modify the field networkIsolate in workspace

Signed-off-by: Duan Jiong <djduanjiong@gmail.com>

pkg/controller/network/nsnetworkpolicy/nsnetworkpolicy_controller.go

@@ -384,8 +384,8 @@ func (c *NSNetworkPolicyController) addNamespace(obj interface{}) {
 	c.nsEnqueue(ns)
 }
 
-func isNetworkIsolateEnabled(ns *corev1.Namespace) bool {
-	if ns.Annotations[NamespaceNPAnnotationKey] == NamespaceNPAnnotationEnabled {
+func namespaceNetworkIsolateEnabled(ns *corev1.Namespace) bool {
+	if ns.Annotations != nil && ns.Annotations[NamespaceNPAnnotationKey] == NamespaceNPAnnotationEnabled {
 		return true
 	}
 
@@ -429,9 +429,9 @@ func (c *NSNetworkPolicyController) syncNs(key string) error {
 	matchWorkspace := false
 	delete := false
 	nsnpList, err := c.informer.Lister().NamespaceNetworkPolicies(ns.Name).List(labels.Everything())
-	if isNetworkIsolateEnabled(ns) {
+	if namespaceNetworkIsolateEnabled(ns) {
 		matchWorkspace = false
-	} else if wksp.Spec.NetworkIsolation {
+	} else if workspaceNetworkIsolationEnabled(wksp) {
 		matchWorkspace = true
 	} else {
 		delete = true
@@ -573,6 +573,13 @@ func (c *NSNetworkPolicyController) processNSNPWorkItem() bool {
 	return true
 }
 
+func workspaceNetworkIsolationEnabled(wksp *workspacev1alpha1.Workspace) bool {
+	if wksp.Spec.NetworkIsolation != nil && *wksp.Spec.NetworkIsolation {
+		return true
+	}
+	return false
+}
+
 // NewnamespacenpController returns a controller which manages NSNSP objects.
 func NewNSNetworkPolicyController(
 	client kubernetes.Interface,
@@ -607,7 +614,7 @@ func NewNSNetworkPolicyController(
 		UpdateFunc: func(oldObj, newObj interface{}) {
 			old := oldObj.(*workspacev1alpha1.Workspace)
 			new := newObj.(*workspacev1alpha1.Workspace)
-			if old.Spec.NetworkIsolation == new.Spec.NetworkIsolation {
+			if workspaceNetworkIsolationEnabled(old) == workspaceNetworkIsolationEnabled(new) {
 				return
 			}
 			controller.addWorkspace(newObj)

pkg/controller/network/nsnetworkpolicy/nsnetworkpolicy_test.go

@@ -134,6 +134,25 @@ var _ = Describe("Nsnetworkpolicy", func() {
 		go c.Start(stopCh)
 	})
 
+	It("test func namespaceNetworkIsolateEnabled", func() {
+		ns := &corev1.Namespace{}
+		Expect(namespaceNetworkIsolateEnabled(ns)).To(BeFalse())
+		ns.Annotations = make(map[string]string)
+		Expect(namespaceNetworkIsolateEnabled(ns)).To(BeFalse())
+		ns.Annotations[NamespaceNPAnnotationKey] = NamespaceNPAnnotationEnabled
+		Expect(namespaceNetworkIsolateEnabled(ns)).To(BeTrue())
+	})
+
+	It("test func workspaceNetworkIsolationEnabled", func() {
+		value := false
+		wksp := &wkspv1alpha1.Workspace{}
+		Expect(workspaceNetworkIsolationEnabled(wksp)).To(BeFalse())
+		wksp.Spec.NetworkIsolation = &value
+		Expect(workspaceNetworkIsolationEnabled(wksp)).To(BeFalse())
+		value = true
+		Expect(workspaceNetworkIsolationEnabled(wksp)).To(BeTrue())
+	})
+
 	It("Should create ns networkisolate np correctly in workspace", func() {
 		objSrt := fmt.Sprintf(workspaceNP, "testns", constants.WorkspaceLabelKey, "testworkspace")
 		obj := &netv1.NetworkPolicy{}