fixed all linter errors

rayaisaiah · rayaisaiah · commit c8bd5754b69c · 2025-02-06T18:49:52.000Z
diff --git a/tools/azure-npm-to-cilium-validator/azure-npm-to-cilium-validator.go b/tools/azure-npm-to-cilium-validator/azure-npm-to-cilium-validator.go
@@ -80,9 +80,7 @@ func main() {
 	printMigrationSummary(namespaces, policiesByNamespace, servicesByNamespace)
 }
 
-func getEndportNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) ([]string, []string) {
-	var ingressPoliciesWithEndport []string
-	var egressPoliciesWithEndport []string
+func getEndportNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) (ingressPoliciesWithEndport []string, egressPoliciesWithEndport []string) {
 	for namespace, policies := range policiesByNamespace {
 		for _, policy := range policies {
 			// Check the ingress field for endport
@@ -102,7 +100,7 @@ func getEndportNetworkPolicies(policiesByNamespace map[string][]*networkingv1.Ne
 			}
 		}
 	}
-	return ingressPoliciesWithEndport, egressPoliciesWithEndport
+	return
 }
 
 func checkEndportInPolicyRules(ports *[]networkingv1.NetworkPolicyPort) bool {
@@ -114,9 +112,7 @@ func checkEndportInPolicyRules(ports *[]networkingv1.NetworkPolicyPort) bool {
 	return false
 }
 
-func getCIDRNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) ([]string, []string) {
-	var ingressPoliciesWithCIDR []string
-	var egressPoliciesWithCIDR []string
+func getCIDRNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) (ingressPoliciesWithCIDR []string, egressPoliciesWithCIDR []string) {
 	for namespace, policies := range policiesByNamespace {
 		for _, policy := range policies {
 			// Check the ingress field for cidr
@@ -137,7 +133,7 @@ func getCIDRNetworkPolicies(policiesByNamespace map[string][]*networkingv1.Netwo
 			}
 		}
 	}
-	return ingressPoliciesWithCIDR, egressPoliciesWithCIDR
+	return
 }
 
 // Check for CIDR in ingress or egress rules
@@ -166,10 +162,11 @@ func getEgressPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPol
 	return egressPolicies
 }
 
-func getExternalTrafficPolicyClusterServices(namespaces *corev1.NamespaceList, servicesByNamespace map[string][]*corev1.Service, policiesByNamespace map[string][]*networkingv1.NetworkPolicy) ([]string, []string) {
-	var servicesAtRisk, noSelectorServices, safeServices []string
+func getExternalTrafficPolicyClusterServices(namespaces *corev1.NamespaceList, servicesByNamespace map[string][]*corev1.Service, policiesByNamespace map[string][]*networkingv1.NetworkPolicy) (unsafeServices []string, noSelectorServices []string) {
+	var servicesAtRisk, safeServices []string
 
-	for _, namespace := range namespaces.Items {
+	for i := range namespaces.Items {
+		namespace := &namespaces.Items[i]
 		// Check if are there ingress policies in the namespace if not skip
 		policyListAtNamespace := policiesByNamespace[namespace.Name]
 		if !hasIngressPolicies(policyListAtNamespace) {
@@ -188,21 +185,20 @@ func getExternalTrafficPolicyClusterServices(namespaces *corev1.NamespaceList, s
 					// If the service has no selector add it to the noSelectorServices list
 					if service.Spec.Selector == nil {
 						noSelectorServices = append(noSelectorServices, fmt.Sprintf("%s/%s", namespace.Name, service.Name))
-					} else {
-						// Check if are there services with selector that match the network policy
-						if checkServiceRisk(service, &namespace.Name, policyListAtNamespace) {
-							safeServices = append(safeServices, fmt.Sprintf("%s/%s", namespace.Name, service.Name))
-						}
+					}
+					// Check if are there services with selector that match the network policy
+					if checkServiceRisk(service, &namespace.Name, policyListAtNamespace) {
+						safeServices = append(safeServices, fmt.Sprintf("%s/%s", namespace.Name, service.Name))
 					}
 				}
 			}
 		}
 	}
 
 	// Get the services that are at risk but not in the safe services or no selector services lists
-	unsafeServices := difference(&servicesAtRisk, &safeServices, &noSelectorServices)
+	unsafeServices = difference(&servicesAtRisk, &safeServices, &noSelectorServices)
 
-	return unsafeServices, noSelectorServices
+	return
 }
 
 func hasIngressPolicies(policies []*networkingv1.NetworkPolicy) bool {
@@ -254,7 +250,7 @@ func checkPolicySelectorsAreEmpty(podSelector *metav1.LabelSelector) bool {
 	return len(podSelector.MatchLabels) == 0 && len(podSelector.MatchExpressions) == 0
 }
 
-func checkPolicyMatchServiceLabels(serviceLabels *map[string]string, policyLabels *map[string]string) bool {
+func checkPolicyMatchServiceLabels(serviceLabels, policyLabels *map[string]string) bool {
 	// Return false if the policy has more labels than the service
 	if len(*policyLabels) > len(*serviceLabels) {
 		return false
@@ -303,7 +299,7 @@ func checkServiceTargetPortMatchPolicyPorts(servicePorts *[]corev1.ServicePort,
 	return true
 }
 
-func difference(slice1 *[]string, slice2 *[]string, slice3 *[]string) []string {
+func difference(slice1, slice2, slice3 *[]string) []string {
 	m := make(map[string]bool)
 	for _, s := range *slice2 {
 		m[s] = true
@@ -367,7 +363,7 @@ func printMigrationSummary(namespaces *corev1.NamespaceList, policiesByNamespace
 	}
 }
 
-func printPoliciesWithEndport(ingressEndportNetworkPolicy *[]string, egressEndportNetworkPolicy *[]string) {
+func printPoliciesWithEndport(ingressEndportNetworkPolicy, egressEndportNetworkPolicy *[]string) {
 	if len(*ingressEndportNetworkPolicy) == 0 && len(*egressEndportNetworkPolicy) == 0 {
 		fmt.Printf("%-30s | %-30s \n", "NetworkPolicy with endport", "✅")
 	} else {
@@ -386,7 +382,7 @@ func printPoliciesWithEndport(ingressEndportNetworkPolicy *[]string, egressEndpo
 	}
 }
 
-func printPoliciesWithCIDR(ingressPoliciesWithCIDR *[]string, egressPoliciesWithCIDR *[]string) {
+func printPoliciesWithCIDR(ingressPoliciesWithCIDR, egressPoliciesWithCIDR *[]string) {
 	if len(*ingressPoliciesWithCIDR) == 0 && len(*egressPoliciesWithCIDR) == 0 {
 		fmt.Printf("%-30s | %-30s \n", "NetworkPolicy with CIDR", "✅")
 	} else {
@@ -420,7 +416,7 @@ func printEgressPolicies(egressPolicies *[]string) {
 	}
 }
 
-func printUnsafeServices(unsafeServices *[]string, noSelectorServices *[]string) {
+func printUnsafeServices(unsafeServices, noSelectorServices *[]string) {
 	// If there is no unsafe services then migration is safe for services with extranalTrafficPolicy=Cluster
 	if len(*unsafeServices) == 0 {
 		fmt.Printf("%-30s | %-30s \n", "Disruption for some", "✅")

