diff --git a/tests/exposure_test_with_anp_10_with_real_pod/policies.yaml b/tests/exposure_test_with_anp_10_with_real_pod/policies.yaml index 97ae501d..ea91d3a6 100644 --- a/tests/exposure_test_with_anp_10_with_real_pod/policies.yaml +++ b/tests/exposure_test_with_anp_10_with_real_pod/policies.yaml @@ -1,7 +1,7 @@ apiVersion: policy.networking.k8s.io/v1alpha1 kind: AdminNetworkPolicy metadata: - name: exposure-deny-peer-allow-entire-cluster-all-conns + name: exposure-example-10-exclude-real-pod-from-entire-cluster-conn spec: priority: 10 subject: @@ -13,7 +13,7 @@ spec: matchLabels: app: a-app egress: - - name: "deny-all-egress-to-slytherin" + - name: "deny-all-egress-to-workload-b" action: "Deny" to: - pods: diff --git a/tests/exposure_test_with_anp_11_with_named_port/policies.yaml b/tests/exposure_test_with_anp_11_with_named_port/policies.yaml index 4158e04f..cb6fd095 100644 --- a/tests/exposure_test_with_anp_11_with_named_port/policies.yaml +++ b/tests/exposure_test_with_anp_11_with_named_port/policies.yaml @@ -1,7 +1,7 @@ apiVersion: policy.networking.k8s.io/v1alpha1 kind: AdminNetworkPolicy metadata: - name: exposure-deny-peer-allow-entire-cluster-all-conns + name: exposure-allow-entire-cluster spec: priority: 10 subject: diff --git a/tests/exposure_test_with_anp_12/policies.yaml b/tests/exposure_test_with_anp_12/policies.yaml index 8aea968b..ea561b9a 100644 --- a/tests/exposure_test_with_anp_12/policies.yaml +++ b/tests/exposure_test_with_anp_12/policies.yaml @@ -13,7 +13,7 @@ spec: matchLabels: app: a-app egress: - - name: "allow-some-to-all-pods-in-existing-ns" + - name: "allow-tcp9090-to-all-pods-in-existing-ns" action: "Allow" to: - pods: @@ -25,7 +25,7 @@ spec: port: 9090 protocol: TCP ingress: - - name: "allow-some-from-pods-in-existing-namespace" + - name: "allow-tcp9090-from-pods-in-existing-namespace" action: "Allow" from: - pods: @@ -51,7 +51,7 @@ spec: matchLabels: app: a-app ingress: - - name: "deny-all-internal-connections-on-port" + - name: "deny-all-internal-connections-on-port-tcp9090" action: "Deny" from: - pods: @@ -62,7 +62,7 @@ spec: port: 9090 protocol: TCP egress: - - name: "deny-all-internal-connections-egress-on-port" + - name: "deny-all-internal-connections-egress-on-port-tcp9090" action: "Deny" to: - pods: diff --git a/tests/exposure_test_with_anp_13/policies.yaml b/tests/exposure_test_with_anp_13/policies.yaml index b64cd956..a35b34f3 100644 --- a/tests/exposure_test_with_anp_13/policies.yaml +++ b/tests/exposure_test_with_anp_13/policies.yaml @@ -13,12 +13,12 @@ spec: matchLabels: app: a-app egress: - - name: "deny-all-to-networks" + - name: "deny-all-to-all-networks" action: "Deny" to: - networks: - 0.0.0.0/0 - - name: "allow-some-to-labeled-pods-in-new-ns" + - name: "allow-tcp80-to-labeled-pods-in-new-ns" action: "Allow" to: - pods: @@ -33,7 +33,7 @@ spec: port: 80 protocol: TCP ingress: - - name: "allow-some-from-pods-in-existing-namespace" + - name: "allow-tcp9090-from-pods-in-existing-namespace" action: "Allow" from: - pods: @@ -59,7 +59,7 @@ spec: matchLabels: app: a-app ingress: - - name: "deny-all-internal-connections" + - name: "deny-all-internal-connections-ingress" action: "Deny" from: - pods: diff --git a/tests/exposure_test_with_anp_15/policies.yaml b/tests/exposure_test_with_anp_15/policies.yaml index 44571fec..a75b0f68 100644 --- a/tests/exposure_test_with_anp_15/policies.yaml +++ b/tests/exposure_test_with_anp_15/policies.yaml @@ -13,7 +13,7 @@ spec: matchLabels: app: a-app egress: - - name: "allow-some-to-all-pods-in-same-ns" + - name: "allow-tcp9090-to-all-pods-in-same-ns" action: "Allow" to: - pods: @@ -25,7 +25,7 @@ spec: port: 9090 protocol: TCP ingress: - - name: "allow-some-from-pods-in-same-namespace" + - name: "allow-tcp9090-from-pods-in-same-namespace" action: "Allow" from: - pods: @@ -80,7 +80,7 @@ spec: matchLabels: kubernetes.io/metadata.name: hello-world egress: - - name: "pass-some-to-labeled-pods-in-labeled-ns" + - name: "pass-udp53-to-labeled-pods-in-labeled-ns" action: "Pass" to: - pods: @@ -94,7 +94,7 @@ spec: - portNumber: port: 53 protocol: UDP - - name: "allow-some-to-labeled-pods-in-labeled-ns" + - name: "allow-udp58-to-labeled-pods-in-labeled-ns" action: "Allow" to: - pods: diff --git a/tests/exposure_test_with_anp_4_entire_cluster_example/policies.yaml b/tests/exposure_test_with_anp_4_entire_cluster_example/policies.yaml index 4721c53f..a8000ec0 100644 --- a/tests/exposure_test_with_anp_4_entire_cluster_example/policies.yaml +++ b/tests/exposure_test_with_anp_4_entire_cluster_example/policies.yaml @@ -9,7 +9,7 @@ spec: matchLabels: kubernetes.io/metadata.name: hello-world ingress: - - name: "allow-some-ingress-from-entire-cluster" # exposed to entire-cluster on ingress + - name: "allow-tcp80-ingress-from-entire-cluster" # exposed to entire-cluster on ingress action: "Allow" from: - namespaces: {} @@ -18,7 +18,7 @@ spec: port: 80 protocol: TCP egress: - - name: "allow-some-egress-to-entire-cluster" # exposed to entire-cluster on egress + - name: "allow-tcp80-egress-to-entire-cluster" # exposed to entire-cluster on egress action: "Allow" to: - namespaces: {} diff --git a/tests/exposure_test_with_anp_5_entire_cluster_example/policies.yaml b/tests/exposure_test_with_anp_5_entire_cluster_example/policies.yaml index e5de6cec..a7794ca7 100644 --- a/tests/exposure_test_with_anp_5_entire_cluster_example/policies.yaml +++ b/tests/exposure_test_with_anp_5_entire_cluster_example/policies.yaml @@ -9,7 +9,7 @@ spec: matchLabels: kubernetes.io/metadata.name: hello-world ingress: - - name: "deny-some-ingress-from-entire-cluster" # exposed to entire-cluster on ingress + - name: "deny-tcp80-ingress-from-entire-cluster" # exposed to entire-cluster on ingress action: "Deny" from: - namespaces: {} @@ -18,7 +18,7 @@ spec: port: 80 protocol: TCP egress: - - name: "deny-some-egress-to-entire-cluster" # exposed to entire-cluster on egress + - name: "deny-tcp80-egress-to-entire-cluster" # exposed to entire-cluster on egress action: "Deny" to: - namespaces: {} diff --git a/tests/exposure_test_with_anp_6_entire_cluster_example/policies.yaml b/tests/exposure_test_with_anp_6_entire_cluster_example/policies.yaml index 2e851ef0..2f88beab 100644 --- a/tests/exposure_test_with_anp_6_entire_cluster_example/policies.yaml +++ b/tests/exposure_test_with_anp_6_entire_cluster_example/policies.yaml @@ -9,7 +9,7 @@ spec: matchLabels: kubernetes.io/metadata.name: hello-world ingress: - - name: "pass-some-ingress-from-entire-cluster" # exposed to entire-cluster on ingress + - name: "pass-tcp80-ingress-from-entire-cluster" # exposed to entire-cluster on ingress action: "Pass" from: - namespaces: {} @@ -18,7 +18,7 @@ spec: port: 80 protocol: TCP egress: - - name: "pass-some-egress-to-entire-cluster" # exposed to entire-cluster on egress + - name: "pass-tcp80-egress-to-entire-cluster" # exposed to entire-cluster on egress action: "Pass" to: - namespaces: {} diff --git a/tests/exposure_test_with_anp_8/policies.yaml b/tests/exposure_test_with_anp_8/policies.yaml index 189c250c..70f91528 100644 --- a/tests/exposure_test_with_anp_8/policies.yaml +++ b/tests/exposure_test_with_anp_8/policies.yaml @@ -1,7 +1,7 @@ apiVersion: policy.networking.k8s.io/v1alpha1 kind: AdminNetworkPolicy metadata: - name: exposure-deny-peer-allow-entire-cluster-all-conns + name: exposure-deny-partial-to-peer-allow-entire-cluster-all-conns spec: priority: 10 subject: diff --git a/tests/exposure_test_with_anp_9/policies.yaml b/tests/exposure_test_with_anp_9/policies.yaml index 8c34a038..14be3365 100644 --- a/tests/exposure_test_with_anp_9/policies.yaml +++ b/tests/exposure_test_with_anp_9/policies.yaml @@ -1,7 +1,7 @@ apiVersion: policy.networking.k8s.io/v1alpha1 kind: AdminNetworkPolicy metadata: - name: exposure-deny-peer-allow-entire-cluster-all-conns + name: exposure-exclude-representative-peer-allow-from-cluster-all-conns spec: priority: 10 subject: