From ced445d76020091873fcde23d695c22abd85c6bd Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 10 Sep 2024 12:00:21 +0300 Subject: [PATCH 01/12] refactor Name() and ExtendedName(c) methods --- pkg/awsvpc/awsDrawioGenerator.go | 2 +- pkg/awsvpc/parser.go | 10 ++++---- pkg/commonvpc/drawioGenerator.go | 12 +++++----- pkg/commonvpc/vpc.go | 18 +++++++------- pkg/ibmvpc/connectivityAnalysis_test.go | 2 +- pkg/ibmvpc/ibmDrawioGenerator.go | 17 +++++++------ pkg/ibmvpc/implicit_routing.go | 2 +- pkg/ibmvpc/parser.go | 26 ++++++++++---------- pkg/ibmvpc/routing_tables_analysis.go | 8 +++---- pkg/ibmvpc/vpc.go | 28 +++++++++++----------- pkg/linter/lintRuleCIDROutOfRange.go | 4 ++-- pkg/linter/lintRuleShadowedOrImplied.go | 4 ++-- pkg/linter/lintRuleSplitSubnet.go | 8 +++---- pkg/linter/lintSubnetCIDROverlap.go | 10 ++++---- pkg/linter/lintTCPReposnseBlocked.go | 12 +++++----- pkg/linter/lintUnattached.go | 4 ++-- pkg/vpcmodel/abstractVPC.go | 13 ++++++---- pkg/vpcmodel/drawioGenerator.go | 2 +- pkg/vpcmodel/explainabilityConnectivity.go | 8 +++---- pkg/vpcmodel/explainabilityInput.go | 8 +++---- pkg/vpcmodel/explainabilityPrint.go | 20 ++++++++-------- pkg/vpcmodel/externalNetwork.go | 6 ++++- pkg/vpcmodel/grouping.go | 19 +++++++++++---- pkg/vpcmodel/grouping_test.go | 6 +++++ pkg/vpcmodel/jsonOutput.go | 16 ++++++------- pkg/vpcmodel/mdOutput.go | 12 +++++----- pkg/vpcmodel/multiExplainability.go | 10 ++++---- pkg/vpcmodel/nodesConnectivity.go | 4 ++-- pkg/vpcmodel/routing_paths.go | 2 +- pkg/vpcmodel/semanticDiff.go | 28 +++++++++++----------- pkg/vpcmodel/semanticDiff_test.go | 2 +- pkg/vpcmodel/subnetsConnectivity.go | 12 +++++----- pkg/vpcmodel/synthesisOutput.go | 12 +++++----- pkg/vpcmodel/textOutput.go | 8 +++---- pkg/vpcmodel/unifyGrouping.go | 12 +++++----- pkg/vpcmodel/vpcConfig.go | 2 +- 36 files changed, 196 insertions(+), 173 deletions(-) diff --git a/pkg/awsvpc/awsDrawioGenerator.go b/pkg/awsvpc/awsDrawioGenerator.go index 4a50c6151..61103b514 100644 --- a/pkg/awsvpc/awsDrawioGenerator.go +++ b/pkg/awsvpc/awsDrawioGenerator.go @@ -14,5 +14,5 @@ import ( func (igw *InternetGateway) ShowOnSubnetMode() bool { return true } func (igw *InternetGateway) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { - return drawio.NewInternetGatewayTreeNode(gen.TreeNode(igw.VPC()).(*drawio.VpcTreeNode), igw.Name()) + return drawio.NewInternetGatewayTreeNode(gen.TreeNode(igw.VPC()).(*drawio.VpcTreeNode), igw.NameForAnalyzerOut()) } diff --git a/pkg/awsvpc/parser.go b/pkg/awsvpc/parser.go index c6281cf04..6c17bc9ab 100644 --- a/pkg/awsvpc/parser.go +++ b/pkg/awsvpc/parser.go @@ -429,11 +429,11 @@ func printVPCConfigs(c *vpcmodel.MultipleVPCConfigs) { } logging.Debug("VPCs to analyze:") for vpcUID, config := range c.Configs() { - logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.Name()) + logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.NameForAnalyzerOut()) } commonvpc.PrintLineSection() for vpcUID, config := range c.Configs() { - logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.Name()) + logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.NameForAnalyzerOut()) printConfig(config) } commonvpc.PrintLineSection() @@ -446,15 +446,15 @@ func printConfig(c *vpcmodel.VPCConfig) { if n.IsExternal() { continue } - logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.Name(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(), n.UID()}, separator)) } logging.Debug("Subnets:") for _, n := range c.Subnets { - logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.Name(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(), n.UID()}, separator)) } logging.Debug("NodeSets:") for _, n := range c.NodeSets { - logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.Name(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(), n.UID()}, separator)) } logging.Debug("FilterResources:") for _, f := range c.FilterResources { diff --git a/pkg/commonvpc/drawioGenerator.go b/pkg/commonvpc/drawioGenerator.go index b42bd7456..74c8e61c7 100644 --- a/pkg/commonvpc/drawioGenerator.go +++ b/pkg/commonvpc/drawioGenerator.go @@ -24,7 +24,7 @@ func (ni *NetworkInterface) ShowOnSubnetMode() bool { return false } func (nl *NaclLayer) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { for _, acl := range nl.NaclList { for _, sn := range acl.Subnets { - gen.TreeNode(sn).(*drawio.SubnetTreeNode).SetACL(acl.Name()) + gen.TreeNode(sn).(*drawio.SubnetTreeNode).SetACL(acl.NameForAnalyzerOut()) } } return nil @@ -41,7 +41,7 @@ func (r *Region) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.Tr } func (v *VPC) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { - return drawio.NewVpcTreeNode(gen.TreeNode(v.Region()).(*drawio.RegionTreeNode), v.Name()) + return drawio.NewVpcTreeNode(gen.TreeNode(v.Region()).(*drawio.RegionTreeNode), v.NameForAnalyzerOut()) } func (z *Zone) IsExternal() bool { return false } @@ -53,7 +53,7 @@ func (s *Subnet) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.Tr // todo - how to handle this error: zone, _ := s.Zone() zoneTn := gen.TreeNode(zone).(*drawio.ZoneTreeNode) - subnetTn := drawio.NewSubnetTreeNode(zoneTn, s.Name(), s.Cidr, "") + subnetTn := drawio.NewSubnetTreeNode(zoneTn, s.NameForAnalyzerOut(), s.Cidr, "") subnetTn.SetIsPrivate(s.IsPrivate()) return subnetTn } @@ -68,7 +68,7 @@ func (sgl *SecurityGroupLayer) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenera func (sg *SecurityGroup) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { // creating the SG treeNodes: - tn := drawio.NewSGTreeNode(gen.TreeNode(sg.VPC()).(*drawio.VpcTreeNode), sg.Name()) + tn := drawio.NewSGTreeNode(gen.TreeNode(sg.VPC()).(*drawio.VpcTreeNode), sg.NameForAnalyzerOut()) for _, member := range sg.Members { // every SG member is added as an icon treeNode to the SG treeNode: if mTn := gen.TreeNode(member); mTn != nil { @@ -89,10 +89,10 @@ func (v *Vsi) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeN // todo - how to handle this error: zone, _ := v.Zone() zoneTn := gen.TreeNode(zone).(*drawio.ZoneTreeNode) - return drawio.GroupNIsWithVSI(zoneTn, v.Name(), vsiNIs) + return drawio.GroupNIsWithVSI(zoneTn, v.NameForAnalyzerOut(), vsiNIs) } func (ni *NetworkInterface) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { return drawio.NewNITreeNode( - gen.TreeNode(ni.Subnet()).(drawio.SquareTreeNodeInterface), ni.Name(), ni.virtual) + gen.TreeNode(ni.Subnet()).(drawio.SquareTreeNodeInterface), ni.NameForAnalyzerOut(), ni.virtual) } diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index 9ad3cbe43..7e3e597be 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -72,9 +72,9 @@ type NetworkInterface struct { // used for synthesis output, if number of nifs is > 1 we use just vsi name func (ni *NetworkInterface) SynthesisResourceName() string { if ni.numberOfNifsInVsi == 1 { - return ni.VPC().Name() + vpcmodel.Deliminator + ni.VsiName() + return ni.VPC().NameForAnalyzerOut() + vpcmodel.Deliminator + ni.VsiName() } - return ni.VPC().Name() + vpcmodel.Deliminator + ni.VsiName() + vpcmodel.Deliminator + ni.ResourceName + return ni.VPC().NameForAnalyzerOut() + vpcmodel.Deliminator + ni.VsiName() + vpcmodel.Deliminator + ni.ResourceName } func (ni *NetworkInterface) SynthesisKind() spec.ResourceType { @@ -90,12 +90,12 @@ func (ni *NetworkInterface) VsiName() string { return ni.Vsi } -func (ni *NetworkInterface) Name() string { +func (ni *NetworkInterface) NameForAnalyzerOut() string { return nameWithBracketsInfo(ni.Vsi, ni.Address()) } func (ni *NetworkInterface) ExtendedName(c *vpcmodel.VPCConfig) string { - return ni.ExtendedPrefix(c) + ni.Name() + return ni.ExtendedPrefix(c) + ni.NameForAnalyzerOut() } func nameWithBracketsInfo(name, inBrackets string) string { @@ -128,7 +128,7 @@ func (v *VPC) GetZoneByIPBlock(ipb *ipblock.IPBlock) (string, error) { return z.Name, nil } } - return "", fmt.Errorf("on vpc %s, could not fine zone for ipblock %s", v.Name(), ipb.ToCidrListString()) + return "", fmt.Errorf("on vpc %s, could not fine zone for ipblock %s", v.NameForAnalyzerOut(), ipb.ToCidrListString()) } func (v *VPC) GetZoneByName(name string) (*Zone, error) { @@ -234,9 +234,9 @@ func (psr *privateSubnetRule) IsIngress() bool { func (psr *privateSubnetRule) String(detail bool) string { if !detail { if psr.subnet.IsPrivate() { - return fmt.Sprintf("private subnet %s denies connection", psr.subnet.Name()) + return fmt.Sprintf("private subnet %s denies connection", psr.subnet.NameForAnalyzerOut()) } - return fmt.Sprintf("public subnet %s enables connection", psr.subnet.Name()) + return fmt.Sprintf("public subnet %s enables connection", psr.subnet.NameForAnalyzerOut()) } // detail prefix := "Egress" @@ -246,9 +246,9 @@ func (psr *privateSubnetRule) String(detail bool) string { prefix += " to public internet is" if psr.subnet.IsPrivate() { - return fmt.Sprintf("%s blocked since subnet %s is private\n", prefix, psr.subnet.Name()) + return fmt.Sprintf("%s blocked since subnet %s is private\n", prefix, psr.subnet.NameForAnalyzerOut()) } - return fmt.Sprintf("%s allowed since subnet %s is public\n", prefix, psr.subnet.Name()) + return fmt.Sprintf("%s allowed since subnet %s is public\n", prefix, psr.subnet.NameForAnalyzerOut()) } func (s *Subnet) GetPrivateSubnetRule(src, dst vpcmodel.Node) vpcmodel.PrivateSubnetRule { diff --git a/pkg/ibmvpc/connectivityAnalysis_test.go b/pkg/ibmvpc/connectivityAnalysis_test.go index 9128748f4..5a99dd68d 100644 --- a/pkg/ibmvpc/connectivityAnalysis_test.go +++ b/pkg/ibmvpc/connectivityAnalysis_test.go @@ -282,7 +282,7 @@ func addInterfaceNode(config *vpcmodel.VPCConfig, name, address, vsiName, subnet } // add references between subnet to interface (both directions) for _, subnet := range config.Subnets { - if subnet.Name() == subnetName { + if subnet.NameForAnalyzerOut() == subnetName { subnetActual := subnet.(*commonvpc.Subnet) intfNode.SubnetResource = subnetActual subnetActual.VPCnodes = append(subnetActual.VPCnodes, intfNode) diff --git a/pkg/ibmvpc/ibmDrawioGenerator.go b/pkg/ibmvpc/ibmDrawioGenerator.go index 58453cbbd..6fc09f8d9 100644 --- a/pkg/ibmvpc/ibmDrawioGenerator.go +++ b/pkg/ibmvpc/ibmDrawioGenerator.go @@ -22,12 +22,12 @@ func (pip *PrivateIP) ShowOnSubnetMode() bool { return false } func (n *IKSNode) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { return drawio.NewNITreeNode( - gen.TreeNode(n.Subnet()).(drawio.SquareTreeNodeInterface), n.Name(), false) + gen.TreeNode(n.Subnet()).(drawio.SquareTreeNodeInterface), n.NameForAnalyzerOut(), false) } func (r *ReservedIP) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { return drawio.NewResIPTreeNode( - gen.TreeNode(r.Subnet()).(drawio.SquareTreeNodeInterface), r.Name()) + gen.TreeNode(r.Subnet()).(drawio.SquareTreeNodeInterface), r.NameForAnalyzerOut()) } func (v *Vpe) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { @@ -39,27 +39,27 @@ func (v *Vpe) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeN resIPs[i] = gen.TreeNode(resIP) } vpcTn := gen.TreeNode(v.VPC()).(drawio.SquareTreeNodeInterface) - return drawio.GroupResIPsWithVpe(vpcTn, v.Name(), resIPs) + return drawio.GroupResIPsWithVpe(vpcTn, v.NameForAnalyzerOut(), resIPs) } func (pgw *PublicGateway) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { // todo - how to handle this error: zone, _ := pgw.Zone() zoneTn := gen.TreeNode(zone).(*drawio.ZoneTreeNode) - return drawio.NewGatewayTreeNode(zoneTn, pgw.Name()) + return drawio.NewGatewayTreeNode(zoneTn, pgw.NameForAnalyzerOut()) } func (fip *FloatingIP) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { // todo - what if r.Src() is not at size of one? itn := gen.TreeNode(fip.Sources()[0]) if itn != nil { - itn.(drawio.IconTreeNodeInterface).SetFIP(fip.Name()) + itn.(drawio.IconTreeNodeInterface).SetFIP(fip.NameForAnalyzerOut()) } return itn } func (tgw *TransitGateway) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { - return drawio.NewTransitGatewayTreeNode(gen.TreeNode(tgw.Region()).(*drawio.RegionTreeNode), tgw.Name()) + return drawio.NewTransitGatewayTreeNode(gen.TreeNode(tgw.Region()).(*drawio.RegionTreeNode), tgw.NameForAnalyzerOut()) } func (lb *LoadBalancer) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { if len(lb.Nodes()) == 0 { @@ -72,13 +72,12 @@ func (lb *LoadBalancer) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) dr } } vpcTn := gen.TreeNode(lb.VPC()).(drawio.SquareTreeNodeInterface) - // here we do not call lb.Name() because lb.Name() add the kind to the name - return drawio.GroupPrivateIPsWithLoadBalancer(vpcTn, lb.ResourceName, privateIPs) + return drawio.GroupPrivateIPsWithLoadBalancer(vpcTn, lb.Name(), privateIPs) } func (pip *PrivateIP) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { if gen.LBAbstraction() { return nil } return drawio.NewPrivateIPTreeNode( - gen.TreeNode(pip.Subnet()).(drawio.SquareTreeNodeInterface), pip.Name(), pip.original) + gen.TreeNode(pip.Subnet()).(drawio.SquareTreeNodeInterface), pip.NameForAnalyzerOut(), pip.original) } diff --git a/pkg/ibmvpc/implicit_routing.go b/pkg/ibmvpc/implicit_routing.go index 9aa3c97d6..4205da874 100644 --- a/pkg/ibmvpc/implicit_routing.go +++ b/pkg/ibmvpc/implicit_routing.go @@ -111,7 +111,7 @@ func (rt *systemImplicitRT) getIngressPath(dest *ipblock.IPBlock) (vpcmodel.Path // traffic from some source is by default simply routed to dest node path := rt.destAsPath(dest) if len(path) == 0 { - return nil, fmt.Errorf("getIngressPath: failed to find path to dest resource address %s in VPC %s", dest.String(), rt.vpc.Name()) + return nil, fmt.Errorf("getIngressPath: failed to find path to dest resource address %s in VPC %s", dest.String(), rt.vpc.NameForAnalyzerOut()) } return path, nil } diff --git a/pkg/ibmvpc/parser.go b/pkg/ibmvpc/parser.go index 4b1c9dc3a..bb73e744b 100644 --- a/pkg/ibmvpc/parser.go +++ b/pkg/ibmvpc/parser.go @@ -249,7 +249,7 @@ func (rc *IBMresourcesContainer) getRoutingTables( // skipping this rt continue } - logging.Debugf("add rt %s for vpc %s\n", rtObj.Name(), vpcUID) + logging.Debugf("add rt %s for vpc %s\n", rtObj.NameForAnalyzerOut(), vpcUID) vpcConfig.AddRoutingTable(rtObj) res.SetConfig(vpcUID, vpcConfig) @@ -1060,7 +1060,7 @@ func getSubnetFromObject(subnetObj vpc1.SubnetReference, vpcConfig *vpcmodel.VPC if subnetRes, ok = vpcConfig.UIDToResource[*subnetObj.CRN]; !ok { return nil, fmt.Errorf("subnet %s is missing from config of vpc %s", *subnetObj.Name, - vpcConfig.VPC.Name(), + vpcConfig.VPC.NameForAnalyzerOut(), ) } if subnet, ok = subnetRes.(*commonvpc.Subnet); !ok { @@ -1414,7 +1414,7 @@ func getLoadBalancerIPs(vpcConfig *vpcmodel.VPCConfig, continue default: // subnet does not have a private IP, we create unique ip info - name = "pip-name-of-" + subnet.Name() + "-" + *loadBalancerObj.Name + name = "pip-name-of-" + subnet.NameForAnalyzerOut() + "-" + *loadBalancerObj.Name id = "pip-uid-of-" + subnet.UID() + *loadBalancerObj.ID var err error address, err = subnetsBlocks.allocSubnetFreeAddress(*subnetObj.CRN, blockIndex) @@ -1478,7 +1478,7 @@ func createPrivateIP(name, id, address, publicAddress string, if publicAddress != "" { routerFip := &FloatingIP{ VPCResource: vpcmodel.VPCResource{ - ResourceName: "fip-name-of-" + privateIP.Name(), + ResourceName: "fip-name-of-" + privateIP.NameForAnalyzerOut(), ResourceUID: "fip-uid-of-" + privateIP.UID(), Zone: privateIP.ZoneName(), ResourceType: commonvpc.ResourceTypeFloatingIP, @@ -1499,11 +1499,11 @@ func printVPCConfigs(c *vpcmodel.MultipleVPCConfigs) { } fmt.Println("VPCs to analyze:") for vpcUID, config := range c.Configs() { - logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.Name()) + logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.NameForAnalyzerOut()) } commonvpc.PrintLineSection() for vpcUID, config := range c.Configs() { - logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.Name()) + logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.NameForAnalyzerOut()) printConfig(config) } commonvpc.PrintLineSection() @@ -1517,19 +1517,19 @@ func printConfig(c *vpcmodel.VPCConfig) { if n.IsExternal() { continue } - logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.Name(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(), n.UID()}, separator)) } logging.Debug("Subnets:") for _, n := range c.Subnets { - logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.Name(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(), n.UID()}, separator)) } logging.Debug("LoadBalancers:") for _, lb := range c.LoadBalancers { - logging.Debug(strings.Join([]string{lb.Kind(), lb.Name(), lb.AddressRange().ToIPRanges(), lb.UID()}, separator)) + logging.Debug(strings.Join([]string{lb.Kind(), lb.NameForAnalyzerOut(), lb.AddressRange().ToIPRanges(), lb.UID()}, separator)) } logging.Debug("NodeSets:") for _, n := range c.NodeSets { - logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.Name(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(), n.UID()}, separator)) } logging.Debug("FilterResources:") for _, f := range c.FilterResources { @@ -1554,14 +1554,14 @@ func printConfig(c *vpcmodel.VPCConfig) { } logging.Debug("RoutingResources:") for _, r := range c.RoutingResources { - logging.Debug(strings.Join([]string{r.Kind(), r.Name(), r.UID()}, separator)) + logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(), r.UID()}, separator)) if tgw, ok := r.