Properly check for firewallGroup in same namespace

Merge pull request 'Check for firewallGroup in same namespace if namespace is not defined' (#31 ) from feature/default-namespace-same-as-firewallpolicy-namespace-when-referring-firewallgroup into main
Reviewed-on: #31
2025-06-29 00:58:57 +02:00 · 2025-06-28 21:56:08 +00:00 · 2025-06-28 23:53:51 +02:00 · 2025-06-28 16:38:11 +00:00 · 2025-06-28 18:33:54 +02:00 · 2025-06-27 15:48:14 +00:00
1 changed files with 3 additions and 3 deletions
--- a/internal/controller/firewallpolicy_controller.go
+++ b/internal/controller/firewallpolicy_controller.go
@@ -285,7 +285,7 @@ func (r *FirewallPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 	// This will be used when running through all firewall groups and servics known, to see if a rule should be added.

 	for _, dest_group := range firewallPolicy.Spec.Destination.FirewallGroups {
-		namespace := defaultNs
+		namespace := firewallPolicy.Namespace
 		if len(dest_group.Namespace) > 0 {
 			namespace = dest_group.Namespace
 		}
@@ -310,7 +310,7 @@ func (r *FirewallPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 	// Run through all firewall groups. Add them to the myFirewallGroups list if they either have an annotations or is specified in the resource.

 	for _, firewallGroup := range firewallGroupCRDs.Items {
-		if val, found := firewallGroup.Annotations["unifi.engen.priv.no/firewall-policy"]; found && ((strings.Contains(val, "/") && val == firewallPolicy.Namespace+"/"+firewallPolicy.Name) || (val == firewallPolicy.Name && firewallPolicy.Namespace == defaultNs)) {
+		if val, found := firewallGroup.Annotations["unifi.engen.priv.no/firewall-policy"]; found && ((strings.Contains(val, "/") && val == firewallPolicy.Namespace+"/"+firewallPolicy.Name) || (val == firewallPolicy.Name && firewallPolicy.Namespace == firewallGroup.Namespace)) {
 			myFirewallGroups = append(myFirewallGroups, firewallGroup)
 		} else if _, found := destination_groups[firewallGroup.Namespace+"/"+firewallGroup.Name]; found {
 			myFirewallGroups = append(myFirewallGroups, firewallGroup)
@@ -340,7 +340,7 @@ func (r *FirewallPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 				skipService = true
 			}
 		}
-		if val, found := service.Annotations["unifi.engen.priv.no/firewall-policy"]; found && ((strings.Contains(val, "/") && val == firewallPolicy.Namespace+"/"+firewallPolicy.Name) || (val == firewallPolicy.Name && firewallPolicy.Namespace == defaultNs)) && !skipService {
+		if val, found := service.Annotations["unifi.engen.priv.no/firewall-policy"]; found && ((strings.Contains(val, "/") && val == firewallPolicy.Namespace+"/"+firewallPolicy.Name) || (val == firewallPolicy.Name && firewallPolicy.Namespace == service.Namespace)) && !skipService {
 			myServices = append(myServices, service)
 		} else if _, found := destination_services[service.Namespace+"/"+service.Name]; found && !skipService {
 			myServices = append(myServices, service)
Author	SHA1	Message	Date
Vegard Engen	3a63034e26	Properly check for firewallGroup in same namespace All checks were successful Build project / build (push) Successful in 1m54s Details Publish / build (push) Successful in 2m0s Details	2025-06-29 00:58:57 +02:00
Vegard Engen	2e95d29373	Merge pull request 'Check for firewallGroup in same namespace if namespace is not defined' (#31 ) from feature/default-namespace-same-as-firewallpolicy-namespace-when-referring-firewallgroup into main All checks were successful Publish / build (push) Successful in 2m16s Details Reviewed-on: #31	2025-06-28 21:56:08 +00:00
Vegard Engen	990140ee1c	Check for firewallGroup in same namespace if namespace is not defined All checks were successful Build project / build (push) Successful in 1m51s Details	2025-06-28 23:53:51 +02:00
Vegard Engen	24c88264c9	Merge pull request 'Fix namespace matching for firewallgroups in firewallpolicies' (#30 ) from feature/default-namespace-same-as-firewallpolicy-namespace-when-referring-firewallgroup into main All checks were successful Publish / build (push) Successful in 2m1s Details Reviewed-on: #30	2025-06-28 16:38:11 +00:00
Vegard Engen	938d53fa8f	Fix namespace matching for firewallgroups in firewallpolicies All checks were successful Build project / build (push) Successful in 1m55s Details Publish / build (push) Successful in 2m5s Details	2025-06-28 18:33:54 +02:00
Vegard Engen	768c61020e	Merge pull request 'feature/add-namespace-to-firewallgroup-and-firewallpolicy-resources' (#29 ) from feature/add-namespace-to-firewallgroup-and-firewallpolicy-resources into main All checks were successful Publish / build (push) Successful in 1m58s Details Reviewed-on: #29	2025-06-27 15:48:14 +00:00