Move NetworkPolicyQueryFilter

From pkg/apis/controlplane/v1beta1/types.go
To pkg/querier/querier.go

pkg/agent/apiserver/handlers/networkpolicy/handler.go

@@ -19,13 +19,14 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/vmware-tanzu/antrea/pkg/agent/querier"
+	agentquerier "github.com/vmware-tanzu/antrea/pkg/agent/querier"
 	cpv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1"
+	"github.com/vmware-tanzu/antrea/pkg/querier"
 )
 
 // HandleFunc creates a http.HandlerFunc which uses an AgentNetworkPolicyInfoQuerier
 // to query network policy rules in current agent.
-func HandleFunc(aq querier.AgentQuerier) http.HandlerFunc {
+func HandleFunc(aq agentquerier.AgentQuerier) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		npFilter := NewFilterFromURLQuery(r.URL.Query())
 
@@ -69,8 +70,8 @@ var mapToNetworkPolicyType = map[string]cpv1beta1.NetworkPolicyType{
 }
 
 // Create a Network Policy Filter from URL Query
-func NewFilterFromURLQuery(query url.Values) *cpv1beta1.NetworkPolicyQueryFilter {
-	return &cpv1beta1.NetworkPolicyQueryFilter{
+func NewFilterFromURLQuery(query url.Values) *querier.NetworkPolicyQueryFilter {
+	return &querier.NetworkPolicyQueryFilter{
 		Name:       query.Get("name"),
 		Namespace:  query.Get("namespace"),
 		Pod:        query.Get("pod"),

pkg/agent/apiserver/handlers/ovsflows/handler.go

@@ -22,18 +22,18 @@ import (
 	"k8s.io/klog"
 
 	"github.com/vmware-tanzu/antrea/pkg/agent/openflow"
-	"github.com/vmware-tanzu/antrea/pkg/agent/querier"
+	agentquerier "github.com/vmware-tanzu/antrea/pkg/agent/querier"
 	"github.com/vmware-tanzu/antrea/pkg/antctl/transform/common"
-	cpv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1"
 	binding "github.com/vmware-tanzu/antrea/pkg/ovs/openflow"
+	"github.com/vmware-tanzu/antrea/pkg/querier"
 )
 
 // Response is the response struct of ovsflows command.
 type Response struct {
 	Flow string `json:"flow,omitempty"`
 }
 
-func dumpMatchedFlows(aq querier.AgentQuerier, flowKeys []string) ([]Response, error) {
+func dumpMatchedFlows(aq agentquerier.AgentQuerier, flowKeys []string) ([]Response, error) {
 	resps := []Response{}
 	for _, f := range flowKeys {
 		flowStr, err := aq.GetOVSCtlClient().DumpMatchedFlow(f)
@@ -48,7 +48,7 @@ func dumpMatchedFlows(aq querier.AgentQuerier, flowKeys []string) ([]Response, e
 	return resps, nil
 }
 
-func dumpFlows(aq querier.AgentQuerier, table binding.TableIDType) ([]Response, error) {
+func dumpFlows(aq agentquerier.AgentQuerier, table binding.TableIDType) ([]Response, error) {
 	resps := []Response{}
 	var flowStrs []string
 	var err error
@@ -68,7 +68,7 @@ func dumpFlows(aq querier.AgentQuerier, table binding.TableIDType) ([]Response,
 
 // nil is returned if the flow table can not be found (the passed table name or
 // number is invalid).
-func getTableFlows(aq querier.AgentQuerier, table string) ([]Response, error) {
+func getTableFlows(aq agentquerier.AgentQuerier, table string) ([]Response, error) {
 	var tableNumber binding.TableIDType
 	// Table nubmer is a 8-bit unsigned integer.
 	n, err := strconv.ParseUint(table, 10, 8)
@@ -86,7 +86,7 @@ func getTableFlows(aq querier.AgentQuerier, table string) ([]Response, error) {
 	return dumpFlows(aq, tableNumber)
 }
 