(*TransitGateway); ok { printTGWAvailableRoutes(tgw) } } logging.Debug("RoutingTables:") for _, r := range c.RoutingTables { - logging.Debug(strings.Join([]string{r.Kind(), r.Name(), r.UID(), "vpc:", r.VPC().UID()}, separator)) + logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(), r.UID(), "vpc:", r.VPC().UID()}, separator)) if rt, ok := r.(*ingressRoutingTable); ok { logging.Debug("ingress routing table") logging.Debug(rt.string()) @@ -1572,7 +1572,7 @@ func printConfig(c *vpcmodel.VPCConfig) { logging.Debug("subnets:") subnetsList := make([]string, len(rt.subnets)) for i := range rt.subnets { - subnetsList[i] = rt.subnets[i].Name() + subnetsList[i] = rt.subnets[i].NameForAnalyzerOut() } logging.Debug(strings.Join(subnetsList, ",")) } diff --git a/pkg/ibmvpc/routing_tables_analysis.go b/pkg/ibmvpc/routing_tables_analysis.go index f632091ab..fa4b891f7 100644 --- a/pkg/ibmvpc/routing_tables_analysis.go +++ b/pkg/ibmvpc/routing_tables_analysis.go @@ -605,7 +605,7 @@ func (irt *ingressRoutingTable) advertiseRoutes(vpcConfig *vpcmodel.VPCConfig) { if !routeObj.advertise { continue } - logging.Debugf("rt %s - try to advertise route with dest %s", irt.Name(), routeObj.destination) + logging.Debugf("rt %s - try to advertise route with dest %s", irt.NameForAnalyzerOut(), routeObj.destination) routeCidr := routeObj.destIPBlock tgws := getTGWs(vpcConfig) @@ -618,12 +618,12 @@ func (irt *ingressRoutingTable) advertiseRoutes(vpcConfig *vpcmodel.VPCConfig) { var tgwAB *TransitGateway for _, tgw := range tgws { for _, vpc := range tgw.vpcs { - logging.Debugf("check tgw %s with vpc %s, AP %s", tgw.Name(), vpc.Name(), vpc.AddressPrefixesIPBlock.ToCidrListString()) + logging.Debugf("check tgw %s with vpc %s, AP %s", tgw.NameForAnalyzerOut(), vpc.NameForAnalyzerOut(), vpc.AddressPrefixesIPBlock.ToCidrListString()) // TODO: shouldn't be containment rather than intersection?? (works with intersection on hub-n-spoke config object) if vpc.UID() != irt.vpc.UID() && routeCidr.Overlap(vpc.AddressPrefixesIPBlock) { vpcB = vpc tgwAB = tgw - logging.Debugf("found tgwAB: %s, vpcB: %s ", tgwAB.Name(), vpcB.Name()) + logging.Debugf("found tgwAB: %s, vpcB: %s ", tgwAB.NameForAnalyzerOut(), vpcB.NameForAnalyzerOut()) break } } @@ -649,7 +649,7 @@ func (irt *ingressRoutingTable) advertiseRoutes(vpcConfig *vpcmodel.VPCConfig) { } tgwAC = tgw // the tgw A-C to which should propagate Y (routeCidr) as available "from" vpcA updateTGWWithAdvertisedRoute(tgwAC, irt.vpc, routeCidr) - logging.Debugf("call updateTGWWithAdvertisedRoute for tgw %s, new cidr %s, from vpc %s", tgwAC.Name(), + logging.Debugf("call updateTGWWithAdvertisedRoute for tgw %s, new cidr %s, from vpc %s", tgwAC.NameForAnalyzerOut(), routeCidr.ToCidrListString(), irt.vpc.ResourceName) } } diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index eaf4812a5..f3427aacd 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -37,17 +37,17 @@ type ReservedIP struct { vpe string } -func (r *ReservedIP) Name() string { +func (r *ReservedIP) NameForAnalyzerOut() string { return nameWithBracketsInfo(r.vpe, r.Address()) } func (r *ReservedIP) ExtendedName(c *vpcmodel.VPCConfig) string { - return r.ExtendedPrefix(c) + r.Name() + return r.ExtendedPrefix(c) + r.NameForAnalyzerOut() } // used for synthesis output func (r *ReservedIP) SynthesisResourceName() string { - return r.VPC().Name() + vpcmodel.Deliminator + r.vpe + return r.VPC().NameForAnalyzerOut() + vpcmodel.Deliminator + r.vpe } func (r *ReservedIP) SynthesisKind() spec.ResourceType { @@ -66,7 +66,7 @@ type PrivateIP struct { block *ipblock.IPBlock } -func (pip *PrivateIP) Name() string { +func (pip *PrivateIP) NameForAnalyzerOut() string { kind := "LB private IP" address := pip.Address() if !pip.original { @@ -74,12 +74,12 @@ func (pip *PrivateIP) Name() string { // todo - use ToRangesListString() instead of ListToPrint() address = strings.Join(pip.block.ListToPrint(), ",") } - name := nameWithBracketsInfo(pip.loadBalancer.ResourceName, kind) + name := nameWithBracketsInfo(pip.loadBalancer.NameForAnalyzerOut(), kind) return nameWithBracketsInfo(name, address) } func (pip *PrivateIP) ExtendedName(c *vpcmodel.VPCConfig) string { - return pip.ExtendedPrefix(c) + pip.Name() + return pip.ExtendedPrefix(c) + pip.NameForAnalyzerOut() } // AbstractedToNodeSet returns the pip load balancer if it was abstracted @@ -103,12 +103,12 @@ func (n *IKSNode) VsiName() string { return "" } -func (n *IKSNode) Name() string { - return nameWithBracketsInfo(n.ResourceName, n.Address()) +func (n *IKSNode) NameForAnalyzerOut() string { + return nameWithBracketsInfo(n.Name(), n.Address()) } func (n *IKSNode) ExtendedName(c *vpcmodel.VPCConfig) string { - return n.ExtendedPrefix(c) + n.Name() + return n.ExtendedPrefix(c) + n.NameForAnalyzerOut() } // vpe can be in multiple zones - depending on the zones of its network interfaces.. @@ -232,10 +232,10 @@ func (lbr *LoadBalancerRule) IsIngress() bool { func (lbr *LoadBalancerRule) String(detail bool) string { if lbr.Deny(false) { return fmt.Sprintf("%s will not connect to %s, since it is not its pool member\n", - lbr.lb.nameWithKind(), lbr.dst.Name()) + lbr.lb.nameWithKind(), lbr.dst.NameForAnalyzerOut()) } return fmt.Sprintf("%s may initiate a connection to %s, which is one of its pool members\n", - lbr.lb.nameWithKind(), lbr.dst.Name()) + lbr.lb.nameWithKind(), lbr.dst.NameForAnalyzerOut()) } // routing resource elements @@ -493,7 +493,7 @@ func (tgw *TransitGateway) tgwPrefixStr(tc *datamodel.TransitConnection, } if len(tc.PrefixFilters) < prefixIndx+1 { return "", "", fmt.Errorf("np-guard error: prefix index %d does not exists in transit connection %s of transit gateway %s", - prefixIndx, *tc.Name, tgw.Name()) + prefixIndx, *tc.Name, tgw.NameForAnalyzerOut()) } prefixFilter := tc.PrefixFilters[prefixIndx] actionName, err = actionNameStr(prefixFilter.Action) @@ -579,7 +579,7 @@ func (tgw *TransitGateway) stringPrefixFiltersVerbose(transitConn *datamodel.Tra action = "blocks" } thisPrefixStr = fmt.Sprintf("\ttransit gateway %s %s connection via transit connection %s "+ - "with the following prefix filter\n%s%s\n", tgw.Name(), action, *transitConn.Name, + "with the following prefix filter\n%s%s\n", tgw.NameForAnalyzerOut(), action, *transitConn.Name, doubleTab, tgwRouterFilterDetails) strRes = append(strRes, thisPrefixStr) } @@ -590,7 +590,7 @@ func (tgw *TransitGateway) stringPrefixFiltersVerbose(transitConn *datamodel.Tra // prints a matching non-verbose header func (tgw *TransitGateway) stringPrefixFiltersNoVerbose(transitConn *datamodel.TransitConnection, rulesType vpcmodel.RulesType) string { - noVerboseStr := fmt.Sprintf("cross-vpc-connection: transit-connection %s of transit-gateway %s ", *transitConn.Name, tgw.Name()) + noVerboseStr := fmt.Sprintf("cross-vpc-connection: transit-connection %s of transit-gateway %s ", *transitConn.Name, tgw.NameForAnalyzerOut()) switch rulesType { case vpcmodel.OnlyAllow: return noVerboseStr + "allows connection" diff --git a/pkg/linter/lintRuleCIDROutOfRange.go b/pkg/linter/lintRuleCIDROutOfRange.go index 40d5650cb..f74df1ee2 100644 --- a/pkg/linter/lintRuleCIDROutOfRange.go +++ b/pkg/linter/lintRuleCIDROutOfRange.go @@ -91,7 +91,7 @@ func (finding *ruleNonRelevantCIDR) vpc() []vpcmodel.VPCResourceIntf { func (finding *ruleNonRelevantCIDR) string() string { rule := finding.rule - strPrefix := fmt.Sprintf("In VPC %q, %s %q ", finding.vpcResource.Name(), finding.rule.Filter.LayerName, + strPrefix := fmt.Sprintf("In VPC %q, %s %q ", finding.vpcResource.NameForAnalyzerOut(), finding.rule.Filter.LayerName, rule.Filter.FilterName) if rule.IsIngress { strPrefix += fmt.Sprintf("ingress rule with destination %s ", finding.rule.DstCidr.String()) @@ -114,7 +114,7 @@ func (finding *ruleNonRelevantCIDR) toJSON() any { rule := finding.rule table := vpcmodel.Filter{LayerName: rule.Filter.LayerName, FilterName: rule.Filter.FilterName} - res := rulesNonRelevantCIDRJSON{VpcName: finding.vpc()[0].Name(), Rule: vpcmodel.RuleOfFilter{Filter: table, + res := rulesNonRelevantCIDRJSON{VpcName: finding.vpc()[0].NameForAnalyzerOut(), Rule: vpcmodel.RuleOfFilter{Filter: table, RuleIndex: rule.RuleIndex, RuleDesc: rule.RuleDesc}, VpcAddressRange: finding.vpcResource.AddressRange().String()} return res diff --git a/pkg/linter/lintRuleShadowedOrImplied.go b/pkg/linter/lintRuleShadowedOrImplied.go index 4896ea7db..76b4a134c 100644 --- a/pkg/linter/lintRuleShadowedOrImplied.go +++ b/pkg/linter/lintRuleShadowedOrImplied.go @@ -191,7 +191,7 @@ func (finding *ruleRedundant) vpc() []vpcmodel.VPCResourceIntf { func (finding *ruleRedundant) string() string { rule := finding.rule strResPrefix := fmt.Sprintf("In VPC %q, %s %q rule is ", - finding.vpcResource.Name(), finding.rule.Filter.LayerName, rule.Filter.FilterName) + finding.vpcResource.NameForAnalyzerOut(), finding.rule.Filter.LayerName, rule.Filter.FilterName) if rule.Filter.LayerName == NetworkACL { if len(finding.containRules) == 1 { strResPrefix += "shadowed by a higher priority rule" @@ -241,7 +241,7 @@ func (finding *ruleRedundant) toJSON() any { containRules[i] = *rule i++ } - res := ruleRedundantJSON{VpcName: finding.vpc()[0].Name(), Rule: vpcmodel.RuleOfFilter{Filter: table, + res := ruleRedundantJSON{VpcName: finding.vpc()[0].NameForAnalyzerOut(), Rule: vpcmodel.RuleOfFilter{Filter: table, RuleIndex: rule.RuleIndex, RuleDesc: rule.RuleDesc}, ContainRules: containRules} return res } diff --git a/pkg/linter/lintRuleSplitSubnet.go b/pkg/linter/lintRuleSplitSubnet.go index 6b3535e59..682f1b165 100644 --- a/pkg/linter/lintRuleSplitSubnet.go +++ b/pkg/linter/lintRuleSplitSubnet.go @@ -101,7 +101,7 @@ func (finding *splitRuleSubnet) string() string { rule := finding.rule subnetsStrSlice := make([]string, len(finding.splitSubnets)) for i, subnet := range finding.splitSubnets { - subnetsStrSlice[i] = fmt.Sprintf("%q (%s)", subnet.Name(), subnet.CIDR()) + subnetsStrSlice[i] = fmt.Sprintf("%q (%s)", subnet.NameForAnalyzerOut(), subnet.CIDR()) } subnetStr := strings.Join(subnetsStrSlice, ", ") if len(subnetsStrSlice) > 1 { @@ -110,7 +110,7 @@ func (finding *splitRuleSubnet) string() string { subnetStr = "subnet " + subnetStr } return fmt.Sprintf("In VPC %q, %s %q rule splits %s.\n\tRule details: %s", - finding.vpc()[0].Name(), finding.rule.Filter.LayerName, rule.Filter.FilterName, subnetStr, + finding.vpc()[0].NameForAnalyzerOut(), finding.rule.Filter.LayerName, rule.Filter.FilterName, subnetStr, strings.ReplaceAll(rule.RuleDesc, "\n", "")) } @@ -125,11 +125,11 @@ func (finding *splitRuleSubnet) toJSON() any { rule := finding.rule splitSubnetsJSON := make([]subnetJSON, len(finding.splitSubnets)) for i, splitSubnet := range finding.splitSubnets { - splitSubnetsJSON[i] = subnetJSON{Name: splitSubnet.Name(), CIDR: splitSubnet.CIDR()} + splitSubnetsJSON[i] = subnetJSON{Name: splitSubnet.NameForAnalyzerOut(), CIDR: splitSubnet.CIDR()} } table := vpcmodel.Filter{LayerName: rule.Filter.LayerName, FilterName: rule.Filter.FilterName} - res := splitRuleSubnetJSON{VpcName: finding.vpc()[0].Name(), Rule: vpcmodel.RuleOfFilter{Filter: table, + res := splitRuleSubnetJSON{VpcName: finding.vpc()[0].NameForAnalyzerOut(), Rule: vpcmodel.RuleOfFilter{Filter: table, RuleIndex: rule.RuleIndex, RuleDesc: rule.RuleDesc}, SplitSubnets: splitSubnetsJSON} return res diff --git a/pkg/linter/lintSubnetCIDROverlap.go b/pkg/linter/lintSubnetCIDROverlap.go index 39acb10e8..84f57b9ce 100644 --- a/pkg/linter/lintSubnetCIDROverlap.go +++ b/pkg/linter/lintSubnetCIDROverlap.go @@ -75,12 +75,12 @@ func (finding *overlapSubnets) vpc() []vpcmodel.VPCResourceIntf { func (finding *overlapSubnets) string() string { subnet1 := finding.overlapSubnets[0] subnet2 := finding.overlapSubnets[1] - return fmt.Sprintf("VPC %q's %s and VPC %q's %s overlap", subnet1.VPC().Name(), subnetStr(subnet1), - subnet2.VPC().Name(), subnetStr(subnet2)) + return fmt.Sprintf("VPC %q's %s and VPC %q's %s overlap", subnet1.VPC().NameForAnalyzerOut(), subnetStr(subnet1), + subnet2.VPC().NameForAnalyzerOut(), subnetStr(subnet2)) } func subnetStr(subnet vpcmodel.Subnet) string { - return fmt.Sprintf("subnet %q [%s]", subnet.Name(), subnet.CIDR()) + return fmt.Sprintf("subnet %q [%s]", subnet.NameForAnalyzerOut(), subnet.CIDR()) } // for json: details of overlapping subnets @@ -98,8 +98,8 @@ type subnetJSON struct { func (finding *overlapSubnets) toJSON() any { overlapsSubnetsJSON := make([]subnetJSON, 2) for i := range finding.overlapSubnets { - overlapsSubnetsJSON[i] = subnetJSON{Name: finding.overlapSubnets[i].Name(), - VpcName: finding.overlapSubnets[i].VPC().Name(), CIDR: finding.overlapSubnets[i].CIDR()} + overlapsSubnetsJSON[i] = subnetJSON{Name: finding.overlapSubnets[i].NameForAnalyzerOut(), + VpcName: finding.overlapSubnets[i].VPC().NameForAnalyzerOut(), CIDR: finding.overlapSubnets[i].CIDR()} } res := overlapSubnetsJSON{OverlapSubnets: overlapsSubnetsJSON, OverlapCidr: finding.overlapIPBlocks.String()} return res diff --git a/pkg/linter/lintTCPReposnseBlocked.go b/pkg/linter/lintTCPReposnseBlocked.go index b2678c349..b8a73db77 100644 --- a/pkg/linter/lintTCPReposnseBlocked.go +++ b/pkg/linter/lintTCPReposnseBlocked.go @@ -76,7 +76,7 @@ func (finding *blockedTCPResponseConn) string() string { vpcSrcName := finding.getVpcName(0) vpcDstName := finding.getVpcName(1) srcToDstStr := fmt.Sprintf("from \"%v%s\" to \"%v%s\"", - vpcSrcName, finding.src.Name(), vpcDstName, finding.dst.Name()) + vpcSrcName, finding.src.NameForAnalyzerOut(), vpcDstName, finding.dst.NameForAnalyzerOut()) return fmt.Sprintf("In the connection %s %s response is blocked", srcToDstStr, strings.ReplaceAll(finding.tcpRspDisable.String(), "protocol: ", "")) @@ -84,7 +84,7 @@ func (finding *blockedTCPResponseConn) string() string { func (finding *blockedTCPResponseConn) getVpcName(i int) string { if finding.vpc()[i] != nil { // nil if external address - return finding.vpc()[i].Name() + deliminator + return finding.vpc()[i].NameForAnalyzerOut() + deliminator } return "" } @@ -97,9 +97,9 @@ type blockedTCPResponseConnJSON struct { } func (finding *blockedTCPResponseConn) toJSON() any { - vpcSrcName := finding.vpc()[0].Name() - vpcDstName := finding.vpc()[1].Name() - res := blockedTCPResponseConnJSON{Src: vpcSrcName + deliminator + finding.src.Name(), - Dst: vpcDstName + deliminator + finding.dst.Name(), TCPRspDisable: connection.ToJSON(finding.tcpRspDisable)} + vpcSrcName := finding.vpc()[0].NameForAnalyzerOut() + vpcDstName := finding.vpc()[1].NameForAnalyzerOut() + res := blockedTCPResponseConnJSON{Src: vpcSrcName + deliminator + finding.src.NameForAnalyzerOut(), + Dst: vpcDstName + deliminator + finding.dst.NameForAnalyzerOut(), TCPRspDisable: connection.ToJSON(finding.tcpRspDisable)} return res } diff --git a/pkg/linter/lintUnattached.go b/pkg/linter/lintUnattached.go index b939c2cde..5c4a1c651 100644 --- a/pkg/linter/lintUnattached.go +++ b/pkg/linter/lintUnattached.go @@ -76,7 +76,7 @@ func (finding *nonConnectedTable) vpc() []vpcmodel.VPCResourceIntf { } func (finding *nonConnectedTable) string() string { - return fmt.Sprintf("In VPC %q, %s %q has no resources attached to it", finding.vpc()[0].Name(), + return fmt.Sprintf("In VPC %q, %s %q has no resources attached to it", finding.vpc()[0].NameForAnalyzerOut(), finding.layerName, finding.table.FilterName) } @@ -87,5 +87,5 @@ type nonConnectedTableJSON struct { } func (finding *nonConnectedTable) toJSON() any { - return nonConnectedTableJSON{vpcName: finding.vpc()[0].Name(), layerName: finding.layerName, tableName: finding.table.FilterName} + return nonConnectedTableJSON{vpcName: finding.vpc()[0].NameForAnalyzerOut(), layerName: finding.layerName, tableName: finding.table.FilterName} } diff --git a/pkg/vpcmodel/abstractVPC.go b/pkg/vpcmodel/abstractVPC.go index 69aa0b766..e102d66af 100644 --- a/pkg/vpcmodel/abstractVPC.go +++ b/pkg/vpcmodel/abstractVPC.go @@ -21,6 +21,7 @@ const ( type VPCResourceIntf interface { UID() string Name() string + NameForAnalyzerOut() string // ExtendedName returns a resource name that includes its VPC as prefix when necessary. // for example, a subnet with name "s1" within VPC "v1" will have extended name: "v1/s1" // note this method is relevant only for Node and Subnet objects. @@ -50,7 +51,7 @@ type VPCResource struct { func (n *VPCResource) ExtendedPrefix(c *VPCConfig) string { if c.IsMultipleVPCsConfig { - return n.VPC().Name() + Deliminator + return n.VPC().NameForAnalyzerOut() + Deliminator } return "" } @@ -59,8 +60,12 @@ func (n *VPCResource) Name() string { return n.ResourceName } +func (n *VPCResource) NameForAnalyzerOut() string { + return n.ResourceName +} + func (n *VPCResource) SynthesisResourceName() string { - return n.VPC().Name() + Deliminator + n.ResourceName + return n.VPC().NameForAnalyzerOut() + Deliminator + n.ResourceName } func (n *VPCResource) SynthesisKind() spec.ResourceType { @@ -68,7 +73,7 @@ func (n *VPCResource) SynthesisKind() spec.ResourceType { } func (n *VPCResource) ExtendedName(c *VPCConfig) string { - return n.ExtendedPrefix(c) + n.Name() + return n.ExtendedPrefix(c) + n.NameForAnalyzerOut() } func (n *VPCResource) UID() string { @@ -95,7 +100,7 @@ func (n *VPCResource) RegionName() string { } func (n *VPCResource) NameAndUID() string { - return n.Name() + leftParentheses + n.UID() + rightParentheses + return n.NameForAnalyzerOut() + leftParentheses + n.UID() + rightParentheses } // todo: define enum for filters diff --git a/pkg/vpcmodel/drawioGenerator.go b/pkg/vpcmodel/drawioGenerator.go index 96c452537..0e51097bc 100644 --- a/pkg/vpcmodel/drawioGenerator.go +++ b/pkg/vpcmodel/drawioGenerator.go @@ -92,7 +92,7 @@ func (g *groupedEndpointsElems) GenerateDrawioTreeNode(gen *DrawioGenerator) dra groupedIconsTNs[i] = gen.TreeNode(node).