small fixes and edge case

kubernetes-sigs · Jun 18, 2024 · f5d74fd · f5d74fd
1 parent e3981f5
commit f5d74fd
Showing 1 changed file with 13 additions and 3 deletions.
diff --git a/cmd/policy-assistant/pkg/matcher/traffic.go b/cmd/policy-assistant/pkg/matcher/traffic.go
@@ -76,10 +76,12 @@ func (p *TrafficPeer) IsExternal() bool {
 }
 
 func (p *TrafficPeer) Translate() TrafficPeer {
+	//Translates kubernetes workload types to TrafficPeers.
 	var podsNetworking []*PodNetworking
 	var podLabels map[string]string
 	var namespaceLabels map[string]string
 	var workloadOwner string
+	var workloadKind string
 	var internalPeer InternalPeer
 	workloadOwnerExists := false
 	workloadMetadata := strings.Split(strings.ToLower(p.Internal.Workload), "/")
@@ -102,14 +104,17 @@ func (p *TrafficPeer) Translate() TrafficPeer {
 			}
 			if kubeReplicaSets.OwnerReferences != nil {
 				workloadOwner = kubeReplicaSets.OwnerReferences[0].Name
+				workloadKind = "deployment"
 			}
 
 		} else if (workloadMetadata[1] == "daemonset" || workloadMetadata[1] == "statefulset" || workloadMetadata[1] == "replicaset") && pod.OwnerReferences != nil {
 			workloadOwner = pod.OwnerReferences[0].Name
+			workloadKind = pod.OwnerReferences[0].Kind
 		} else if workloadMetadata[1] == "pod" {
 			workloadOwner = pod.Name
+			workloadKind = "pod"
 		}
-		if workloadOwner == workloadMetadata[2] {
+		if strings.ToLower(workloadOwner) == workloadMetadata[2] && strings.ToLower(workloadKind) == workloadMetadata[1] {
 			podLabels = pod.Labels
 			namespaceLabels = ns.Labels
 			podNetworking := PodNetworking{
@@ -143,6 +148,7 @@ func (p *TrafficPeer) Translate() TrafficPeer {
 }
 
 func DeploymentsToTrafficPeers() []TrafficPeer {
+	//Translates all pods associated with deployments to TrafficPeers.
 	var deploymentPeers []TrafficPeer
 	kubeClient, err := kube.NewKubernetesForContext("")
 	utils.DoOrDie(err)
@@ -176,6 +182,7 @@ func DeploymentsToTrafficPeers() []TrafficPeer {
 }
 
 func DaemonSetsToTrafficPeers() []TrafficPeer {
+	//Translates all pods associated with daemonSets to TrafficPeers.
 	var daemonSetPeers []TrafficPeer
 	kubeClient, err := kube.NewKubernetesForContext("")
 	utils.DoOrDie(err)
@@ -208,6 +215,7 @@ func DaemonSetsToTrafficPeers() []TrafficPeer {
 }
 
 func StatefulSetsToTrafficPeers() []TrafficPeer {
+	//Translates all pods associated with statefulSets to TrafficPeers.
 	var statefulSetPeers []TrafficPeer
 	kubeClient, err := kube.NewKubernetesForContext("")
 	utils.DoOrDie(err)
@@ -240,6 +248,7 @@ func StatefulSetsToTrafficPeers() []TrafficPeer {
 }
 
 func ReplicaSetsToTrafficPeers() []TrafficPeer {
+	//Translates all pods associated with replicaSets that are not associated with deployments to TrafficPeers.
 	var replicaSetPeers []TrafficPeer
 	kubeClient, err := kube.NewKubernetesForContext("")
 	utils.DoOrDie(err)
@@ -256,7 +265,7 @@ func ReplicaSetsToTrafficPeers() []TrafficPeer {
 
 		for _, replicaSet := range kubeReplicaSets {
 			if replicaSet.OwnerReferences != nil {
-				logrus.Infof("replicaset already handled")
+				continue
 			} else {
 				tmpInternalPeer := InternalPeer{
 					Workload: namespace.Name + "/replicaset/" + replicaSet.Name,
@@ -278,6 +287,7 @@ func ReplicaSetsToTrafficPeers() []TrafficPeer {
 }
 
 func PodsToTrafficPeers() []TrafficPeer {
+	//Translates all pods that are not associated with other workload types (deployment, replicaSet, daemonSet, statefulSet.) to TrafficPeers.
 	var podPeers []TrafficPeer
 	kubeClient, err := kube.NewKubernetesForContext("")
 	utils.DoOrDie(err)
@@ -293,7 +303,7 @@ func PodsToTrafficPeers() []TrafficPeer {
 		}
 		for _, pod := range kubePods {
 			if pod.OwnerReferences != nil {
-				logrus.Infof("pod already handled")
+				continue
 			} else {
 				tmpInternalPeer := InternalPeer{
 					Workload: namespace.Name + "/pod/" + pod.Name,