Skip to content

Commit c72b33c

Browse files
rayaisaiahrayaisaiah
committed
responded to comments return false when either port or target port is 0 and print x if there are no selecotr services
1 parent c4676cf commit c72b33c

File tree

1 file changed

+13
-2
lines changed

1 file changed

+13
-2
lines changed

tools/azure-npm-to-cilium-validator/azure-npm-to-cilium-validator.go

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -289,6 +289,11 @@ func checkServiceTargetPortMatchPolicyPorts(servicePorts []corev1.ServicePort, p
289289
return false
290290
}
291291

292+
// If the target port is 0 then it is at risk as Cilium treats port 0 in a special way
293+
if servicePort.TargetPort.IntValue() == 0 {
294+
return false
295+
}
296+
292297
// Check if all the services target ports are in the policies ingress ports
293298
matchedserviceTargetPortToPolicyPort := false
294299
for _, policyPort := range policyPorts {
@@ -302,9 +307,14 @@ func checkServiceTargetPortMatchPolicyPorts(servicePorts []corev1.ServicePort, p
302307
matchedserviceTargetPortToPolicyPort = true
303308
break
304309
}
310+
continue
305311
}
306-
// If the port is a string then it is a named port and service is at risk
312+
// If the port is a string then it is a named port and it cant be evaluated
307313
if policyPort.Port.Type == intstr.String {
314+
continue
315+
}
316+
// If the target port is 0 then it is at risk as Cilium treats port 0 in a special way
317+
if int(policyPort.Port.IntVal) == 0 {
308318
return false
309319
}
310320
if servicePort.TargetPort.IntValue() == int(policyPort.Port.IntVal) && string(servicePort.Protocol) == string(*policyPort.Protocol) {
@@ -372,7 +382,8 @@ func printMigrationSummary(namespaces *corev1.NamespaceList, policiesByNamespace
372382
fmt.Println("+------------------------------+-------------------------------+")
373383
if len(ingressEndportNetworkPolicy) > 0 || len(egressEndportNetworkPolicy) > 0 ||
374384
len(ingressPoliciesWithCIDR) > 0 || len(egressPoliciesWithCIDR) > 0 ||
375-
len(egressPolicies) > 0 || len(unsafeRiskServices) > 0 {
385+
len(egressPolicies) > 0 ||
386+
len(unsafeRiskServices) > 0 || len(unsafeNoSelectorServices) > 0 {
376387
fmt.Println("\033[31m✘ Review above issues before migration.\033[0m")
377388
fmt.Println("Please see \033[32maka.ms/azurenpmtocilium\033[0m for instructions on how to evaluate/assess the above warnings marked by ❌.")
378389
fmt.Println("NOTE: rerun this script if any modifications (create/update/delete) are made to services or policies.")

0 commit comments

Comments
 (0)