(drawio.IconTreeNodeInterface) } subnetTn := groupedIconsTNs[0].Parent().(*drawio.SubnetTreeNode) - return drawio.NewGroupSquareTreeNode(subnetTn, groupedIconsTNs, g.Name()) + return drawio.NewGroupSquareTreeNode(subnetTn, groupedIconsTNs, g.NameForAnalyzerOut()) } func (g *groupedExternalNodes) GenerateDrawioTreeNode(gen *DrawioGenerator) drawio.TreeNodeInterface { diff --git a/pkg/vpcmodel/explainabilityConnectivity.go b/pkg/vpcmodel/explainabilityConnectivity.go index 5dfe27dca..3be0f479c 100644 --- a/pkg/vpcmodel/explainabilityConnectivity.go +++ b/pkg/vpcmodel/explainabilityConnectivity.go @@ -429,7 +429,7 @@ func (c *VPCConfig) getConnectedResource(node Node) (VPCResourceIntf, error) { func (c *VPCConfig) getContainingConfigNode(node Node) (Node, error) { nodeIPBlock := node.IPBlock() if nodeIPBlock == nil { // string cidr does not represent a legal cidr, would be handled earlier - return nil, fmt.Errorf("node %v does not refer to a legal IP", node.Name()) + return nil, fmt.Errorf("node %v does not refer to a legal IP", node.NameForAnalyzerOut()) } for _, configNode := range c.Nodes { if configNode.IsInternal() { @@ -479,14 +479,14 @@ func (v *VPCConnectivity) getConnection(c *VPCConfig, src, dst Node) (conn *deta } errMsg := "could not find containing config node for %v" if srcForConnection == nil { - return nil, fmt.Errorf(errMsg, src.Name()) + return nil, fmt.Errorf(errMsg, src.NameForAnalyzerOut()) } dstForConnection, err2 := c.getConnectedResource(dst) if err2 != nil { return nil, err2 } if dstForConnection == nil { - return nil, fmt.Errorf(errMsg, dst.Name()) + return nil, fmt.Errorf(errMsg, dst.NameForAnalyzerOut()) } var ok bool srcMapValue, ok := v.AllowedConnsCombinedResponsive[srcForConnection] @@ -495,7 +495,7 @@ func (v *VPCConnectivity) getConnection(c *VPCConfig, src, dst Node) (conn *deta } if !ok { return nil, fmt.Errorf("error: there is a connection between %v and %v, but connection computation failed", - srcForConnection.Name(), dstForConnection.Name()) + srcForConnection.NameForAnalyzerOut(), dstForConnection.NameForAnalyzerOut()) } return conn, nil } diff --git a/pkg/vpcmodel/explainabilityInput.go b/pkg/vpcmodel/explainabilityInput.go index 92b5942dc..1b811aae9 100644 --- a/pkg/vpcmodel/explainabilityInput.go +++ b/pkg/vpcmodel/explainabilityInput.go @@ -208,7 +208,7 @@ func (c *MultipleVPCConfigs) listNamesCfg(configsWithSrcDstNode map[string]srcAn matchConfigs := make([]string, len(configsWithSrcDstNode)) for vpcUID := range configsWithSrcDstNode { // the endpoints are in more than one config; lists all the configs it is in for the error msg - matchConfigs[i] = c.Config(vpcUID).VPC.Name() + matchConfigs[i] = c.Config(vpcUID).VPC.NameForAnalyzerOut() i++ } sort.Strings(matchConfigs) @@ -225,9 +225,9 @@ func (c *MultipleVPCConfigs) listNamesCrossVpcRouters( routingResources := c.Config(vpcUID).RoutingResources if len(routingResources) != 1 { return "", fmt.Errorf("np-guard error: multi-vpc config %s should have a single routing resource, "+ - "but has %v routing resources", c.Config(vpcUID).VPC.Name(), len(routingResources)) + "but has %v routing resources", c.Config(vpcUID).VPC.NameForAnalyzerOut(), len(routingResources)) } - crossVpcRouters[i] = routingResources[0].Name() + crossVpcRouters[i] = routingResources[0].NameForAnalyzerOut() i++ } sort.Strings(crossVpcRouters) @@ -335,7 +335,7 @@ func (c *VPCConfig) getNodesOfEndpoint(name string) ([]Node, int, error) { endpoint = cidrOrNameSlice[1] } for _, nodeSet := range append(c.NodeSets, c.loadBalancersAsNodeSets()...) { - if (vpc == "" || nodeSet.VPC().Name() == vpc) && nodeSet.Name() == endpoint || // if vpc of endpoint specified, equality must hold + if (vpc == "" || nodeSet.VPC().NameForAnalyzerOut() == vpc) && nodeSet.NameForAnalyzerOut() == endpoint || // if vpc of endpoint specified, equality must hold nodeSet.UID() == uid { if nodeSetOfEndpoint != nil { return nil, fatalErr, fmt.Errorf("ambiguity - the configuration contains multiple resources named %s, "+ diff --git a/pkg/vpcmodel/explainabilityPrint.go b/pkg/vpcmodel/explainabilityPrint.go index d17e1461e..571f56d63 100644 --- a/pkg/vpcmodel/explainabilityPrint.go +++ b/pkg/vpcmodel/explainabilityPrint.go @@ -31,7 +31,7 @@ func explainHeader(explanation *Explanation) string { singleVpcContext := "" // communication within a single vpc if explanation.c != nil && !explanation.c.IsMultipleVPCsConfig { - singleVpcContext = fmt.Sprintf(" within %v", explanation.c.VPC.Name()) + singleVpcContext = fmt.Sprintf(" within %v", explanation.c.VPC.NameForAnalyzerOut()) } title := fmt.Sprintf("Explaining connectivity from %s to %s%s%s", explanation.src, explanation.dst, singleVpcContext, connHeader(explanation.connQuery)) @@ -135,7 +135,7 @@ func (g *groupedConnLine) explainabilityLineStr(c *VPCConfig, connQuery *connect externalRouter, crossVpcRouter, crossVpcRules := expDetails.externalRouter, expDetails.crossVpcRouter, expDetails.crossVpcRules privateSubnetRule := g.CommonProperties.expDetails.privateSubnetRule if externalRouter != nil && isExternal { - externalRouterHeader = "External traffic via " + externalRouter.Kind() + ": " + externalRouter.Name() + newLine + externalRouterHeader = "External traffic via " + externalRouter.Kind() + ": " + externalRouter.NameForAnalyzerOut() + newLine } if loadBalancerRule != nil { loadBalancerHeader = "Load Balancer: " + loadBalancerRule.String(true) @@ -391,7 +391,7 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src externalRouter, crossVpcRouter RoutingResource, crossVpcConnection *connection.Set, rules *rulesConnection, privateSubnetRule PrivateSubnetRule) string { var pathSlice []string - pathSlice = append(pathSlice, "\t"+src.Name()) + pathSlice = append(pathSlice, "\t"+src.NameForAnalyzerOut()) if loadBalancerBlocking { // todo: add loadBalancer as part of the path and also as blocking??? separate PR? // connection is stopped at the src itself: @@ -409,20 +409,20 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src return blockedPathStr(pathSlice) } if isExternal { - externalRouterStr := newLineTab + externalRouter.Kind() + space + externalRouter.Name() + externalRouterStr := newLineTab + externalRouter.Kind() + space + externalRouter.NameForAnalyzerOut() // externalRouter is fip - add its cidr if externalRouter.Kind() == fipRouter { externalRouterStr += space + externalRouter.ExternalIP() } pathSlice = append(pathSlice, externalRouterStr) } else if crossVpcRouterInPath { // src and dst are internal and there is a cross vpc Router - pathSlice = append(pathSlice, newLineTab+src.(InternalNodeIntf).Subnet().VPC().Name(), - crossVpcRouter.Kind()+space+crossVpcRouter.Name()) + pathSlice = append(pathSlice, newLineTab+src.(InternalNodeIntf).Subnet().VPC().NameForAnalyzerOut(), + crossVpcRouter.Kind()+space+crossVpcRouter.NameForAnalyzerOut()) if crossVpcConnection.IsEmpty() { // cross vpc (tgw) denys connection pathSlice[len(pathSlice)-1] = blockedLeft + pathSlice[len(pathSlice)-1] // blocking cross-vpc router return blockedPathStr(pathSlice) } - pathSlice = append(pathSlice, dst.(InternalNodeIntf).Subnet().VPC().Name()) + pathSlice = append(pathSlice, dst.(InternalNodeIntf).Subnet().VPC().NameForAnalyzerOut()) } ingressPath := pathOfSingleDirectionStr(allRulesDetails, dst, filtersRelevant, rules, true, privateSubnetRule) pathSlice = append(pathSlice, ingressPath...) @@ -431,9 +431,9 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src } // got here: full path if len(ingressPath) == 0 { - pathSlice = append(pathSlice, newLineTab+dst.Name()) + pathSlice = append(pathSlice, newLineTab+dst.NameForAnalyzerOut()) } else { - pathSlice = append(pathSlice, dst.Name()) + pathSlice = append(pathSlice, dst.NameForAnalyzerOut()) } return strings.Join(pathSlice, arrow) } @@ -492,7 +492,7 @@ func returnPathSlice(isIngress bool, pathSlice []string) []string { func getSubnetStr(node EndpointElem) string { subnet := node.(InternalNodeIntf).Subnet() - return strings.ToLower(subnet.Kind()) + space + subnet.Name() + return strings.ToLower(subnet.Kind()) + space + subnet.NameForAnalyzerOut() } // FilterKindName returns the name of a filter kind within filter layers - e.g. "security group". diff --git a/pkg/vpcmodel/externalNetwork.go b/pkg/vpcmodel/externalNetwork.go index f8f71ae2a..bfea78eca 100644 --- a/pkg/vpcmodel/externalNetwork.go +++ b/pkg/vpcmodel/externalNetwork.go @@ -51,7 +51,7 @@ type ExternalNetwork struct { ipblock *ipblock.IPBlock } -func (exn *ExternalNetwork) UID() string { return exn.Name() } +func (exn *ExternalNetwork) UID() string { return exn.NameForAnalyzerOut() } func (exn *ExternalNetwork) ZoneName() string { return "" } func (exn *ExternalNetwork) RegionName() string { return "" } func (exn *ExternalNetwork) IsExternal() bool { return true } @@ -68,6 +68,10 @@ func (exn *ExternalNetwork) Name() string { return exn.ResourceType + " [" + exn.CidrStr + "]" } +func (exn *ExternalNetwork) NameForAnalyzerOut() string { + return exn.Name() +} + func (exn *ExternalNetwork) SynthesisResourceName() string { return exn.Name() } diff --git a/pkg/vpcmodel/grouping.go b/pkg/vpcmodel/grouping.go index b7a5fdff9..ef56e4a16 100644 --- a/pkg/vpcmodel/grouping.go +++ b/pkg/vpcmodel/grouping.go @@ -141,6 +141,7 @@ type GroupConnLines struct { // EndpointElem can be Node(networkInterface) / groupedExternalNodes / groupedEndpointsElems / NodeSet(subnet or LB) type EndpointElem interface { Name() string + NameForAnalyzerOut() string ExtendedName(*VPCConfig) string UID() string IsExternal() bool @@ -214,7 +215,11 @@ func endpointElemResources(e EndpointElem) []VPCResourceIntf { type groupedEndpointsElems []EndpointElem func (g *groupedEndpointsElems) Name() string { - return listEndpointElemStr(*g, EndpointElem.Name) + return listEndpointElemStr(*g, EndpointElem.NameForAnalyzerOut) +} + +func (g *groupedEndpointsElems) NameForAnalyzerOut() string { + return g.Name() } func (g *groupedEndpointsElems) SynthesisResourceName() string { @@ -227,7 +232,7 @@ func (g *groupedEndpointsElems) SynthesisKind() spec.ResourceType { func (g *groupedEndpointsElems) ExtendedName(c *VPCConfig) string { if !c.IsMultipleVPCsConfig { // this if is so that in relevant unittest we can avoid creating a vpc - return g.Name() + return g.NameForAnalyzerOut() } prefix := "" if vpcResource, ok := (*g)[0].(VPCResourceIntf); ok { @@ -236,9 +241,9 @@ func (g *groupedEndpointsElems) ExtendedName(c *VPCConfig) string { } // add the vpc prefix only once for grouped elements which are always of the same VPC if prefix != "" && len(*g) > 1 { - return prefix + "[" + g.Name() + "]" + return prefix + "[" + g.NameForAnalyzerOut() + "]" } - return prefix + g.Name() + return prefix + g.NameForAnalyzerOut() } func (g *groupedEndpointsElems) UID() string { @@ -265,6 +270,10 @@ func (g *groupedExternalNodes) Name() string { return prefix + g.String() } +func (g *groupedExternalNodes) NameForAnalyzerOut() string { + return g.Name() +} + func (g *groupedExternalNodes) SynthesisResourceName() string { return g.Name() } @@ -411,7 +420,7 @@ func (g *GroupConnLines) addLineToExternalGrouping(res *[]*groupedConnLine, dstNode, dstIsNode := dst.(Node) if dst.IsExternal() && !dstIsNode || src.IsExternal() && !srcIsNode { - return fmt.Errorf("%s or %s is External but not a node", src.Name(), dst.Name()) + return fmt.Errorf("%s or %s is External but not a node", src.NameForAnalyzerOut(), dst.NameForAnalyzerOut()) } if dst.IsExternal() && src.IsExternal() { return fmt.Errorf("unexpected grouping - both src and dst external") diff --git a/pkg/vpcmodel/grouping_test.go b/pkg/vpcmodel/grouping_test.go index b1a8ec50c..33619616c 100644 --- a/pkg/vpcmodel/grouping_test.go +++ b/pkg/vpcmodel/grouping_test.go @@ -70,6 +70,9 @@ func (m *mockNetIntf) UID() string { func (m *mockNetIntf) Name() string { return m.name } +func (m *mockNetIntf) NameForAnalyzerOut() string { + return m.Name() +} func (m *mockNetIntf) SynthesisResourceName() string { return m.name } @@ -115,6 +118,9 @@ func (m *mockSubnet) UID() string { func (m *mockSubnet) Name() string { return m.name } +func (m *mockSubnet) NameForAnalyzerOut() string { + return m.Name() +} func (m *mockSubnet) SynthesisResourceName() string { return m.name } diff --git a/pkg/vpcmodel/jsonOutput.go b/pkg/vpcmodel/jsonOutput.go index 7d24b3b17..1078a708e 100644 --- a/pkg/vpcmodel/jsonOutput.go +++ b/pkg/vpcmodel/jsonOutput.go @@ -39,9 +39,9 @@ func (j *JSONoutputFormatter) WriteOutput(c1, c2 *VPCConfig, outStr, err := writeJSON(all, outFile) v2Name := "" if c2 != nil { - v2Name = c2.VPC.Name() + v2Name = c2.VPC.NameForAnalyzerOut() } - return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.Name(), VPC2Name: v2Name, format: JSON, jsonStruct: all}, err + return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.NameForAnalyzerOut(), VPC2Name: v2Name, format: JSON, jsonStruct: all}, err } type connLine struct { @@ -64,10 +64,10 @@ type diffLine struct { func sortConnLines(connLines []connLine) { sort.Slice(connLines, func(i, j int) bool { - if connLines[i].Src.Name() != connLines[j].Src.Name() { - return connLines[i].Src.Name() < connLines[j].Src.Name() + if connLines[i].Src.NameForAnalyzerOut() != connLines[j].Src.NameForAnalyzerOut() { + return connLines[i].Src.NameForAnalyzerOut() < connLines[j].Src.NameForAnalyzerOut() } - return connLines[i].Dst.Name() < connLines[j].Dst.Name() + return connLines[i].Dst.NameForAnalyzerOut() < connLines[j].Dst.NameForAnalyzerOut() }) } @@ -150,10 +150,10 @@ func sortDiffLines(diffLines []diffLine) { if diffLines[i].DstChange != diffLines[j].DstChange { return diffLines[i].DstChange < diffLines[j].DstChange } - if diffLines[i].Src.Name() != diffLines[j].Src.Name() { - return diffLines[i].Src.Name() < diffLines[j].Src.Name() + if diffLines[i].Src.NameForAnalyzerOut() != diffLines[j].Src.NameForAnalyzerOut() { + return diffLines[i].Src.NameForAnalyzerOut() < diffLines[j].Src.NameForAnalyzerOut() } - return diffLines[i].Dst.Name() < diffLines[j].Dst.Name() + return diffLines[i].Dst.NameForAnalyzerOut() < diffLines[j].Dst.NameForAnalyzerOut() }) } diff --git a/pkg/vpcmodel/mdOutput.go b/pkg/vpcmodel/mdOutput.go index 76097495c..eed356349 100644 --- a/pkg/vpcmodel/mdOutput.go +++ b/pkg/vpcmodel/mdOutput.go @@ -37,9 +37,9 @@ func (m *MDoutputFormatter) WriteOutput(c1, c2 *VPCConfig, // get output by analysis type v2Name := "" if c2 != nil { - v2Name = c2.VPC.Name() + v2Name = c2.VPC.NameForAnalyzerOut() } - out, err := headerOfAnalyzedVPC(uc, c1.VPC.Name(), v2Name, c1, explanation) + out, err := headerOfAnalyzedVPC(uc, c1.VPC.NameForAnalyzerOut(), v2Name, c1, explanation) if err != nil { return nil, err } @@ -76,7 +76,7 @@ func (m *MDoutputFormatter) WriteOutput(c1, c2 *VPCConfig, out += linesToOutput(connLines, lines) _, err = WriteToFile(out, outFile) - return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.Name(), VPC2Name: v2Name, format: MD, + return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.NameForAnalyzerOut(), VPC2Name: v2Name, format: MD, hasStatelessConn: hasStatelessConns, hasOverApproximatedConn: