From 11db4390dcdd6544fb6c799598be135dd90e6694 Mon Sep 17 00:00:00 2001 From: haim-kermany Date: Wed, 26 Jul 2023 17:14:03 +0300 Subject: [PATCH] simplify_output Signed-off-by: haim-kermany --- nca/FWRules/ConnectivityGraph.py | 5 ++-- nca/FWRules/DotGraph.py | 14 +++++++-- nca/NetworkConfig/NetworkConfigQuery.py | 2 +- nca/Utils/OutputConfiguration.py | 2 +- nca/nca_cli.py | 4 +++ .../expected_output/poc1-scheme_output.dot | 30 ++++++++----------- .../fw_rules_tests/policies/poc1-scheme.yaml | 1 + 7 files changed, 33 insertions(+), 25 deletions(-) diff --git a/nca/FWRules/ConnectivityGraph.py b/nca/FWRules/ConnectivityGraph.py index 3bc0ef2da..067059067 100644 --- a/nca/FWRules/ConnectivityGraph.py +++ b/nca/FWRules/ConnectivityGraph.py @@ -330,10 +330,11 @@ def get_connections_without_fw_rules_txt_format(self, connectivity_msg=None, exc lines_list.extend(sorted(list(lines))) return '\n'.join(lines_list) - def get_connectivity_dot_format_str(self, connectivity_restriction=None): + def get_connectivity_dot_format_str(self, connectivity_restriction=None, simplify_output=False): """ :param Union[str,None] connectivity_restriction: specify if connectivity is restricted to TCP / non-TCP , or not + :param simplify_output[bool, False] whether to simplify the dot output graph :rtype str :return: a string with content of dot format for connectivity graph """ @@ -341,7 +342,7 @@ def get_connectivity_dot_format_str(self, connectivity_restriction=None): query_title = f'{self.output_config.queryName}/' if self.output_config.queryName else '' name = f'{query_title}{self.output_config.configName}{restriction_title}' - dot_graph = DotGraph(name) + dot_graph = DotGraph(name, do_not_subgraph=simplify_output) peers_groups = self._get_equals_groups() # we are going to treat a peers_group as one peer. # the first peer in the peers_group is representing the group diff --git a/nca/FWRules/DotGraph.py b/nca/FWRules/DotGraph.py index 32b29ae56..34fd2438d 100644 --- a/nca/FWRules/DotGraph.py +++ b/nca/FWRules/DotGraph.py @@ -30,6 +30,7 @@ class Node: name: str node_type: int label: str + title: str @dataclass class Edge: @@ -38,13 +39,14 @@ class Edge: label: str is_dir: bool - def __init__(self, name): + def __init__(self, name, do_not_subgraph): self.subgraphs = {} self.name = name self.edges = [] self.all_nodes = {} self.labels = set() self.labels_dict = {} + self.do_not_subgraph = do_not_subgraph self.node_styles = \ {self.NodeType.IPBlock: 'shape=box fontcolor=red2', self.NodeType.Pod: 'shape=box fontcolor=blue', @@ -74,9 +76,11 @@ def add_node(self, subgraph, name, node_type, label): param label: node label """ label = [tok.strip() for tok in label if tok != ''] + title = subgraph if self.do_not_subgraph else '' + subgraph = '' if self.do_not_subgraph else subgraph if subgraph not in self.subgraphs: self.subgraphs[subgraph] = self.Subgraph(subgraph) - node = self.Node(name, node_type, label) + node = self.Node(name, node_type, label, title) self.subgraphs[subgraph].nodes.append(node) self.all_nodes[name] = node if node_type in {self.NodeType.Clique, self.NodeType.BiClique}: @@ -191,7 +195,11 @@ def _node_to_str(self, node): table = f'<' for line in node.label: if line: - table += f'' + if node.title: + table += f'' + else: + table += f'' + table += '
{line}
{node.title}/{line}
{line}
>' label = f'label={table}' node_desc = f'{label} {self.node_styles[node.node_type]} tooltip=\"{self.node_tooltip[node.node_type]}\"' diff --git a/nca/NetworkConfig/NetworkConfigQuery.py b/nca/NetworkConfig/NetworkConfigQuery.py index 81b415e50..c612916fc 100644 --- a/nca/NetworkConfig/NetworkConfigQuery.py +++ b/nca/NetworkConfig/NetworkConfigQuery.py @@ -1031,7 +1031,7 @@ def dot_format_from_connections_dict(self, connections, peers, connectivity_rest :return the connectivity map in dot-format, considering connectivity_restriction if required """ conn_graph = self._get_conn_graph(connections, peers) - return conn_graph.get_connectivity_dot_format_str(connectivity_restriction) + return conn_graph.get_connectivity_dot_format_str(connectivity_restriction, self.output_config.simplifyOutput) def dot_format_from_props(self, props, peers, connectivity_restriction=None): """ diff --git a/nca/Utils/OutputConfiguration.py b/nca/Utils/OutputConfiguration.py index e0bdccf60..2bd877721 100644 --- a/nca/Utils/OutputConfiguration.py +++ b/nca/Utils/OutputConfiguration.py @@ -19,7 +19,7 @@ def __init__(self, output_config_dict=None, query_name=''): default_output_config = {'fwRulesRunInTestMode': False, 'fwRulesDebug': False, 'fwRulesGroupByLabelSinglePod': False, 'fwRulesFilterSystemNs': False, 'fwRulesMaxIter': 10, 'outputFormat': 'txt', 'outputPath': None, - 'fwRulesOverrideAllowedLabels': None, 'prURL': None, + 'simplifyOutput': False, 'fwRulesOverrideAllowedLabels': None, 'prURL': None, 'connectivityFilterIstioEdges': True, 'outputEndpoints': 'deployments', 'subset': {}, 'explain': None, 'fullExplanation': False, 'excludeIPv6Range': True} diff --git a/nca/nca_cli.py b/nca/nca_cli.py index 448827d25..3e73c2ac5 100644 --- a/nca/nca_cli.py +++ b/nca/nca_cli.py @@ -153,6 +153,7 @@ def run_args(args): # noqa: C901 output_config = OutputConfiguration({'outputFormat': args.output_format or 'txt', 