Implements option #3 (npep-187: More protocols support)

[bowei]

Changes to implement option #3 for the port matching

Example (from #297)

apiVersion: policy.networking.k8s.io/v1alpha2
kind: ClusterNetworkPolicy
metadata:
  name: cluster-wide-deny
spec:
  tier: Admin
  priority: 0
  subject:
    namespaces:
      matchLabels:
        kubernetes.io/metadata.name: sensitive-ns
  ingress:
    - action: Deny
      name: select-all-deny-all
      from:
      - pods:
          namespaceSelector:
            matchLabels: {}
          podSelector:
            matchLabels: {}
  protocols:
    - tcp:
        destinationPort:
          number: 8080
        flags: [syn] # future extension example
    - tcp:
        destinationPort:
          range:
            start: 8080
            end: 9090
    - udp:
        destinationPort:
          number: 8080
    - udp:
        destinationPort:
          number: 9090
    - namedPort: http
    - namedPort: monitoring
    - icmp: # that doesn't exist yet, but may be added
        type: 7
        code: 3

[netlify]

✅ Deploy Preview for kubernetes-sigs-network-policy-api ready!

Name	Link
🔨 Latest commit	78dea92
🔍 Latest deploy log	https://app.netlify.com/projects/kubernetes-sigs-network-policy-api/deploys/6982f33b41b93800084af276
😎 Deploy Preview	https://deploy-preview-347--kubernetes-sigs-network-policy-api.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[npinaeva]

i think we are missing +optional or +required tags on most new fields?

[bowei]

i think we are missing +optional or +required tags on most new fields?

I think I fixed all of the instances -- please take a look.

[bowei]

Updated to incorporate all code review feedback.

[danwinship]

One nitpick but I think this is good to go.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bowei, danwinship

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [danwinship]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[danwinship]

Conformance failure is expected at this point until we update kube-network-policies, right? Meaning, this is ready to merge?

[bowei]

Yes, I think so. I have the draft for fixing kube-network-policies as well, so hopefully we can get everything back green very soon.

[aojea]

Yes, I think so. I have the draft for fixing kube-network-policies as well, so hopefully we can get everything back green very soon.

@bowei @danwinship is this the reason why the github actions is failing on kube-network-policies? https://github.com/kubernetes-sigs/kube-network-policies/actions?query=e2e_npa