Skip to content

Commit 645dbc2

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #75 from tssurya/update-not-same-labels
Fix description for same/notSameLabels; remove NamespaceRelation
2 parents 3d0c89f + 2a9aa3d commit 645dbc2

File tree

4 files changed

+58
-115
lines changed

4 files changed

+58
-115
lines changed

apis/v1alpha1/shared_types.go

Lines changed: 6 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -111,27 +111,13 @@ type AdminNetworkPolicyPeer struct {
111111
Pods *NamespacedPodPeer `json:"pods,omitempty"`
112112
}
113113

114-
type NamespaceRelation string
115-
116-
const (
117-
NamespaceSelf NamespaceRelation = "Self"
118-
NamespaceNotSelf NamespaceRelation = "NotSelf"
119-
)
120-
121114
// NamespacedPeer defines a flexible way to select Namespaces in a cluster.
122115
// Exactly one of the selectors must be set. If a consumer observes none of
123116
// its fields are set, they must assume an unknown option has been specified
124117
// and fail closed.
125118
// +kubebuilder:validation:MaxProperties=1
126119
// +kubebuilder:validation:MinProperties=1
127120
type NamespacedPeer struct {
128-
// Related provides a mechanism for selecting namespaces relative to the
129-
// subject pod. A value of "Self" matches the subject pod's namespace,
130-
// while a value of "NotSelf" matches namespaces other than the subject
131-
// pod's namespace.
132-
// +optional
133-
Related *NamespaceRelation `json:"related,omitempty"`
134-
135121
// NamespaceSelector is a labelSelector used to select Namespaces, This field
136122
// follows standard label selector semantics; if present but empty, it selects
137123
// all Namespaces.
@@ -141,15 +127,17 @@ type NamespacedPeer struct {
141127
// SameLabels is used to select a set of Namespaces that share the same values
142128
// for a set of labels.
143129
// To be selected a Namespace must have all of the labels defined in SameLabels,
144-
// and they must all have the same value as the subject of this policy.
130+
// AND they must all have the same value as the subject of this policy.
145131
// If Samelabels is Empty then nothing is selected.
146132
// +optional
147133
// +kubebuilder:validation:MaxItems=100
148134
SameLabels []string `json:"sameLabels,omitempty"`
149135

150-
// NotSameLabels is used to select a set of Namespaces that do not have a set
151-
// of label(s). To be selected a Namespace must have none of the labels defined
152-
// in NotSameLabels. If NotSameLabels is empty then nothing is selected.
136+
// NotSameLabels is used to select a set of Namespaces that do not have certain
137+
// values for a set of label(s).
138+
// To be selected a Namespace must have all of the labels defined in NotSameLabels,
139+
// AND at least one of them must have different values than the subject of this policy.
140+
// If NotSameLabels is empty then nothing is selected.
153141
// +optional
154142
// +kubebuilder:validation:MaxItems=100
155143
NotSameLabels []string `json:"notSameLabels,omitempty"`

apis/v1alpha1/zz_generated.deepcopy.go

Lines changed: 0 additions & 5 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

