missingNetworkPolicy should not check ingress/egress rule count #1088

mblaschke-daimlertruck · 2024-11-29T12:58:22Z

What happened?

the missingNetworkPolicy check is currently enforcing at least one ingress/egress rule.

for plain webservers i don't want to allow any egress rule, also we have jobs which only have egress traffic.

What did you expect to happen?

the check should only over the policyTypes as it's automatically denying traffic if no rules are defined.

How can we reproduce this?

use netpol like:

---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: webserver
spec:
  podSelector:
    matchLabels:
      app: webserver
  policyTypes:
  - Ingress
  - Egress
  ingress:
  # Ingress
  - from:
    - namespaceSelector:
        matchLabels:
          kubernetes.io/metadata.name: ingress
    ports:
    - protocol: TCP
      port: 8000

Version

9.6.0

Search

I did search for other open and closed issues before opening this.

Code of Conduct

I agree to follow this project's Code of Conduct

Additional context

No response

The text was updated successfully, but these errors were encountered:

mblaschke-daimlertruck added bug Something isn't working triage This bug needs triage labels Nov 29, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

missingNetworkPolicy should not check ingress/egress rule count #1088

missingNetworkPolicy should not check ingress/egress rule count #1088

mblaschke-daimlertruck commented Nov 29, 2024

missingNetworkPolicy should not check ingress/egress rule count #1088

missingNetworkPolicy should not check ingress/egress rule count #1088

Comments

mblaschke-daimlertruck commented Nov 29, 2024

What happened?

What did you expect to happen?

How can we reproduce this?

Version

Search

Code of Conduct

Additional context