-func getPodFlows(aq querier.AgentQuerier, podName, namespace string) ([]Response, error) {
+func getPodFlows(aq agentquerier.AgentQuerier, podName, namespace string) ([]Response, error) {
 	interfaces := aq.GetInterfaceStore().GetContainerInterfacesByPod(podName, namespace)
 	if len(interfaces) == 0 {
 		return nil, nil
@@ -97,8 +97,8 @@ func getPodFlows(aq querier.AgentQuerier, podName, namespace string) ([]Response
 
 }
 
-func getNetworkPolicyFlows(aq querier.AgentQuerier, npName, namespace string) ([]Response, error) {
-	if aq.GetNetworkPolicyInfoQuerier().GetNetworkPolicy(cpv1beta1.NetworkPolicyQueryFilter{Name: npName, Namespace: namespace}) == nil {
+func getNetworkPolicyFlows(aq agentquerier.AgentQuerier, npName, namespace string) ([]Response, error) {
+	if aq.GetNetworkPolicyInfoQuerier().GetNetworkPolicy(querier.NetworkPolicyQueryFilter{Name: npName, Namespace: namespace}) == nil {
 		// NetworkPolicy not found.
 		return nil, nil
 	}
@@ -108,7 +108,7 @@ func getNetworkPolicyFlows(aq querier.AgentQuerier, npName, namespace string) ([
 }
 
 // HandleFunc returns the function which can handle API requests to "/ovsflows".
-func HandleFunc(aq querier.AgentQuerier) http.HandlerFunc {
+func HandleFunc(aq agentquerier.AgentQuerier) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		var err error
 		var resps []Response

pkg/agent/apiserver/handlers/ovsflows/handler_test.go

@@ -26,10 +26,11 @@ import (
 	"github.com/vmware-tanzu/antrea/pkg/agent/interfacestore"
 	interfacestoretest "github.com/vmware-tanzu/antrea/pkg/agent/interfacestore/testing"
 	oftest "github.com/vmware-tanzu/antrea/pkg/agent/openflow/testing"
-	"github.com/vmware-tanzu/antrea/pkg/agent/querier"
+	agentquerier "github.com/vmware-tanzu/antrea/pkg/agent/querier"
 	aqtest "github.com/vmware-tanzu/antrea/pkg/agent/querier/testing"
 	cpv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1"
 	ovsctltest "github.com/vmware-tanzu/antrea/pkg/ovs/ovsctl/testing"
+	"github.com/vmware-tanzu/antrea/pkg/querier"
 	queriertest "github.com/vmware-tanzu/antrea/pkg/querier/testing"
 )
 
@@ -146,15 +147,15 @@ func TestNetworkPolicyFlows(t *testing.T) {
 		if tc.expectedStatus != http.StatusNotFound {
 			ofc := oftest.NewMockClient(ctrl)
 			ovsctl := ovsctltest.NewMockOVSCtlClient(ctrl)
-			npq.EXPECT().GetNetworkPolicy(cpv1beta1.NetworkPolicyQueryFilter{Name: tc.name, Namespace: tc.namespace}).Return(testNetworkPolicy).Times(1)
+			npq.EXPECT().GetNetworkPolicy(querier.NetworkPolicyQueryFilter{Name: tc.name, Namespace: tc.namespace}).Return(testNetworkPolicy).Times(1)
 			ofc.EXPECT().GetNetworkPolicyFlowKeys(tc.name, tc.namespace).Return(testFlowKeys).Times(1)
 			q.EXPECT().GetOpenflowClient().Return(ofc).Times(1)
 			q.EXPECT().GetOVSCtlClient().Return(ovsctl).Times(len(testFlowKeys))
 			for i := range testFlowKeys {
 				ovsctl.EXPECT().DumpMatchedFlow(testFlowKeys[i]).Return(testDumpResults[i], nil).Times(1)
 			}
 		} else {
-			npq.EXPECT().GetNetworkPolicy(cpv1beta1.NetworkPolicyQueryFilter{Name: tc.name, Namespace: tc.namespace}).Return(nil).Times(1)
+			npq.EXPECT().GetNetworkPolicy(querier.NetworkPolicyQueryFilter{Name: tc.name, Namespace: tc.namespace}).Return(nil).Times(1)
 		}
 