hasOverApproximatedConn}, err } @@ -102,8 +102,8 @@ func (m *MDoutputFormatter) getGroupedDiffOutput(diff *diffBetweenCfgs) []string diffType, endpointsDiff := diffAndEndpointsDescription(line.CommonProperties.connDiff.diff, line.Src, line.Dst, line.CommonProperties.connDiff.thisMinusOther) conn1Str, conn2Str := conn1And2Str(line.CommonProperties.connDiff) - lines[i] = fmt.Sprintf("| %s | %s | %s | %s | %s | %s |", diffType, line.Src.Name(), - line.Dst.Name(), conn1Str, conn2Str, endpointsDiff) + lines[i] = fmt.Sprintf("| %s | %s | %s | %s | %s | %s |", diffType, line.Src.NameForAnalyzerOut(), + line.Dst.NameForAnalyzerOut(), conn1Str, conn2Str, endpointsDiff) } return lines } @@ -114,5 +114,5 @@ func connectivityLineMD(src, dst, conn string) string { } func getGroupedMDLine(line *groupedConnLine) string { - return connectivityLineMD(line.Src.Name(), line.Dst.Name(), line.CommonProperties.groupingStrKey) + return connectivityLineMD(line.Src.NameForAnalyzerOut(), line.Dst.NameForAnalyzerOut(), line.CommonProperties.groupingStrKey) } diff --git a/pkg/vpcmodel/multiExplainability.go b/pkg/vpcmodel/multiExplainability.go index 7d5cd8a29..12775c4ba 100644 --- a/pkg/vpcmodel/multiExplainability.go +++ b/pkg/vpcmodel/multiExplainability.go @@ -43,8 +43,8 @@ func MultiExplain(srcDstCouples []explainInputEntry, vpcConns map[string]*VPCCon multiExplanation := make([]explainOutputEntry, len(srcDstCouples)) for i, srcDstCouple := range srcDstCouples { emptyExplain := &Explanation{ - src: srcDstCouple.src.Name(), - dst: srcDstCouple.dst.Name(), + src: srcDstCouple.src.NameForAnalyzerOut(), + dst: srcDstCouple.dst.NameForAnalyzerOut(), } if srcDstCouple.c == nil { // no vpc config implies missing cross-vpc router between src and dst which are not in the same VPC @@ -66,11 +66,11 @@ func MultiExplain(srcDstCouples []explainInputEntry, vpcConns map[string]*VPCCon var ok bool if connectivity, ok = vpcConns[srcDstCouple.c.VPC.UID()]; !ok { errConn := fmt.Errorf("npGuard eror: missing connectivity computation for %v %v in MultiExplain", - srcDstCouple.c.VPC.UID(), srcDstCouple.c.VPC.Name()) + srcDstCouple.c.VPC.UID(), srcDstCouple.c.VPC.NameForAnalyzerOut()) multiExplanation[i] = explainOutputEntry{emptyExplain, errConn} continue } - explain, errExplain := srcDstCouple.c.explainConnectivityForVPC(srcDstCouple.src.Name(), srcDstCouple.dst.Name(), + explain, errExplain := srcDstCouple.c.explainConnectivityForVPC(srcDstCouple.src.NameForAnalyzerOut(), srcDstCouple.dst.NameForAnalyzerOut(), srcNodes, dstNodes, nil, connectivity) if errExplain != nil { multiExplanation[i] = explainOutputEntry{emptyExplain, errExplain} @@ -104,7 +104,7 @@ func (c *VPCConfig) getNodesFromEndpoint(endpoint EndpointElem) ([]Node, error) } return disjointNodes, nil } - return nil, fmt.Errorf("np-Guard error: %v not of type InternalNodeIntf or groupedExternalNodes", endpoint.Name()) + return nil, fmt.Errorf("np-Guard error: %v not of type InternalNodeIntf or groupedExternalNodes", endpoint.NameForAnalyzerOut()) } // CreateMultiExplanationsInput given configs and results of connectivity analysis, generates input diff --git a/pkg/vpcmodel/nodesConnectivity.go b/pkg/vpcmodel/nodesConnectivity.go index 17a9d98ad..b1036cb31 100644 --- a/pkg/vpcmodel/nodesConnectivity.go +++ b/pkg/vpcmodel/nodesConnectivity.go @@ -340,11 +340,11 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getCombinedConnsStr(on } srcName := srcNode.CidrOrAddress() if srcNode.IsInternal() { - srcName = src.Name() + srcName = src.NameForAnalyzerOut() } dstName := dstNode.CidrOrAddress() if dstNode.IsInternal() { - dstName = dst.Name() + dstName = dst.NameForAnalyzerOut() } var connsStr string if onlyBidirectional { diff --git a/pkg/vpcmodel/routing_paths.go b/pkg/vpcmodel/routing_paths.go index bf50682b0..a7466bd13 100644 --- a/pkg/vpcmodel/routing_paths.go +++ b/pkg/vpcmodel/routing_paths.go @@ -102,7 +102,7 @@ func (p Path) Equal(otherPath Path) bool { func (e *Endpoint) string() string { switch { case e.VpcResource != nil: - return fmt.Sprintf("%s - %s", e.VpcResource.Kind(), e.VpcResource.Name()) + return fmt.Sprintf("%s - %s", e.VpcResource.Kind(), e.VpcResource.NameForAnalyzerOut()) case e.IPBlock != nil: return e.IPBlock.String() case e.NextHop != nil: diff --git a/pkg/vpcmodel/semanticDiff.go b/pkg/vpcmodel/semanticDiff.go index 1f4d15ae0..37d968bcd 100644 --- a/pkg/vpcmodel/semanticDiff.go +++ b/pkg/vpcmodel/semanticDiff.go @@ -142,7 +142,7 @@ func (c *VPCConfig) getVPCResourceInfInOtherConfig(other *VPCConfig, ep VPCResou nodeSameCidr := findNodeWithCidr(other.Nodes, node.CidrStr) return nodeSameCidr, nil } - return nil, fmt.Errorf(castingNodeErr, ep.Name()) + return nil, fmt.Errorf(castingNodeErr, ep.NameForAnalyzerOut()) } // endpoint is a vsi or a subnet, depending on diffAnalysis value if diffAnalysis == Vsis { @@ -150,14 +150,14 @@ func (c *VPCConfig) getVPCResourceInfInOtherConfig(other *VPCConfig, ep VPCResou if !node.IsInternal() { continue } - if node.Name() == ep.Name() { + if node.NameForAnalyzerOut() == ep.NameForAnalyzerOut() { res = VPCResourceIntf(node) return res, nil } } } else if diffAnalysis == Subnets { for _, subnet := range other.Subnets { - if subnet.Name() == ep.Name() { + if subnet.NameForAnalyzerOut() == ep.NameForAnalyzerOut() { res = VPCResourceIntf(subnet) return res, nil } @@ -265,7 +265,7 @@ func printGroupedDiffLine(diffAnalysis diffAnalysisType, src, dst EndpointElem, diffTypeStr := fmt.Sprintf("%v %s", diffTypeStr, diffType) diffInfo := getDiffInfo(diffAnalysis, diffInfoBody) connDiffStr := fmt.Sprintf(configsStr, conn1Str, conn2Str, diffInfo) - printDiff := fmt.Sprintf("%s, source: %s, destination: %s, %s\n", diffTypeStr, src.Name(), dst.Name(), connDiffStr) + printDiff := fmt.Sprintf("%s, source: %s, destination: %s, %s\n", diffTypeStr, src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), connDiffStr) return printDiff } @@ -321,12 +321,12 @@ func diffAndEndpointsDescription(diff DiffType, src, dst EndpointElem, thisMinus } switch diff { case missingSrcEP: - return addOrRemoved, fmt.Sprintf(doubleString, src.Name(), addOrRemoved) + return addOrRemoved, fmt.Sprintf(doubleString, src.NameForAnalyzerOut(), addOrRemoved) case missingDstEP: - return addOrRemoved, fmt.Sprintf(doubleString, dst.Name(), addOrRemoved) + return addOrRemoved, fmt.Sprintf(doubleString, dst.NameForAnalyzerOut(), addOrRemoved) case missingSrcDstEP: return addOrRemoved, fmt.Sprintf("%s and %s %s", - src.Name(), dst.Name(), addOrRemoved) + src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), addOrRemoved) case missingConnection: return addOrRemoved, "" case changedConnection: @@ -458,13 +458,13 @@ func (responsiveConnMap *GeneralResponsiveConnectivityMap) actualAlignSrcOrDstGi if node, ok := src.(Node); ok { origIPBlock = node.IPBlock() } else { - return nil, fmt.Errorf(castingNodeErr, node.Name()) + return nil, fmt.Errorf(castingNodeErr, node.NameForAnalyzerOut()) } } else { if node, ok := dst.(Node); ok { origIPBlock = node.IPBlock() } else { - return nil, fmt.Errorf(castingNodeErr, node.Name()) + return nil, fmt.Errorf(castingNodeErr, node.NameForAnalyzerOut()) } } if err != nil { @@ -529,14 +529,14 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb if srcNode, ok := src.(Node); ok { ipbList = append(ipbList, srcNode.IPBlock()) } else { - return nil, fmt.Errorf(castingNodeErr, src.Name()) + return nil, fmt.Errorf(castingNodeErr, src.NameForAnalyzerOut()) } } if dst.IsExternal() { if dstNode, ok := dst.(Node); ok { ipbList = append(ipbList, dstNode.IPBlock()) } else { - return nil, fmt.Errorf(castingNodeErr, dst.Name()) + return nil, fmt.Errorf(castingNodeErr, dst.NameForAnalyzerOut()) } } } @@ -578,7 +578,7 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb // return areIntersecting, err1 // } // if intersecting { -// areIntersecting += fmt.Sprintf("<%v, %v> and <%v, %v> intersects\n", src.Name(), dst.Name(), otherSrc.Name(), otherDst.Name()) +// areIntersecting += fmt.Sprintf("<%v, %v> and <%v, %v> intersects\n", src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), otherSrc.NameForAnalyzerOut(), otherDst.NameForAnalyzerOut()) // } // } // } @@ -622,7 +622,7 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb // return false, nil // } // if isMySubnet { // implies that isOtherSubnet as well -// if mySubnet.Name() == otherSubnet.Name() { +// if mySubnet.NameForAnalyzerOut() == otherSubnet.NameForAnalyzerOut() { // return true, nil // } // return false, nil @@ -656,7 +656,7 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb // if conns.isEmpty() { // continue // } -// fmt.Printf("\t%v => %v %v\n", src.Name(), dst.Name(), conns.string()) +// fmt.Printf("\t%v => %v %v\n", src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), conns.string()) // } // } // } diff --git a/pkg/vpcmodel/semanticDiff_test.go b/pkg/vpcmodel/semanticDiff_test.go index 4579aa254..bb0c05d32 100644 --- a/pkg/vpcmodel/semanticDiff_test.go +++ b/pkg/vpcmodel/semanticDiff_test.go @@ -408,7 +408,7 @@ func (connDiff *connectivityDiff) string(diffAnalysis diffAnalysisType, thisMinu conn1Str, conn2Str := conn1And2Str(connDiff) diffType, diffInfoBody := diffAndEndpointsDescription(connDiff.diff, src, dst, thisMinusOther) diffInfo := getDiffInfo(diffAnalysis, diffInfoBody) - printDiff := fmt.Sprintf("%v %s, source: %s, destination: %s, ", diffTypeStr, diffType, src.Name(), dst.Name()) + printDiff := fmt.Sprintf("%v %s, source: %s, destination: %s, ", diffTypeStr, diffType, src.NameForAnalyzerOut(), dst.NameForAnalyzerOut()) printDiff += fmt.Sprintf(configsStr, conn1Str, conn2Str, diffInfo) + "\n" strList = append(strList, printDiff) } diff --git a/pkg/vpcmodel/subnetsConnectivity.go b/pkg/vpcmodel/subnetsConnectivity.go index 16e2e41ef..1dcc63e35 100644 --- a/pkg/vpcmodel/subnetsConnectivity.go +++ b/pkg/vpcmodel/subnetsConnectivity.go @@ -50,11 +50,11 @@ func subnetConnLine(subnet string, conn *connection.Set) string { func (c *ConfigBasedConnectivityResults) string() string { res := "Ingress: \n" for n, conn := range c.IngressAllowedConns { - res += subnetConnLine(n.Name(), conn) + res += subnetConnLine(n.NameForAnalyzerOut(), conn) } res += "Egress: \n" for n, conn := range c.EgressAllowedConns { - res += subnetConnLine(n.Name(), conn) + res += subnetConnLine(n.NameForAnalyzerOut(), conn) } return res @@ -65,7 +65,7 @@ var _ = (*VPCsubnetConnectivity).printAllowedConns // avoiding "unused" warning // print AllowedConns (not combined) func (v *VPCsubnetConnectivity) printAllowedConns() { for n, connMap := range v.AllowedConns { - fmt.Println(n.Name()) + fmt.Println(n.NameForAnalyzerOut()) fmt.Println(connMap.string()) fmt.Println("-----------------") } @@ -85,7 +85,7 @@ func (c *VPCConfig) ipblockToNamedResourcesInConfig(ipb *ipblock.IPBlock, exclud } else if subnetCidrIPB.Overlap(ipb) { // the ACL splits connectivity to part of that subnet, // this is currently not supported in subnets connectivity analysis - return nil, fmt.Errorf("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet %s", subnet.Name()) + return nil, fmt.Errorf("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet %s", subnet.NameForAnalyzerOut()) } } @@ -275,7 +275,7 @@ func (v *VPCsubnetConnectivity) computeAllowedConnsCombined() (GeneralConnectivi egressConns := v.AllowedConns[concPeerNode].EgressAllowedConns[subnetNodeSet] if egressConns == nil { // should not get here - return nil, fmt.Errorf("could not find egress connection from %s to %s", concPeerNode.Name(), subnetNodeSet.Name()) + return nil, fmt.Errorf("could not find egress connection from %s to %s", concPeerNode.NameForAnalyzerOut(), subnetNodeSet.NameForAnalyzerOut()) } combinedConns = conns.Intersect(egressConns) // for subnets cross-vpc connection, add intersection with tgw connectivity (prefix filters) @@ -298,7 +298,7 @@ func (v *VPCsubnetConnectivity) computeAllowedConnsCombined() (GeneralConnectivi for peerNode, conns := range connsRes.EgressAllowedConns { src := subnetNodeSet dst := peerNode - if src.Name() == dst.Name() { + if src.NameForAnalyzerOut() == dst.NameForAnalyzerOut() { continue } combinedConns := conns diff --git a/pkg/vpcmodel/synthesisOutput.go b/pkg/vpcmodel/synthesisOutput.go index 1e96a1264..efaf7ac8e 100644 --- a/pkg/vpcmodel/synthesisOutput.go +++ b/pkg/vpcmodel/synthesisOutput.go @@ -36,9 +36,9 @@ func (j *SynthesisOutputFormatter) WriteOutput(c1, c2 *VPCConfig, outStr, err := writeJSON(all, outFile) v2Name := "" if c2 != nil { - v2Name = c2.VPC.Name() + v2Name = c2.VPC.NameForAnalyzerOut() } - return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.Name(), VPC2Name: v2Name, format: Synthesis, jsonStruct: all}, err + return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.NameForAnalyzerOut(), VPC2Name: v2Name, format: Synthesis, jsonStruct: all}, err } func handleNameAndType(resource EndpointElem, externals spec.SpecExternals) ( @@ -129,10 +129,10 @@ func sortProtocolList(g spec.ProtocolList) spec.ProtocolList { func sortGroupedLines(g []*groupedConnLine) { sort.Slice(g, func(i, j int) bool { - if g[i].Src.Name() != g[j].Src.Name() { - return g[i].Src.Name() > g[j].Src.Name() - } else if g[i].Dst.Name() != g[j].Dst.Name() { - return g[i].Dst.Name() > g[j].Dst.Name() + if g[i].Src.NameForAnalyzerOut() != g[j].Src.NameForAnalyzerOut() { + return g[i].Src.NameForAnalyzerOut() > g[j].Src.NameForAnalyzerOut() + } else if g[i].Dst.NameForAnalyzerOut() != g[j].Dst.NameForAnalyzerOut() { + return g[i].Dst.NameForAnalyzerOut() > g[j].Dst.NameForAnalyzerOut() } return g[i].CommonProperties.Conn.string() > g[j].CommonProperties.Conn.string() }) diff --git a/pkg/vpcmodel/textOutput.go b/pkg/vpcmodel/textOutput.go index 5c80ae5c0..0ca9f2439 100644 --- a/pkg/vpcmodel/textOutput.go +++ b/pkg/vpcmodel/textOutput.go @@ -19,7 +19,7 @@ func multipleVPCsConfigHeader(c *VPCConfig) (string, error) { return "", errors.New("unexpected config of multiple VPCs connected by TGW, missing TGW resource") } tgw := c.RoutingResources[0] - return fmt.Sprintf("Connectivity between VPCs connected by TGW %s (UID: %s)\n", tgw.Name(), tgw.UID()), nil + return fmt.Sprintf("Connectivity between VPCs connected by TGW %s (UID: %s)\n", tgw.NameForAnalyzerOut(), tgw.UID()), nil } func headerOfAnalyzedVPC(uc OutputUseCase, vpcName, vpc2Name string, c1 *VPCConfig, @@ -58,10 +58,10 @@ func (t *TextOutputFormatter) WriteOutput(c1, c2 *VPCConfig, explanation *Explanation, detailExplain bool) (*SingleAnalysisOutput, error) { vpc2Name := "" if c2 != nil { - vpc2Name = c2.VPC.Name() + vpc2Name = c2.VPC.NameForAnalyzerOut() } // header line - specify the VPC analyzed - out, err := headerOfAnalyzedVPC(uc, c1.VPC.Name(), vpc2Name, c1, explanation) + out, err := headerOfAnalyzedVPC(uc, c1.VPC.NameForAnalyzerOut(), vpc2Name, c1, explanation) if err != nil { return nil, err } @@ -92,6 +92,6 @@ func (t *TextOutputFormatter) WriteOutput(c1, c2 *VPCConfig, } // write output to file and return the output string _, err = WriteToFile(out, outFile) - return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.Name(), + return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.NameForAnalyzerOut(), VPC2Name: vpc2Name, format: Text, hasStatelessConn: hasStatelessConns, hasOverApproximatedConn: hasOverApproximatedConn}, err } diff --git a/pkg/vpcmodel/unifyGrouping.go b/pkg/vpcmodel/unifyGrouping.go index 4a1061ce8..8f00554ba 100644 --- a/pkg/vpcmodel/unifyGrouping.go +++ b/pkg/vpcmodel/unifyGrouping.go @@ -55,9 +55,9 @@ func unifyMultiVPC(configs *MultipleVPCConfigs, nodesConn map[string]*VPCConnect // if exists, nil otherwise func (cachedGrouped *cacheGroupedElements) getExistEndpointElemFromCache( grouped *groupedEndpointsElems) *groupedEndpointsElems { - // since the endpoints (vsis/subnets) are sorted before printed, grouped.Name() will be identical + // since the endpoints (vsis/subnets) are sorted before printed, grouped.NameForAnalyzerOut() will be identical // to equiv groupedEndpointsElems - if existingGrouped, ok := cachedGrouped.groupedEndpointsElemsMap[grouped.Name()]; ok { + if existingGrouped, ok := cachedGrouped.groupedEndpointsElemsMap[grouped.NameForAnalyzerOut()]; ok { return existingGrouped } return nil @@ -78,7 +78,7 @@ func (cachedGrouped *cacheGroupedElements) getAndSetEndpointElemFromCache( // sets pointer of an element to cachedGrouped.groupedEndpointsElemsMap func (cachedGrouped *cacheGroupedElements) setEndpointElemFromCache( groupedElem *groupedEndpointsElems) { - cachedGrouped.groupedEndpointsElemsMap[groupedElem.Name()] = groupedElem + cachedGrouped.groupedEndpointsElemsMap[groupedElem.NameForAnalyzerOut()] = groupedElem } // 2. Similar to the above, functionality related to cachedGrouped.groupedExternalNodesMap @@ -86,7 +86,7 @@ func (cachedGrouped *cacheGroupedElements) setEndpointElemFromCache( // if exists, nil otherwise func (cachedGrouped *cacheGroupedElements) getExistGroupedExternalFromCache( grouped *groupedExternalNodes) *groupedExternalNodes { - if existingGrouped, ok := cachedGrouped.groupedExternalNodesMap[grouped.Name()]; ok { + if existingGrouped, ok := cachedGrouped.groupedExternalNodesMap[grouped.NameForAnalyzerOut()]; ok { return existingGrouped } return nil @@ -94,7 +94,7 @@ func (cachedGrouped *cacheGroupedElements) getExistGroupedExternalFromCache( func (cachedGrouped *cacheGroupedElements) setGroupedExternalFromCache( groupedExternal *groupedExternalNodes) { - cachedGrouped.groupedExternalNodesMap[groupedExternal.Name()] = groupedExternal + cachedGrouped.groupedExternalNodesMap[groupedExternal.NameForAnalyzerOut()] = groupedExternal } func (cachedGrouped *cacheGroupedElements) getAndSetGroupedExternalFromCache( @@ -120,7 +120,7 @@ func (o *OutputGenerator) UnificationDebugPrint() string { k := common.FromList[EndpointElem](*g).AsKey() if g2, ok := elg[k]; ok { if g != g2 { - outString += fmt.Sprintf("pointer %p of %s and pointer %p of the same %s \n", g, g.Name(), g2, g2.Name()) + outString += fmt.Sprintf("pointer %p of %s and pointer %p of the same %s \n", g, g.NameForAnalyzerOut(), g2, g2.NameForAnalyzerOut()) } } elg[k] = g diff --git a/pkg/vpcmodel/vpcConfig.go b/pkg/vpcmodel/vpcConfig.go index ea1866d14..9a2068186 100644 --- a/pkg/vpcmodel/vpcConfig.go +++ b/pkg/vpcmodel/vpcConfig.go @@ -50,7 +50,7 @@ func (c *VPCConfig) SubnetCidrToSubnetElem(cidr string) (Subnet, error) { return subnet, nil } } - return nil, fmt.Errorf("could not find subnet with CIDR %s in VPC %s", cidr, c.VPC.Name()) + return nil, fmt.Errorf("could not find subnet with CIDR %s in VPC %s", cidr, c.VPC.NameForAnalyzerOut()) } func (c *VPCConfig) GetFilterTrafficResourceOfKind(kind string) FilterTrafficResource { From e87957c1784a958cf16345a347be8115368bad0c Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 10 Sep 2024 12:06:02 +0300 Subject: [PATCH 02/12] fix lint --- pkg/ibmvpc/implicit_routing.go | 3 ++- pkg/ibmvpc/routing_tables_analysis.go | 3 ++- pkg/ibmvpc/vpc.go | 3 ++- pkg/linter/lintUnattached.go | 3 ++- pkg/vpcmodel/explainabilityInput.go | 3 ++- pkg/vpcmodel/multiExplainability.go | 3 ++- pkg/vpcmodel/semanticDiff.go | 6 ++++-- pkg/vpcmodel/semanticDiff_test.go | 3 ++- pkg/vpcmodel/subnetsConnectivity.go | 6 ++++-- pkg/vpcmodel/synthesisOutput.go | 3 ++- pkg/vpcmodel/unifyGrouping.go | 3 ++- 11 files changed, 26 insertions(+), 13 deletions(-) diff --git a/pkg/ibmvpc/implicit_routing.go b/pkg/ibmvpc/implicit_routing.go index 4205da874..846767bfe 100644 --- a/pkg/ibmvpc/implicit_routing.go +++ b/pkg/ibmvpc/implicit_routing.go @@ -111,7 +111,8 @@ func (rt *systemImplicitRT) getIngressPath(dest *ipblock.IPBlock) (vpcmodel.Path // traffic from some source is by default simply routed to dest node path := rt.destAsPath(dest) if len(path) == 0 { - return nil, fmt.Errorf("getIngressPath: failed to find path to dest resource address %s in VPC %s", dest.String(), rt.vpc.NameForAnalyzerOut()) + return nil, fmt.Errorf("getIngressPath: failed to find path to dest resource address %s in VPC %s", + dest.String(), rt.vpc.NameForAnalyzerOut()) } return path, nil } diff --git a/pkg/ibmvpc/routing_tables_analysis.go b/pkg/ibmvpc/routing_tables_analysis.go index fa4b891f7..428049567 100644 --- a/pkg/ibmvpc/routing_tables_analysis.go +++ b/pkg/ibmvpc/routing_tables_analysis.go @@ -618,7 +618,8 @@ func (irt *ingressRoutingTable) advertiseRoutes(vpcConfig *vpcmodel.VPCConfig) { var tgwAB *TransitGateway for _, tgw := range tgws { for _, vpc := range tgw.vpcs { - logging.Debugf("check tgw %s with vpc %s, AP %s", tgw.NameForAnalyzerOut(), vpc.NameForAnalyzerOut(), vpc.AddressPrefixesIPBlock.ToCidrListString()) + logging.Debugf("check tgw %s with vpc %s, AP %s", tgw.NameForAnalyzerOut(), + vpc.NameForAnalyzerOut(), vpc.AddressPrefixesIPBlock.ToCidrListString()) // TODO: shouldn't be containment rather than intersection?? (works with intersection on hub-n-spoke config object) if vpc.UID() != irt.vpc.UID() && routeCidr.Overlap(vpc.AddressPrefixesIPBlock) { vpcB = vpc diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index f3427aacd..35f70065c 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -590,7 +590,8 @@ func (tgw *TransitGateway) stringPrefixFiltersVerbose(transitConn *datamodel.Tra // prints a matching non-verbose header func (tgw *TransitGateway) stringPrefixFiltersNoVerbose(transitConn *datamodel.TransitConnection, rulesType vpcmodel.RulesType) string { - noVerboseStr := fmt.Sprintf("cross-vpc-connection: transit-connection %s of transit-gateway %s ", *transitConn.Name, tgw.NameForAnalyzerOut()) + noVerboseStr := fmt.Sprintf("cross-vpc-connection: transit-connection %s of transit-gateway %s ", + *transitConn.Name, tgw.NameForAnalyzerOut()) switch rulesType { case vpcmodel.OnlyAllow: return noVerboseStr + "allows connection" diff --git a/pkg/linter/lintUnattached.go b/pkg/linter/lintUnattached.go index 5c4a1c651..241431fc1 100644 --- a/pkg/linter/lintUnattached.go +++ b/pkg/linter/lintUnattached.go @@ -87,5 +87,6 @@ type nonConnectedTableJSON struct { } func (finding *nonConnectedTable) toJSON() any { - return nonConnectedTableJSON{vpcName: finding.vpc()[0].NameForAnalyzerOut(), layerName: finding.layerName, tableName: finding.table.FilterName} + return nonConnectedTableJSON{vpcName: finding.vpc()[0].NameForAnalyzerOut(), + layerName: finding.layerName, tableName: finding.table.FilterName} } diff --git a/pkg/vpcmodel/explainabilityInput.go b/pkg/vpcmodel/explainabilityInput.go index 1b811aae9..06f6195e5 100644 --- a/pkg/vpcmodel/explainabilityInput.go +++ b/pkg/vpcmodel/explainabilityInput.go @@ -335,7 +335,8 @@ func (c *VPCConfig) getNodesOfEndpoint(name string) ([]Node, int, error) { endpoint = cidrOrNameSlice[1] } for _, nodeSet := range append(c.NodeSets, c.loadBalancersAsNodeSets()...) { - if (vpc == "" || nodeSet.VPC().NameForAnalyzerOut() == vpc) && nodeSet.NameForAnalyzerOut() == endpoint || // if vpc of endpoint specified, equality must hold + if (vpc == "" || nodeSet.VPC().NameForAnalyzerOut() == vpc) && + nodeSet.NameForAnalyzerOut() == endpoint || // if vpc of endpoint specified, equality must hold nodeSet.UID() == uid { if nodeSetOfEndpoint != nil { return nil, fatalErr, fmt.Errorf("ambiguity - the configuration contains multiple resources named %s, "+ diff --git a/pkg/vpcmodel/multiExplainability.go b/pkg/vpcmodel/multiExplainability.go index 12775c4ba..65238aa20 100644 --- a/pkg/vpcmodel/multiExplainability.go +++ b/pkg/vpcmodel/multiExplainability.go @@ -70,7 +70,8 @@ func MultiExplain(srcDstCouples []explainInputEntry, vpcConns map[string]*VPCCon multiExplanation[i] = explainOutputEntry{emptyExplain, errConn} continue } - explain, errExplain := srcDstCouple.c.explainConnectivityForVPC(srcDstCouple.src.NameForAnalyzerOut(), srcDstCouple.dst.NameForAnalyzerOut(), + explain, errExplain := srcDstCouple.c.explainConnectivityForVPC(srcDstCouple.src.NameForAnalyzerOut(), + srcDstCouple.dst.NameForAnalyzerOut(), srcNodes, dstNodes, nil, connectivity) if errExplain != nil { multiExplanation[i] = explainOutputEntry{emptyExplain, errExplain} diff --git a/pkg/vpcmodel/semanticDiff.go b/pkg/vpcmodel/semanticDiff.go index 37d968bcd..5a53c65a1 100644 --- a/pkg/vpcmodel/semanticDiff.go +++ b/pkg/vpcmodel/semanticDiff.go @@ -265,7 +265,8 @@ func printGroupedDiffLine(diffAnalysis diffAnalysisType, src, dst EndpointElem, diffTypeStr := fmt.Sprintf("%v %s", diffTypeStr, diffType) diffInfo := getDiffInfo(diffAnalysis, diffInfoBody) connDiffStr := fmt.Sprintf(configsStr, conn1Str, conn2Str, diffInfo) - printDiff := fmt.Sprintf("%s, source: %s, destination: %s, %s\n", diffTypeStr, src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), connDiffStr) + printDiff := fmt.Sprintf("%s, source: %s, destination: %s, %s\n", diffTypeStr, + src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), connDiffStr) return printDiff } @@ -578,7 +579,8 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb // return areIntersecting, err1 // } // if intersecting { -// areIntersecting += fmt.Sprintf("<%v, %v> and <%v, %v> intersects\n", src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), otherSrc.NameForAnalyzerOut(), otherDst.NameForAnalyzerOut()) +// areIntersecting += fmt.Sprintf("<%v, %v> and <%v, %v> intersects\n", src.NameForAnalyzerOut(), +// dst.NameForAnalyzerOut(), otherSrc.NameForAnalyzerOut(), otherDst.NameForAnalyzerOut()) // } // } // } diff --git a/pkg/vpcmodel/semanticDiff_test.go b/pkg/vpcmodel/semanticDiff_test.go index bb0c05d32..b6cfa1eca 100644 --- a/pkg/vpcmodel/semanticDiff_test.go +++ b/pkg/vpcmodel/semanticDiff_test.go @@ -408,7 +408,8 @@ func (connDiff *connectivityDiff) string(diffAnalysis diffAnalysisType, thisMinu conn1Str, conn2Str := conn1And2Str(connDiff) diffType, diffInfoBody := diffAndEndpointsDescription(connDiff.diff, src, dst, thisMinusOther) diffInfo := getDiffInfo(diffAnalysis, diffInfoBody) - printDiff := fmt.Sprintf("%v %s, source: %s, destination: %s, ", diffTypeStr, diffType, src.NameForAnalyzerOut(), dst.NameForAnalyzerOut()) + printDiff := fmt.Sprintf("%v %s, source: %s, destination: %s, ", diffTypeStr, diffType, + src.NameForAnalyzerOut(), dst.NameForAnalyzerOut()) printDiff += fmt.Sprintf(configsStr, conn1Str, conn2Str, diffInfo) + "\n" strList = append(strList, printDiff) } diff --git a/pkg/vpcmodel/subnetsConnectivity.go b/pkg/vpcmodel/subnetsConnectivity.go index 1dcc63e35..3337681c6 100644 --- a/pkg/vpcmodel/subnetsConnectivity.go +++ b/pkg/vpcmodel/subnetsConnectivity.go @@ -85,7 +85,8 @@ func (c *VPCConfig) ipblockToNamedResourcesInConfig(ipb *ipblock.IPBlock, exclud } else if subnetCidrIPB.Overlap(ipb) { // the ACL splits connectivity to part of that subnet, // this is currently not supported in subnets connectivity analysis - return nil, fmt.Errorf("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet %s", subnet.NameForAnalyzerOut()) + return nil, fmt.Errorf("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet %s", + subnet.NameForAnalyzerOut()) } } @@ -275,7 +276,8 @@ func (v *VPCsubnetConnectivity) computeAllowedConnsCombined() (GeneralConnectivi egressConns := v.AllowedConns[concPeerNode].EgressAllowedConns[subnetNodeSet] if egressConns == nil { // should not get here - return nil, fmt.Errorf("could not find egress connection from %s to %s", concPeerNode.NameForAnalyzerOut(), subnetNodeSet.NameForAnalyzerOut()) + return nil, fmt.Errorf("could not find egress connection from %s to %s", + concPeerNode.NameForAnalyzerOut(), subnetNodeSet.NameForAnalyzerOut()) } combinedConns = conns.Intersect(egressConns) // for subnets cross-vpc connection, add intersection with tgw connectivity (prefix filters) diff --git a/pkg/vpcmodel/synthesisOutput.go b/pkg/vpcmodel/synthesisOutput.go index efaf7ac8e..bab8daa5d 100644 --- a/pkg/vpcmodel/synthesisOutput.go +++ b/pkg/vpcmodel/synthesisOutput.go @@ -38,7 +38,8 @@ func (j *SynthesisOutputFormatter) WriteOutput(c1, c2 *VPCConfig, if c2 != nil { v2Name = c2.VPC.NameForAnalyzerOut() } - return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.NameForAnalyzerOut(), VPC2Name: v2Name, format: Synthesis, jsonStruct: all}, err + return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.NameForAnalyzerOut(), + VPC2Name: v2Name, format: Synthesis, jsonStruct: all}, err } func handleNameAndType(resource EndpointElem, externals spec.SpecExternals) ( diff --git a/pkg/vpcmodel/unifyGrouping.go b/pkg/vpcmodel/unifyGrouping.go index 8f00554ba..ae9a0ab66 100644 --- a/pkg/vpcmodel/unifyGrouping.go +++ b/pkg/vpcmodel/unifyGrouping.go @@ -120,7 +120,8 @@ func (o *OutputGenerator) UnificationDebugPrint() string { k := common.FromList[EndpointElem](*g).AsKey() if g2, ok := elg[k]; ok { if g != g2 { - outString += fmt.Sprintf("pointer %p of %s and pointer %p of the same %s \n", g, g.NameForAnalyzerOut(), g2, g2.NameForAnalyzerOut()) + outString += fmt.Sprintf("pointer %p of %s and pointer %p of the same %s \n", + g, g.NameForAnalyzerOut(), g2, g2.NameForAnalyzerOut()) } } elg[k] = g From a9be1c9e88163fefa6adf1ee551a542743cfb6b7 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 10 Sep 2024 12:08:07 +0300 Subject: [PATCH 03/12] fix merge --- pkg/vpcmodel/explainabilityInput.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/vpcmodel/explainabilityInput.go b/pkg/vpcmodel/explainabilityInput.go index f2aa219b4..d4beedd19 100644 --- a/pkg/vpcmodel/explainabilityInput.go +++ b/pkg/vpcmodel/explainabilityInput.go @@ -339,8 +339,8 @@ func (c *VPCConfig) getNodesOfSubnet(name string) ([]Node, error) { inputSubnet, inputVpc := getResourceAndVpcNames(name) var foundSubnet Subnet for _, subnet := range c.Subnets { - if (inputVpc == "" || subnet.VPC().Name() == inputVpc) && - (inputSubnet == subnet.UID() || inputSubnet == subnet.Name()) { + if (inputVpc == "" || subnet.VPC().NameForAnalyzerOut() == inputVpc) && + (inputSubnet == subnet.UID() || inputSubnet == subnet.NameForAnalyzerOut()) { foundSubnet = subnet } } @@ -349,7 +349,7 @@ func (c *VPCConfig) getNodesOfSubnet(name string) ([]Node, error) { } subnetNodes := c.getNodesWithinInternalAddressFilterNonRelevant(foundSubnet.AddressRange()) if len(subnetNodes) == 0 { - return nil, fmt.Errorf("subnet %s [%s] contains no endpoints", foundSubnet.Name(), foundSubnet.AddressRange()) + return nil, fmt.Errorf("subnet %s [%s] contains no endpoints", foundSubnet.NameForAnalyzerOut(), foundSubnet.AddressRange()) } return subnetNodes, nil } From ca4cef8bfd6943e320083510a473012682c731a8 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Sun, 22 Sep 2024 15:54:48 +0300 Subject: [PATCH 04/12] remove extendedPrefix method --- pkg/commonvpc/vpc.go | 6 +++++- pkg/ibmvpc/vpc.go | 24 ++++++++++++++++++++---- pkg/vpcmodel/abstractVPC.go | 15 +++++---------- pkg/vpcmodel/externalNetwork.go | 4 ---- pkg/vpcmodel/grouping.go | 4 +++- pkg/vpcmodel/grouping_test.go | 8 +------- 6 files changed, 34 insertions(+), 27 deletions(-) diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index 6e223b1d2..051e5efc9 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -95,7 +95,11 @@ func (ni *NetworkInterface) NameForAnalyzerOut() string { } func (ni *NetworkInterface) ExtendedName(c *vpcmodel.VPCConfig) string { - return ni.ExtendedPrefix(c) + ni.NameForAnalyzerOut() + prefix := "" + if c.IsMultipleVPCsConfig { + prefix = ni.VPC().Name() + vpcmodel.Deliminator + } + return prefix + ni.NameForAnalyzerOut() } func nameWithBracketsInfo(name, inBrackets string) string { diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index 2e724b02d..60fe0adda 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -42,7 +42,11 @@ func (r *ReservedIP) NameForAnalyzerOut() string { } func (r *ReservedIP) ExtendedName(c *vpcmodel.VPCConfig) string { - return r.ExtendedPrefix(c) + r.NameForAnalyzerOut() + prefix := "" + if c.IsMultipleVPCsConfig { + prefix = r.VPC().Name() + vpcmodel.Deliminator + } + return prefix + r.NameForAnalyzerOut() } // used for synthesis output @@ -79,7 +83,11 @@ func (pip *PrivateIP) NameForAnalyzerOut() string { } func (pip *PrivateIP) ExtendedName(c *vpcmodel.VPCConfig) string { - return pip.ExtendedPrefix(c) + pip.NameForAnalyzerOut() + prefix := "" + if c.IsMultipleVPCsConfig { + prefix = pip.VPC().Name() + vpcmodel.Deliminator + } + return prefix + pip.NameForAnalyzerOut() } // AbstractedToNodeSet returns the pip load balancer if it was abstracted @@ -108,7 +116,11 @@ func (n *IKSNode) NameForAnalyzerOut() string { } func (n *IKSNode) ExtendedName(c *vpcmodel.VPCConfig) string { - return n.ExtendedPrefix(c) + n.NameForAnalyzerOut() + prefix := "" + if c.IsMultipleVPCsConfig { + prefix = n.VPC().Name() + vpcmodel.Deliminator + } + return prefix + n.NameForAnalyzerOut() } // vpe can be in multiple zones - depending on the zones of its network interfaces.. @@ -162,7 +174,11 @@ func (lb *LoadBalancer) nameWithKind() string { return nameWithBracketsInfo(lb.ResourceName, lb.Kind()) } func (lb *LoadBalancer) ExtendedName(c *vpcmodel.VPCConfig) string { - return lb.ExtendedPrefix(c) + lb.nameWithKind() + prefix := "" + if c.IsMultipleVPCsConfig { + prefix = lb.VPC().Name() + vpcmodel.Deliminator + } + return prefix + lb.nameWithKind() } func (lb *LoadBalancer) Nodes() []vpcmodel.Node { diff --git a/pkg/vpcmodel/abstractVPC.go b/pkg/vpcmodel/abstractVPC.go index a3e17fb15..acdbe2669 100644 --- a/pkg/vpcmodel/abstractVPC.go +++ b/pkg/vpcmodel/abstractVPC.go @@ -27,8 +27,6 @@ type VPCResourceIntf interface { // note this method is relevant only for Node and Subnet objects. // note it adds the prefix only for input config that has multiple VPCs context. ExtendedName(*VPCConfig) string - // ExtendedPrefix returns the prefix to be added for ExtendedName, given the input config - ExtendedPrefix(config *VPCConfig) string ZoneName() string Kind() string VPC() VPCResourceIntf // the VPC to which this resource belongs to @@ -49,13 +47,6 @@ type VPCResource struct { VPCRef VPCResourceIntf `json:"-"` } -func (n *VPCResource) ExtendedPrefix(c *VPCConfig) string { - if c.IsMultipleVPCsConfig { - return n.VPC().NameForAnalyzerOut() + Deliminator - } - return "" -} - func (n *VPCResource) Name() string { return n.ResourceName } @@ -73,7 +64,11 @@ func (n *VPCResource) SynthesisKind() spec.ResourceType { } func (n *VPCResource) ExtendedName(c *VPCConfig) string { - return n.ExtendedPrefix(c) + n.NameForAnalyzerOut() + prefix := "" + if c.IsMultipleVPCsConfig { + prefix = n.VPC().Name() + Deliminator + } + return prefix + n.NameForAnalyzerOut() } func (n *VPCResource) UID() string { diff --git a/pkg/vpcmodel/externalNetwork.go b/pkg/vpcmodel/externalNetwork.go index bfea78eca..5345b7e45 100644 --- a/pkg/vpcmodel/externalNetwork.go +++ b/pkg/vpcmodel/externalNetwork.go @@ -84,10 +84,6 @@ func (exn *ExternalNetwork) ExtendedName(c *VPCConfig) string { return exn.Name() } -func (exn *ExternalNetwork) ExtendedPrefix(c *VPCConfig) string { - return "" -} - func (exn *ExternalNetwork) IsInternal() bool { return false } diff --git a/pkg/vpcmodel/grouping.go b/pkg/vpcmodel/grouping.go index f5c93b5d9..f9d057ea3 100644 --- a/pkg/vpcmodel/grouping.go +++ b/pkg/vpcmodel/grouping.go @@ -247,7 +247,9 @@ func (g *groupedEndpointsElems) ExtendedName(c *VPCConfig) string { prefix := "" if vpcResource, ok := (*g)[0].(VPCResourceIntf); ok { // should never fail; yet not adding an error - prefix = vpcResource.ExtendedPrefix(c) + if c.IsMultipleVPCsConfig { + prefix = vpcResource.VPC().Name() + Deliminator + } } // add the vpc prefix only once for grouped elements which are always of the same VPC if prefix != "" && len(*g) > 1 { diff --git a/pkg/vpcmodel/grouping_test.go b/pkg/vpcmodel/grouping_test.go index 33619616c..1a0cc3f88 100644 --- a/pkg/vpcmodel/grouping_test.go +++ b/pkg/vpcmodel/grouping_test.go @@ -82,9 +82,6 @@ func (m *mockNetIntf) SynthesisKind() spec.ResourceType { func (m *mockNetIntf) ExtendedName(c *VPCConfig) string { return m.name } -func (m *mockNetIntf) ExtendedPrefix(c *VPCConfig) string { - return "" -} func (m *mockNetIntf) ZoneName() string { return "" } @@ -128,10 +125,7 @@ func (m *mockSubnet) SynthesisKind() spec.ResourceType { return "" } func (m *mockSubnet) ExtendedName(c *VPCConfig) string { - return m.ExtendedPrefix(c) + m.name -} -func (m *mockSubnet) ExtendedPrefix(c *VPCConfig) string { - return "" + return m.name } func (m *mockSubnet) Nodes() []Node { return m.nodes From 4449b158eacb6d857d01f4345fb56ab7533b5671 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Sun, 22 Sep 2024 17:09:09 +0300 Subject: [PATCH 05/12] fixes --- pkg/awsvpc/awsDrawioGenerator.go | 2 +- pkg/awsvpc/parser.go | 4 +- pkg/commonvpc/drawioGenerator.go | 12 +-- pkg/commonvpc/vpc.go | 14 +-- pkg/ibmvpc/connectivityAnalysis_test.go | 2 +- .../synthesis_out/acl_testing3_all_vpcs_.json | 100 +++++++++--------- .../experiments_env_all_vpcs_.json | 16 +-- pkg/ibmvpc/ibmDrawioGenerator.go | 14 +-- pkg/ibmvpc/implicit_routing.go | 2 +- pkg/ibmvpc/parser.go | 12 +-- pkg/ibmvpc/routing_tables_analysis.go | 10 +- pkg/ibmvpc/vpc.go | 6 +- pkg/linter/lintRuleCIDROutOfRange.go | 4 +- pkg/linter/lintRuleShadowedOrImplied.go | 4 +- pkg/linter/lintRuleSplitSubnet.go | 8 +- pkg/linter/lintSubnetCIDROverlap.go | 10 +- pkg/linter/lintTCPReposnseBlocked.go | 6 +- pkg/linter/lintUnattached.go | 4 +- pkg/vpcmodel/abstractVPC.go | 4 +- pkg/vpcmodel/drawioGenerator.go | 2 +- pkg/vpcmodel/explainabilityInput.go | 16 +-- pkg/vpcmodel/explainabilityPrint.go | 8 +- pkg/vpcmodel/externalNetwork.go | 2 +- pkg/vpcmodel/jsonOutput.go | 4 +- pkg/vpcmodel/mdOutput.go | 6 +- pkg/vpcmodel/multiExplainability.go | 2 +- pkg/vpcmodel/subnetsConnectivity.go | 2 +- pkg/vpcmodel/synthesisOutput.go | 12 +-- pkg/vpcmodel/textOutput.go | 6 +- pkg/vpcmodel/vpcConfig.go | 2 +- 30 files changed, 148 insertions(+), 148 deletions(-) diff --git a/pkg/awsvpc/awsDrawioGenerator.go b/pkg/awsvpc/awsDrawioGenerator.go index 61103b514..4a50c6151 100644 --- a/pkg/awsvpc/awsDrawioGenerator.go +++ b/pkg/awsvpc/awsDrawioGenerator.go @@ -14,5 +14,5 @@ import ( func (igw *InternetGateway) ShowOnSubnetMode() bool { return true } func (igw *InternetGateway) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { - return drawio.NewInternetGatewayTreeNode(gen.TreeNode(igw.VPC()).(*drawio.VpcTreeNode), igw.NameForAnalyzerOut()) + return drawio.NewInternetGatewayTreeNode(gen.TreeNode(igw.VPC()).(*drawio.VpcTreeNode), igw.Name()) } diff --git a/pkg/awsvpc/parser.go b/pkg/awsvpc/parser.go index 6c17bc9ab..5b30e5808 100644 --- a/pkg/awsvpc/parser.go +++ b/pkg/awsvpc/parser.go @@ -429,11 +429,11 @@ func printVPCConfigs(c *vpcmodel.MultipleVPCConfigs) { } logging.Debug("VPCs to analyze:") for vpcUID, config := range c.Configs() { - logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.NameForAnalyzerOut()) + logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.Name()) } commonvpc.PrintLineSection() for vpcUID, config := range c.Configs() { - logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.NameForAnalyzerOut()) + logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.Name()) printConfig(config) } commonvpc.PrintLineSection() diff --git a/pkg/commonvpc/drawioGenerator.go b/pkg/commonvpc/drawioGenerator.go index 74c8e61c7..b42bd7456 100644 --- a/pkg/commonvpc/drawioGenerator.go +++ b/pkg/commonvpc/drawioGenerator.go @@ -24,7 +24,7 @@ func (ni *NetworkInterface) ShowOnSubnetMode() bool { return false } func (nl *NaclLayer) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { for _, acl := range nl.NaclList { for _, sn := range acl.Subnets { - gen.TreeNode(sn).(*drawio.SubnetTreeNode).SetACL(acl.NameForAnalyzerOut()) + gen.TreeNode(sn).(*drawio.SubnetTreeNode).SetACL(acl.Name()) } } return nil @@ -41,7 +41,7 @@ func (r *Region) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.Tr } func (v *VPC) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { - return drawio.NewVpcTreeNode(gen.TreeNode(v.Region()).(*drawio.RegionTreeNode), v.NameForAnalyzerOut()) + return drawio.NewVpcTreeNode(gen.TreeNode(v.Region()).(*drawio.RegionTreeNode), v.Name()) } func (z *Zone) IsExternal() bool { return false } @@ -53,7 +53,7 @@ func (s *Subnet) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.Tr // todo - how to handle this error: zone, _ := s.Zone() zoneTn := gen.TreeNode(zone).(*drawio.ZoneTreeNode) - subnetTn := drawio.NewSubnetTreeNode(zoneTn, s.NameForAnalyzerOut(), s.Cidr, "") + subnetTn := drawio.NewSubnetTreeNode(zoneTn, s.Name(), s.Cidr, "") subnetTn.SetIsPrivate(s.IsPrivate()) return subnetTn } @@ -68,7 +68,7 @@ func (sgl *SecurityGroupLayer) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenera func (sg *SecurityGroup) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { // creating the SG treeNodes: - tn := drawio.NewSGTreeNode(gen.TreeNode(sg.VPC()).(*drawio.VpcTreeNode), sg.NameForAnalyzerOut()) + tn := drawio.NewSGTreeNode(gen.TreeNode(sg.VPC()).(*drawio.VpcTreeNode), sg.Name()) for _, member := range sg.Members { // every SG member is added as an icon treeNode to the SG treeNode: if mTn := gen.TreeNode(member); mTn != nil { @@ -89,10 +89,10 @@ func (v *Vsi) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeN // todo - how to handle this error: zone, _ := v.Zone() zoneTn := gen.TreeNode(zone).(*drawio.ZoneTreeNode) - return drawio.GroupNIsWithVSI(zoneTn, v.NameForAnalyzerOut(), vsiNIs) + return drawio.GroupNIsWithVSI(zoneTn, v.Name(), vsiNIs) } func (ni *NetworkInterface) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { return drawio.NewNITreeNode( - gen.TreeNode(ni.Subnet()).(drawio.SquareTreeNodeInterface), ni.NameForAnalyzerOut(), ni.virtual) + gen.TreeNode(ni.Subnet()).(drawio.SquareTreeNodeInterface), ni.Name(), ni.virtual) } diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index 051e5efc9..ed1f839ef 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -72,9 +72,9 @@ type NetworkInterface struct { // used for synthesis output, if number of nifs is > 1 we use just vsi name func (ni *NetworkInterface) SynthesisResourceName() string { if ni.numberOfNifsInVsi == 1 { - return ni.VPC().NameForAnalyzerOut() + vpcmodel.Deliminator + ni.VsiName() + return ni.VPC().Name() + vpcmodel.Deliminator + ni.VsiName() } - return ni.VPC().NameForAnalyzerOut() + vpcmodel.Deliminator + ni.VsiName() + vpcmodel.Deliminator + ni.ResourceName + return ni.VPC().Name() + vpcmodel.Deliminator + ni.VsiName() + vpcmodel.Deliminator + ni.ResourceName } func (ni *NetworkInterface) SynthesisKind() spec.ResourceType { @@ -132,7 +132,7 @@ func (v *VPC) GetZoneByIPBlock(ipb *ipblock.IPBlock) (string, error) { return z.Name, nil } } - return "", fmt.Errorf("on vpc %s, could not fine zone for ipblock %s", v.NameForAnalyzerOut(), ipb.ToCidrListString()) + return "", fmt.Errorf("on vpc %s, could not fine zone for ipblock %s", v.Name(), ipb.ToCidrListString()) } func (v *VPC) GetZoneByName(name string) (*Zone, error) { @@ -238,9 +238,9 @@ func (psr *privateSubnetRule) IsIngress() bool { func (psr *privateSubnetRule) String(detail bool) string { if !detail { if psr.subnet.IsPrivate() { - return fmt.Sprintf("private subnet %s denies connection", psr.subnet.NameForAnalyzerOut()) + return fmt.Sprintf("private subnet %s denies connection", psr.subnet.Name()) } - return fmt.Sprintf("public subnet %s enables connection", psr.subnet.NameForAnalyzerOut()) + return fmt.Sprintf("public subnet %s enables connection", psr.subnet.Name()) } // detail prefix := "Egress to" @@ -250,9 +250,9 @@ func (psr *privateSubnetRule) String(detail bool) string { prefix += " public internet is" if psr.subnet.IsPrivate() { - return fmt.Sprintf("%s blocked since subnet %s is private\n", prefix, psr.subnet.NameForAnalyzerOut()) + return fmt.Sprintf("%s blocked since subnet %s is private\n", prefix, psr.subnet.Name()) } - return fmt.Sprintf("%s allowed since subnet %s is public\n", prefix, psr.subnet.NameForAnalyzerOut()) + return fmt.Sprintf("%s allowed since subnet %s is public\n", prefix, psr.subnet.Name()) } func (s *Subnet) GetPrivateSubnetRule(src, dst vpcmodel.Node) vpcmodel.PrivateSubnetRule { diff --git a/pkg/ibmvpc/connectivityAnalysis_test.go b/pkg/ibmvpc/connectivityAnalysis_test.go index 5a99dd68d..9128748f4 100644 --- a/pkg/ibmvpc/connectivityAnalysis_test.go +++ b/pkg/ibmvpc/connectivityAnalysis_test.go @@ -282,7 +282,7 @@ func addInterfaceNode(config *vpcmodel.VPCConfig, name, address, vsiName, subnet } // add references between subnet to interface (both directions) for _, subnet := range config.Subnets { - if subnet.NameForAnalyzerOut() == subnetName { + if subnet.Name() == subnetName { subnetActual := subnet.(*commonvpc.Subnet) intfNode.SubnetResource = subnetActual subnetActual.VPCnodes = append(subnetActual.VPCnodes, intfNode) diff --git a/pkg/ibmvpc/examples/out/synthesis_out/acl_testing3_all_vpcs_.json b/pkg/ibmvpc/examples/out/synthesis_out/acl_testing3_all_vpcs_.json index 46f785569..8752c208c 100644 --- a/pkg/ibmvpc/examples/out/synthesis_out/acl_testing3_all_vpcs_.json +++ b/pkg/ibmvpc/examples/out/synthesis_out/acl_testing3_all_vpcs_.json @@ -4,6 +4,36 @@ "external-1": "161.26.0.0/16" }, "required-connections": [ + { + "allowed-protocols": [ + { + "protocol": "ANY" + } + ], + "dst": { + "name": "test-vpc1-ky/vsi1-ky", + "type": "instance" + }, + "src": { + "name": "test-vpc1-ky/vsi2-ky", + "type": "instance" + } + }, + { + "allowed-protocols": [ + { + "protocol": "ICMP" + } + ], + "dst": { + "name": "external-0", + "type": "external" + }, + "src": { + "name": "test-vpc1-ky/vsi2-ky", + "type": "instance" + } + }, { "allowed-protocols": [ { @@ -16,8 +46,8 @@ "type": "instance" }, "src": { - "name": "test-vpc1-ky/vsi3c-ky", - "type": "instance" + "name": "test-vpc1-ky/db-endpoint-gateway-ky", + "type": "vpe" } }, { @@ -32,8 +62,8 @@ "type": "instance" }, "src": { - "name": "test-vpc1-ky/vsi3c-ky", - "type": "instance" + "name": "test-vpc1-ky/db-endpoint-gateway-ky", + "type": "vpe" } }, { @@ -47,8 +77,8 @@ "type": "instance" }, "src": { - "name": "test-vpc1-ky/vsi3c-ky", - "type": "instance" + "name": "test-vpc1-ky/db-endpoint-gateway-ky", + "type": "vpe" } }, { @@ -65,8 +95,8 @@ "type": "instance" }, "src": { - "name": "test-vpc1-ky/vsi3c-ky", - "type": "instance" + "name": "test-vpc1-ky/db-endpoint-gateway-ky", + "type": "vpe" } }, { @@ -77,12 +107,12 @@ ], "bidirectional": true, "dst": { - "name": "test-vpc1-ky/db-endpoint-gateway-ky", - "type": "vpe" - }, - "src": { "name": "test-vpc1-ky/vsi3c-ky", "type": "instance" + }, + "src": { + "name": "test-vpc1-ky/db-endpoint-gateway-ky", + "type": "vpe" } }, { @@ -142,8 +172,8 @@ ], "bidirectional": true, "dst": { - "name": "test-vpc1-ky/db-endpoint-gateway-ky", - "type": "vpe" + "name": "test-vpc1-ky/vsi3c-ky", + "type": "instance" }, "src": { "name": "test-vpc1-ky/vsi3b-ky", @@ -191,41 +221,11 @@ ], "bidirectional": true, "dst": { - "name": "test-vpc1-ky/db-endpoint-gateway-ky", - "type": "vpe" - }, - "src": { - "name": "test-vpc1-ky/vsi3a-ky", - "type": "instance" - } - }, - { - "allowed-protocols": [ - { - "protocol": "ANY" - } - ], - "dst": { - "name": "test-vpc1-ky/vsi1-ky", - "type": "instance" - }, - "src": { - "name": "test-vpc1-ky/vsi2-ky", + "name": "test-vpc1-ky/vsi3c-ky", "type": "instance" - } - }, - { - "allowed-protocols": [ - { - "protocol": "ICMP" - } - ], - "dst": { - "name": "external-0", - "type": "external" }, "src": { - "name": "test-vpc1-ky/vsi2-ky", + "name": "test-vpc1-ky/vsi3a-ky", "type": "instance" } }, @@ -273,8 +273,8 @@ "type": "instance" }, "src": { - "name": "test-vpc1-ky/db-endpoint-gateway-ky", - "type": "vpe" + "name": "test-vpc1-ky/vsi3c-ky", + "type": "instance" } }, { @@ -291,8 +291,8 @@ "type": "instance" }, "src": { - "name": "test-vpc1-ky/db-endpoint-gateway-ky", - "type": "vpe" + "name": "test-vpc1-ky/vsi3c-ky", + "type": "instance" } } ] diff --git a/pkg/ibmvpc/examples/out/synthesis_out/experiments_env_all_vpcs_.json b/pkg/ibmvpc/examples/out/synthesis_out/experiments_env_all_vpcs_.json index 8e810c28b..49d77b4c2 100644 --- a/pkg/ibmvpc/examples/out/synthesis_out/experiments_env_all_vpcs_.json +++ b/pkg/ibmvpc/examples/out/synthesis_out/experiments_env_all_vpcs_.json @@ -11,11 +11,11 @@ ], "bidirectional": true, "dst": { - "name": "test-vpc1-ky/vsi1-ky", + "name": "test-vpc1-ky/vsi2-ky", "type": "instance" }, "src": { - "name": "test-vpc1-ky/vsi2-ky", + "name": "test-vpc1-ky/vsi1-ky", "type": "instance" } }, @@ -31,7 +31,7 @@ "type": "instance" }, "src": { - "name": "test-vpc1-ky/vsi2-ky", + "name": "test-vpc1-ky/vsi1-ky", "type": "instance" } }, @@ -43,8 +43,8 @@ ], "bidirectional": true, "dst": { - "name": "external-0", - "type": "external" + "name": "test-vpc1-ky/vsi0-ky", + "type": "instance" }, "src": { "name": "test-vpc1-ky/vsi2-ky", @@ -59,11 +59,11 @@ ], "bidirectional": true, "dst": { - "name": "test-vpc1-ky/vsi0-ky", - "type": "instance" + "name": "external-0", + "type": "external" }, "src": { - "name": "test-vpc1-ky/vsi1-ky", + "name": "test-vpc1-ky/vsi2-ky", "type": "instance" } }, diff --git a/pkg/ibmvpc/ibmDrawioGenerator.go b/pkg/ibmvpc/ibmDrawioGenerator.go index 6fc09f8d9..f56f64c9f 100644 --- a/pkg/ibmvpc/ibmDrawioGenerator.go +++ b/pkg/ibmvpc/ibmDrawioGenerator.go @@ -22,12 +22,12 @@ func (pip *PrivateIP) ShowOnSubnetMode() bool { return false } func (n *IKSNode) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { return drawio.NewNITreeNode( - gen.TreeNode(n.Subnet()).(drawio.SquareTreeNodeInterface), n.NameForAnalyzerOut(), false) + gen.TreeNode(n.Subnet()).(drawio.SquareTreeNodeInterface), n.Name(), false) } func (r *ReservedIP) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { return drawio.NewResIPTreeNode( - gen.TreeNode(r.Subnet()).(drawio.SquareTreeNodeInterface), r.NameForAnalyzerOut()) + gen.TreeNode(r.Subnet()).(drawio.SquareTreeNodeInterface), r.Name()) } func (v *Vpe) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { @@ -39,27 +39,27 @@ func (v *Vpe) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeN resIPs[i] = gen.TreeNode(resIP) } vpcTn := gen.TreeNode(v.VPC()).(drawio.SquareTreeNodeInterface) - return drawio.GroupResIPsWithVpe(vpcTn, v.NameForAnalyzerOut(), resIPs) + return drawio.GroupResIPsWithVpe(vpcTn, v.Name(), resIPs) } func (pgw *PublicGateway) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { // todo - how to handle this error: zone, _ := pgw.Zone() zoneTn := gen.TreeNode(zone).