Support reporting webhook services to Otterize cloud, for supporting auto-allow traffic to webhook services in cloud shadow mode (#303)

Author: zohar7ch

helm-charts

@@ -26,6 +26,7 @@ import (
 	"github.com/otterize/network-mapper/src/mapper/pkg/metrics_collection_traffic"
 	"github.com/otterize/network-mapper/src/mapper/pkg/networkpolicyreport"
 	"github.com/otterize/network-mapper/src/mapper/pkg/resourcevisibility"
+	"github.com/otterize/network-mapper/src/mapper/pkg/webhook_traffic"
 	"github.com/otterize/network-mapper/src/shared/echologrus"
 	"golang.org/x/sync/errgroup"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
@@ -258,6 +259,12 @@ func main() {
 			logrus.WithError(err).Panic("unable to create endpoints reconciler")
 		}
 
+		webhookServicesHandler := webhook_traffic.NewWebhookServicesHandler(mgr.GetClient(), cloudClient, kubeFinder)
+		webhookTrafficReconcilerManager := webhook_traffic.NewWebhookTrafficReconcilerManager(mgr.GetClient(), webhookServicesHandler)
+		if err = webhookTrafficReconcilerManager.SetupWithManager(mgr); err != nil {
+			logrus.WithError(err).Panic("unable to create validating webhooks reconciler")
+		}
+
 		netpolReconciler := networkpolicyreport.NewNetworkPolicyReconciler(mgr.GetClient(), cloudClient)
 		if err := netpolReconciler.SetupWithManager(mgr); err != nil {
 			logrus.WithError(err).Panic("unable to create network policy reconciler")

src/mapper/cmd/main.go

@@ -21,6 +21,7 @@ type CloudClient interface {
 	ReportK8sResourceEligibleForMetricsCollection(ctx context.Context, namespace string, reason EligibleForMetricsCollectionReason, resources []K8sResourceEligibleForMetricsCollectionInput) error
 	ReportNetworkPolicies(ctx context.Context, namespace string, policies []NetworkPolicyInput) error
 	ReportCiliumClusterWideNetworkPolicies(ctx context.Context, policies []NetworkPolicyInput) error
+	ReportK8sWebhookServices(ctx context.Context, services []K8sWebhookServiceInput) error
 }
 
 type CloudClientImpl struct {
@@ -202,3 +203,14 @@ func (c *CloudClientImpl) ReportCiliumClusterWideNetworkPolicies(
 
 	return nil
 }
+
+func (c *CloudClientImpl) ReportK8sWebhookServices(ctx context.Context, services []K8sWebhookServiceInput) error {
+	logrus.Infof("Reporting webhook services")
+
+	_, err := ReportK8sWebhookServices(ctx, c.client, services)
+	if err != nil {
+		return errors.Wrap(err)
+	}
+
+	return nil
+}

src/mapper/pkg/cloudclient/cloud_client.go

@@ -47,4 +47,8 @@ mutation ReportNetworkPolicies($namespace: String!, $networkPolicies: [NetworkPo
 
 mutation ReportCiliumClusterWideNetworkPolicies($networkPolicies: [NetworkPolicyInput!]!) {
     reportNetworkPolicies(networkPolicies: $networkPolicies)
+}
+
+mutation ReportK8sWebhookServices($services: [K8sWebhookServiceInput!]!) {
+    reportK8sWebhookServices(services: $services)
 }