From d599fd486b7c7b0b473e051883c71b345b634f5e Mon Sep 17 00:00:00 2001
From: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>
Date: Tue, 14 Nov 2023 09:01:17 +1100
Subject: [PATCH] fix: address feedback

Signed-off-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>
---
 README.md                          | 13 ++++++++++---
 advisor/pkg/api/pod_traffic.go     | 17 +++++++++++------
 advisor/pkg/k8s/networkpolicies.go | 14 ++------------
 3 files changed, 23 insertions(+), 21 deletions(-)

diff --git a/README.md b/README.md
index 2572e0da0..01dc2aeaa 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,6 @@ Xentra is a powerful kubectl plugin designed to enhance the security of your Kub
   - [📦 Installation](#-installation)
   - [🔨 Usage](#-usage)
     - [🔒 Generate Network Policies](#-generate-network-policies)
-    - [🛡️ Generate Seccomp Profiles](#️-generate-seccomp-profiles)
   - [🤝 Contributing](#-contributing)
   - [📄 License](#-license)
   - [🙏 Acknowledgments](#-acknowledgments)
@@ -55,14 +54,22 @@ mv advisor /usr/local/bin/kubectl-advisor
 
 ### 🔒 Generate Network Policies
 
+Create a network policy for a single pod in a namespace
+
 ```bash
 kubectl advisor gen networkpolicy [pod-name] --namespace [namespace-name]
 ```
 
-### 🛡️ Generate Seccomp Profiles
+Create a network policy for a all pod(s) in a namespace
+
+```bash
+kubectl advisor gen networkpolicy --namespace [namespace-name] --all
+```
+
+Create a network policy for a all pod(s) in all namespace(s)
 
 ```bash
-kubectl advisor gen seccomp [pod-name] --namespace [namespace-name]
+kubectl advisor gen networkpolicy -A
 ```
 
 For more details on the commands:
diff --git a/advisor/pkg/api/pod_traffic.go b/advisor/pkg/api/pod_traffic.go
index eee7e8ed1..19e248e1e 100644
--- a/advisor/pkg/api/pod_traffic.go
+++ b/advisor/pkg/api/pod_traffic.go
@@ -66,15 +66,15 @@ func GetPodTraffic(podName string) ([]PodTraffic, error) {
 
 	// Parse the JSON response and unmarshal it into the Go struct.
 	if err := json.Unmarshal([]byte(body), &podTraffic); err != nil {
-		log.Warn().Err(err).Msg("Error unmarshal JSON")
+		log.Error().Err(err).Msg("Error unmarshal JSON")
 		return nil, err
 	}
 
-	// If no pod traffic is found, return nil
+	// If no pod traffic is found, return err
 	if len(podTraffic) == 0 {
-		log.Warn().Err(err).Msg("No pod traffic found in database")
-		return nil, nil
+		return nil, fmt.Errorf("No pod traffic found in database")
 	}
+
 	return podTraffic, nil
 }
 
@@ -98,7 +98,7 @@ func GetPodSpec(ip string) (*PodDetail, error) {
 		return nil, nil
 	}
 
-	var details PodDetail
+	var details *PodDetail
 
 	// Parse the JSON response and unmarshal it into the Go struct.
 	if err := json.NewDecoder(resp.Body).Decode(&details); err != nil {
@@ -106,7 +106,12 @@ func GetPodSpec(ip string) (*PodDetail, error) {
 		return nil, err
 	}
 
-	return &details, nil
+	// If no pod details are found, return err
+	if details == nil {
+		return nil, fmt.Errorf("no pod traffic found in database")
+	}
+
+	return details, nil
 }
 
 func GetSvcSpec(svcIp string) (*SvcDetail, error) {
diff --git a/advisor/pkg/k8s/networkpolicies.go b/advisor/pkg/k8s/networkpolicies.go
index a1e7a2fb6..ba8a25882 100644
--- a/advisor/pkg/k8s/networkpolicies.go
+++ b/advisor/pkg/k8s/networkpolicies.go
@@ -87,22 +87,12 @@ func GenerateNetworkPolicy(options GenerateOptions, config *Config) {
 			continue
 		}
 
-		if podTraffic == nil {
-			log.Error().Msgf("No pod traffic found for pod %s\n", pod.Name)
-			continue
-		}
-
 		podDetail, err := api.GetPodSpec(podTraffic[0].SrcIP)
 		if err != nil {
 			log.Error().Err(err).Msg("Error retrieving pod spec")
 			continue
 		}
 
-		if podDetail == nil {
-			log.Error().Msgf("No pod spec found for pod %s\n", podTraffic[0].SrcIP)
-			continue
-		}
-
 		policy, err := transformToNetworkPolicy(podTraffic, podDetail, config)
 		if err != nil {
 			log.Error().Err(err).Msg("Error transforming policy")
@@ -239,7 +229,7 @@ func determinePeerForTraffic(traffic api.PodTraffic, config *Config) (*networkin
 	}
 
 	if origin == nil {
-		log.Debug().Msgf("Could not find details for origin assuming IP is external %s", traffic.DstIP)
+		log.Warn().Msgf("Could not find details for origin assuming IP is external %s", traffic.DstIP)
 		return &networkingv1.NetworkPolicyPeer{
 			IPBlock: &networkingv1.IPBlock{
 				CIDR: traffic.DstIP + "/32",
@@ -302,9 +292,9 @@ func deduplicateEgressRules(rules []networkingv1.NetworkPolicyEgressRule) []netw
 func fetchSinglePodInNamespace(podName, namespace string, config *Config) (*corev1.Pod, error) {
 	pod, err := config.Clientset.CoreV1().Pods(namespace).Get(context.TODO(), podName, metav1.GetOptions{})
 	if err != nil {
-		// Handle the error according to your application's requirements
 		return nil, err
 	}
+
 	return pod, nil
 }