 		runHTTPTest(t, &tc, q)
@@ -189,7 +190,7 @@ func TestTableFlows(t *testing.T) {
 
 }
 
-func runHTTPTest(t *testing.T, tc *testCase, aq querier.AgentQuerier) {
+func runHTTPTest(t *testing.T, tc *testCase, aq agentquerier.AgentQuerier) {
 	handler := HandleFunc(aq)
 	req, err := http.NewRequest(http.MethodGet, tc.query, nil)
 	assert.Nil(t, err)

pkg/agent/controller/networkpolicy/cache.go

@@ -31,6 +31,7 @@ import (
 	"github.com/vmware-tanzu/antrea/pkg/agent/metrics"
 	"github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1"
 	secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1"
+	"github.com/vmware-tanzu/antrea/pkg/querier"
 )
 
 const (
@@ -152,7 +153,7 @@ type ruleCache struct {
 	podUpdates <-chan v1beta1.PodReference
 }
 
-func (c *ruleCache) getNetworkPolicies(npFilter v1beta1.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
+func (c *ruleCache) getNetworkPolicies(npFilter querier.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
 	var ret []v1beta1.NetworkPolicy
 	c.policyMapLock.RLock()
 	defer c.policyMapLock.RUnlock()
@@ -165,15 +166,15 @@ func (c *ruleCache) getNetworkPolicies(npFilter v1beta1.NetworkPolicyQueryFilter
 }
 
 // If this npr(Network Policy Reference) can match the npFilter(Network Policy Filter)
-func (c *ruleCache) networkPolicyMatchFilter(npFilter v1beta1.NetworkPolicyQueryFilter, npr v1beta1.NetworkPolicyReference) bool {
+func (c *ruleCache) networkPolicyMatchFilter(npFilter querier.NetworkPolicyQueryFilter, npr v1beta1.NetworkPolicyReference) bool {
 	return (npFilter.Name == "" || npFilter.Name == npr.Name) &&
 		(npFilter.Namespace == "" || npFilter.Namespace == npr.Namespace) &&
 		(npFilter.SourceType == "" || string(npFilter.SourceType) == string(npr.Type))
 }
 
 // getNetworkPolicy looks up and returns the cached NetworkPolicy.
 // nil is returned if the specified NetworkPolicy is not found.
-func (c *ruleCache) getNetworkPolicy(npFilter v1beta1.NetworkPolicyQueryFilter) *v1beta1.NetworkPolicy {
+func (c *ruleCache) getNetworkPolicy(npFilter querier.NetworkPolicyQueryFilter) *v1beta1.NetworkPolicy {
 	var npUID string
 	c.policyMapLock.Lock()
 	defer c.policyMapLock.Unlock()
@@ -231,7 +232,7 @@ func addRuleToNetworkPolicy(np *v1beta1.NetworkPolicy, rule *rule) *v1beta1.Netw
 
 }
 
-func (c *ruleCache) getAppliedNetworkPolicies(pod, namespace string, npFilter v1beta1.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
+func (c *ruleCache) getAppliedNetworkPolicies(pod, namespace string, npFilter querier.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
 	var groups []string
 	memberPod := &v1beta1.GroupMemberPod{Pod: &v1beta1.PodReference{Name: pod, Namespace: namespace}}
 	c.podSetLock.RLock()

pkg/agent/controller/networkpolicy/networkpolicy_controller.go

@@ -32,6 +32,7 @@ import (
 	"github.com/vmware-tanzu/antrea/pkg/agent/interfacestore"
 	"github.com/vmware-tanzu/antrea/pkg/agent/openflow"
 	"github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1"
+	"github.com/vmware-tanzu/antrea/pkg/querier"
 )
 
 const (
@@ -266,18 +267,18 @@ func (c *Controller) GetAppliedToGroupNum() int {
 // GetNetworkPolicies returns the requested NetworkPolicies.
 // This func will return all NetworkPolicies that can match all provided attributes in NetworkPolicyQueryFilter.
 // These not provided attributes in NetworkPolicyQueryFilter means match all.
-func (c *Controller) GetNetworkPolicies(npFilter v1beta1.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
+func (c *Controller) GetNetworkPolicies(npFilter querier.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
 	return c.ruleCache.getNetworkPolicies(npFilter)
 }
 
