github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
101,743 Commits 1 Branch 31 Tags
aeccadda4ffcb41d686f9f9ce8a1539bb1753fe6
Commit Graph

35 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
4ebf4a08c0 Merge pull request #100447 from JornShen/add_netpol_immutable_label_for_ns 
add e2e test for default label selector for NS in netpol
 2021-06-14 09:49:04 -07:00
jornshen
f22b07d8b4 add e2e test for immutable label selector in netpol 2021-06-08 09:52:12 +08:00
Dan Winship
211e974722 Clarify and split up the "not actually SCTP" SCTP NetworkPolicy test 
These tests *do* apply to plugins that don't support SCTP.
 2021-06-02 09:10:25 -04:00
Dan Winship
4b0d0d6fc7 Fix spurious Feature tags on some NetworkPolicy tests 
The "[Feature:SCTP]" tag was needed on "should not allow access by TCP
when a policy specifies only SCTP" back when SCTP was alpha, because
it wasn't possible to create a policy that even mentioned SCTP without
enabling the feature gate. This no longer applies, and the tag was
removed from the original copy of network_policy.go, but accidentally
got left behind in the netpol/ version.

Likewise, the newly-added "should not allow access by TCP when a
policy specifies only UDP" got tagged "[Feature:UDP]", but this was
never necessary, and is inconsistent with other UDP tests anyway.

Similarly, we need "[Feature:SCTPConnectivity]" on tests that make
SCTP connections, because that functionality is not available in all
clusters, but "[Feature:UDPConnectivity]" is unnecessary and
inconsistent.
 2021-06-02 09:10:25 -04:00
jay vyas
8651fcb25a Implement a windows Netpol NewModel 2021-05-25 21:08:29 -04:00
Peri Thompson
69019a03d3 Add netpol tests for windows 
Co-authored-by: Jay Vyas <jvyas@vmware.com>
 2021-05-24 13:28:04 -04:00
Kubernetes Prow Robot
e824c59913 Merge pull request #99696 from JornShen/refactor_netpol_policies 
refactor netpol/policies.go
 2021-04-14 15:17:07 -07:00
Niekvdplas
fec272a7b2 Fixed several spelling mistakes 2021-03-30 23:02:09 +02:00
jornshen
cd2af69ef9 refector netpol/policies.go 2021-03-05 19:21:36 +08:00
Kubernetes Prow Robot
c410910c1f Merge pull request #99512 from knabben/add-netpol-ports 
Adding specific protocol network policy test
 2021-02-28 07:36:39 -08:00
wojtekt
749922fa46 Cleanup SIGDescribe in test/e2e/network 2021-02-27 20:29:27 +01:00
Amim Knabben
20263a07a6 Added protocol specific netpol 2021-02-26 18:11:45 -05:00
Kubernetes Prow Robot
319ff51c21 Merge pull request #97701 from knabben/allow-traffic-or 
Testing multiple pods using label selector
 2021-02-19 03:14:26 -08:00
Kubernetes Prow Robot
b710c1043a Merge pull request #98389 from knabben/allow-traffic-other-ns 
Allow ingress from pods on another namespace
 2021-02-18 19:04:24 -08:00
Amim Knabben
a41fb30d88 Adding UDP network policies tests 2021-02-13 19:01:38 -05:00
Amim Knabben
0fc096e3aa Allow ingress from pods in all namespaces 2021-02-10 21:03:54 -05:00
Kubernetes Prow Robot
8a8caf317b Merge pull request #97616 from knabben/netpol-2a-allow 
Netpol E2E test should allow traffic to an application
 2021-02-10 16:56:16 -08:00
Amim Knabben
61f02b85d7 Testing multiple pods using label selector 2021-02-10 16:00:02 -05:00
Amim Knabben
96a7b2a102 Deny ingress on other namespaces 2021-02-09 10:15:59 -05:00
Amim Knabben
189edf1e73 Default deny all egress from pods in the namespace 2021-02-07 11:55:50 -05:00
Amim Knabben
c8031e5b13 Netpol e2e test should overwrite allow with another deny 2021-02-07 11:48:20 -05:00
Matthew Fenwick
35a7f91208 Removed "FromPort" in netpol tests 
Co-authored-by: Dan Fenwick <dfenwick@fastmail.com>
Co-authored-by: Matt Fenwick <mfenwick100@gmail.com>
 2021-01-27 20:24:35 -05:00
Amim Knabben
92066e9e28 Copying Netpol API tests from networkpolicy folder 2021-01-24 10:48:10 -05:00
Kubernetes Prow Robot
97cf67b329 Merge pull request #97897 from knabben/sctp-netpol-test 
Copying SCTP tests to Netpol e2e framework
 2021-01-17 07:27:43 -08:00
Amim Knabben
425e544a66 Copying SCTP netpol tests to new e2e framework 2021-01-13 13:34:11 -05:00
Kubernetes Prow Robot
f6e04cd3ad Merge pull request #97638 from knabben/netpol-egress-func 
Moving egress deny with DNS to a policy function
 2021-01-13 04:18:35 -08:00
Kubernetes Prow Robot
d5e8aa2d03 Merge pull request #97524 from NillsF/master 
Add e2e networkPolicy test to validate egress deny precedence over ingress allow
 2021-01-06 19:57:45 -08:00
Kubernetes Prow Robot
ab8dda3c88 Merge pull request #97736 from knabben/default-deny-egress 
Default deny egress with pod label selector
 2021-01-06 16:41:50 -08:00
Amim Knabben
fc46c0a75a Default deny egress with pod label selector 2021-01-05 15:31:09 -05:00
Nills Franssens
eaad78c8fe adding egress ingress test case 2021-01-05 08:47:37 -08:00
Matthew Fenwick
19dd785870 97425: improve netpol comments 2021-01-02 16:03:34 -05:00
Amim Knabben
d378fca35a Moving egress deny with DNS to policy function 2020-12-31 08:10:36 -05:00
jay vyas
36ae8fd91a import the netpol testing package so that ownership is attributed correctly in the network policy testing suit 2020-12-23 07:40:47 -05:00
jay vyas
debbe9dce9 New NetworkPolicy tests: Part 2, all truth table validation scenario definitions 
Co-authored-by: Matt Fenwick <mfenwick100@gmail.com>
Co-authored-by: Jay Vyas <jvyas@vmware.com>
Co-authored-by: Abhishek Raut <rauta@vmware.com>
 2020-12-14 17:14:25 -05:00
Matthew Fenwick
65632b8677 NetworkPolicy Validation suite 
Co-authored-by: Matt Fenwick <mfenwick100@gmail.com>
Co-authored-by: Jay Vyas <jvyas@vmware.com>
Co-authored-by: Rich Renner <renner@sunder.io>
Co-authored-by: Sedef Savas <ssavas@vmware.com>
Co-authored-by: Guangyang Wang <wguangyuan@vmware.com>
Co-authored-by: Akash Sarda <akashsarda3@gmail.com>
Co-authored-by: Abhishek Raut <rauta@vmware.com>
Co-authored-by: Antonin Bas <abas@vmware.com>
Co-authored-by: Antonio Ojea <aojea@redhat.com>

addressed remaining minor comments

initial netpol-framework
 2020-12-14 16:47:39 -05:00