fix code errors

service/controller/resource/ciliumnetpol/create.go

@@ -3,7 +3,6 @@ package ciliumnetpol
 import (
 	"context"
 
-	ciliumv2 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2"
 	"github.com/giantswarm/microerror"
 	"github.com/giantswarm/prometheus-meta-operator/v2/service/key"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -18,14 +17,9 @@ func (r *Resource) EnsureCreated(ctx context.Context, obj interface{}) error {
 			return microerror.Mask(err)
 		}
 
-		ciliumClient, err := ciliumv2.client.NewForConfig(config)
-		if err != nil {
-			return microerror.Mask(err)
-		}
-
-		current, err := ciliumClient.CiliumV2().CiliumNetworkPolicies(key.Namespace(cluster)).Get(ctx, desired.GetName(), metav1.GetOptions{})
+		current, err := r.k8sClient.K8sClient().Get(ctx, desired.GetName(), metav1.GetOptions{})
 		if apierrors.IsNotFound(err) {
-			current, err = r.k8sClient.K8sClient().RbacV1().ClusterRoleBindings().Create(ctx, desired, metav1.CreateOptions{})
+			current, err = r.k8sClient.K8sClient().Create(ctx, desired, metav1.CreateOptions{})
 		}
 		if err != nil {
 			return microerror.Mask(err)

service/controller/resource/ciliumnetpol/delete.go

@@ -16,12 +16,7 @@ func (r *Resource) EnsureDeleted(ctx context.Context, obj interface{}) error {
 			return microerror.Mask(err)
 		}
 
-		ciliumClient, err := ciliumv2.client.NewForConfig(config)
-		if err != nil {
-			return microerror.Mask(err)
-		}
-
-		err = ciliumClient.CiliumV2().CiliumNetworkPolicies(key.Namespace(cluster)).Delete(ctx, desired.GetName(), metav1.DeleteOptions{})
+		err = r.k8sClient.K8sClient().Delete(ctx, desired.GetName(), metav1.DeleteOptions{})
 		if apierrors.IsNotFound(err) {
 			// fall through
 		} else if err != nil {

service/controller/resource/ciliumnetpol/resource.go

@@ -58,56 +58,55 @@ func toCiliumNetworkPolicy(v interface{}) (*unstructured.Unstructured, error) {
 						"app.kubernetes.io/name": "prometheus",
 					},
 				},
-				"egress": map[string]interface{}{
+				"egress": []map[string]interface{}{
 					map[string]interface{}{
-						map[string]interface{}{
-							"toEntities": []string{
-								"kube-apiserver",
-								"cluster",
-							},
+						"toEntities": []string{
+							"kube-apiserver",
+							"cluster",
 						},
-						map[string]interface{}{
-							"toEntities": []string{
-								"world",
-							},
-							"toPorts": []map[string]interface{}{
-								map[string]interface{}{
-									"ports": []map[string]interface{}{
-										map[string]string{
-											"port": "443",
-										},
-										map[string]string{
-											"port": "6443",
-										},
+					map[string]interface{}{
+						"toEntities": []string{
+							"world",
+						},
+						"toPorts": []map[string]interface{}{
+							map[string]interface{}{
+								"ports": []map[string]interface{}{
+									map[string]string{
+										"port": "443",
+									},
+									map[string]string{
+										"port": "6443",
 									},
 								},
 							},
 						},
 					},
 				},
-				"ingress": map[string]interface{}{
+				"ingress": []map[string]interface{}{
 					map[string]interface{}{
-						map[string]interface{}{
-							"fromEntities": []string{
-								"cluster",
-							},
+						"fromEntities": []string{
+							"cluster",
 						},
-						map[string]interface{}{
-							"fromPorts": []map[string]interface{}{
-								map[string]interface{}{
-									"ports": []map[string]interface{}{
-										map[string]string{
-											"port": "9090",
-										},
+					},
+					map[string]interface{}{
+						"fromPorts": []map[string]interface{}{
+							map[string]interface{}{
+								"ports": []map[string]interface{}{
+									map[string]string{
+										"port": "9090",
 									},
 								},
 							},
 						},
 					},
 				},
 			},
-		},
+		}
 	}
 
 	return ciliumNetworkPolicy, nil
 }
+
+func hasCiliumNetworkPolicyChanged(current, desired *v1.ClusterRoleBinding) bool {
+	return !reflect.DeepEqual(current.RoleRef, desired.RoleRef) || !reflect.DeepEqual(current.Subjects, desired.Subjects)
+}