + // retrieve network neighbor with the same name + networkNeighborsObjPtr := &softwarecomposition.NetworkNeighbors{} + + key = replaceKeyForKind(key, networkNeighborsResource) + + if err := s.realStore.Get(ctx, key, opts, networkNeighborsObjPtr); err != nil { + return err + } + // TODO(DanielGrunberegerCA): get known servers + generatedNetworkPolicy, err := generateNetworkPolicy(*networkNeighborsObjPtr, []softwarecomposition.KnownServers{}, metav1.Now()) + if err != nil { + return fmt.Errorf("error generating network policy: %w", err) + } + + data, err := json.Marshal(generatedNetworkPolicy) + if err != nil { + logger.L().Ctx(ctx).Error("json marshal failed", helpers.Error(err), helpers.String("key", key)) + return err + } + + if err = json.Unmarshal(data, objPtr); err != nil { + logger.L().Ctx(ctx).Error("json unmarshal failed", helpers.Error(err), helpers.String("key", key)) + return err + } + + return nil +} + +// GetList generates and returns a list of GeneratedNetworkPolicy objects for the given namespace +func (s *GeneratedNetworkPolicyStorage) GetList(ctx context.Context, key string, _ storage.ListOptions, listObj runtime.Object) error { + // get all network neighbors on namespace + networkNeighborsObjListPtr := &softwarecomposition.NetworkNeighborsList{} + + generatedNetworkPolicyList := &softwarecomposition.GeneratedNetworkPolicyList{ + TypeMeta: metav1.TypeMeta{ + APIVersion: storageV1Beta1ApiVersion, + }, + } + + namespace := getNamespaceFromKey(key) + + if err := s.realStore.GetByNamespace(ctx, softwarecomposition.GroupName, networkNeighborsResource, namespace, networkNeighborsObjListPtr); err != nil { + return err + } + + for _, networkNeighbors := range networkNeighborsObjListPtr.Items { + generatedNetworkPolicy, err := generateNetworkPolicy(networkNeighbors, []softwarecomposition.KnownServers{}, metav1.Now()) + if err != nil { + return fmt.Errorf("error generating network policy: %w", err) + } + + generatedNetworkPolicyList.Items = append(generatedNetworkPolicyList.Items, generatedNetworkPolicy) + + } + + data, err := json.Marshal(generatedNetworkPolicyList) + if err != nil { + logger.L().Ctx(ctx).Error("json marshal failed", helpers.Error(err), helpers.String("key", key)) + return err + } + + if err = json.Unmarshal(data, listObj); err != nil { + logger.L().Ctx(ctx).Error("json unmarshal failed", helpers.Error(err), helpers.String("key", key)) + return err + } + + return nil +} + +// GuaranteedUpdate is not supported for GeneratedNetworkPolicy objects. Objects are generated on the fly and not stored. +func (s *GeneratedNetworkPolicyStorage) GuaranteedUpdate( + ctx context.Context, key string, destination runtime.Object, ignoreNotFound bool, + preconditions *storage.Preconditions, tryUpdate storage.UpdateFunc, cachedExistingObject runtime.Object) error { + return storage.NewInvalidObjError(key, operationNotSupportedMsg) +} + +// Count is not supported for GeneratedNetworkPolicy objects. Objects are generated on the fly and not stored. +func (s *GeneratedNetworkPolicyStorage) Count(key string) (int64, error) { + return 0, storage.NewInvalidObjError(key, operationNotSupportedMsg) +} + +func generateNetworkPolicy(networkNeighbors softwarecomposition.NetworkNeighbors, knownServers []softwarecomposition.KnownServers, timeProvider metav1.Time) (softwarecomposition.GeneratedNetworkPolicy, error) { + networkPolicy := softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: metav1.ObjectMeta{ + Name: networkNeighbors.Name, + Namespace: networkNeighbors.Namespace, + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + } + + if networkNeighbors.Spec.MatchLabels != nil { + networkPolicy.Spec.PodSelector.MatchLabels = maps.Clone(networkNeighbors.Spec.MatchLabels) + } + + if networkNeighbors.Spec.MatchExpressions != nil { + networkPolicy.Spec.PodSelector.MatchExpressions = networkNeighbors.Spec.MatchExpressions + } + + if len(networkNeighbors.Spec.Ingress) > 0 { + networkPolicy.Spec.PolicyTypes = append(networkPolicy.Spec.PolicyTypes, "Ingress") + } + + if len(networkNeighbors.Spec.Egress) > 0 { + networkPolicy.Spec.PolicyTypes = append(networkPolicy.Spec.PolicyTypes, "Egress") + } + + generatedNetworkPolicy := softwarecomposition.GeneratedNetworkPolicy{ + TypeMeta: metav1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: storageV1Beta1ApiVersion, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: networkNeighbors.Name, + Namespace: networkNeighbors.Namespace, + Labels: networkNeighbors.Labels, + CreationTimestamp: timeProvider, + }, + PoliciesRef: []softwarecomposition.PolicyRef{}, + } + + for _, neighbor := range networkNeighbors.Spec.Ingress { + + ingressRules, policyRefs := generateIngressRule(neighbor, knownServers) + + generatedNetworkPolicy.PoliciesRef = append(generatedNetworkPolicy.PoliciesRef, policyRefs...) + + networkPolicy.Spec.Ingress = append(networkPolicy.Spec.Ingress, ingressRules) + + } + + for _, neighbor := range networkNeighbors.Spec.Egress { + + egressRules, policyRefs := generateEgressRule(neighbor, knownServers) + + generatedNetworkPolicy.PoliciesRef = append(generatedNetworkPolicy.PoliciesRef, policyRefs...) + + networkPolicy.Spec.Egress = append(networkPolicy.Spec.Egress, egressRules) + + } + + generatedNetworkPolicy.Spec = networkPolicy + + return generatedNetworkPolicy, nil +} + +func generateEgressRule(neighbor softwarecomposition.NetworkNeighbor, knownServers []softwarecomposition.KnownServers) (softwarecomposition.NetworkPolicyEgressRule, []softwarecomposition.PolicyRef) { + egressRule := softwarecomposition.NetworkPolicyEgressRule{} + policyRefs := []softwarecomposition.PolicyRef{} + + if neighbor.PodSelector != nil { + egressRule.To = append(egressRule.To, softwarecomposition.NetworkPolicyPeer{ + PodSelector: neighbor.PodSelector, + }) + } + + if neighbor.NamespaceSelector != nil { + // the ns label goes together with the pod label + if len(egressRule.To) > 0 { + egressRule.To[0].NamespaceSelector = neighbor.NamespaceSelector + } else { + // TOD0(DanielGrunberegerCA): is this a valid case? + egressRule.To = append(egressRule.To, softwarecomposition.NetworkPolicyPeer{ + NamespaceSelector: neighbor.NamespaceSelector, + }) + } + } + + if neighbor.IPAddress != "" { + isKnownServer := false + // look if this IP is part of any known server + for _, knownServer := range knownServers { + _, subNet, err := net.ParseCIDR(knownServer.IPBlock) + if err != nil { + logger.L().Error("error parsing cidr", helpers.Error(err)) + continue + } + if subNet.Contains(net.ParseIP(neighbor.IPAddress)) { + egressRule.To = append(egressRule.To, softwarecomposition.NetworkPolicyPeer{ + IPBlock: &softwarecomposition.IPBlock{ + CIDR: knownServer.IPBlock, + }, + }) + isKnownServer = true + + policyRef := softwarecomposition.PolicyRef{ + Name: knownServer.Name, + OriginalIP: neighbor.IPAddress, + IPBlock: knownServer.IPBlock, + } + + if knownServer.DNS != "" { + policyRef.DNS = knownServer.DNS + } + + policyRefs = append(policyRefs, policyRef) + break + } + } + + if !isKnownServer { + ipBlock := getSingleIP(neighbor.IPAddress) + egressRule.To = append(egressRule.To, softwarecomposition.NetworkPolicyPeer{ + IPBlock: ipBlock, + }) + + if neighbor.DNS != "" { + policyRefs = append(policyRefs, softwarecomposition.PolicyRef{ + Name: neighbor.DNS, + DNS: neighbor.DNS, + IPBlock: ipBlock.CIDR, + OriginalIP: neighbor.IPAddress, + }) + } + } + } + + for _, networkPort := range neighbor.Ports { + protocol := v1.Protocol(strings.ToUpper(string(networkPort.Protocol))) + portInt32 := networkPort.Port + + egressRule.Ports = append(egressRule.Ports, softwarecomposition.NetworkPolicyPort{ + Protocol: &protocol, + Port: portInt32, + }) + } + + return egressRule, policyRefs +} + +func generateIngressRule(neighbor softwarecomposition.NetworkNeighbor, knownServers []softwarecomposition.KnownServers) (softwarecomposition.NetworkPolicyIngressRule, []softwarecomposition.PolicyRef) { + ingressRule := softwarecomposition.NetworkPolicyIngressRule{} + policyRefs := []softwarecomposition.PolicyRef{} + + if neighbor.PodSelector != nil { + ingressRule.From = append(ingressRule.From, softwarecomposition.NetworkPolicyPeer{ + PodSelector: neighbor.PodSelector, + }) + } + if neighbor.NamespaceSelector != nil { + // the ns label goes together with the pod label + if len(ingressRule.From) > 0 { + ingressRule.From[0].NamespaceSelector = neighbor.NamespaceSelector + } else { + // TOD0(DanielGrunberegerCA): is this a valid case? + ingressRule.From = append(ingressRule.From, softwarecomposition.NetworkPolicyPeer{ + NamespaceSelector: neighbor.NamespaceSelector, + }) + } + } + + if neighbor.IPAddress != "" { + isKnownServer := false + // look if this IP is part of any known server + for _, knownServer := range knownServers { + _, subNet, err := net.ParseCIDR(knownServer.IPBlock) + if err != nil { + logger.L().Error("error parsing cidr", helpers.Error(err)) + continue + } + if subNet.Contains(net.ParseIP(neighbor.IPAddress)) { + ingressRule.From = append(ingressRule.From, softwarecomposition.NetworkPolicyPeer{ + IPBlock: &softwarecomposition.IPBlock{ + CIDR: knownServer.IPBlock, + }, + }) + isKnownServer = true + + policyRef := softwarecomposition.PolicyRef{ + Name: knownServer.Name, + OriginalIP: neighbor.IPAddress, + IPBlock: knownServer.IPBlock, + } + + if knownServer.DNS != "" { + policyRef.DNS = knownServer.DNS + } + + policyRefs = append(policyRefs, policyRef) + break + } + } + + if !isKnownServer { + ipBlock := getSingleIP(neighbor.IPAddress) + ingressRule.From = append(ingressRule.From, softwarecomposition.NetworkPolicyPeer{ + IPBlock: ipBlock, + }) + + if neighbor.DNS != "" { + policyRefs = append(policyRefs, softwarecomposition.PolicyRef{ + Name: neighbor.DNS, + DNS: neighbor.DNS, + IPBlock: ipBlock.CIDR, + OriginalIP: neighbor.IPAddress, + }) + } + } + } + + for _, networkPort := range neighbor.Ports { + protocol := v1.Protocol(strings.ToUpper(string(networkPort.Protocol))) + portInt32 := networkPort.Port + + ingressRule.Ports = append(ingressRule.Ports, softwarecomposition.NetworkPolicyPort{ + Protocol: &protocol, + Port: portInt32, + }) + } + + return ingressRule, policyRefs +} + +func getSingleIP(ipAddress string) *softwarecomposition.IPBlock { + ipBlock := &softwarecomposition.IPBlock{CIDR: ipAddress + "/32"} + return ipBlock +} diff --git a/pkg/registry/file/generatednetworkpolicy_test.go b/pkg/registry/file/generatednetworkpolicy_test.go new file mode 100644 index 000000000..17c6c0863 --- /dev/null +++ b/pkg/registry/file/generatednetworkpolicy_test.go @@ -0,0 +1,1490 @@ +package file + +import ( + "context" + "testing" + + "github.com/kubescape/storage/pkg/apis/softwarecomposition" + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + "github.com/spf13/afero" + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/storage" + "k8s.io/utils/pointer" +) + +func TestGenerateNetworkPolicy(t *testing.T) { + timeProvider := metav1.Now() + protocolTCP := corev1.ProtocolTCP + tests := []struct { + name string + networkNeighbors softwarecomposition.NetworkNeighbors + knownServers []softwarecomposition.KnownServers + expectedNetworkPolicy softwarecomposition.GeneratedNetworkPolicy + }{ + { + name: "same port on different entries - one entry per workload", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "two": "2", + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + PoliciesRef: []softwarecomposition.PolicyRef{}, + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + }, + }, + }, + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "two": "2", + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + { + name: "same port on different entries - one entry per workload egress", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Egress: []softwarecomposition.NetworkNeighbor{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "two": "2", + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + PoliciesRef: []softwarecomposition.PolicyRef{}, + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeEgress, + }, + Egress: []softwarecomposition.NetworkPolicyEgressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + To: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + }, + }, + }, + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + To: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "two": "2", + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + { + name: "multiple ports on same entry - ports aggregated under one entry", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + { + Port: pointer.Int32(50), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-50", + }, + { + Port: pointer.Int32(40), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-40", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + PoliciesRef: []softwarecomposition.PolicyRef{}, + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + { + Port: pointer.Int32(50), + Protocol: &protocolTCP, + }, + { + Port: pointer.Int32(40), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + { + name: "multiple ports on same entry - ports aggregated under one entry egress", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Egress: []softwarecomposition.NetworkNeighbor{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + { + Port: pointer.Int32(50), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-50", + }, + { + Port: pointer.Int32(40), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-40", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + PoliciesRef: []softwarecomposition.PolicyRef{}, + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeEgress, + }, + Egress: []softwarecomposition.NetworkPolicyEgressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + { + Port: pointer.Int32(50), + Protocol: &protocolTCP, + }, + { + Port: pointer.Int32(40), + Protocol: &protocolTCP, + }, + }, + To: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + { + name: "entry with namespace and multiple pod selectors - all labels are added together", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + "two": "2", + }, + }, + NamespaceSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "ns": "ns", + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + PoliciesRef: []softwarecomposition.PolicyRef{}, + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "one": "1", + "two": "2", + }, + }, + NamespaceSelector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "ns": "ns", + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + { + name: "entry with raw IP and empty known servers - IPBlock is IP/32", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + IPAddress: "154.53.46.32", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + PoliciesRef: []softwarecomposition.PolicyRef{}, + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "154.53.46.32/32", + }, + }, + }, + }, + }, + }, + }, + }, + }, + { + name: "matchExpressions as labels - labels are saved correctly", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + PodSelector: &v1.LabelSelector{ + MatchExpressions: []v1.LabelSelectorRequirement{ + { + Key: "one", + Operator: v1.LabelSelectorOpIn, + Values: []string{ + "1", + }, + }, + }, + }, + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + { + Port: pointer.Int32(50), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-50", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + PoliciesRef: []softwarecomposition.PolicyRef{}, + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + { + Port: pointer.Int32(50), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + PodSelector: &v1.LabelSelector{ + MatchExpressions: []v1.LabelSelectorRequirement{ + { + Key: "one", + Operator: v1.LabelSelectorOpIn, + Values: []string{ + "1", + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + { + name: "IP in known server - policy is enriched", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + IPAddress: "172.17.0.2", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + knownServers: []softwarecomposition.KnownServers{ + { + IPBlock: "172.17.0.0/16", + Name: "test", + DNS: "", + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "172.17.0.0/16", + }, + }, + }, + }, + }, + }, + }, + PoliciesRef: []softwarecomposition.PolicyRef{ + { + IPBlock: "172.17.0.0/16", + OriginalIP: "172.17.0.2", + DNS: "", + Name: "test", + }, + }, + }, + }, + { + name: "multiple IPs in known servers - policy is enriched", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + IPAddress: "172.17.0.2", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + { + IPAddress: "174.17.0.2", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(50), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-50", + }, + }, + }, + { + IPAddress: "156.43.0.2", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + knownServers: []softwarecomposition.KnownServers{ + { + IPBlock: "172.17.0.0/16", + Name: "name1", + DNS: "", + }, + { + IPBlock: "174.17.0.0/16", + Name: "name2", + DNS: "", + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "172.17.0.0/16", + }, + }, + }, + }, + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(50), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "174.17.0.0/16", + }, + }, + }, + }, + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "156.43.0.2/32", + }, + }, + }, + }, + }, + }, + }, + PoliciesRef: []softwarecomposition.PolicyRef{ + { + IPBlock: "172.17.0.0/16", + OriginalIP: "172.17.0.2", + DNS: "", + Name: "name1", + }, + { + IPBlock: "174.17.0.0/16", + OriginalIP: "174.17.0.2", + DNS: "", + Name: "name2", + }, + }, + }, + }, + { + name: "dns in network neighbor - policy is enriched", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + IPAddress: "172.17.0.2", + DNS: "test.com", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + { + IPAddress: "198.17.0.2", + DNS: "stripe.com", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "172.17.0.2/32", + }, + }, + }, + }, + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "198.17.0.2/32", + }, + }, + }, + }, + }, + }, + }, + PoliciesRef: []softwarecomposition.PolicyRef{ + { + IPBlock: "172.17.0.2/32", + OriginalIP: "172.17.0.2", + DNS: "test.com", + Name: "test.com", + }, + { + IPBlock: "198.17.0.2/32", + OriginalIP: "198.17.0.2", + DNS: "stripe.com", + Name: "stripe.com", + }, + }, + }, + }, + { + name: "dns and known servers - policy is enriched", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Ingress: []softwarecomposition.NetworkNeighbor{ + { + IPAddress: "172.17.0.2", + DNS: "test.com", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + { + IPAddress: "198.17.0.2", + DNS: "stripe.com", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + knownServers: []softwarecomposition.KnownServers{ + { + Name: "test", + DNS: "test.com", + IPBlock: "172.17.0.0/16", + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeIngress, + }, + Ingress: []softwarecomposition.NetworkPolicyIngressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "172.17.0.0/16", + }, + }, + }, + }, + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + From: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "198.17.0.2/32", + }, + }, + }, + }, + }, + }, + }, + PoliciesRef: []softwarecomposition.PolicyRef{ + { + IPBlock: "172.17.0.0/16", + OriginalIP: "172.17.0.2", + DNS: "test.com", + Name: "test", + }, + { + IPBlock: "198.17.0.2/32", + OriginalIP: "198.17.0.2", + DNS: "stripe.com", + Name: "stripe.com", + }, + }, + }, + }, + { + name: "dns and known servers - policy is enriched for egress", + networkNeighbors: softwarecomposition.NetworkNeighbors{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + }, + Spec: softwarecomposition.NetworkNeighborsSpec{ + LabelSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + Egress: []softwarecomposition.NetworkNeighbor{ + { + IPAddress: "172.17.0.2", + DNS: "test.com", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + { + IPAddress: "198.17.0.2", + DNS: "stripe.com", + Ports: []softwarecomposition.NetworkPort{ + { + Port: pointer.Int32(80), + Protocol: softwarecomposition.ProtocolTCP, + Name: "TCP-80", + }, + }, + }, + }, + }, + }, + knownServers: []softwarecomposition.KnownServers{ + { + Name: "test", + DNS: "test.com", + IPBlock: "172.17.0.0/16", + }, + }, + expectedNetworkPolicy: softwarecomposition.GeneratedNetworkPolicy{ + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + CreationTimestamp: timeProvider, + }, + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: softwarecomposition.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Name: "deployment-nginx", + Namespace: "kubescape", + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + Spec: softwarecomposition.NetworkPolicySpec{ + PodSelector: v1.LabelSelector{ + MatchLabels: map[string]string{ + "app": "nginx", + }, + }, + PolicyTypes: []softwarecomposition.PolicyType{ + softwarecomposition.PolicyTypeEgress, + }, + Egress: []softwarecomposition.NetworkPolicyEgressRule{ + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + To: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "172.17.0.0/16", + }, + }, + }, + }, + { + Ports: []softwarecomposition.NetworkPolicyPort{ + { + Port: pointer.Int32(80), + Protocol: &protocolTCP, + }, + }, + To: []softwarecomposition.NetworkPolicyPeer{ + { + IPBlock: &softwarecomposition.IPBlock{ + CIDR: "198.17.0.2/32", + }, + }, + }, + }, + }, + }, + }, + PoliciesRef: []softwarecomposition.PolicyRef{ + { + IPBlock: "172.17.0.0/16", + OriginalIP: "172.17.0.2", + DNS: "test.com", + Name: "test", + }, + { + IPBlock: "198.17.0.2/32", + OriginalIP: "198.17.0.2", + DNS: "stripe.com", + Name: "stripe.com", + }, + }, + }, + }, + } + + for _, test := range tests { + + got, err := generateNetworkPolicy(test.networkNeighbors, test.knownServers, timeProvider) + + assert.NoError(t, err) + + assert.Equal(t, test.expectedNetworkPolicy, got, test.name) + } +} + +func TestGeneratedNetworkPolicyStorage_Get(t *testing.T) { + type args struct { + key string + opts storage.GetOptions + objPtr runtime.Object + } + tests := []struct { + name string + args args + create bool + expectedError error + want runtime.Object + }{ + { + name: "no existing objects return empty list", + args: args{ + key: "/spdx.softwarecomposition.kubescape.io/generatednetworkpolicies/kubescape/toto", + }, + expectedError: storage.NewKeyNotFoundError("/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/toto", 0), + }, + { + name: "existing object is returned", + args: args{ + key: "/spdx.softwarecomposition.kubescape.io/generatednetworkpolicies/kubescape/toto", + objPtr: &v1beta1.GeneratedNetworkPolicy{}, + }, + expectedError: nil, + create: true, + want: &v1beta1.GeneratedNetworkPolicy{ + TypeMeta: v1.TypeMeta{ + Kind: "GeneratedNetworkPolicy", + APIVersion: "spdx.softwarecomposition.kubescape.io/v1beta1", + }, + Spec: v1beta1.NetworkPolicy{ + Kind: "NetworkPolicy", + APIVersion: "networking.k8s.io/v1", + ObjectMeta: v1.ObjectMeta{ + Annotations: map[string]string{ + "generated-by": "kubescape", + }, + }, + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + realStorage := NewStorageImpl(afero.NewMemMapFs(), "/") + generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(&realStorage) + + if tt.create { + wlObj := &softwarecomposition.NetworkNeighbors{} + err := realStorage.Create(context.TODO(), "/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/toto", wlObj, nil, 0) + assert.NoError(t, err) + } + + err := generatedNetworkPolicyStorage.Get(context.TODO(), tt.args.key, tt.args.opts, tt.args.objPtr) + + if tt.expectedError != nil { + assert.EqualError(t, err, tt.expectedError.Error()) + } + + assert.Equal(t, tt.want, tt.args.objPtr) + }) + } +} + +func TestGeneratedNetworkPolicyStorage_Count(t *testing.T) { + storageImpl := NewStorageImpl(afero.NewMemMapFs(), "") + generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(&storageImpl) + + count, err := generatedNetworkPolicyStorage.Count("random") + + assert.Equal(t, int64(0), count) + + expectedError := storage.NewInvalidObjError("random", operationNotSupportedMsg) + + assert.EqualError(t, err, expectedError.Error()) +} + +func TestGeneratedNetworkPolicyStorage_Create(t *testing.T) { + storageImpl := NewStorageImpl(afero.NewMemMapFs(), "") + generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(&storageImpl) + + err := generatedNetworkPolicyStorage.Create(nil, "", nil, nil, 0) + + expectedError := storage.NewInvalidObjError("", operationNotSupportedMsg) + + assert.EqualError(t, err, expectedError.Error()) +} + +func TestGeneratedNetworkPolicyStorage_Delete(t *testing.T) { + storageImpl := NewStorageImpl(afero.NewMemMapFs(), "") + generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(&storageImpl) + + err := generatedNetworkPolicyStorage.Delete(nil, "", nil, nil, nil, nil) + + expectedError := storage.NewInvalidObjError("", operationNotSupportedMsg) + + assert.EqualError(t, err, expectedError.Error()) +} + +func TestGeneratedNetworkPolicyStorage_Watch(t *testing.T) { + storageImpl := NewStorageImpl(afero.NewMemMapFs(), "") + generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(&storageImpl) + + _, err := generatedNetworkPolicyStorage.Watch(nil, "", storage.ListOptions{}) + + expectedError := storage.NewInvalidObjError("", operationNotSupportedMsg) + + assert.EqualError(t, err, expectedError.Error()) +} + +func TestGeneratedNetworkPolicyStorage_GuaranteedUpdate(t *testing.T) { + storageImpl := NewStorageImpl(afero.NewMemMapFs(), "") + generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(&storageImpl) + + err := generatedNetworkPolicyStorage.GuaranteedUpdate(nil, "", nil, false, nil, nil, nil) + + expectedError := storage.NewInvalidObjError("", operationNotSupportedMsg) + + assert.EqualError(t, err, expectedError.Error()) +} diff --git a/pkg/registry/file/storage.go b/pkg/registry/file/storage.go index 8566481d6..b7c8ed705 100644 --- a/pkg/registry/file/storage.go +++ b/pkg/registry/file/storage.go @@ -668,3 +668,11 @@ func getNamespaceFromKey(key string) string { return keySplit[3] } + +// replaceKeyForKind encapsulates the logic of replacing the kind in the key with the given kind. +func replaceKeyForKind(key string, kind string) string { + keySplit := strings.Split(key, "/") + keySplit[2] = strings.ToLower(kind) + + return strings.Join(keySplit, "/") +} diff --git a/pkg/registry/softwarecomposition/generatednetworkpolicy/etcd.go b/pkg/registry/softwarecomposition/generatednetworkpolicy/etcd.go new file mode 100644 index 000000000..b81be062d --- /dev/null +++ b/pkg/registry/softwarecomposition/generatednetworkpolicy/etcd.go @@ -0,0 +1,41 @@ +package generatednetworkpolicy + +import ( + "github.com/kubescape/storage/pkg/apis/softwarecomposition" + "github.com/kubescape/storage/pkg/registry" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/registry/generic" + genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" + "k8s.io/apiserver/pkg/registry/rest" + "k8s.io/apiserver/pkg/storage" +) + +// NewREST returns a RESTStorage object that will work against API services. +func NewREST(scheme *runtime.Scheme, storageImpl storage.Interface, optsGetter generic.RESTOptionsGetter) (*registry.REST, error) { + strategy := NewStrategy(scheme) + + dryRunnableStorage := genericregistry.DryRunnableStorage{Codec: nil, Storage: storageImpl} + + store := &genericregistry.Store{ + NewFunc: func() runtime.Object { return &softwarecomposition.GeneratedNetworkPolicy{} }, + NewListFunc: func() runtime.Object { return &softwarecomposition.GeneratedNetworkPolicyList{} }, + PredicateFunc: MatchGeneratedNetworkPolicy, + DefaultQualifiedResource: softwarecomposition.Resource("generatednetworkpolicies"), + SingularQualifiedResource: softwarecomposition.Resource("generatednetworkpolicy"), + + Storage: dryRunnableStorage, + + CreateStrategy: strategy, + UpdateStrategy: strategy, + DeleteStrategy: strategy, + + // TODO: define table converter that exposes more than name/creation timestamp + TableConvertor: rest.NewDefaultTableConvertor(softwarecomposition.Resource("generatednetworkpolicies")), + } + options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: GetAttrs} + if err := store.CompleteWithOptions(options); err != nil { + return nil, err + } + + return ®istry.REST{Store: store}, nil +} diff --git a/pkg/registry/softwarecomposition/generatednetworkpolicy/strategy.go b/pkg/registry/softwarecomposition/generatednetworkpolicy/strategy.go new file mode 100644 index 000000000..dd758c6d1 --- /dev/null +++ b/pkg/registry/softwarecomposition/generatednetworkpolicy/strategy.go @@ -0,0 +1,93 @@ +package generatednetworkpolicy + +import ( + "context" + "fmt" + + "github.com/kubescape/storage/pkg/apis/softwarecomposition" + "github.com/kubescape/storage/pkg/apis/softwarecomposition/validation" + "k8s.io/apimachinery/pkg/fields" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/apiserver/pkg/registry/generic" + "k8s.io/apiserver/pkg/storage" + "k8s.io/apiserver/pkg/storage/names" +) + +// NewStrategy creates and returns a generatedNetworkPolicyStrategy instance +func NewStrategy(typer runtime.ObjectTyper) generatedNetworkPolicyStrategy { + return generatedNetworkPolicyStrategy{typer, names.SimpleNameGenerator} +} + +// GetAttrs returns labels.Set, fields.Set, and error in case the given runtime.Object is not a GeneratedNetworkPolicy +func GetAttrs(obj runtime.Object) (labels.Set, fields.Set, error) { + apiserver, ok := obj.(*softwarecomposition.GeneratedNetworkPolicy) + if !ok { + return nil, nil, fmt.Errorf("given object is not a GeneratedNetworkPolicy") + } + return labels.Set(apiserver.ObjectMeta.Labels), SelectableFields(apiserver), nil +} + +// MatchApplicationProfileSummary is the filter used by the generic etcd backend to watch events +// from etcd to clients of the apiserver only interested in specific labels/fields. +func MatchGeneratedNetworkPolicy(label labels.Selector, field fields.Selector) storage.SelectionPredicate { + return storage.SelectionPredicate{ + Label: label, + Field: field, + GetAttrs: GetAttrs, + } +} + +// SelectableFields returns a field set that represents the object. +func SelectableFields(obj *softwarecomposition.GeneratedNetworkPolicy) fields.Set { + return generic.ObjectMetaFieldsSet(&obj.ObjectMeta, true) +} + +type generatedNetworkPolicyStrategy struct { + runtime.ObjectTyper + names.NameGenerator +} + +func (generatedNetworkPolicyStrategy) NamespaceScoped() bool { + return true +} + +func (generatedNetworkPolicyStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) { +} + +func (generatedNetworkPolicyStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { +} + +func (generatedNetworkPolicyStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { + generatedNetworkPolicy := obj.(*softwarecomposition.GeneratedNetworkPolicy) + + return validation.ValidateGeneratedNetworkPolicy(generatedNetworkPolicy) +} + +// WarningsOnCreate returns warnings for the creation of the given object. +func (generatedNetworkPolicyStrategy) WarningsOnCreate(ctx context.Context, obj runtime.Object) []string { + return nil +} + +func (generatedNetworkPolicyStrategy) AllowCreateOnUpdate() bool { + return false +} + +func (generatedNetworkPolicyStrategy) AllowUnconditionalUpdate() bool { + return false +} + +func (generatedNetworkPolicyStrategy) Canonicalize(obj runtime.Object) { +} + +func (generatedNetworkPolicyStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { + generatedNetworkPolicy := obj.(*softwarecomposition.GeneratedNetworkPolicy) + + return validation.ValidateGeneratedNetworkPolicy(generatedNetworkPolicy) +} + +// WarningsOnUpdate returns warnings for the given update. +func (generatedNetworkPolicyStrategy) WarningsOnUpdate(ctx context.Context, obj, old runtime.Object) []string { + return nil +} diff --git a/pkg/registry/softwarecomposition/networkneighbors/etcd.go b/pkg/registry/softwarecomposition/networkneighbors/etcd.go new file mode 100644 index 000000000..ce5ce80f6 --- /dev/null +++ b/pkg/registry/softwarecomposition/networkneighbors/etcd.go @@ -0,0 +1,41 @@ +package networkneighbors + +import ( + "github.com/kubescape/storage/pkg/apis/softwarecomposition" + "github.com/kubescape/storage/pkg/registry" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/registry/generic" + genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" + "k8s.io/apiserver/pkg/registry/rest" + "k8s.io/apiserver/pkg/storage" +) + +// NewREST