Skip to content

Commit

Permalink
merge with master
Browse files Browse the repository at this point in the history
Signed-off-by: Tanya <[email protected]>
  • Loading branch information
tanyaveksler committed Aug 6, 2023
2 parents b9ed39f + 1aa65b6 commit 51ae5d2
Show file tree
Hide file tree
Showing 9 changed files with 36 additions and 25 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,8 @@ The arguments to `--resource_list` and to `--base_resource_list` should be one o
*shorthand* `-f`
- `--expected_output <file name>`\
A file path to the expected query output (for connectivity or semantic_diff queries).\
- `--simplify_graph`\
simplify the connectivity graph, (relevant only when output_format is dot or jpg)
- `--pr_url <URL>`\
Write output as GitHub PR comment. URL points to the relevant `comments` resource in the GitHub API.\
e.g., https://api.github.com/repos/shift-left-netconfig/online-boutique/issues/1/comments
Expand Down
1 change: 1 addition & 0 deletions docs/SchemeFileFormat.md
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ The supported entries in the outputConfiguration object are as follows:
|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
| outputFormat | Output format specification. | string [ txt / yaml / csv / md / dot / jpg/ txt_no_fw_rules] |
| outputPath | A file path to redirect output into. | string |
| simplifyGraph | Choose if to simplify the connectivity graph. | bool [default: False] |
| outputEndpoints | Choose endpoints type in output. | string [ pods / deployments ] |
| subset | A dict object with the defined subset elements to display in the output | [subset](#subset) object |
| fullExplanation | Choose if to print all counterexamples causing the query result in the output | bool |
Expand Down
5 changes: 3 additions & 2 deletions nca/FWRules/ConnectivityGraph.py
Original file line number Diff line number Diff line change
Expand Up @@ -330,18 +330,19 @@ def get_connections_without_fw_rules_txt_format(self, connectivity_msg=None, exc
lines_list.extend(sorted(list(lines)))
return '\n'.join(lines_list)

def get_connectivity_dot_format_str(self, connectivity_restriction=None):
def get_connectivity_dot_format_str(self, connectivity_restriction=None, simplify_graph=False):
"""
:param Union[str,None] connectivity_restriction: specify if connectivity is restricted to
TCP / non-TCP , or not
:param simplify_graph[bool, False] whether to simplify the dot output graph
:rtype str
:return: a string with content of dot format for connectivity graph
"""
restriction_title = f', for {connectivity_restriction} connections' if connectivity_restriction else ''
query_title = f'{self.output_config.queryName}/' if self.output_config.queryName else ''
name = f'{query_title}{self.output_config.configName}{restriction_title}'

dot_graph = DotGraph(name)
dot_graph = DotGraph(name, do_not_subgraph=simplify_graph)
peers_groups = self._get_equals_groups()
# we are going to treat a peers_group as one peer.
# the first peer in the peers_group is representing the group
Expand Down
14 changes: 11 additions & 3 deletions nca/FWRules/DotGraph.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ class Node:
name: str
node_type: int
label: str
title: str

@dataclass
class Edge:
Expand All @@ -38,13 +39,14 @@ class Edge:
label: str
is_dir: bool

def __init__(self, name):
def __init__(self, name, do_not_subgraph):
self.subgraphs = {}
self.name = name
self.edges = []
self.all_nodes = {}
self.labels = set()
self.labels_dict = {}
self.do_not_subgraph = do_not_subgraph
self.node_styles = \
{self.NodeType.IPBlock: 'shape=box fontcolor=red2',
self.NodeType.Pod: 'shape=box fontcolor=blue',
Expand Down Expand Up @@ -74,9 +76,11 @@ def add_node(self, subgraph, name, node_type, label):
param label: node label
"""
label = [tok.strip() for tok in label if tok != '']
title = subgraph if self.do_not_subgraph else ''
subgraph = '' if self.do_not_subgraph else subgraph
if subgraph not in self.subgraphs:
self.subgraphs[subgraph] = self.Subgraph(subgraph)
node = self.Node(name, node_type, label)
node = self.Node(name, node_type, label, title)
self.subgraphs[subgraph].nodes.append(node)
self.all_nodes[name] = node
if node_type in {self.NodeType.Clique, self.NodeType.BiClique}:
Expand Down Expand Up @@ -191,7 +195,11 @@ def _node_to_str(self, node):
table = f'<<table border="{border}" cellspacing="0">'
for line in node.label:
if line:
table += f'<tr><td>{line}</td></tr>'
if node.title:
table += f'<tr><td>{node.title}/{line}</td></tr>'
else:
table += f'<tr><td>{line}</td></tr>'

table += '</table>>'
label = f'label={table}'
node_desc = f'{label} {self.node_styles[node.node_type]} tooltip=\"{self.node_tooltip[node.node_type]}\"'
Expand Down
2 changes: 1 addition & 1 deletion nca/NetworkConfig/NetworkConfigQuery.py
Original file line number Diff line number Diff line change
Expand Up @@ -1044,7 +1044,7 @@ def dot_format_from_connections_dict(self, connections, peers, connectivity_rest
:return the connectivity map in dot-format, considering connectivity_restriction if required
"""
conn_graph = self._get_conn_graph(connections, peers)
return conn_graph.get_connectivity_dot_format_str(connectivity_restriction)
return conn_graph.get_connectivity_dot_format_str(connectivity_restriction, self.output_config.simplifyGraph)