(*drawio.ZoneTreeNode) - return drawio.NewGatewayTreeNode(zoneTn, pgw.NameForAnalyzerOut()) + return drawio.NewGatewayTreeNode(zoneTn, pgw.Name()) } func (fip *FloatingIP) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { // todo - what if r.Src() is not at size of one? itn := gen.TreeNode(fip.Sources()[0]) if itn != nil { - itn.(drawio.IconTreeNodeInterface).SetFIP(fip.NameForAnalyzerOut()) + itn.(drawio.IconTreeNodeInterface).SetFIP(fip.Name()) } return itn } func (tgw *TransitGateway) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { - return drawio.NewTransitGatewayTreeNode(gen.TreeNode(tgw.Region()).(*drawio.RegionTreeNode), tgw.NameForAnalyzerOut()) + return drawio.NewTransitGatewayTreeNode(gen.TreeNode(tgw.Region()).(*drawio.RegionTreeNode), tgw.Name()) } func (lb *LoadBalancer) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) drawio.TreeNodeInterface { if len(lb.Nodes()) == 0 { @@ -79,5 +79,5 @@ func (pip *PrivateIP) GenerateDrawioTreeNode(gen *vpcmodel.DrawioGenerator) draw return nil } return drawio.NewPrivateIPTreeNode( - gen.TreeNode(pip.Subnet()).(drawio.SquareTreeNodeInterface), pip.NameForAnalyzerOut(), pip.original) + gen.TreeNode(pip.Subnet()).(drawio.SquareTreeNodeInterface), pip.Name(), pip.original) } diff --git a/pkg/ibmvpc/implicit_routing.go b/pkg/ibmvpc/implicit_routing.go index 846767bfe..34ab3a360 100644 --- a/pkg/ibmvpc/implicit_routing.go +++ b/pkg/ibmvpc/implicit_routing.go @@ -112,7 +112,7 @@ func (rt *systemImplicitRT) getIngressPath(dest *ipblock.IPBlock) (vpcmodel.Path path := rt.destAsPath(dest) if len(path) == 0 { return nil, fmt.Errorf("getIngressPath: failed to find path to dest resource address %s in VPC %s", - dest.String(), rt.vpc.NameForAnalyzerOut()) + dest.String(), rt.vpc.Name()) } return path, nil } diff --git a/pkg/ibmvpc/parser.go b/pkg/ibmvpc/parser.go index bb73e744b..10c03b3fe 100644 --- a/pkg/ibmvpc/parser.go +++ b/pkg/ibmvpc/parser.go @@ -249,7 +249,7 @@ func (rc *IBMresourcesContainer) getRoutingTables( // skipping this rt continue } - logging.Debugf("add rt %s for vpc %s\n", rtObj.NameForAnalyzerOut(), vpcUID) + logging.Debugf("add rt %s for vpc %s\n", rtObj.Name(), vpcUID) vpcConfig.AddRoutingTable(rtObj) res.SetConfig(vpcUID, vpcConfig) @@ -1060,7 +1060,7 @@ func getSubnetFromObject(subnetObj vpc1.SubnetReference, vpcConfig *vpcmodel.VPC if subnetRes, ok = vpcConfig.UIDToResource[*subnetObj.CRN]; !ok { return nil, fmt.Errorf("subnet %s is missing from config of vpc %s", *subnetObj.Name, - vpcConfig.VPC.NameForAnalyzerOut(), + vpcConfig.VPC.Name(), ) } if subnet, ok = subnetRes.(*commonvpc.Subnet); !ok { @@ -1414,7 +1414,7 @@ func getLoadBalancerIPs(vpcConfig *vpcmodel.VPCConfig, continue default: // subnet does not have a private IP, we create unique ip info - name = "pip-name-of-" + subnet.NameForAnalyzerOut() + "-" + *loadBalancerObj.Name + name = "pip-name-of-" + subnet.Name() + "-" + *loadBalancerObj.Name id = "pip-uid-of-" + subnet.UID() + *loadBalancerObj.ID var err error address, err = subnetsBlocks.allocSubnetFreeAddress(*subnetObj.CRN, blockIndex) @@ -1478,7 +1478,7 @@ func createPrivateIP(name, id, address, publicAddress string, if publicAddress != "" { routerFip := &FloatingIP{ VPCResource: vpcmodel.VPCResource{ - ResourceName: "fip-name-of-" + privateIP.NameForAnalyzerOut(), + ResourceName: "fip-name-of-" + privateIP.Name(), ResourceUID: "fip-uid-of-" + privateIP.UID(), Zone: privateIP.ZoneName(), ResourceType: commonvpc.ResourceTypeFloatingIP, @@ -1499,11 +1499,11 @@ func printVPCConfigs(c *vpcmodel.MultipleVPCConfigs) { } fmt.Println("VPCs to analyze:") for vpcUID, config := range c.Configs() { - logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.NameForAnalyzerOut()) + logging.Debugf("VPC UID: %s, Name: %s\n", vpcUID, config.VPC.Name()) } commonvpc.PrintLineSection() for vpcUID, config := range c.Configs() { - logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.NameForAnalyzerOut()) + logging.Debugf("config for vpc %s (vpc name: %s)\n", vpcUID, config.VPC.Name()) printConfig(config) } commonvpc.PrintLineSection() diff --git a/pkg/ibmvpc/routing_tables_analysis.go b/pkg/ibmvpc/routing_tables_analysis.go index 428049567..3ac825654 100644 --- a/pkg/ibmvpc/routing_tables_analysis.go +++ b/pkg/ibmvpc/routing_tables_analysis.go @@ -605,7 +605,7 @@ func (irt *ingressRoutingTable) advertiseRoutes(vpcConfig *vpcmodel.VPCConfig) { if !routeObj.advertise { continue } - logging.Debugf("rt %s - try to advertise route with dest %s", irt.NameForAnalyzerOut(), routeObj.destination) + logging.Debugf("rt %s - try to advertise route with dest %s", irt.Name(), routeObj.destination) routeCidr := routeObj.destIPBlock tgws := getTGWs(vpcConfig) @@ -618,13 +618,13 @@ func (irt *ingressRoutingTable) advertiseRoutes(vpcConfig *vpcmodel.VPCConfig) { var tgwAB *TransitGateway for _, tgw := range tgws { for _, vpc := range tgw.vpcs { - logging.Debugf("check tgw %s with vpc %s, AP %s", tgw.NameForAnalyzerOut(), - vpc.NameForAnalyzerOut(), vpc.AddressPrefixesIPBlock.ToCidrListString()) + logging.Debugf("check tgw %s with vpc %s, AP %s", tgw.Name(), + vpc.Name(), vpc.AddressPrefixesIPBlock.ToCidrListString()) // TODO: shouldn't be containment rather than intersection?? (works with intersection on hub-n-spoke config object) if vpc.UID() != irt.vpc.UID() && routeCidr.Overlap(vpc.AddressPrefixesIPBlock) { vpcB = vpc tgwAB = tgw - logging.Debugf("found tgwAB: %s, vpcB: %s ", tgwAB.NameForAnalyzerOut(), vpcB.NameForAnalyzerOut()) + logging.Debugf("found tgwAB: %s, vpcB: %s ", tgwAB.Name(), vpcB.Name()) break } } @@ -650,7 +650,7 @@ func (irt *ingressRoutingTable) advertiseRoutes(vpcConfig *vpcmodel.VPCConfig) { } tgwAC = tgw // the tgw A-C to which should propagate Y (routeCidr) as available "from" vpcA updateTGWWithAdvertisedRoute(tgwAC, irt.vpc, routeCidr) - logging.Debugf("call updateTGWWithAdvertisedRoute for tgw %s, new cidr %s, from vpc %s", tgwAC.NameForAnalyzerOut(), + logging.Debugf("call updateTGWWithAdvertisedRoute for tgw %s, new cidr %s, from vpc %s", tgwAC.Name(), routeCidr.ToCidrListString(), irt.vpc.ResourceName) } } diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index 60fe0adda..d75e1ac56 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -517,7 +517,7 @@ func (tgw *TransitGateway) tgwPrefixStr(tc *datamodel.TransitConnection, } if len(tc.PrefixFilters) < prefixIndx+1 { return "", "", fmt.Errorf("np-guard error: prefix index %d does not exists in transit connection %s of transit gateway %s", - prefixIndx, *tc.Name, tgw.NameForAnalyzerOut()) + prefixIndx, *tc.Name, tgw.Name()) } prefixFilter := tc.PrefixFilters[prefixIndx] actionName, err = actionNameStr(prefixFilter.Action) @@ -603,7 +603,7 @@ func (tgw *TransitGateway) stringPrefixFiltersVerbose(transitConn *datamodel.Tra action = "blocks" } thisPrefixStr = fmt.Sprintf("\ttransit gateway %s %s connection via transit connection %s "+ - "with the following prefix filter\n%s%s\n", tgw.NameForAnalyzerOut(), action, *transitConn.Name, + "with the following prefix filter\n%s%s\n", tgw.Name(), action, *transitConn.Name, doubleTab, tgwRouterFilterDetails) strRes = append(strRes, thisPrefixStr) } @@ -615,7 +615,7 @@ func (tgw *TransitGateway) stringPrefixFiltersVerbose(transitConn *datamodel.Tra func (tgw *TransitGateway) stringPrefixFiltersNoVerbose(transitConn *datamodel.TransitConnection, rulesType vpcmodel.RulesType) string { noVerboseStr := fmt.Sprintf("cross-vpc-connection: transit-connection %s of transit-gateway %s ", - *transitConn.Name, tgw.NameForAnalyzerOut()) + *transitConn.Name, tgw.Name()) switch rulesType { case vpcmodel.OnlyAllow: return noVerboseStr + "allows connection" diff --git a/pkg/linter/lintRuleCIDROutOfRange.go b/pkg/linter/lintRuleCIDROutOfRange.go index f74df1ee2..40d5650cb 100644 --- a/pkg/linter/lintRuleCIDROutOfRange.go +++ b/pkg/linter/lintRuleCIDROutOfRange.go @@ -91,7 +91,7 @@ func (finding *ruleNonRelevantCIDR) vpc() []vpcmodel.VPCResourceIntf { func (finding *ruleNonRelevantCIDR) string() string { rule := finding.rule - strPrefix := fmt.Sprintf("In VPC %q, %s %q ", finding.vpcResource.NameForAnalyzerOut(), finding.rule.Filter.LayerName, + strPrefix := fmt.Sprintf("In VPC %q, %s %q ", finding.vpcResource.Name(), finding.rule.Filter.LayerName, rule.Filter.FilterName) if rule.IsIngress { strPrefix += fmt.Sprintf("ingress rule with destination %s ", finding.rule.DstCidr.String()) @@ -114,7 +114,7 @@ func (finding *ruleNonRelevantCIDR) toJSON() any { rule := finding.rule table := vpcmodel.Filter{LayerName: rule.Filter.LayerName, FilterName: rule.Filter.FilterName} - res := rulesNonRelevantCIDRJSON{VpcName: finding.vpc()[0].NameForAnalyzerOut(), Rule: vpcmodel.RuleOfFilter{Filter: table, + res := rulesNonRelevantCIDRJSON{VpcName: finding.vpc()[0].Name(), Rule: vpcmodel.RuleOfFilter{Filter: table, RuleIndex: rule.RuleIndex, RuleDesc: rule.RuleDesc}, VpcAddressRange: finding.vpcResource.AddressRange().String()} return res diff --git a/pkg/linter/lintRuleShadowedOrImplied.go b/pkg/linter/lintRuleShadowedOrImplied.go index 76b4a134c..4896ea7db 100644 --- a/pkg/linter/lintRuleShadowedOrImplied.go +++ b/pkg/linter/lintRuleShadowedOrImplied.go @@ -191,7 +191,7 @@ func (finding *ruleRedundant) vpc() []vpcmodel.VPCResourceIntf { func (finding *ruleRedundant) string() string { rule := finding.rule strResPrefix := fmt.Sprintf("In VPC %q, %s %q rule is ", - finding.vpcResource.NameForAnalyzerOut(), finding.rule.Filter.LayerName, rule.Filter.FilterName) + finding.vpcResource.Name(), finding.rule.Filter.LayerName, rule.Filter.FilterName) if rule.Filter.LayerName == NetworkACL { if len(finding.containRules) == 1 { strResPrefix += "shadowed by a higher priority rule" @@ -241,7 +241,7 @@ func (finding *ruleRedundant) toJSON() any { containRules[i] = *rule i++ } - res := ruleRedundantJSON{VpcName: finding.vpc()[0].NameForAnalyzerOut(), Rule: vpcmodel.RuleOfFilter{Filter: table, + res := ruleRedundantJSON{VpcName: finding.vpc()[0].Name(), Rule: vpcmodel.RuleOfFilter{Filter: table, RuleIndex: rule.RuleIndex, RuleDesc: rule.RuleDesc}, ContainRules: containRules} return res } diff --git a/pkg/linter/lintRuleSplitSubnet.go b/pkg/linter/lintRuleSplitSubnet.go index 682f1b165..6b3535e59 100644 --- a/pkg/linter/lintRuleSplitSubnet.go +++ b/pkg/linter/lintRuleSplitSubnet.go @@ -101,7 +101,7 @@ func (finding *splitRuleSubnet) string() string { rule := finding.rule subnetsStrSlice := make([]string, len(finding.splitSubnets)) for i, subnet := range finding.splitSubnets { - subnetsStrSlice[i] = fmt.Sprintf("%q (%s)", subnet.NameForAnalyzerOut(), subnet.CIDR()) + subnetsStrSlice[i] = fmt.Sprintf("%q (%s)", subnet.Name(), subnet.CIDR()) } subnetStr := strings.Join(subnetsStrSlice, ", ") if len(subnetsStrSlice) > 1 { @@ -110,7 +110,7 @@ func (finding *splitRuleSubnet) string() string { subnetStr = "subnet " + subnetStr } return fmt.Sprintf("In VPC %q, %s %q rule splits %s.\n\tRule details: %s", - finding.vpc()[0].NameForAnalyzerOut(), finding.rule.Filter.LayerName, rule.Filter.FilterName, subnetStr, + finding.vpc()[0].Name(), finding.rule.Filter.LayerName, rule.Filter.FilterName, subnetStr, strings.ReplaceAll(rule.RuleDesc, "\n", "")) } @@ -125,11 +125,11 @@ func (finding *splitRuleSubnet) toJSON() any { rule := finding.rule splitSubnetsJSON := make([]subnetJSON, len(finding.splitSubnets)) for i, splitSubnet := range finding.splitSubnets { - splitSubnetsJSON[i] = subnetJSON{Name: splitSubnet.NameForAnalyzerOut(), CIDR: splitSubnet.CIDR()} + splitSubnetsJSON[i] = subnetJSON{Name: splitSubnet.Name(), CIDR: splitSubnet.CIDR()} } table := vpcmodel.Filter{LayerName: rule.Filter.LayerName, FilterName: rule.Filter.FilterName} - res := splitRuleSubnetJSON{VpcName: finding.vpc()[0].NameForAnalyzerOut(), Rule: vpcmodel.RuleOfFilter{Filter: table, + res := splitRuleSubnetJSON{VpcName: finding.vpc()[0].Name(), Rule: vpcmodel.RuleOfFilter{Filter: table, RuleIndex: rule.RuleIndex, RuleDesc: rule.RuleDesc}, SplitSubnets: splitSubnetsJSON} return res diff --git a/pkg/linter/lintSubnetCIDROverlap.go b/pkg/linter/lintSubnetCIDROverlap.go index 84f57b9ce..39acb10e8 100644 --- a/pkg/linter/lintSubnetCIDROverlap.go +++ b/pkg/linter/lintSubnetCIDROverlap.go @@ -75,12 +75,12 @@ func (finding *overlapSubnets) vpc() []vpcmodel.VPCResourceIntf { func (finding *overlapSubnets) string() string { subnet1 := finding.overlapSubnets[0] subnet2 := finding.overlapSubnets[1] - return fmt.Sprintf("VPC %q's %s and VPC %q's %s overlap", subnet1.VPC().NameForAnalyzerOut(), subnetStr(subnet1), - subnet2.VPC().NameForAnalyzerOut(), subnetStr(subnet2)) + return fmt.Sprintf("VPC %q's %s and VPC %q's %s overlap", subnet1.VPC().Name(), subnetStr(subnet1), + subnet2.VPC().Name(), subnetStr(subnet2)) } func subnetStr(subnet vpcmodel.Subnet) string { - return fmt.Sprintf("subnet %q [%s]", subnet.NameForAnalyzerOut(), subnet.CIDR()) + return fmt.Sprintf("subnet %q [%s]", subnet.Name(), subnet.CIDR()) } // for json: details of overlapping subnets @@ -98,8 +98,8 @@ type subnetJSON struct { func (finding *overlapSubnets) toJSON() any { overlapsSubnetsJSON := make([]subnetJSON, 2) for i := range finding.overlapSubnets { - overlapsSubnetsJSON[i] = subnetJSON{Name: finding.overlapSubnets[i].NameForAnalyzerOut(), - VpcName: finding.overlapSubnets[i].VPC().NameForAnalyzerOut(), CIDR: finding.overlapSubnets[i].CIDR()} + overlapsSubnetsJSON[i] = subnetJSON{Name: finding.overlapSubnets[i].Name(), + VpcName: finding.overlapSubnets[i].VPC().Name(), CIDR: finding.overlapSubnets[i].CIDR()} } res := overlapSubnetsJSON{OverlapSubnets: overlapsSubnetsJSON, OverlapCidr: finding.overlapIPBlocks.String()} return res diff --git a/pkg/linter/lintTCPReposnseBlocked.go b/pkg/linter/lintTCPReposnseBlocked.go index b8a73db77..a781c8bd3 100644 --- a/pkg/linter/lintTCPReposnseBlocked.go +++ b/pkg/linter/lintTCPReposnseBlocked.go @@ -84,7 +84,7 @@ func (finding *blockedTCPResponseConn) string() string { func (finding *blockedTCPResponseConn) getVpcName(i int) string { if finding.vpc()[i] != nil { // nil if external address - return finding.vpc()[i].NameForAnalyzerOut() + deliminator + return finding.vpc()[i].Name() + deliminator } return "" } @@ -97,8 +97,8 @@ type blockedTCPResponseConnJSON struct { } func (finding *blockedTCPResponseConn) toJSON() any { - vpcSrcName := finding.vpc()[0].NameForAnalyzerOut() - vpcDstName := finding.vpc()[1].NameForAnalyzerOut() + vpcSrcName := finding.vpc()[0].Name() + vpcDstName := finding.vpc()[1].Name() res := blockedTCPResponseConnJSON{Src: vpcSrcName + deliminator + finding.src.NameForAnalyzerOut(), Dst: vpcDstName + deliminator + finding.dst.NameForAnalyzerOut(), TCPRspDisable: connection.ToJSON(finding.tcpRspDisable)} return res diff --git a/pkg/linter/lintUnattached.go b/pkg/linter/lintUnattached.go index 241431fc1..3d11fe4b6 100644 --- a/pkg/linter/lintUnattached.go +++ b/pkg/linter/lintUnattached.go @@ -76,7 +76,7 @@ func (finding *nonConnectedTable) vpc() []vpcmodel.VPCResourceIntf { } func (finding *nonConnectedTable) string() string { - return fmt.Sprintf("In VPC %q, %s %q has no resources attached to it", finding.vpc()[0].NameForAnalyzerOut(), + return fmt.Sprintf("In VPC %q, %s %q has no resources attached to it", finding.vpc()[0].Name(), finding.layerName, finding.table.FilterName) } @@ -87,6 +87,6 @@ type nonConnectedTableJSON struct { } func (finding *nonConnectedTable) toJSON() any { - return nonConnectedTableJSON{vpcName: finding.vpc()[0].NameForAnalyzerOut(), + return nonConnectedTableJSON{vpcName: finding.vpc()[0].Name(), layerName: finding.layerName, tableName: finding.table.FilterName} } diff --git a/pkg/vpcmodel/abstractVPC.go b/pkg/vpcmodel/abstractVPC.go index acdbe2669..5e34628ad 100644 --- a/pkg/vpcmodel/abstractVPC.go +++ b/pkg/vpcmodel/abstractVPC.go @@ -56,7 +56,7 @@ func (n *VPCResource) NameForAnalyzerOut() string { } func (n *VPCResource) SynthesisResourceName() string { - return n.VPC().NameForAnalyzerOut() + Deliminator + n.ResourceName + return n.VPC().Name() + Deliminator + n.ResourceName } func (n *VPCResource) SynthesisKind() spec.ResourceType { @@ -95,7 +95,7 @@ func (n *VPCResource) RegionName() string { } func (n *VPCResource) NameAndUID() string { - return n.NameForAnalyzerOut() + leftParentheses + n.UID() + rightParentheses + return n.Name() + leftParentheses + n.UID() + rightParentheses } // todo: define enum for filters diff --git a/pkg/vpcmodel/drawioGenerator.go b/pkg/vpcmodel/drawioGenerator.go index 0e51097bc..96c452537 100644 --- a/pkg/vpcmodel/drawioGenerator.go +++ b/pkg/vpcmodel/drawioGenerator.go @@ -92,7 +92,7 @@ func (g *groupedEndpointsElems) GenerateDrawioTreeNode(gen *DrawioGenerator) dra groupedIconsTNs[i] = gen.TreeNode(node).(drawio.IconTreeNodeInterface) } subnetTn := groupedIconsTNs[0].Parent().