Original file line number	Diff line number	Diff line change
`@@ -80,9 +80,7 @@ func main() {`
`80`	`80`	`printMigrationSummary(namespaces, policiesByNamespace, servicesByNamespace)`
`81`	`81`	`}`
`82`	`82`
`83`		`-func getEndportNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) ([]string, []string) {`
`84`		`- var ingressPoliciesWithEndport []string`
`85`		`- var egressPoliciesWithEndport []string`
	`83`	`+func getEndportNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) (ingressPoliciesWithEndport []string, egressPoliciesWithEndport []string) {`
`86`	`84`	`for namespace, policies := range policiesByNamespace {`
`87`	`85`	`for _, policy := range policies {`
`88`	`86`	`// Check the ingress field for endport`
`@@ -102,7 +100,7 @@ func getEndportNetworkPolicies(policiesByNamespace map[string][]*networkingv1.Ne`
`102`	`100`	`}`
`103`	`101`	`}`
`104`	`102`	`}`
`105`		`- return ingressPoliciesWithEndport, egressPoliciesWithEndport`
	`103`	`+ return`
`106`	`104`	`}`
`107`	`105`
`108`	`106`	`func checkEndportInPolicyRules(ports *[]networkingv1.NetworkPolicyPort) bool {`
`@@ -114,9 +112,7 @@ func checkEndportInPolicyRules(ports *[]networkingv1.NetworkPolicyPort) bool {`
`114`	`112`	`return false`
`115`	`113`	`}`
`116`	`114`
`117`		`-func getCIDRNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) ([]string, []string) {`
`118`		`- var ingressPoliciesWithCIDR []string`
`119`		`- var egressPoliciesWithCIDR []string`
	`115`	`+func getCIDRNetworkPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPolicy) (ingressPoliciesWithCIDR []string, egressPoliciesWithCIDR []string) {`
`120`	`116`	`for namespace, policies := range policiesByNamespace {`
`121`	`117`	`for _, policy := range policies {`
`122`	`118`	`// Check the ingress field for cidr`
`@@ -137,7 +133,7 @@ func getCIDRNetworkPolicies(policiesByNamespace map[string][]*networkingv1.Netwo`
`137`	`133`	`}`
`138`	`134`	`}`
`139`	`135`	`}`
`140`		`- return ingressPoliciesWithCIDR, egressPoliciesWithCIDR`
	`136`	`+ return`
`141`	`137`	`}`
`142`	`138`
`143`	`139`	`// Check for CIDR in ingress or egress rules`
`@@ -166,10 +162,11 @@ func getEgressPolicies(policiesByNamespace map[string][]*networkingv1.NetworkPol`
`166`	`162`	`return egressPolicies`
`167`	`163`	`}`
`168`	`164`
`169`		`-func getExternalTrafficPolicyClusterServices(namespaces corev1.NamespaceList, servicesByNamespace map[string][]corev1.Service, policiesByNamespace map[string][]*networkingv1.NetworkPolicy) ([]string, []string) {`
`170`		`- var servicesAtRisk, noSelectorServices, safeServices []string`
	`165`	`+func getExternalTrafficPolicyClusterServices(namespaces corev1.NamespaceList, servicesByNamespace map[string][]corev1.Service, policiesByNamespace map[string][]*networkingv1.NetworkPolicy) (unsafeServices []string, noSelectorServices []string) {`
	`166`	`+ var servicesAtRisk, safeServices []string`
`171`	`167`
`172`		`- for _, namespace := range namespaces.Items {`
	`168`	`+ for i := range namespaces.Items {`
	`169`	`+ namespace := &namespaces.Items[i]`
`173`	`170`	`// Check if are there ingress policies in the namespace if not skip`
`174`	`171`	`policyListAtNamespace := policiesByNamespace[namespace.Name]`
`175`	`172`	`if !hasIngressPolicies(policyListAtNamespace) {`
`@@ -188,21 +185,20 @@ func getExternalTrafficPolicyClusterServices(namespaces *corev1.NamespaceList, s`
`188`	`185`	`// If the service has no selector add it to the noSelectorServices list`
`189`	`186`	`if service.Spec.Selector == nil {`
`190`	`187`	`noSelectorServices = append(noSelectorServices, fmt.Sprintf("%s/%s", namespace.Name, service.Name))`
`191`		`- } else {`
`192`		`- // Check if are there services with selector that match the network policy`