def dot_format_from_props(self, props, peers, connectivity_restriction=None):
"""
Expand Down
2 changes: 1 addition & 1 deletion nca/Utils/OutputConfiguration.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ def __init__(self, output_config_dict=None, query_name=''):
default_output_config = {'fwRulesRunInTestMode': False, 'fwRulesDebug': False,
'fwRulesGroupByLabelSinglePod': False, 'fwRulesFilterSystemNs': False,
'fwRulesMaxIter': 10, 'outputFormat': 'txt', 'outputPath': None,
'fwRulesOverrideAllowedLabels': None, 'prURL': None,
'simplifyGraph': False, 'fwRulesOverrideAllowedLabels': None, 'prURL': None,
'connectivityFilterIstioEdges': True, 'outputEndpoints': 'deployments',
'subset': {}, 'explain': None, 'fullExplanation': False, 'excludeIPv6Range': True}

Expand Down
4 changes: 4 additions & 0 deletions nca/nca_cli.py
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,7 @@ def run_args(args): # noqa: C901

output_config = OutputConfiguration({'outputFormat': args.output_format or 'txt',
'outputPath': args.file_out or None,
'simplifyGraph': args.simplify_graph or False,
'prURL': args.pr_url or None,
'outputEndpoints': args.output_endpoints,
'subset': {},
Expand Down Expand Up @@ -326,6 +327,9 @@ def nca_main(argv=None):
parser.add_argument('--file_out', '-f', type=str, help='A file path to which output is redirected')
parser.add_argument('--expected_output', type=str, help='A file path of the expected query output,'
'relevant only with --connectivity and --semantic_diff')
parser.add_argument('--simplify_graph', action='store_true',
help='simplify the connectivity graph,'
'relevant only when output_format is dot or jpg')
parser.add_argument('--pr_url', type=str, help='The full api url for adding a PR comment')
parser.add_argument('--return_0', action='store_true', help='Force a return value 0')
parser.add_argument('--version', '-v', action='store_true', help='Print version and exit')
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,24 +6,18 @@ digraph {
subgraph cluster_map_explanation {
dict_box [label=<<table border="0" cellspacing="0"><tr><td align="text">Connectivity legend<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 3550" href="bogus">tcp3550 TCP 3550<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 50051" href="bogus">tcp50051 TCP 50051<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 5050" href="bogus">tcp5050 TCP 5050<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 6379" href="bogus">tcp6379 TCP 6379<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 7000" href="bogus">tcp7000 TCP 7000<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 7070" href="bogus">tcp7070 TCP 7070<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 8080" href="bogus">tcp8080 TCP 8080<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 9555" href="bogus">tcp9555 TCP 9555<br align="left" /></td></tr></table>> shape=box]
"0.0.0.0/0" [label=<<table border="0" cellspacing="0"><tr><td>0.0.0.0/0</td></tr></table>> shape=box fontcolor=red2 tooltip="IP Block"]
subgraph cluster_default_namespace{
label="default"
fontsize=20
fontcolor=blue
tooltip="Namespace"
"default/adservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>adservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/cartservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>cartservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/checkoutservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>checkoutservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/currencyservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>currencyservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/emailservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>emailservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/frontend(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>frontend(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/loadgenerator(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>loadgenerator(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/paymentservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>paymentservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/productcatalogservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>productcatalogservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/recommendationservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>recommendationservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/redis-cart(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>redis-cart(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/shippingservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>shippingservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
}
"default/adservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/adservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/cartservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/cartservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/checkoutservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/checkoutservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/currencyservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/currencyservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/emailservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/emailservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/frontend(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/frontend(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/loadgenerator(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/loadgenerator(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/paymentservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/paymentservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/productcatalogservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/productcatalogservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/recommendationservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/recommendationservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/redis-cart(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/redis-cart(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"default/shippingservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/shippingservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
"0.0.0.0/0" -> "default/frontend(Deployment)"[label="tcp8080" labeltooltip="TCP 8080" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none]
"default/cartservice(Deployment)" -> "default/redis-cart(Deployment)"[label="tcp6379" labeltooltip="TCP 6379" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none]
"default/checkoutservice(Deployment)" -> "default/cartservice(Deployment)"[label="tcp7070" labeltooltip="TCP 7070" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none]
Expand Down
1 change: 1 addition & 0 deletions tests/fw_rules_tests/policies/poc1-scheme.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ queries:
outputConfiguration:
outputFormat: dot
outputPath: null
simplifyGraph: true
fwRulesRunInTestMode: false
expectedOutput: expected_output/poc1-scheme_output.dot
- name: connectivity_map_csv
Expand Down

0 comments on commit 51ae5d2

Please sign in to comment.