jenrik · April 7, 2025 08:31
diff --git a/reach.sh b/reach.sh
 #!/usr/bin/env bash
 set -e

 # Description:
 # Check which NetworkPolicies, if any, that block connection between to workloads in a Kubernetes cluster

 # Requires: https://github.com/kubernetes-sigs/network-policy-api/tree/main/cmd/policy-assistant
 # Requires: fzf

 SRC_NS="$(kubectl get ns -o custom-columns='NAME:.metadata.name' --no-headers | fzf --height ~50% --prompt "SRC Namespace> " --border)"
 SRC_TYPE="$(printf "pod\ndeployment\nstatefulset\ndaemonset" | fzf --height ~50% --prompt "SRC Type> " --border)"
 SRC_NAME="$(kubectl get "$SRC_TYPE" -n "$SRC_NS" -o custom-columns='NAME:.metadata.name' --no-headers | fzf --height ~50% --prompt "SRC Name> " --border)"

 DST_NS="$(kubectl get ns -o custom-columns='NAME:.metadata.name' --no-headers | fzf --height ~50% --prompt "DST Namespace> " --border)"
 DST_TYPE="$(printf "pod\ndeployment\nstatefulset\ndaemonset" | fzf --height ~50% --prompt "DST Type> " --border)"
 DST_NAME="$(kubectl get "$DST_TYPE" -n "$DST_NS" -o custom-columns='NAME:.metadata.name' --no-headers | fzf --height ~50% --prompt "DST Name> " --border)"

 echo -n "Port> "
 read PORT
 PROTO="$(printf "TCP\nUDP" | fzf --height ~50% --prompt "Protocol> " --border)"

 policy-assistant analyze --mode=walkthrough --src-workload "$SRC_NS/$SRC_TYPE/$SRC_NAME" --dst-workload "$DST_NS/$DST_TYPE/$DST_NAME" --protocol "$PROTO" --port "$PORT"
	#!/usr/bin/env bash
	set -e

	# Description:
	# Check which NetworkPolicies, if any, that block connection between to workloads in a Kubernetes cluster

	# Requires: https://github.com/kubernetes-sigs/network-policy-api/tree/main/cmd/policy-assistant
	# Requires: fzf

	SRC_NS="$(kubectl get ns -o custom-columns='NAME:.metadata.name' --no-headers \| fzf --height ~50% --prompt "SRC Namespace> " --border)"
	SRC_TYPE="$(printf "pod\ndeployment\nstatefulset\ndaemonset" \| fzf --height ~50% --prompt "SRC Type> " --border)"
	SRC_NAME="$(kubectl get "$SRC_TYPE" -n "$SRC_NS" -o custom-columns='NAME:.metadata.name' --no-headers \| fzf --height ~50% --prompt "SRC Name> " --border)"

	DST_NS="$(kubectl get ns -o custom-columns='NAME:.metadata.name' --no-headers \| fzf --height ~50% --prompt "DST Namespace> " --border)"
	DST_TYPE="$(printf "pod\ndeployment\nstatefulset\ndaemonset" \| fzf --height ~50% --prompt "DST Type> " --border)"
	DST_NAME="$(kubectl get "$DST_TYPE" -n "$DST_NS" -o custom-columns='NAME:.metadata.name' --no-headers \| fzf --height ~50% --prompt "DST Name> " --border)"

	echo -n "Port> "
	read PORT
	PROTO="$(printf "TCP\nUDP" \| fzf --height ~50% --prompt "Protocol> " --border)"

	policy-assistant analyze --mode=walkthrough --src-workload "$SRC_NS/$SRC_TYPE/$SRC_NAME" --dst-workload "$DST_NS/$DST_TYPE/$DST_NAME" --protocol "$PROTO" --port "$PORT"