Open
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new networkpolicy primitive to the operator-component-framework, providing a static resource wrapper + builder/mutator pipeline (with typed spec editor support), along with documentation and a runnable example demonstrating feature-gated composition of NetworkPolicy rules.
Changes:
- Introduces
pkg/primitives/networkpolicywithResource,Builder,Mutator, and field-application flavors. - Adds a shared
NetworkPolicySpecEditorunderpkg/mutation/editorswith unit tests. - Adds documentation (
docs/primitives/networkpolicy.md) and a complete example (examples/networkpolicy-primitive/).
Reviewed changes
Copilot reviewed 15 out of 15 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/primitives/networkpolicy/resource.go | Static resource wrapper + default field applicator for NetworkPolicy. |
| pkg/primitives/networkpolicy/builder.go | Fluent builder for configuring mutations, flavors, and extractors. |
| pkg/primitives/networkpolicy/mutator.go | Plan-and-apply mutator with feature boundaries + typed edit hooks. |
| pkg/primitives/networkpolicy/flavors.go | NetworkPolicy-specific wrappers around generic “preserve current” flavors. |
| pkg/primitives/networkpolicy/builder_test.go | Builder validation and option-wiring tests. |
| pkg/primitives/networkpolicy/mutator_test.go | Mutator behavior/order/error-propagation tests. |
| pkg/primitives/networkpolicy/flavors_test.go | Flavor behavior + integration tests via Resource.Mutate. |
| pkg/mutation/editors/networkpolicyspec.go | New shared typed editor for NetworkPolicySpec. |
| pkg/mutation/editors/networkpolicyspec_test.go | Unit tests for NetworkPolicySpecEditor. |
| docs/primitives/networkpolicy.md | New primitive documentation (builder usage, mutations, ordering, flavors). |
| examples/networkpolicy-primitive/app/controller.go | Example controller wiring the primitive into a component. |
| examples/networkpolicy-primitive/features/mutations.go | Example feature mutations for ingress/egress + version label. |
| examples/networkpolicy-primitive/resources/networkpolicy.go | Example resource factory assembling the primitive configuration. |
| examples/networkpolicy-primitive/main.go | Runnable demo using a fake client and multiple reconciliation passes. |
| examples/networkpolicy-primitive/README.md | Example overview and run instructions. |
Owner
Author
Claude Review Cycle 1 CompleteAddressed:
Intentionally ignored:
|
sourcehawk
commented
Mar 22, 2026
Owner
Author
|
approved |
Owner
Author
Claude Review Cycle 1 CompleteAddressed:
Intentionally ignored: <!-- claude-review-cycle --> |
Owner
Author
Claude Review Cycle 1 CompleteAddressed:
Intentionally ignored:
<!-- claude-review-cycle --> |
Implements the NetworkPolicy static primitive following the configmap reference pattern. Includes NetworkPolicySpecEditor tests, typed mutator with plan-and-apply pattern, and PreserveCurrentLabels/Annotations flavors. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Demonstrates HTTP ingress, boolean-gated metrics ingress, DNS egress, version labels, and PreserveCurrentLabels flavor. The DefaultFieldApplicator preserves ResourceVersion across reconcile cycles. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The NetworkPolicySpecEditor was referenced by tests and the networkpolicy primitive but was never committed, causing build failures in CI. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Owner
Author
Claude Review Cycle 2 CompleteAddressed:
Intentionally ignored: <!-- claude-review-cycle --> |
Replace "avoids unnecessary version parsing" with "do not need feature-gate evaluation" since version parsing does not occur simply from using a non-nil feature. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Owner
Author
Claude Review Cycle 3 CompleteAddressed:
Intentionally ignored: <!-- claude-review-cycle --> |
…ction Align with the configmap and deployment mutators: NewMutator no longer creates a default feature plan. BeginFeature must be called before registering any mutations. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…mitive Align with the framework's switch to Server-Side Apply (SSA). Remove DefaultFieldApplicator, WithCustomFieldApplicator, WithFieldApplicationFlavor, FieldApplicationFlavor, flavors.go, and flavors_test.go. Update builder to drop the defaultApplicator parameter, update tests to use Object() output instead of empty structs for Mutate(), and strip field applicator and flavor sections from primitive docs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Comment on lines
+48
to
+50
| // 4. Preserve labels added by external controllers. | ||
| builder.WithFieldApplicationFlavor(networkpolicy.PreserveCurrentLabels) | ||
|
|
There was a problem hiding this comment.
Builder currently has no WithFieldApplicationFlavor method, and the networkpolicy package doesn't define PreserveCurrentLabels. As written, this example won't compile with go build ./examples/... (Makefile build-examples). Either remove this call or add the missing builder API and flavor implementation in pkg/primitives/networkpolicy (matching whatever mechanism other primitives use).
Comment on lines
+9
to
+10
| - **Metadata Mutations**: Setting version labels on the NetworkPolicy via `EditObjectMetadata`. | ||
| - **Field Flavors**: Preserving labels managed by external controllers using `PreserveCurrentLabels`. |
There was a problem hiding this comment.
This README claims the example uses PreserveCurrentLabels, but there is no such symbol in pkg/primitives/networkpolicy, and the example code currently references a non-existent WithFieldApplicationFlavor API. Please update the README to match the actual, compilable example (or implement the missing flavor API/symbols).
Suggested change
| - **Metadata Mutations**: Setting version labels on the NetworkPolicy via `EditObjectMetadata`. | |
| - **Field Flavors**: Preserving labels managed by external controllers using `PreserveCurrentLabels`. | |
| - **Metadata Mutations**: Setting version labels on the NetworkPolicy via metadata editors. | |
| - **Label Coexistence**: Demonstrating how label updates from this component can coexist with labels managed by other controllers. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implements the
networkpolicyKubernetes resource primitive following the pattern established by the existingConfigMapandDeploymentprimitives.Summary
networkpolicyprimitive package underpkg/primitives/networkpolicy/NetworkPolicySpecEditorin sharedpkg/mutation/editors/packagedocs/primitives.mdwith networkpolicy entry and addsdocs/primitives/networkpolicy.mdChecklist