From 9f7b46e3c9a2850e2f3b35d43739ce652699ab80 Mon Sep 17 00:00:00 2001 From: Navraj Singh Chhina Date: Mon, 15 Apr 2019 17:48:56 -0400 Subject: [PATCH] [BUG FIX] Handles Issue 205 (#206) * initialize fix for #205 * reorder netpol --- cmd/autofix_util.go | 16 ++++------- fixtures/autofix-all-resources-fixed_v1.yml | 32 +++++++++++++++++++++ fixtures/autofix-all-resources_v1.yml | 31 ++++++++++++++++++++ 3 files changed, 68 insertions(+), 11 deletions(-) diff --git a/cmd/autofix_util.go b/cmd/autofix_util.go index d04b4101..56a55cb1 100644 --- a/cmd/autofix_util.go +++ b/cmd/autofix_util.go @@ -424,7 +424,6 @@ var identifyingKey = map[string]string{ "options": "name", // PodDNSConfig.options : PodDNSConfigOption.name // TopologySelectorTerm.matchLabelExpressions : TopologySelectorLabelRequirement.key "matchLabelExpressions": "key", - "paths": "path", // HTTPIngressRuleValue.paths : HTTPIngressPath.path "pending": "name", // Initializers.pending : Initializer.name "readinessGates": "conditionType", // PodSpec.readinessGates : PodReadinessGate.conditionType // PodAffinity.requiredDuringSchedulingIgnoredDuringExecution : PodAffinityTerm.labelSelector @@ -559,17 +558,12 @@ func sequenceItemMatch(sequenceKey string, item1, item2 yaml.SequenceItem) bool // IngressSpec.rules : IngressRule.http // Role.rules : PolicyRule.resources case "rules": - // ClusterRole.rules : PolicyRule.resources - // Role.rules : PolicyRule.resources - if mapPairMatch("resources", map1, map2) { - return true - } - // IngressSpec.rules : IngressRule.http - if mapPairMatch("http", map1, map2) { - return true + if val1, index1 := findItemInMapSlice("host", map1); index1 != -1 { + if val2, index2 := findItemInMapSlice("host", map2); index2 != -1 { + return val1.Value == val2.Value + } + return false } - // IngressSpec.rules : IngressRule.host - return mapPairMatch("host", map1, map2) // ProjectedVolumeSource.sources case "sources": diff --git a/fixtures/autofix-all-resources-fixed_v1.yml b/fixtures/autofix-all-resources-fixed_v1.yml index 639ade28..8e45b415 100644 --- a/fixtures/autofix-all-resources-fixed_v1.yml +++ b/fixtures/autofix-all-resources-fixed_v1.yml @@ -216,6 +216,38 @@ spec: automountServiceAccountToken: false selector: null status: {} +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: web + annotations: + kubernetes.io/ingress.class: nginx + kubernetes.io/tls-acme: "false" + labels: + name: web + app: testApp + env: production +spec: + tls: + - hosts: + - testapp.shopifycloud.com + - testapp.shopifyapps.com + secretName: someSecret + rules: + - host: testapp.shopifycloud.com # comment 2 + http: # comment 2 + paths: # comment 2 + - backend: # comment 2 + serviceName: web # comment 2 + servicePort: 80 # comment 2 + - host: testapp.shopifyapps.com # comment + http: # comment + paths: # comment + - backend: # comment + serviceName: web # comment + servicePort: 80 # comment + --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy diff --git a/fixtures/autofix-all-resources_v1.yml b/fixtures/autofix-all-resources_v1.yml index 593f3527..d4729694 100644 --- a/fixtures/autofix-all-resources_v1.yml +++ b/fixtures/autofix-all-resources_v1.yml @@ -145,3 +145,34 @@ spec: name: fakeContainerImg resources: {} status: {} +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: web + annotations: + kubernetes.io/ingress.class: nginx + kubernetes.io/tls-acme: "false" + labels: + name: web + app: testApp + env: production +spec: + tls: + - hosts: + - testapp.shopifycloud.com + - testapp.shopifyapps.com + secretName: someSecret + rules: + - host: testapp.shopifycloud.com # comment 2 + http: # comment 2 + paths: # comment 2 + - backend: # comment 2 + serviceName: web # comment 2 + servicePort: 80 # comment 2 + - host: testapp.shopifyapps.com # comment + http: # comment + paths: # comment + - backend: # comment + serviceName: web # comment + servicePort: 80 # comment