'outputPath': args.file_out or None, + 'simplifyOutput': args.simplify_output or False, 'prURL': args.pr_url or None, 'outputEndpoints': args.output_endpoints, 'subset': {}, @@ -326,6 +327,9 @@ def nca_main(argv=None): parser.add_argument('--file_out', '-f', type=str, help='A file path to which output is redirected') parser.add_argument('--expected_output', type=str, help='A file path of the expected query output,' 'relevant only with --connectivity and --semantic_diff') + parser.add_argument('--simplify_output', action='store_true', + help='simplify the connectivity graph,' + 'relevant only when output_format is dot or jpg') parser.add_argument('--pr_url', type=str, help='The full api url for adding a PR comment') parser.add_argument('--return_0', action='store_true', help='Force a return value 0') parser.add_argument('--version', '-v', action='store_true', help='Print version and exit') diff --git a/tests/fw_rules_tests/policies/expected_output/poc1-scheme_output.dot b/tests/fw_rules_tests/policies/expected_output/poc1-scheme_output.dot index 3a169d5d2..371568899 100644 --- a/tests/fw_rules_tests/policies/expected_output/poc1-scheme_output.dot +++ b/tests/fw_rules_tests/policies/expected_output/poc1-scheme_output.dot @@ -6,24 +6,18 @@ digraph { subgraph cluster_map_explanation { dict_box [label=<
Connectivity legend
tcp3550 TCP 3550
tcp50051 TCP 50051
tcp5050 TCP 5050
tcp6379 TCP 6379
tcp7000 TCP 7000
tcp7070 TCP 7070
tcp8080 TCP 8080
tcp9555 TCP 9555
> shape=box] "0.0.0.0/0" [label=<
0.0.0.0/0
> shape=box fontcolor=red2 tooltip="IP Block"] -subgraph cluster_default_namespace{ - label="default" - fontsize=20 - fontcolor=blue - tooltip="Namespace" - "default/adservice(Deployment)" [label=<
adservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/cartservice(Deployment)" [label=<
cartservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/checkoutservice(Deployment)" [label=<
checkoutservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/currencyservice(Deployment)" [label=<
currencyservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/emailservice(Deployment)" [label=<
emailservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/frontend(Deployment)" [label=<
frontend(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/loadgenerator(Deployment)" [label=<
loadgenerator(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/paymentservice(Deployment)" [label=<
paymentservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/productcatalogservice(Deployment)" [label=<
productcatalogservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/recommendationservice(Deployment)" [label=<
recommendationservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/redis-cart(Deployment)" [label=<
redis-cart(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] - "default/shippingservice(Deployment)" [label=<
shippingservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] -} + "default/adservice(Deployment)" [label=<
default/adservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/cartservice(Deployment)" [label=<
default/cartservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/checkoutservice(Deployment)" [label=<
default/checkoutservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/currencyservice(Deployment)" [label=<
default/currencyservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/emailservice(Deployment)" [label=<
default/emailservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/frontend(Deployment)" [label=<
default/frontend(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/loadgenerator(Deployment)" [label=<
default/loadgenerator(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/paymentservice(Deployment)" [label=<
default/paymentservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/productcatalogservice(Deployment)" [label=<
default/productcatalogservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/recommendationservice(Deployment)" [label=<
default/recommendationservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/redis-cart(Deployment)" [label=<
default/redis-cart(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] + "default/shippingservice(Deployment)" [label=<
default/shippingservice(Deployment)
> shape=box fontcolor=blue tooltip="Workload"] "0.0.0.0/0" -> "default/frontend(Deployment)"[label="tcp8080" labeltooltip="TCP 8080" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none] "default/cartservice(Deployment)" -> "default/redis-cart(Deployment)"[label="tcp6379" labeltooltip="TCP 6379" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none] "default/checkoutservice(Deployment)" -> "default/cartservice(Deployment)"[label="tcp7070" labeltooltip="TCP 7070" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none] diff --git a/tests/fw_rules_tests/policies/poc1-scheme.yaml b/tests/fw_rules_tests/policies/poc1-scheme.yaml index 3ecfb10fd..062653f65 100644 --- a/tests/fw_rules_tests/policies/poc1-scheme.yaml +++ b/tests/fw_rules_tests/policies/poc1-scheme.yaml @@ -31,6 +31,7 @@ queries: outputConfiguration: outputFormat: dot outputPath: null + simplifyOutput: true fwRulesRunInTestMode: false expectedOutput: expected_output/poc1-scheme_output.dot - name: connectivity_map_csv