 // GetAppliedToNetworkPolicies returns the NetworkPolicies applied to the Pod and match the filter.
-func (c *Controller) GetAppliedNetworkPolicies(pod, namespace string, npFilter v1beta1.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
+func (c *Controller) GetAppliedNetworkPolicies(pod, namespace string, npFilter querier.NetworkPolicyQueryFilter) []v1beta1.NetworkPolicy {
 	return c.ruleCache.getAppliedNetworkPolicies(pod, namespace, npFilter)
 }
 
 // GetNetworkPolicy looks up and returns the cached NetworkPolicy which first match the filter.
 // nil is returned if the specified NetworkPolicy is not found.
-func (c *Controller) GetNetworkPolicy(npFilter v1beta1.NetworkPolicyQueryFilter) *v1beta1.NetworkPolicy {
+func (c *Controller) GetNetworkPolicy(npFilter querier.NetworkPolicyQueryFilter) *v1beta1.NetworkPolicy {
 	return c.ruleCache.getNetworkPolicy(npFilter)
 }
 

pkg/agent/controller/networkpolicy/networkpolicy_controller_test.go

@@ -34,6 +34,7 @@ import (
 	"github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1"
 	"github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned"
 	"github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/fake"
+	"github.com/vmware-tanzu/antrea/pkg/querier"
 )
 
 const testNamespace = "ns1"
@@ -203,7 +204,7 @@ func TestAddSingleGroupRule(t *testing.T) {
 		t.Fatalf("Expected no update, got %v", ruleID)
 	case <-time.After(time.Millisecond * 100):
 	}
-	assert.Equal(t, policy1, controller.GetNetworkPolicy(v1beta1.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}))
+	assert.Equal(t, policy1, controller.GetNetworkPolicy(querier.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}))
 	assert.Equal(t, 1, controller.GetNetworkPolicyNum())
 	assert.Equal(t, 0, controller.GetAddressGroupNum())
 	assert.Equal(t, 0, controller.GetAppliedToGroupNum())
@@ -286,7 +287,7 @@ func TestAddMultipleGroupsRule(t *testing.T) {
 		t.Fatalf("Expected no update, got %v", ruleID)
 	case <-time.After(time.Millisecond * 100):
 	}
-	assert.Equal(t, policy1, controller.GetNetworkPolicy(v1beta1.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}))
+	assert.Equal(t, policy1, controller.GetNetworkPolicy(querier.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}))
 	assert.Equal(t, 1, controller.GetNetworkPolicyNum())
 	assert.Equal(t, 1, controller.GetAddressGroupNum())
 	assert.Equal(t, 1, controller.GetAppliedToGroupNum())
@@ -451,8 +452,8 @@ func TestAddNetworkPolicyWithMultipleRules(t *testing.T) {
 			t.Fatal("Expected two rule updates, got timeout")
 		}
 	}
-	assert.ElementsMatch(t, policy1.Rules, controller.GetNetworkPolicy(v1beta1.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}).Rules)
-	assert.ElementsMatch(t, policy1.AppliedToGroups, controller.GetNetworkPolicy(v1beta1.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}).AppliedToGroups)
+	assert.ElementsMatch(t, policy1.Rules, controller.GetNetworkPolicy(querier.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}).Rules)
+	assert.ElementsMatch(t, policy1.AppliedToGroups, controller.GetNetworkPolicy(querier.NetworkPolicyQueryFilter{Name: policy1.Name, Namespace: policy1.Namespace}).AppliedToGroups)
 	assert.Equal(t, 1, controller.GetNetworkPolicyNum())
 	assert.Equal(t, 2, controller.GetAddressGroupNum())
 	assert.Equal(t, 1, controller.GetAppliedToGroupNum())
@@ -508,7 +509,7 @@ func TestNetworkPolicyMetrics(t *testing.T) {
 		egressRuleCount := 0
 
 		// Get all networkpolicies
-		networkpolicies := controller.GetNetworkPolicies(v1beta1.NetworkPolicyQueryFilter{})
+		networkpolicies := controller.GetNetworkPolicies(querier.NetworkPolicyQueryFilter{})
 		for _, networkpolicy := range networkpolicies {
 			for _, rule := range networkpolicy.Rules {
 				if rule.Direction == v1beta1.DirectionIn {