returns a RESTStorage object that will work against API services. +func NewREST(scheme *runtime.Scheme, storageImpl storage.Interface, optsGetter generic.RESTOptionsGetter) (*registry.REST, error) { + strategy := NewStrategy(scheme) + + dryRunnableStorage := genericregistry.DryRunnableStorage{Codec: nil, Storage: storageImpl} + + store := &genericregistry.Store{ + NewFunc: func() runtime.Object { return &softwarecomposition.NetworkNeighbors{} }, + NewListFunc: func() runtime.Object { return &softwarecomposition.NetworkNeighborsList{} }, + PredicateFunc: MatchNetworkNeighbor, + DefaultQualifiedResource: softwarecomposition.Resource("networkneighborses"), + SingularQualifiedResource: softwarecomposition.Resource("networkneighbors"), + + Storage: dryRunnableStorage, + + CreateStrategy: strategy, + UpdateStrategy: strategy, + DeleteStrategy: strategy, + + // TODO: define table converter that exposes more than name/creation timestamp + TableConvertor: rest.NewDefaultTableConvertor(softwarecomposition.Resource("networkneighborses")), + } + options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: GetAttrs} + if err := store.CompleteWithOptions(options); err != nil { + return nil, err + } + + return ®istry.REST{Store: store}, nil +} diff --git a/pkg/registry/softwarecomposition/networkneighbors/strategy.go b/pkg/registry/softwarecomposition/networkneighbors/strategy.go new file mode 100644 index 000000000..d3d07872d --- /dev/null +++ b/pkg/registry/softwarecomposition/networkneighbors/strategy.go @@ -0,0 +1,93 @@ +package networkneighbors + +import ( + "context" + "fmt" + + "github.com/kubescape/storage/pkg/apis/softwarecomposition" + "github.com/kubescape/storage/pkg/apis/softwarecomposition/validation" + "k8s.io/apimachinery/pkg/fields" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/apiserver/pkg/registry/generic" + "k8s.io/apiserver/pkg/storage" + "k8s.io/apiserver/pkg/storage/names" +) + +// NewStrategy creates and returns a networkNeighborsStrategy instance +func NewStrategy(typer runtime.ObjectTyper) networkNeighborsStrategy { + return networkNeighborsStrategy{typer, names.SimpleNameGenerator} +} + +// GetAttrs returns labels.Set, fields.Set, and error in case the given runtime.Object is not a Flunder +func GetAttrs(obj runtime.Object) (labels.Set, fields.Set, error) { + apiserver, ok := obj.(*softwarecomposition.NetworkNeighbors) + if !ok { + return nil, nil, fmt.Errorf("given object is not a NetworkNeighbors") + } + return labels.Set(apiserver.ObjectMeta.Labels), SelectableFields(apiserver), nil +} + +// MatchApplicationProfileSummary is the filter used by the generic etcd backend to watch events +// from etcd to clients of the apiserver only interested in specific labels/fields. +func MatchNetworkNeighbor(label labels.Selector, field fields.Selector) storage.SelectionPredicate { + return storage.SelectionPredicate{ + Label: label, + Field: field, + GetAttrs: GetAttrs, + } +} + +// SelectableFields returns a field set that represents the object. +func SelectableFields(obj *softwarecomposition.NetworkNeighbors) fields.Set { + return generic.ObjectMetaFieldsSet(&obj.ObjectMeta, true) +} + +type networkNeighborsStrategy struct { + runtime.ObjectTyper + names.NameGenerator +} + +func (networkNeighborsStrategy) NamespaceScoped() bool { + return true +} + +func (networkNeighborsStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) { +} + +func (networkNeighborsStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { +} + +func (networkNeighborsStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { + networkNeighbors := obj.(*softwarecomposition.NetworkNeighbors) + + return validation.ValidateNetworkNeighbors(networkNeighbors) +} + +// WarningsOnCreate returns warnings for the creation of the given object. +func (networkNeighborsStrategy) WarningsOnCreate(ctx context.Context, obj runtime.Object) []string { + return nil +} + +func (networkNeighborsStrategy) AllowCreateOnUpdate() bool { + return false +} + +func (networkNeighborsStrategy) AllowUnconditionalUpdate() bool { + return false +} + +func (networkNeighborsStrategy) Canonicalize(obj runtime.Object) { +} + +func (networkNeighborsStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { + networkNeighbors := obj.(*softwarecomposition.NetworkNeighbors) + + return validation.ValidateNetworkNeighbors(networkNeighbors) +} + +// WarningsOnUpdate returns warnings for the given update. +func (networkNeighborsStrategy) WarningsOnUpdate(ctx context.Context, obj, old runtime.Object) []string { + return nil +}