9c2fcbc3e3
After applying a Network Policy and updating an existent Service so that all 'targetPorts' are allowed by the policy, the SG rules are not being created with the required 'remote_ip_prefix'. Also, when the service is again updated with a 'targetPort' that is not allowed by the policy the respective SG rule is not deleted. This commit fixes the issue by associating 'targetPort' field to the 'LBaaSPortSpec' versioned object, which allows Kuryr to accounts for changes in not only 'name', 'port' and 'protocol' Kubernetes services' fields, but also 'targetPorts'. In addition, the LBaaS SG from the LBaaS state annotation is updated to match the SG stated in the LBaaS spec annotation, which has the updated SG to be applied. Closes-Bug: #1814920 Change-Id: Ifcdd1889a813c1eb078064facfb2ede83a179887 |
||
---|---|---|
.. | ||
__init__.py | ||
base.py | ||
fields.py | ||
lbaas.py | ||
route.py | ||
vif.py |