From 5bc6db1223b61263014c41334f9fe933d2065fba Mon Sep 17 00:00:00 2001
From: QuantumEnigmaa <thibaud@giantswarm.io>
Date: Mon, 5 Feb 2024 16:36:24 +0100
Subject: [PATCH] fix code errors

---
 .../resource/ciliumnetpol/create.go           | 10 +--
 .../resource/ciliumnetpol/delete.go           |  7 +--
 .../resource/ciliumnetpol/resource.go         | 63 +++++++++----------
 3 files changed, 34 insertions(+), 46 deletions(-)

diff --git a/service/controller/resource/ciliumnetpol/create.go b/service/controller/resource/ciliumnetpol/create.go
index 82faabb6e..843915a11 100644
--- a/service/controller/resource/ciliumnetpol/create.go
+++ b/service/controller/resource/ciliumnetpol/create.go
@@ -3,7 +3,6 @@ package ciliumnetpol
 import (
 	"context"
 
-	ciliumv2 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2"
 	"github.com/giantswarm/microerror"
 	"github.com/giantswarm/prometheus-meta-operator/v2/service/key"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -18,14 +17,9 @@ func (r *Resource) EnsureCreated(ctx context.Context, obj interface{}) error {
 			return microerror.Mask(err)
 		}
 
-		ciliumClient, err := ciliumv2.client.NewForConfig(config)
-		if err != nil {
-			return microerror.Mask(err)
-		}
-
-		current, err := ciliumClient.CiliumV2().CiliumNetworkPolicies(key.Namespace(cluster)).Get(ctx, desired.GetName(), metav1.GetOptions{})
+		current, err := r.k8sClient.K8sClient().Get(ctx, desired.GetName(), metav1.GetOptions{})
 		if apierrors.IsNotFound(err) {
-			current, err = r.k8sClient.K8sClient().RbacV1().ClusterRoleBindings().Create(ctx, desired, metav1.CreateOptions{})
+			current, err = r.k8sClient.K8sClient().Create(ctx, desired, metav1.CreateOptions{})
 		}
 		if err != nil {
 			return microerror.Mask(err)
diff --git a/service/controller/resource/ciliumnetpol/delete.go b/service/controller/resource/ciliumnetpol/delete.go
index 39f71265e..51b51a8f4 100644
--- a/service/controller/resource/ciliumnetpol/delete.go
+++ b/service/controller/resource/ciliumnetpol/delete.go
@@ -16,12 +16,7 @@ func (r *Resource) EnsureDeleted(ctx context.Context, obj interface{}) error {
 			return microerror.Mask(err)
 		}
 
-		ciliumClient, err := ciliumv2.client.NewForConfig(config)
-		if err != nil {
-			return microerror.Mask(err)
-		}
-
-		err = ciliumClient.CiliumV2().CiliumNetworkPolicies(key.Namespace(cluster)).Delete(ctx, desired.GetName(), metav1.DeleteOptions{})
+		err = r.k8sClient.K8sClient().Delete(ctx, desired.GetName(), metav1.DeleteOptions{})
 		if apierrors.IsNotFound(err) {
 			// fall through
 		} else if err != nil {
diff --git a/service/controller/resource/ciliumnetpol/resource.go b/service/controller/resource/ciliumnetpol/resource.go
index 0950ae19d..576ff192c 100644
--- a/service/controller/resource/ciliumnetpol/resource.go
+++ b/service/controller/resource/ciliumnetpol/resource.go
@@ -58,47 +58,42 @@ func toCiliumNetworkPolicy(v interface{}) (*unstructured.Unstructured, error) {
 						"app.kubernetes.io/name": "prometheus",
 					},
 				},
-				"egress": map[string]interface{}{
+				"egress": []map[string]interface{}{
 					map[string]interface{}{
-						map[string]interface{}{
-							"toEntities": []string{
-								"kube-apiserver",
-								"cluster",
-							},
+						"toEntities": []string{
+							"kube-apiserver",
+							"cluster",
 						},
-						map[string]interface{}{
-							"toEntities": []string{
-								"world",
-							},
-							"toPorts": []map[string]interface{}{
-								map[string]interface{}{
-									"ports": []map[string]interface{}{
-										map[string]string{
-											"port": "443",
-										},
-										map[string]string{
-											"port": "6443",
-										},
+					map[string]interface{}{
+						"toEntities": []string{
+							"world",
+						},
+						"toPorts": []map[string]interface{}{
+							map[string]interface{}{
+								"ports": []map[string]interface{}{
+									map[string]string{
+										"port": "443",
+									},
+									map[string]string{
+										"port": "6443",
 									},
 								},
 							},
 						},
 					},
 				},
-				"ingress": map[string]interface{}{
+				"ingress": []map[string]interface{}{
 					map[string]interface{}{
-						map[string]interface{}{
-							"fromEntities": []string{
-								"cluster",
-							},
+						"fromEntities": []string{
+							"cluster",
 						},
-						map[string]interface{}{
-							"fromPorts": []map[string]interface{}{
-								map[string]interface{}{
-									"ports": []map[string]interface{}{
-										map[string]string{
-											"port": "9090",
-										},
+					},
+					map[string]interface{}{
+						"fromPorts": []map[string]interface{}{
+							map[string]interface{}{
+								"ports": []map[string]interface{}{
+									map[string]string{
+										"port": "9090",
 									},
 								},
 							},
@@ -106,8 +101,12 @@ func toCiliumNetworkPolicy(v interface{}) (*unstructured.Unstructured, error) {
 					},
 				},
 			},
-		},
+		}
 	}
 
 	return ciliumNetworkPolicy, nil
 }
+
+func hasCiliumNetworkPolicyChanged(current, desired *v1.ClusterRoleBinding) bool {
+	return !reflect.DeepEqual(current.RoleRef, desired.RoleRef) || !reflect.DeepEqual(current.Subjects, desired.Subjects)
+}