`193`		`- if checkServiceRisk(service, &namespace.Name, policyListAtNamespace) {`
`194`		`- safeServices = append(safeServices, fmt.Sprintf("%s/%s", namespace.Name, service.Name))`
`195`		`- }`
	`188`	`+ }`
	`189`	`+ // Check if are there services with selector that match the network policy`
	`190`	`+ if checkServiceRisk(service, &namespace.Name, policyListAtNamespace) {`
	`191`	`+ safeServices = append(safeServices, fmt.Sprintf("%s/%s", namespace.Name, service.Name))`
`196`	`192`	`}`
`197`	`193`	`}`
`198`	`194`	`}`
`199`	`195`	`}`
`200`	`196`	`}`
`201`	`197`
`202`	`198`	`// Get the services that are at risk but not in the safe services or no selector services lists`
`203`		`- unsafeServices := difference(&servicesAtRisk, &safeServices, &noSelectorServices)`
	`199`	`+ unsafeServices = difference(&servicesAtRisk, &safeServices, &noSelectorServices)`
`204`	`200`
`205`		`- return unsafeServices, noSelectorServices`
	`201`	`+ return`
`206`	`202`	`}`
`207`	`203`
`208`	`204`	`func hasIngressPolicies(policies []*networkingv1.NetworkPolicy) bool {`
`@@ -254,7 +250,7 @@ func checkPolicySelectorsAreEmpty(podSelector *metav1.LabelSelector) bool {`
`254`	`250`	`return len(podSelector.MatchLabels) == 0 && len(podSelector.MatchExpressions) == 0`
`255`	`251`	`}`
`256`	`252`
`257`		`-func checkPolicyMatchServiceLabels(serviceLabels map[string]string, policyLabels map[string]string) bool {`
	`253`	`+func checkPolicyMatchServiceLabels(serviceLabels, policyLabels *map[string]string) bool {`
`258`	`254`	`// Return false if the policy has more labels than the service`
`259`	`255`	`if len(policyLabels) > len(serviceLabels) {`
`260`	`256`	`return false`
`@@ -303,7 +299,7 @@ func checkServiceTargetPortMatchPolicyPorts(servicePorts *[]corev1.ServicePort,`
`303`	`299`	`return true`
`304`	`300`	`}`
`305`	`301`
`306`		`-func difference(slice1 []string, slice2 []string, slice3 *[]string) []string {`
	`302`	`+func difference(slice1, slice2, slice3 *[]string) []string {`
`307`	`303`	`m := make(map[string]bool)`
`308`	`304`	`for _, s := range *slice2 {`
`309`	`305`	`m[s] = true`
`@@ -367,7 +363,7 @@ func printMigrationSummary(namespaces *corev1.NamespaceList, policiesByNamespace`
`367`	`363`	`}`
`368`	`364`	`}`
`369`	`365`
`370`		`-func printPoliciesWithEndport(ingressEndportNetworkPolicy []string, egressEndportNetworkPolicy []string) {`
	`366`	`+func printPoliciesWithEndport(ingressEndportNetworkPolicy, egressEndportNetworkPolicy *[]string) {`
`371`	`367`	`if len(ingressEndportNetworkPolicy) == 0 && len(egressEndportNetworkPolicy) == 0 {`
`372`	`368`	`fmt.Printf("%-30s \| %-30s \n", "NetworkPolicy with endport", "✅")`
`373`	`369`	`} else {`
`@@ -386,7 +382,7 @@ func printPoliciesWithEndport(ingressEndportNetworkPolicy *[]string, egressEndpo`
`386`	`382`	`}`
`387`	`383`	`}`
`388`	`384`
`389`		`-func printPoliciesWithCIDR(ingressPoliciesWithCIDR []string, egressPoliciesWithCIDR []string) {`
	`385`	`+func printPoliciesWithCIDR(ingressPoliciesWithCIDR, egressPoliciesWithCIDR *[]string) {`
`390`	`386`	`if len(ingressPoliciesWithCIDR) == 0 && len(egressPoliciesWithCIDR) == 0 {`
`391`	`387`	`fmt.Printf("%-30s \| %-30s \n", "NetworkPolicy with CIDR", "✅")`
`392`	`388`	`} else {`
`@@ -420,7 +416,7 @@ func printEgressPolicies(egressPolicies *[]string) {`
`420`	`416`	`}`
`421`	`417`	`}`
`422`	`418`
`423`		`-func printUnsafeServices(unsafeServices []string, noSelectorServices []string) {`
	`419`	`+func printUnsafeServices(unsafeServices, noSelectorServices *[]string) {`
`424`	`420`	`// If there is no unsafe services then migration is safe for services with extranalTrafficPolicy=Cluster`
`425`	`421`	`if len(*unsafeServices) == 0 {`
`426`	`422`	`fmt.Printf("%-30s \| %-30s \n", "Disruption for some", "✅")`