Add CI testing of network restrictions #1207

mjnagel · 2025-01-17T18:22:07Z

Is your feature request related to a problem? Please describe.

Currently the operator generates network policies based on the Package CR spec (network.allow). These are not currently validated in CI (e2e) to confirm that they are properly restricting ingress/egress.

Describe the solution you'd like

Add testing of network restrictions to e2e test suite covering:

ingress restictions
egress restrictions
allowed and denied networking

Additional context

As we move to istio ambient we will be changing the mechanism for network traffic restrictions and would like to have confidence that the new method of restricting traffic is working 1:1 with the current network policies.

The text was updated successfully, but these errors were encountered:

mjnagel · 2025-01-17T18:23:40Z

May be useful to leverage the existing test package for building this out.

mjnagel added enhancement New feature or request ci Issues pertaining to CI / Pipelines / Testing labels Jan 17, 2025

mjnagel mentioned this issue Jan 17, 2025

Add Istio ambient mesh support #681

Open

mjnagel assigned UnicornChance Jan 17, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add CI testing of network restrictions #1207

Add CI testing of network restrictions #1207

mjnagel commented Jan 17, 2025

mjnagel commented Jan 17, 2025

Add CI testing of network restrictions #1207

Add CI testing of network restrictions #1207

Comments

mjnagel commented Jan 17, 2025

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Additional context

mjnagel commented Jan 17, 2025