diff --git a/pkg/determiner/determiner.go b/pkg/determiner/determiner.go index 1496546..f086523 100644 --- a/pkg/determiner/determiner.go +++ b/pkg/determiner/determiner.go @@ -138,12 +138,35 @@ func (d *determiner) DetermineDeletion(ctx context.Context, info *cliresource.In case resource.KindHorizontalPodAutoscaler: return d.determineDeletionHorizontalPodAutoscaler(ctx, info) - + case resource.KindNetworkPolicy: + return d.determineDeletionNetworkPolicy(info) default: return false, fmt.Errorf("unsupported kind: %s/%s", kind, info.Name) } } +func (d *determiner) determineDeletionNetworkPolicy(info *cliresource.Info) (bool, error) { + np, err := resource.ObjectToNetworkPolicy(info.Object) + if err != nil { + return false, err + } + + // Get the selector from the Network Policy + selector, err := metav1.LabelSelectorAsSelector(&np.Spec.PodSelector) + if err != nil { + return false, fmt.Errorf("invalid label selector (%s): %w", np.Name, err) + } + + // Iterate over pods to check if any match the selector + for _, pod := range d.pods { + if selector.Matches(labels.Set(pod.Labels)) { + return false, nil // Pod matches the selector, so the Network Policy is used + } + } + + return true, nil // No pods match the selector, so the Network Policy is unused +} + func (d *determiner) determineDeletionPod(info *cliresource.Info) (bool, error) { pod, err := resource.ObjectToPod(info.Object) if err != nil { diff --git a/pkg/resource/resource.go b/pkg/resource/resource.go index df0fd81..46b2ff1 100644 --- a/pkg/resource/resource.go +++ b/pkg/resource/resource.go @@ -7,6 +7,7 @@ import ( corev1 "k8s.io/api/core/v1" policyv1beta1 "k8s.io/api/policy/v1beta1" "k8s.io/apimachinery/pkg/runtime" + networkingv1 "k8s.io/api/networking/v1" ) const ( @@ -20,6 +21,7 @@ const ( KindJob = "Job" KindPodDisruptionBudget = "PodDisruptionBudget" KindHorizontalPodAutoscaler = "HorizontalPodAutoscaler" + KindNetworkPolicy = "NetworkPolicy" ) var unstructuredConverter = runtime.DefaultUnstructuredConverter @@ -108,6 +110,20 @@ func ObjectToHorizontalPodAutoscaler(obj runtime.Object) (*autoscalingv1.Horizon return &hpa, nil } +func ObjectToNetworkPolicy(obj runtime.Object) (*networkingv1.NetworkPolicy, error) { + u, err := toUnstructured(obj) + if err != nil { + return nil, err + } + + var np networkingv1.NetworkPolicy + if err := fromUnstructured(u, &np); err != nil { + return nil, err + } + + return &np, nil +} + func toUnstructured(obj runtime.Object) (map[string]interface{}, error) { return unstructuredConverter.ToUnstructured(obj) }