config/crd/bases/policy.networking.k8s.io_adminnetworkpolicies.yaml

Lines changed: 26 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -218,26 +218,21 @@ spec:
218218
x-kubernetes-map-type: atomic
219219
notSameLabels:
220220
description: NotSameLabels is used to select a set
221-
of Namespaces that do not have a set of label(s).
222-
To be selected a Namespace must have none of the
223-
labels defined in NotSameLabels. If NotSameLabels
221+
of Namespaces that do not have certain values for
222+
a set of label(s). To be selected a Namespace must
223+
have all of the labels defined in NotSameLabels,
224+
AND at least one of them must have different values
225+
than the subject of this policy. If NotSameLabels
224226
is empty then nothing is selected.
225227
items:
226228
type: string
227229
maxItems: 100
228230
type: array
229-
related:
230-
description: Related provides a mechanism for selecting
231-
namespaces relative to the subject pod. A value
232-
of "Self" matches the subject pod's namespace, while
233-
a value of "NotSelf" matches namespaces other than
234-
the subject pod's namespace.
235-
type: string
236231
sameLabels:
237232
description: SameLabels is used to select a set of
238233
Namespaces that share the same values for a set
239234
of labels. To be selected a Namespace must have
240-
all of the labels defined in SameLabels, and they
235+
all of the labels defined in SameLabels, AND they
241236
must all have the same value as the subject of this
242237
policy. If Samelabels is Empty then nothing is selected.
243238
items:
@@ -311,27 +306,22 @@ spec:
311306
x-kubernetes-map-type: atomic
312307
notSameLabels:
313308
description: NotSameLabels is used to select a
314-
set of Namespaces that do not have a set of
315-
label(s). To be selected a Namespace must have
316-
none of the labels defined in NotSameLabels.
317-
If NotSameLabels is empty then nothing is selected.
309+
set of Namespaces that do not have certain values
310+
for a set of label(s). To be selected a Namespace
311+
must have all of the labels defined in NotSameLabels,
312+
AND at least one of them must have different
313+
values than the subject of this policy. If NotSameLabels
314+
is empty then nothing is selected.
318315
items:
319316
type: string
320317
maxItems: 100
321318
type: array
322-
related:
323-
description: Related provides a mechanism for
324-
selecting namespaces relative to the subject
325-
pod. A value of "Self" matches the subject pod's
326-
namespace, while a value of "NotSelf" matches
327-
namespaces other than the subject pod's namespace.
328-
type: string
329319
sameLabels:
330320
description: SameLabels is used to select a set
331321
of Namespaces that share the same values for
332322
a set of labels. To be selected a Namespace
333323
must have all of the labels defined in SameLabels,
334-
and they must all have the same value as the
324+
AND they must all have the same value as the
335325
subject of this policy. If Samelabels is Empty
336326
then nothing is selected.
337327
items:
@@ -501,26 +491,21 @@ spec:
501491
x-kubernetes-map-type: atomic
502492
notSameLabels:
503493
description: NotSameLabels is used to select a set
504-
of Namespaces that do not have a set of label(s).
505-
To be selected a Namespace must have none of the
506-
labels defined in NotSameLabels. If NotSameLabels
494+
of Namespaces that do not have certain values for
495+
a set of label(s). To be selected a Namespace must
496+
have all of the labels defined in NotSameLabels,
497+
AND at least one of them must have different values
498+
than the subject of this policy. If NotSameLabels
507499
is empty then nothing is selected.
508500
items:
509501
type: string
510502
maxItems: 100
511503
type: array
512-
related:
513-
description: Related provides a mechanism for selecting
514-
namespaces relative to the subject pod. A value
515-
of "Self" matches the subject pod's namespace, while
516-
a value of "NotSelf" matches namespaces other than
517-
the subject pod's namespace.
518-
type: string
519504
sameLabels:
520505
description: SameLabels is used to select a set of
521506
Namespaces that share the same values for a set
522507
of labels. To be selected a Namespace must have
523-
all of the labels defined in SameLabels, and they
508+
all of the labels defined in SameLabels, AND they
524509
must all have the same value as the subject of this
525510
policy. If Samelabels is Empty then nothing is selected.
526511
items:
@@ -594,27 +579,22 @@ spec:
594579
x-kubernetes-map-type: atomic
595580
notSameLabels:
596581
description: NotSameLabels is used to select a
597-
set of Namespaces that do not have a set of
598-
label(s). To be selected a Namespace must have
599-
none of the labels defined in NotSameLabels.
600-
If NotSameLabels is empty then nothing is selected.
582+
set of Namespaces that do not have certain values
583+
for a set of label(s). To be selected a Namespace
584+
must have all of the labels defined in NotSameLabels,
585+
AND at least one of them must have different
586+
values than the subject of this policy. If NotSameLabels
587+
is empty then nothing is selected.
601588
items:
602589
type: string
603590
maxItems: 100
604591
type: array
605-
related:
606-
description: Related provides a mechanism for
607-
selecting namespaces relative to the subject
608-
pod. A value of "Self" matches the subject pod's
609-
namespace, while a value of "NotSelf" matches
610-
namespaces other than the subject pod's namespace.
611-
type: string
612592
sameLabels:
613593
description: SameLabels is used to select a set
614594
of Namespaces that share the same values for
615595
a set of labels. To be selected a Namespace
616596
must have all of the labels defined in SameLabels,
617-
and they must all have the same value as the
597+
AND they must all have the same value as the
618598
subject of this policy. If Samelabels is Empty
619599
then nothing is selected.
620600
items:

0 commit comments

Comments
 (0)