Merge pull request sl1pm4t#40 from sl1pm4t/network-policy-ports

Fix: network policy ports not handled
ebostijancic · Sep 19, 2019 · 5eaee4c · 5eaee4c
2 parents 06b268d + 7910220
commit 5eaee4c
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 3 deletions.
diff --git a/pkg/tfkschema/name_mapper.go b/pkg/tfkschema/name_mapper.go
@@ -78,6 +78,11 @@ func NormalizeTerraformName(s string, toSingular bool, path string) string {
 		if strings.Contains(path, "limit_range.spec") {
 			return "limit"
 		}
+
+	case "ports":
+		if strings.Contains(path, "kubernetes_network_policy.spec") {
+			return "ports"
+		}
 	}
 
 	if toSingular {
@@ -153,4 +158,4 @@ func NormalizeTerraformMapKey(s string) string {
 		return fmt.Sprintf(`"%s"`, s)
 	}
 	return s
-}
+}
diff --git a/test-fixtures/networkPolicy.tf.golden b/test-fixtures/networkPolicy.tf.golden
@@ -4,6 +4,32 @@ resource "kubernetes_network_policy" "default_deny" {
   }
   spec {
     pod_selector {
+      match_labels = { IngressInternal = "active" }
+    }
+    ingress {
+      ports {
+        protocol = "TCP"
+        port     = "80"
+      }
+      ports {
+        protocol = "TCP"
+        port     = "443"
+      }
+      from {
+        ip_block {
+          cidr = "10.0.0.0/8"
+        }
+      }
+      from {
+        ip_block {
+          cidr = "172.16.0.0/12"
+        }
+      }
+      from {
+        ip_block {
+          cidr = "192.168.0.0/16"
+        }
+      }
     }
     policy_types = ["Ingress", "Egress"]
   }

diff --git a/test-fixtures/networkPolicy.yaml b/test-fixtures/networkPolicy.yaml
@@ -4,7 +4,22 @@ kind: NetworkPolicy
 metadata:
   name: default-deny
 spec:
-  podSelector: {}
+  podSelector:
+    matchLabels:
+      IngressInternal: active
+  ingress:
+      - from:
+        - ipBlock:
+            cidr: 10.0.0.0/8
+        - ipBlock:
+            cidr: 172.16.0.0/12
+        - ipBlock:
+            cidr: 192.168.0.0/16
+        ports:
+          - port: 80
+            protocol: TCP
+          - port: 443
+            protocol: TCP
   policyTypes:
     - Ingress
-    - Egress
+    - Egress