Merge pull request #191 from armosec/np_status

network policie status
armosec · Dec 27, 2023 · c899214 · c899214
2 parents 3be0c56 + 1128266
commit c899214
Showing 1 changed file with 33 additions and 8 deletions.
diff --git a/armotypes/kubernetes_objects.go b/armotypes/kubernetes_objects.go
@@ -6,6 +6,14 @@ import (
 	"github.com/armosec/armoapi-go/identifiers"
 )
 
+type NetworkPolicyStatus int
+
+const (
+	StatusNetworkPolicyApplied    NetworkPolicyStatus = 1
+	StatusNetworkPolicyNotApplied NetworkPolicyStatus = 2
+	StatusNetworkPolicyUknown     NetworkPolicyStatus = 3
+)
+
 // KubernetesObject represents a single Kubernetes object, either native or kubescape CRD
 type KubernetesObject struct {
 	Designators       identifiers.PortalDesignator `json:"designators"`
@@ -19,12 +27,29 @@ type KubernetesObject struct {
 	OwnerReferenceKind string `json:"ownerReferenceKind"`
 
 	// related only to kubescape DRDs.
-	RelatedName            string            `json:"relatedName"`
-	RelatedKind            string            `json:"relatedKind"`
-	RelatedAPIGroup        string            `json:"relatedAPIGroup"`
-	RelatedNamespace       string            `json:"relatedNamespace"`
-	RelatedAPIVersion      string            `json:"relatedAPIVersion"`
-	RelatedResourceVersion string            `json:"relatedResourceVersion"`
-	NetworkPolicyStatus    string            `json:"networkPolicyStatus"`
-	Labels                 map[string]string `json:"labels"`
+	RelatedName            string `json:"relatedName"`
+	RelatedKind            string `json:"relatedKind"`
+	RelatedAPIGroup        string `json:"relatedAPIGroup"`
+	RelatedNamespace       string `json:"relatedNamespace"`
+	RelatedAPIVersion      string `json:"relatedAPIVersion"`
+	RelatedResourceVersion string `json:"relatedResourceVersion"`
+	NetworkPolicyStatus    string `json:"networkPolicyStatus"` // DEPRECATED
+
+	NetworkPolicyAppliedCustomer  bool `json:"networkPolicyAppliedCustomer"`
+	NetworkPolicyAppliedKubescape bool `json:"networkPolicyAppliedKubescape"`
+	NetworkPolicyStatusKnown      bool `json:"networkPolicyStatusKnown"`
+
+	Labels map[string]string `json:"labels"`
+}
+
+func (ko *KubernetesObject) GetNetworkPolicyStatus() NetworkPolicyStatus {
+	if !ko.NetworkPolicyStatusKnown {
+		return StatusNetworkPolicyUknown
+	}
+
+	if ko.NetworkPolicyAppliedCustomer || ko.NetworkPolicyAppliedKubescape {
+		return StatusNetworkPolicyApplied
+	}
+
+	return StatusNetworkPolicyNotApplied
 }