Network policy (#160)

bentito · web-flow · commit 84da99dc3b20 · 2025-08-11T13:19:07.000-04:00
* Basic NetworkPolicy scan

* NetworkPolicy report formatting tweaks

* Just scan NetworkPolicy text files, report better
diff --git a/README.md b/README.md
@@ -59,8 +59,28 @@ export CONTAINER_ENGINE=podman
 
 Now, you can audit all operator bundles of an image catalog with: 
 
-```sh 
-audit-tool index bundles --index-image=registry.redhat.io/redhat/redhat-operator-index:v4.7 
+```sh
+audit-tool index bundles --index-image=registry.redhat.io/redhat/redhat-operator-index:v4.7
+```
+
+### Scanning for NetworkPolicy Resources
+
+To identify any `NetworkPolicy` resources included in bundle manifests across catalogs, use the `np` sub-command:
+
+```sh
+$ audit-tool index np --indexes=registry.redhat.io/redhat/redhat-operator-index:v4.16,registry.redhat.io/redhat/redhat-operator-index:v4.17
+```
+
+You can also filter to a specific package:
+
+```sh
+$ audit-tool index np --indexes=registry.redhat.io/redhat/redhat-operator-index:v4.17 --package=bakery-operator
+```
+
+Specify `podman` if needed:
+
+```sh
+$ audit-tool index np --indexes=registry.redhat.io/redhat/redhat-operator-index:v4.17 --container-engine=podman
 ```
 
 Then, this report will result in a JSON file with all data exctract from the index and the bundles. Note that audit
@@ -260,4 +280,4 @@ add the artefacts in the release page.
 [operator-sdk]: https://github.com/operator-framework/operator-sdk
 [audit-ep]: https://github.com/operator-framework/enhancements/blob/master/enhancements/audit-command.md
 [validator]: https://github.com/operator-framework/api/blob/v0.17.1/pkg/validation/validation.go#L66-L85
-[scorecard]: https://sdk.operatorframework.io/docs/testing-operators/scorecard/
+[scorecard]: https://sdk.operatorframework.io/docs/testing-operators/scorecard/
diff --git a/cmd/index/main.go b/cmd/index/main.go
@@ -15,10 +15,10 @@
 package index
 
 import (
+	"github.com/operator-framework/audit/cmd/index/bundles"
 	"github.com/operator-framework/audit/cmd/index/eus"
+	"github.com/operator-framework/audit/cmd/index/np"
 	"github.com/spf13/cobra"
-
-	"github.com/operator-framework/audit/cmd/index/bundles"
 )
 
 func NewCmd() *cobra.Command {
@@ -34,6 +34,9 @@ func NewCmd() *cobra.Command {
 	indexCmd.AddCommand(
 		eus.NewCmd(),
 	)
+	indexCmd.AddCommand(
+		np.NewCmd(),
+	)
 
 	return indexCmd
 
diff --git a/cmd/index/np/command.go b/cmd/index/np/command.go
