calico: calicoctl convert does not successfully convert selector field
Expected Behavior
c convert --filename allow-egress-pods.yaml --output yaml
apiVersion: projectcalico.org/v3
kind: GlobalNetworkPolicy
metadata:
creationTimestamp: null
name: allow-egress-pods
spec:
egress:
- action: Allow
destination:
ports:
- 53
- 10250
protocol: UDP
source: {}
- action: Allow
destination:
ports:
- 53
- 10250
protocol: TCP
source: {}
- action: Allow
destination:
selector: has(calico/k8s_ns)
source: {}
- action: Allow
destination:
notNets:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
source: {}
order: 1500
selector: has(projectcalico.org/namespace)
types:
- Egress
I expect selector at the end of the file to be has(calico/k8s_ns). Instead, the convert operation changes it to has(projectcalico.org/namespace).
Steps to Reproduce (for bugs)
To reproduce, run convert, output YAML on this file:
- apiVersion: v1
kind: policy
metadata:
name: allow-egress-pods
spec:
egress:
- action: allow
protocol: udp
destination:
ports:
- 53
- 10250
source: {}
- action: allow
protocol: tcp
destination:
ports:
- 53
- 10250
source: {}
- action: allow
destination:
selector: has(calico/k8s_ns)
source: {}
- action: allow
destination:
notNets:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
source: {}
order: 1500
selector: has(calico/k8s_ns)
types:
- egress
Your Environment
- Calico version 1.6.3 to 3.1.1
- Orchestrator version (e.g. kubernetes, mesos, rkt): kubernetes
- Operating System and version: macOS 10.13.16
- cloud env: IBM Cloud
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 15 (8 by maintainers)
Thanks for following up @caseydavenport . Someone w/dev reviewed 3.2.2 and confirmed that it addresses this issue.
Apologies. Re: Version, I meant calicoctl version 1.6.3. Calico version is 2.6.5
When I run that command in the v3 cluster, I get: