From 72a489d17cb421cb4b8b404070da2be33f850680 Mon Sep 17 00:00:00 2001 From: Olivier Cazade Date: Wed, 31 Jan 2024 10:10:08 +0000 Subject: [PATCH] Refactoring of transform rule API --- pkg/api/transform_network.go | 33 ++++++++++++---- pkg/pipeline/transform/transform_network.go | 42 +++++++++++++-------- 2 files changed, 52 insertions(+), 23 deletions(-) diff --git a/pkg/api/transform_network.go b/pkg/api/transform_network.go index 28167bbbd..1de44f89a 100644 --- a/pkg/api/transform_network.go +++ b/pkg/api/transform_network.go @@ -63,25 +63,42 @@ func TransformNetworkOperationName(operation string) string { } type NetworkTransformRule struct { - Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"entry input field"` - Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` - Type string `yaml:"type,omitempty" json:"type,omitempty" enum:"TransformNetworkOperationEnum" doc:"one of the following:"` - Parameters string `yaml:"parameters,omitempty" json:"parameters,omitempty" doc:"parameters specific to type"` - Assignee string `yaml:"assignee,omitempty" json:"assignee,omitempty" doc:"value needs to assign to output field"` - KubernetesInfra *K8sInfraRule `yaml:"kubernetes_infra,omitempty" json:"kubernetes_infra,omitempty" doc:"Kubernetes infra rule specific configuration"` - Kubernetes *K8sRule `yaml:"kubernetes,omitempty" json:"kubernetes,omitempty" doc:"Kubernetes rule specific configuration"` + Type string `yaml:"type,omitempty" json:"type,omitempty" enum:"TransformNetworkOperationEnum" doc:"one of the following:"` + Assignee string `yaml:"assignee,omitempty" json:"assignee,omitempty" doc:"value needs to assign to output field"` + KubernetesInfra *K8sInfraRule `yaml:"kubernetes_infra,omitempty" json:"kubernetes_infra,omitempty" doc:"Kubernetes infra rule specific configuration"` + Kubernetes *K8sRule `yaml:"kubernetes,omitempty" json:"kubernetes,omitempty" doc:"Kubernetes rule specific configuration"` + AddSubnet *NetworkAddSubnetRule `yaml:"add_subnet,omitempty" json:"add_subnet,omitempty" doc:"Add subnet rule specific configuration"` + AddLocation *NetworkGenericRule `yaml:"add_location,omitempty" json:"add_location,omitempty" doc:"Add location rule specific configuration"` + AddService *NetworkAddServiceRule `yaml:"add_service,omitempty" json:"add_service,omitempty" doc:"Add service rule specific configuration"` } type K8sInfraRule struct { Inputs []string `yaml:"inputs,omitempty" json:"inputs,omitempty" doc:"entry inputs fields"` Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` - InfraPrefix string `yaml:"infra_prefixes,omitempty" json:"infra_prefixes,omitempty" doc:"Namespace prefixes that will be tagged as infra"` + InfraPrefix []string `yaml:"infra_prefixes,omitempty" json:"infra_prefixes,omitempty" doc:"Namespace prefixes that will be tagged as infra"` } type K8sRule struct { AddZone bool `yaml:"add_zone,omitempty" json:"add_zone,omitempty" doc:"If true the rule will add the zone"` } +type NetworkGenericRule struct { + Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"entry input field"` + Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` +} + +type NetworkAddSubnetRule struct { + Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"entry input field"` + Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` + SubnetMask string `yaml:"protocol,omitempty" json:"protocol,omitempty" doc:"entry protocol field"` +} + +type NetworkAddServiceRule struct { + Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"entry input field"` + Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` + Protocol string `yaml:"protocol,omitempty" json:"protocol,omitempty" doc:"entry protocol field"` +} + type NetworkTransformDirectionInfo struct { ReporterIPField string `yaml:"reporterIPField,omitempty" json:"reporterIPField,omitempty" doc:"field providing the reporter (agent) host IP"` SrcHostField string `yaml:"srcHostField,omitempty" json:"srcHostField,omitempty" doc:"source host field"` diff --git a/pkg/pipeline/transform/transform_network.go b/pkg/pipeline/transform/transform_network.go index f6c4ea8ee..ec1572348 100644 --- a/pkg/pipeline/transform/transform_network.go +++ b/pkg/pipeline/transform/transform_network.go @@ -55,30 +55,42 @@ func (n *Network) Transform(inputEntry config.GenericMap) (config.GenericMap, bo for _, rule := range n.Rules { switch rule.Type { case api.OpAddSubnet: - _, ipv4Net, err := net.ParseCIDR(fmt.Sprintf("%v%s", outputEntry[rule.Input], rule.Parameters)) + if rule.AddSubnet == nil { + log.Errorf("Missing add subnet configuration") + continue + } + _, ipv4Net, err := net.ParseCIDR(fmt.Sprintf("%v%s", outputEntry[rule.AddSubnet.Input], rule.AddSubnet.SubnetMask)) if err != nil { - log.Warningf("Can't find subnet for IP %v and prefix length %s - err %v", outputEntry[rule.Input], rule.Parameters, err) + log.Warningf("Can't find subnet for IP %v and prefix length %s - err %v", outputEntry[rule.AddSubnet.Input], rule.AddSubnet.SubnetMask, err) continue } - outputEntry[rule.Output] = ipv4Net.String() + outputEntry[rule.AddSubnet.Output] = ipv4Net.String() case api.OpAddLocation: + if rule.AddLocation == nil { + log.Errorf("Missing add location configuration") + continue + } var locationInfo *location.Info - err, locationInfo := location.GetLocation(fmt.Sprintf("%s", outputEntry[rule.Input])) + err, locationInfo := location.GetLocation(fmt.Sprintf("%s", outputEntry[rule.AddLocation.Input])) if err != nil { - log.Warningf("Can't find location for IP %v err %v", outputEntry[rule.Input], err) + log.Warningf("Can't find location for IP %v err %v", outputEntry[rule.AddLocation.Input], err) continue } - outputEntry[rule.Output+"_CountryName"] = locationInfo.CountryName - outputEntry[rule.Output+"_CountryLongName"] = locationInfo.CountryLongName - outputEntry[rule.Output+"_RegionName"] = locationInfo.RegionName - outputEntry[rule.Output+"_CityName"] = locationInfo.CityName - outputEntry[rule.Output+"_Latitude"] = locationInfo.Latitude - outputEntry[rule.Output+"_Longitude"] = locationInfo.Longitude + outputEntry[rule.AddLocation.Output+"_CountryName"] = locationInfo.CountryName + outputEntry[rule.AddLocation.Output+"_CountryLongName"] = locationInfo.CountryLongName + outputEntry[rule.AddLocation.Output+"_RegionName"] = locationInfo.RegionName + outputEntry[rule.AddLocation.Output+"_CityName"] = locationInfo.CityName + outputEntry[rule.AddLocation.Output+"_Latitude"] = locationInfo.Latitude + outputEntry[rule.AddLocation.Output+"_Longitude"] = locationInfo.Longitude case api.OpAddService: + if rule.AddService == nil { + log.Errorf("Missing add service configuration") + continue + } protocol := fmt.Sprintf("%v", outputEntry[rule.Parameters]) - portNumber, err := strconv.Atoi(fmt.Sprintf("%v", outputEntry[rule.Input])) + portNumber, err := strconv.Atoi(fmt.Sprintf("%v", outputEntry[rule.AddService.Input])) if err != nil { - log.Errorf("Can't convert port to int: Port %v - err %v", outputEntry[rule.Input], err) + log.Errorf("Can't convert port to int: Port %v - err %v", outputEntry[rule.AddService.Input], err) continue } var serviceName string @@ -92,11 +104,11 @@ func (n *Network) Transform(inputEntry config.GenericMap) (config.GenericMap, bo } if serviceName == "" { if err != nil { - log.Debugf("Can't find service name for Port %v and protocol %v - err %v", outputEntry[rule.Input], protocol, err) + log.Debugf("Can't find service name for Port %v and protocol %v - err %v", outputEntry[rule.AddService.Input], protocol, err) continue } } - outputEntry[rule.Output] = serviceName + outputEntry[rule.AddService.Output] = serviceName case api.OpAddKubernetes: kubernetes.Enrich(outputEntry, rule) case api.OpAddKubernetesInfra: