From d086841ab9870979f68e97362e91262ea0dfbbbd Mon Sep 17 00:00:00 2001
From: Aaron U'Ren <aauren@gmail.com>
Date: Thu, 9 May 2024 16:53:13 -0500
Subject: [PATCH] fact(ipset): simplify cleanup code by reducing family
 complexity

---
 .../netpol/network_policy_controller.go       | 24 +++++--------------
 pkg/utils/ipset.go                            |  5 ++++
 2 files changed, 11 insertions(+), 18 deletions(-)

diff --git a/pkg/controllers/netpol/network_policy_controller.go b/pkg/controllers/netpol/network_policy_controller.go
index 92f960f4f1..a6addb4356 100644
--- a/pkg/controllers/netpol/network_policy_controller.go
+++ b/pkg/controllers/netpol/network_policy_controller.go
@@ -684,28 +684,16 @@ func (npc *NetworkPolicyController) cleanupStaleIPSets(activePolicyIPSets map[st
 		}()
 	}
 
-	for ipFamily, ipsets := range npc.ipSetHandlers {
+	for _, ipsets := range npc.ipSetHandlers {
 		cleanupPolicyIPSets := make([]*utils.Set, 0)
-
 		if err := ipsets.Save(); err != nil {
 			klog.Fatalf("failed to initialize ipsets command executor due to %s", err.Error())
 		}
-		if ipFamily == v1core.IPv6Protocol {
-			for _, set := range ipsets.Sets() {
-				if strings.HasPrefix(set.Name, fmt.Sprintf("%s:%s", utils.FamillyInet6, kubeSourceIPSetPrefix)) ||
-					strings.HasPrefix(set.Name, fmt.Sprintf("%s:%s", utils.FamillyInet6, kubeDestinationIPSetPrefix)) {
-					if _, ok := activePolicyIPSets[set.Name]; !ok {
-						cleanupPolicyIPSets = append(cleanupPolicyIPSets, set)
-					}
-				}
-			}
-		} else {
-			for _, set := range ipsets.Sets() {
-				if strings.HasPrefix(set.Name, kubeSourceIPSetPrefix) ||
-					strings.HasPrefix(set.Name, kubeDestinationIPSetPrefix) {
-					if _, ok := activePolicyIPSets[set.Name]; !ok {
-						cleanupPolicyIPSets = append(cleanupPolicyIPSets, set)
-					}
+		for _, set := range ipsets.Sets() {
+			if set.HasPrefix(kubeSourceIPSetPrefix) ||
+				set.HasPrefix(kubeDestinationIPSetPrefix) {
+				if _, ok := activePolicyIPSets[set.Name]; !ok {
+					cleanupPolicyIPSets = append(cleanupPolicyIPSets, set)
 				}
 			}
 		}
diff --git a/pkg/utils/ipset.go b/pkg/utils/ipset.go
index 37c1a0f586..3329ed95ce 100644
--- a/pkg/utils/ipset.go
+++ b/pkg/utils/ipset.go
@@ -439,6 +439,11 @@ func (ipset *IPSet) Name(setName string) string {
 	return IPSetName(setName, ipset.isIpv6)
 }
 
+func (set *Set) HasPrefix(prefix string) bool {
+	fullPrefix := IPSetName(prefix, set.Parent.isIpv6)
+	return strings.HasPrefix(set.name(), fullPrefix)
+}
+
 func (set *Set) name() string {
 	return set.Parent.Name(set.Name)
 }