Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
policy: Track source policy rules in MapStateEntry
This commit allows us to track the policies for which a certain policy map entry has been created. It is implemented by copying over the `DerivedFromRules` from the merged ingress/egress filters to the user-space representation of the policy map state. These entries are then moved over into the `realizedPolicy` of each endpoint when the policy maps are synced. Since the order of the `DerivedFromRules` rules is not deterministic, we create a sorted copy of each LabelArrayList. Default entries such as `AllowAnyIngress`, `AllowAnyEgress` and `AllowLocalHostIngress` are annotated with artificial labels (of label source `reserved`). Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
- Loading branch information