Skip to content

aws sg analysis #648

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 46 commits into from
Jul 23, 2024
Merged

aws sg analysis #648

merged 46 commits into from
Jul 23, 2024

Conversation

olasaadi99
Copy link
Contributor

No description provided.

@olasaadi99 olasaadi99 requested a review from zivnevo June 25, 2024 12:19
@olasaadi99 olasaadi99 requested a review from adisos June 25, 2024 12:19
@olasaadi99 olasaadi99 linked an issue Jun 25, 2024 that may be closed by this pull request
support aws sg analysis #641
Closed
@olasaadi99 olasaadi99 marked this pull request as ready for review June 25, 2024 15:03
adisos
adisos reviewed Jul 1, 2024
View reviewed changes
adisos
adisos reviewed Jul 1, 2024
View reviewed changes
adisos
adisos reviewed Jul 1, 2024
View reviewed changes
Copy link
Collaborator

@adisos adisos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

few more comments

adisos
adisos reviewed Jul 1, 2024
View reviewed changes
adisos
adisos reviewed Jul 1, 2024
View reviewed changes
Copy link
Collaborator

@adisos adisos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you add more examples and tests demonstrating sg analysis with non trivial SG rules?

@adisos
Copy link
Collaborator

adisos commented Jul 1, 2024
edited by olasaadi99
Loading

  • try to capture common analysis functionality in a separate common package, to avoid code duplication
  • try adding unit tests for connectivity analysis, based on objects rather than input JSON files.

@olasaadi99 olasaadi99 requested a review from adisos July 2, 2024 16:15
adisos
adisos reviewed Jul 4, 2024
View reviewed changes
Copy link
Collaborator

@adisos adisos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added few more comments

pkg/awsvpc/parser.go
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you capture common functionality of both parsers to common package? check duplicated code such as printing functions, code that handles the objects of the common types, etc.

@adisos adisos requested a review from haim-kermany July 4, 2024 13:37
adisos
adisos reviewed Jul 22, 2024
View reviewed changes
pkg/awsvpc/parser.go

/********** Functions used in Debug mode ***************/

func printVPCConfigs(c *vpcmodel.MultipleVPCConfigs) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why can't all the printing functions be in commonvpc?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

because it calls printConfigs func which is specific for each provider(for now)

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can't this function be common for all providers? it iterates over objects from vpcmodel pkg

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can't, because for ex in ibmvpc this function calls printTGWAvailableRoutes which is specific for ibm and includes struct type that is in ibmvpc pkg.. if the struct were defined in commonvpc (it is not used in aws..) it will be possible to move the func to common-code
I can split the func to two functions.. but I think it is better leave it this way..

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, let's consider this for a followup PR

@adisos adisos requested a review from ShiriMoran July 22, 2024 06:02
ShiriMoran
ShiriMoran reviewed Jul 22, 2024
View reviewed changes
Copy link
Contributor

@ShiriMoran ShiriMoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some initial comments (not done yet)

ShiriMoran
ShiriMoran reviewed Jul 22, 2024
View reviewed changes
Copy link
Contributor

@ShiriMoran ShiriMoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comments on parser.go

@olasaadi99 olasaadi99 requested a review from adisos July 22, 2024 08:39
ShiriMoran
ShiriMoran reviewed Jul 22, 2024
View reviewed changes
Copy link
Contributor

@ShiriMoran ShiriMoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added comments to sg_analysis.go

ShiriMoran
ShiriMoran reviewed Jul 22, 2024
View reviewed changes
Copy link
Contributor

@ShiriMoran ShiriMoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added few comments

pkg/commonvpc/sg_analysis.go
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Better have it in this PR. For one, I find it hard to understand the code without documentation.

ShiriMoran
ShiriMoran reviewed Jul 22, 2024
View reviewed changes
Copy link
Contributor

@ShiriMoran ShiriMoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Few general comments
Wouldn't it be better to have a directory impl or something in the spirit and have ibmvpc and awsvpc under it?

@olasaadi99 olasaadi99 requested a review from ShiriMoran July 22, 2024 10:11
@ShiriMoran
Copy link
Contributor

LGTM

adisos
adisos reviewed Jul 23, 2024
View reviewed changes
pkg/awsvpc/sg_analysis.go Outdated
Comment on lines 139 to 142
case commonvpc.ProtocolTCP:
ruleStr, ruleRes, err = sga.getProtocolTCPUDPRule(&ruleObj, direction)
case commonvpc.ProtocolUDP:
ruleStr, ruleRes, err = sga.getProtocolTCPUDPRule(&ruleObj, direction)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
case commonvpc.ProtocolTCP:
ruleStr, ruleRes, err = sga.getProtocolTCPUDPRule(&ruleObj, direction)
case commonvpc.ProtocolUDP:
ruleStr, ruleRes, err = sga.getProtocolTCPUDPRule(&ruleObj, direction)
case commonvpc.ProtocolTCP, commonvpc.ProtocolUDP:
ruleStr, ruleRes, err = sga.getProtocolTCPUDPRule(&ruleObj, direction)

adisos
adisos reviewed Jul 23, 2024
View reviewed changes
pkg/awsvpc/sg_analysis_test.go Outdated
VPCRef: nil,
Region: "",
},
Analyzer: commonvpc.NewSGAnalyzer(NewAWSSGAnalyzer(&sg)), Members: nil,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

vscode warning: unused write to field Members

pkg/awsvpc/sg_analysis_test.go Outdated
VPCRef: nil,
Region: "",
},
Analyzer: commonvpc.NewSGAnalyzer(NewAWSSGAnalyzer(&sg)), Members: nil,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

vscode warning: unused write to field Members

adisos
adisos reviewed Jul 23, 2024
View reviewed changes
pkg/commonvpc/vpc.go Outdated
"github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel"
)

const DoubleTab = "\t\t"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this const is only used in ibmvpc

@olasaadi99 olasaadi99 requested a review from adisos July 23, 2024 08:23
adisos
adisos approved these changes Jul 23, 2024
View reviewed changes
Copy link
Collaborator

@adisos adisos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

consider for a followup PR:

  • avoid duplication of analysis_output_test
  • add documentation where missing
  • capture more common functionality where possible

@olasaadi99 olasaadi99 merged commit 5897017 into main Jul 23, 2024
4 checks passed
@olasaadi99 olasaadi99 deleted the 641_sg branch July 23, 2024 08:56
@olasaadi99
Copy link
Contributor Author

consider for a followup PR:

  • avoid duplication of analysis_output_test
  • add documentation where missing
  • capture more common functionality where possible

#715

@olasaadi99 olasaadi99 mentioned this pull request Aug 4, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adisos adisos adisos approved these changes

@zivnevo zivnevo Awaiting requested review from zivnevo

@haim-kermany haim-kermany Awaiting requested review from haim-kermany

@ShiriMoran ShiriMoran Awaiting requested review from ShiriMoran

Assignees
No one assigned
Labels
size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

support aws sg analysis
3 participants
@olasaadi99 @adisos @ShiriMoran