Report network policies to the cloud for better insights on unused policies and blocked traffic (#285)

Co-authored-by: davidrobert <[email protected]>

Author: omris94

src/go.mod

@@ -23,6 +23,7 @@ import (
 	"github.com/otterize/network-mapper/src/mapper/pkg/incomingtrafficholder"
 	"github.com/otterize/network-mapper/src/mapper/pkg/labelreporter"
 	"github.com/otterize/network-mapper/src/mapper/pkg/metrics_collection_traffic"
+	"github.com/otterize/network-mapper/src/mapper/pkg/networkpolicyreport"
 	"github.com/otterize/network-mapper/src/mapper/pkg/resourcevisibility"
 	"github.com/otterize/network-mapper/src/shared/echologrus"
 	"golang.org/x/sync/errgroup"
@@ -260,6 +261,11 @@ func main() {
 		if err = metricsCollectorEndpointsReconciler.SetupWithManager(mgr); err != nil {
 			logrus.WithError(err).Panic("unable to create endpoints reconciler")
 		}
+
+		netpolReconciler := networkpolicyreport.NewNetworkPolicyReconciler(mgr.GetClient(), cloudClient)
+		if err := netpolReconciler.SetupWithManager(mgr); err != nil {
+			logrus.WithError(err).Panic("unable to create network policy reconciler")
+		}
 	}
 
 	if viper.GetBool(config.OTelEnabledKey) {

src/mapper/cmd/main.go

@@ -19,6 +19,7 @@ type CloudClient interface {
 	ReportNamespaceLabels(ctx context.Context, namespace string, labels []LabelInput) error
 	ReportWorkloadsLabels(ctx context.Context, workloadsLabels []ReportServiceMetadataInput) error
 	ReportK8sResourceEligibleForMetricsCollection(ctx context.Context, namespace string, reason EligibleForMetricsCollectionReason, resources []K8sResourceEligibleForMetricsCollectionInput) error
+	ReportNetworkPolicies(ctx context.Context, namespace string, policies []NetworkPolicyInput) error
 }
 
 type CloudClientImpl struct {
@@ -160,3 +161,25 @@ func (c *CloudClientImpl) ReportWorkloadsLabels(ctx context.Context, workloadsLa
 
 	return nil
 }
+
+func (c *CloudClientImpl) ReportNetworkPolicies(
+	ctx context.Context,
+	namespace string,
+	policies []NetworkPolicyInput,
+) error {
+	logrus.WithField("namespace", namespace).
+		WithField("count", len(policies)).
+		Infof("Reporting network policies")
+
+	_, err := ReportNetworkPolicies(
+		ctx,
+		c.client,
+		namespace,
+		policies,
+	)
+	if err != nil {
+		return errors.Wrap(err)
+	}
+
+	return nil
+}

src/mapper/pkg/cloudclient/cloud_client.go

@@ -39,4 +39,8 @@ mutation ReportNamespaceLabels($name: String!, $labels: [LabelInput!]!) {
 
 mutation ReportWorkloadsLabels($workloadsLabels: [ReportServiceMetadataInput!]!) {
     reportServicesMetadata(servicesMeta: $workloadsLabels)
+}
+
+mutation ReportNetworkPolicies($namespace: String!, $networkPolicies: [NetworkPolicyInput!]!) {
+    reportNetworkPolicies(namespace: $namespace, networkPolicies: $networkPolicies)
 }