(*drawio.SubnetTreeNode) - return drawio.NewGroupSquareTreeNode(subnetTn, groupedIconsTNs, g.NameForAnalyzerOut()) + return drawio.NewGroupSquareTreeNode(subnetTn, groupedIconsTNs, g.Name()) } func (g *groupedExternalNodes) GenerateDrawioTreeNode(gen *DrawioGenerator) drawio.TreeNodeInterface { diff --git a/pkg/vpcmodel/explainabilityInput.go b/pkg/vpcmodel/explainabilityInput.go index d4beedd19..ab52ce4e9 100644 --- a/pkg/vpcmodel/explainabilityInput.go +++ b/pkg/vpcmodel/explainabilityInput.go @@ -209,7 +209,7 @@ func (c *MultipleVPCConfigs) listNamesCfg(configsWithSrcDstNode map[string]srcAn matchConfigs := make([]string, len(configsWithSrcDstNode)) for vpcUID := range configsWithSrcDstNode { // the endpoints are in more than one config; lists all the configs it is in for the error msg - matchConfigs[i] = c.Config(vpcUID).VPC.NameForAnalyzerOut() + matchConfigs[i] = c.Config(vpcUID).VPC.Name() i++ } sort.Strings(matchConfigs) @@ -226,9 +226,9 @@ func (c *MultipleVPCConfigs) listNamesCrossVpcRouters( routingResources := c.Config(vpcUID).RoutingResources if len(routingResources) != 1 { return "", fmt.Errorf("np-guard error: multi-vpc config %s should have a single routing resource, "+ - "but has %v routing resources", c.Config(vpcUID).VPC.NameForAnalyzerOut(), len(routingResources)) + "but has %v routing resources", c.Config(vpcUID).VPC.Name(), len(routingResources)) } - crossVpcRouters[i] = routingResources[0].NameForAnalyzerOut() + crossVpcRouters[i] = routingResources[0].Name() i++ } sort.Strings(crossVpcRouters) @@ -339,8 +339,8 @@ func (c *VPCConfig) getNodesOfSubnet(name string) ([]Node, error) { inputSubnet, inputVpc := getResourceAndVpcNames(name) var foundSubnet Subnet for _, subnet := range c.Subnets { - if (inputVpc == "" || subnet.VPC().NameForAnalyzerOut() == inputVpc) && - (inputSubnet == subnet.UID() || inputSubnet == subnet.NameForAnalyzerOut()) { + if (inputVpc == "" || subnet.VPC().Name() == inputVpc) && + (inputSubnet == subnet.UID() || inputSubnet == subnet.Name()) { foundSubnet = subnet } } @@ -349,7 +349,7 @@ func (c *VPCConfig) getNodesOfSubnet(name string) ([]Node, error) { } subnetNodes := c.getNodesWithinInternalAddressFilterNonRelevant(foundSubnet.AddressRange()) if len(subnetNodes) == 0 { - return nil, fmt.Errorf("subnet %s [%s] contains no endpoints", foundSubnet.NameForAnalyzerOut(), foundSubnet.AddressRange()) + return nil, fmt.Errorf("subnet %s [%s] contains no endpoints", foundSubnet.Name(), foundSubnet.AddressRange()) } return subnetNodes, nil } @@ -362,8 +362,8 @@ func (c *VPCConfig) getNodesOfEndpoint(name string) ([]Node, int, error) { // endpoint name may be prefixed by vpc name endpoint, vpc := getResourceAndVpcNames(name) for _, nodeSet := range append(c.NodeSets, c.loadBalancersAsNodeSets()...) { - if (vpc == "" || nodeSet.VPC().NameForAnalyzerOut() == vpc) && - nodeSet.NameForAnalyzerOut() == endpoint || // if vpc of endpoint specified, equality must hold + if (vpc == "" || nodeSet.VPC().Name() == vpc) && + nodeSet.Name() == endpoint || // if vpc of endpoint specified, equality must hold nodeSet.UID() == uid { if nodeSetOfEndpoint != nil { return nil, fatalErr, fmt.Errorf("ambiguity - the configuration contains multiple resources named %s, "+ diff --git a/pkg/vpcmodel/explainabilityPrint.go b/pkg/vpcmodel/explainabilityPrint.go index f7dcc0d08..b22ecc040 100644 --- a/pkg/vpcmodel/explainabilityPrint.go +++ b/pkg/vpcmodel/explainabilityPrint.go @@ -31,7 +31,7 @@ func explainHeader(explanation *Explanation) string { singleVpcContext := "" // communication within a single vpc if explanation.c != nil && !explanation.c.IsMultipleVPCsConfig { - singleVpcContext = fmt.Sprintf(" within %v", explanation.c.VPC.NameForAnalyzerOut()) + singleVpcContext = fmt.Sprintf(" within %v", explanation.c.VPC.Name()) } title := fmt.Sprintf("Explaining connectivity from %s to %s%s%s", explanation.src, explanation.dst, singleVpcContext, connHeader(explanation.connQuery)) @@ -448,13 +448,13 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src } pathSlice = append(pathSlice, externalRouterStr) } else if crossVpcRouterInPath { // src and dst are internal and there is a cross vpc Router - pathSlice = append(pathSlice, newLineTab+src.(InternalNodeIntf).Subnet().VPC().NameForAnalyzerOut(), + pathSlice = append(pathSlice, newLineTab+src.(InternalNodeIntf).Subnet().VPC().Name(), crossVpcRouter.Kind()+space+crossVpcRouter.NameForAnalyzerOut()) if crossVpcConnection.IsEmpty() { // cross vpc (tgw) denys connection pathSlice[len(pathSlice)-1] = blockedLeft + pathSlice[len(pathSlice)-1] // blocking cross-vpc router return blockedPathStr(pathSlice) } - pathSlice = append(pathSlice, dst.(InternalNodeIntf).Subnet().VPC().NameForAnalyzerOut()) + pathSlice = append(pathSlice, dst.(InternalNodeIntf).Subnet().VPC().Name()) } ingressPath := pathOfSingleDirectionStr(allRulesDetails, dst, filtersRelevant, rules, true, privateSubnetRule) pathSlice = append(pathSlice, ingressPath...) @@ -524,7 +524,7 @@ func returnPathSlice(isIngress bool, pathSlice []string) []string { func getSubnetStr(node EndpointElem) string { subnet := node.(InternalNodeIntf).Subnet() - return strings.ToLower(subnet.Kind()) + space + subnet.NameForAnalyzerOut() + return strings.ToLower(subnet.Kind()) + space + subnet.Name() } // FilterKindName returns the name of a filter kind within filter layers - e.g. "security group". diff --git a/pkg/vpcmodel/externalNetwork.go b/pkg/vpcmodel/externalNetwork.go index 5345b7e45..321c844b3 100644 --- a/pkg/vpcmodel/externalNetwork.go +++ b/pkg/vpcmodel/externalNetwork.go @@ -51,7 +51,7 @@ type ExternalNetwork struct { ipblock *ipblock.IPBlock } -func (exn *ExternalNetwork) UID() string { return exn.NameForAnalyzerOut() } +func (exn *ExternalNetwork) UID() string { return exn.Name() } func (exn *ExternalNetwork) ZoneName() string { return "" } func (exn *ExternalNetwork) RegionName() string { return "" } func (exn *ExternalNetwork) IsExternal() bool { return true } diff --git a/pkg/vpcmodel/jsonOutput.go b/pkg/vpcmodel/jsonOutput.go index 1078a708e..a5d2302ce 100644 --- a/pkg/vpcmodel/jsonOutput.go +++ b/pkg/vpcmodel/jsonOutput.go @@ -39,9 +39,9 @@ func (j *JSONoutputFormatter) WriteOutput(c1, c2 *VPCConfig, outStr, err := writeJSON(all, outFile) v2Name := "" if c2 != nil { - v2Name = c2.VPC.NameForAnalyzerOut() + v2Name = c2.VPC.Name() } - return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.NameForAnalyzerOut(), VPC2Name: v2Name, format: JSON, jsonStruct: all}, err + return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.Name(), VPC2Name: v2Name, format: JSON, jsonStruct: all}, err } type connLine struct { diff --git a/pkg/vpcmodel/mdOutput.go b/pkg/vpcmodel/mdOutput.go index eed356349..5bd6c7e0d 100644 --- a/pkg/vpcmodel/mdOutput.go +++ b/pkg/vpcmodel/mdOutput.go @@ -37,9 +37,9 @@ func (m *MDoutputFormatter) WriteOutput(c1, c2 *VPCConfig, // get output by analysis type v2Name := "" if c2 != nil { - v2Name = c2.VPC.NameForAnalyzerOut() + v2Name = c2.VPC.Name() } - out, err := headerOfAnalyzedVPC(uc, c1.VPC.NameForAnalyzerOut(), v2Name, c1, explanation) + out, err := headerOfAnalyzedVPC(uc, c1.VPC.Name(), v2Name, c1, explanation) if err != nil { return nil, err } @@ -76,7 +76,7 @@ func (m *MDoutputFormatter) WriteOutput(c1, c2 *VPCConfig, out += linesToOutput(connLines, lines) _, err = WriteToFile(out, outFile) - return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.NameForAnalyzerOut(), VPC2Name: v2Name, format: MD, + return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.Name(), VPC2Name: v2Name, format: MD, hasStatelessConn: hasStatelessConns, hasOverApproximatedConn: hasOverApproximatedConn}, err } diff --git a/pkg/vpcmodel/multiExplainability.go b/pkg/vpcmodel/multiExplainability.go index ec3954273..0caca37c7 100644 --- a/pkg/vpcmodel/multiExplainability.go +++ b/pkg/vpcmodel/multiExplainability.go @@ -66,7 +66,7 @@ func MultiExplain(srcDstCouples []explainInputEntry, vpcConns map[string]*VPCCon var ok bool if connectivity, ok = vpcConns[srcDstCouple.c.VPC.UID()]; !ok { errConn := fmt.Errorf("npGuard eror: missing connectivity computation for %v %v in MultiExplain", - srcDstCouple.c.VPC.UID(), srcDstCouple.c.VPC.NameForAnalyzerOut()) + srcDstCouple.c.VPC.UID(), srcDstCouple.c.VPC.Name()) multiExplanation[i] = explainOutputEntry{emptyExplain, errConn} continue } diff --git a/pkg/vpcmodel/subnetsConnectivity.go b/pkg/vpcmodel/subnetsConnectivity.go index 3337681c6..6f1425d0e 100644 --- a/pkg/vpcmodel/subnetsConnectivity.go +++ b/pkg/vpcmodel/subnetsConnectivity.go @@ -300,7 +300,7 @@ func (v *VPCsubnetConnectivity) computeAllowedConnsCombined() (GeneralConnectivi for peerNode, conns := range connsRes.EgressAllowedConns { src := subnetNodeSet dst := peerNode - if src.NameForAnalyzerOut() == dst.NameForAnalyzerOut() { + if src.Name() == dst.Name() { continue } combinedConns := conns diff --git a/pkg/vpcmodel/synthesisOutput.go b/pkg/vpcmodel/synthesisOutput.go index 745cdc59a..3144e0ab2 100644 --- a/pkg/vpcmodel/synthesisOutput.go +++ b/pkg/vpcmodel/synthesisOutput.go @@ -40,9 +40,9 @@ func (j *SynthesisOutputFormatter) WriteOutput(c1, c2 *VPCConfig, outStr, err := writeJSON(all, outFile) v2Name := "" if c2 != nil { - v2Name = c2.VPC.NameForAnalyzerOut() + v2Name = c2.VPC.Name() } - return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.NameForAnalyzerOut(), + return &SingleAnalysisOutput{Output: outStr, VPC1Name: c1.VPC.Name(), VPC2Name: v2Name, format: Synthesis, jsonStruct: all}, err } @@ -173,10 +173,10 @@ func sortProtocolList(g spec.ProtocolList) spec.ProtocolList { func sortGroupedLines(g []*groupedConnLine) { sort.Slice(g, func(i, j int) bool { - if g[i].Src.NameForAnalyzerOut() != g[j].Src.NameForAnalyzerOut() { - return g[i].Src.NameForAnalyzerOut() > g[j].Src.NameForAnalyzerOut() - } else if g[i].Dst.NameForAnalyzerOut() != g[j].Dst.NameForAnalyzerOut() { - return g[i].Dst.NameForAnalyzerOut() > g[j].Dst.NameForAnalyzerOut() + if g[i].Src.Name() != g[j].Src.Name() { + return g[i].Src.Name() > g[j].Src.Name() + } else if g[i].Dst.Name() != g[j].Dst.Name() { + return g[i].Dst.Name() > g[j].Dst.Name() } return g[i].CommonProperties.Conn.string() > g[j].CommonProperties.Conn.string() }) diff --git a/pkg/vpcmodel/textOutput.go b/pkg/vpcmodel/textOutput.go index 0ca9f2439..432821fa2 100644 --- a/pkg/vpcmodel/textOutput.go +++ b/pkg/vpcmodel/textOutput.go @@ -58,10 +58,10 @@ func (t *TextOutputFormatter) WriteOutput(c1, c2 *VPCConfig, explanation *Explanation, detailExplain bool) (*SingleAnalysisOutput, error) { vpc2Name := "" if c2 != nil { - vpc2Name = c2.VPC.NameForAnalyzerOut() + vpc2Name = c2.VPC.Name() } // header line - specify the VPC analyzed - out, err := headerOfAnalyzedVPC(uc, c1.VPC.NameForAnalyzerOut(), vpc2Name, c1, explanation) + out, err := headerOfAnalyzedVPC(uc, c1.VPC.Name(), vpc2Name, c1, explanation) if err != nil { return nil, err } @@ -92,6 +92,6 @@ func (t *TextOutputFormatter) WriteOutput(c1, c2 *VPCConfig, } // write output to file and return the output string _, err = WriteToFile(out, outFile) - return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.NameForAnalyzerOut(), + return &SingleAnalysisOutput{Output: out, VPC1Name: c1.VPC.Name(), VPC2Name: vpc2Name, format: Text, hasStatelessConn: hasStatelessConns, hasOverApproximatedConn: hasOverApproximatedConn}, err } diff --git a/pkg/vpcmodel/vpcConfig.go b/pkg/vpcmodel/vpcConfig.go index 9a2068186..ea1866d14 100644 --- a/pkg/vpcmodel/vpcConfig.go +++ b/pkg/vpcmodel/vpcConfig.go @@ -50,7 +50,7 @@ func (c *VPCConfig) SubnetCidrToSubnetElem(cidr string) (Subnet, error) { return subnet, nil } } - return nil, fmt.Errorf("could not find subnet with CIDR %s in VPC %s", cidr, c.VPC.NameForAnalyzerOut()) + return nil, fmt.Errorf("could not find subnet with CIDR %s in VPC %s", cidr, c.VPC.Name()) } func (c *VPCConfig) GetFilterTrafficResourceOfKind(kind string) FilterTrafficResource { From b1520507d6505861db310a9ff9c2de188398c173 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Mon, 23 Sep 2024 12:59:36 +0300 Subject: [PATCH 06/12] remove ExtendedName() method --- pkg/awsvpc/parser.go | 6 +-- pkg/commonvpc/vpc.go | 10 ++--- pkg/ibmvpc/parser.go | 14 +++---- pkg/ibmvpc/vpc.go | 49 +++++++++------------- pkg/linter/lintTCPReposnseBlocked.go | 6 +-- pkg/vpcmodel/abstractVPC.go | 18 ++++---- pkg/vpcmodel/explainabilityConnectivity.go | 8 ++-- pkg/vpcmodel/explainabilityPrint.go | 21 +++++----- pkg/vpcmodel/externalNetwork.go | 6 +-- pkg/vpcmodel/grouping.go | 38 ++++++++--------- pkg/vpcmodel/grouping_test.go | 10 +---- pkg/vpcmodel/jsonOutput.go | 12 +++--- pkg/vpcmodel/mdOutput.go | 6 +-- pkg/vpcmodel/multiExplainability.go | 10 ++--- pkg/vpcmodel/nodesConnectivity.go | 4 +- pkg/vpcmodel/routing_paths.go | 2 +- pkg/vpcmodel/semanticDiff.go | 30 ++++++------- pkg/vpcmodel/semanticDiff_test.go | 2 +- pkg/vpcmodel/subnetsConnectivity.go | 10 ++--- pkg/vpcmodel/textOutput.go | 2 +- pkg/vpcmodel/unifyGrouping.go | 12 +++--- 21 files changed, 124 insertions(+), 152 deletions(-) diff --git a/pkg/awsvpc/parser.go b/pkg/awsvpc/parser.go index 5b30e5808..cc812b198 100644 --- a/pkg/awsvpc/parser.go +++ b/pkg/awsvpc/parser.go @@ -446,15 +446,15 @@ func printConfig(c *vpcmodel.VPCConfig) { if n.IsExternal() { continue } - logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) } logging.Debug("Subnets:") for _, n := range c.Subnets { - logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) } logging.Debug("NodeSets:") for _, n := range c.NodeSets { - logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) } logging.Debug("FilterResources:") for _, f := range c.FilterResources { diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index ed1f839ef..d41ae8c44 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -90,16 +90,12 @@ func (ni *NetworkInterface) VsiName() string { return ni.Vsi } -func (ni *NetworkInterface) NameForAnalyzerOut() string { - return nameWithBracketsInfo(ni.Vsi, ni.Address()) -} - -func (ni *NetworkInterface) ExtendedName(c *vpcmodel.VPCConfig) string { +func (ni *NetworkInterface) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c.IsMultipleVPCsConfig { + if c != nil && c.IsMultipleVPCsConfig { prefix = ni.VPC().Name() + vpcmodel.Deliminator } - return prefix + ni.NameForAnalyzerOut() + return prefix + nameWithBracketsInfo(ni.Vsi, ni.Address()) } func nameWithBracketsInfo(name, inBrackets string) string { diff --git a/pkg/ibmvpc/parser.go b/pkg/ibmvpc/parser.go index 10c03b3fe..1264d43f2 100644 --- a/pkg/ibmvpc/parser.go +++ b/pkg/ibmvpc/parser.go @@ -1517,19 +1517,19 @@ func printConfig(c *vpcmodel.VPCConfig) { if n.IsExternal() { continue } - logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) } logging.Debug("Subnets:") for _, n := range c.Subnets { - logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) } logging.Debug("LoadBalancers:") for _, lb := range c.LoadBalancers { - logging.Debug(strings.Join([]string{lb.Kind(), lb.NameForAnalyzerOut(), lb.AddressRange().ToIPRanges(), lb.UID()}, separator)) + logging.Debug(strings.Join([]string{lb.Kind(), lb.NameForAnalyzerOut(nil), lb.AddressRange().ToIPRanges(), lb.UID()}, separator)) } logging.Debug("NodeSets:") for _, n := range c.NodeSets { - logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) } logging.Debug("FilterResources:") for _, f := range c.FilterResources { @@ -1554,14 +1554,14 @@ func printConfig(c *vpcmodel.VPCConfig) { } logging.Debug("RoutingResources:") for _, r := range c.RoutingResources { - logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(), r.UID()}, separator)) + logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(nil), r.UID()}, separator)) if tgw, ok := r.(*TransitGateway); ok { printTGWAvailableRoutes(tgw) } } logging.Debug("RoutingTables:") for _, r := range c.RoutingTables { - logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(), r.UID(), "vpc:", r.VPC().UID()}, separator)) + logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(nil), r.UID(), "vpc:", r.VPC().UID()}, separator)) if rt, ok := r.(*ingressRoutingTable); ok { logging.Debug("ingress routing table") logging.Debug(rt.string()) @@ -1572,7 +1572,7 @@ func printConfig(c *vpcmodel.VPCConfig) { logging.Debug("subnets:") subnetsList := make([]string, len(rt.subnets)) for i := range rt.subnets { - subnetsList[i] = rt.subnets[i].NameForAnalyzerOut() + subnetsList[i] = rt.subnets[i].NameForAnalyzerOut(nil) } logging.Debug(strings.Join(subnetsList, ",")) } diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index d75e1ac56..229c0263a 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -37,21 +37,17 @@ type ReservedIP struct { vpe string } -func (r *ReservedIP) NameForAnalyzerOut() string { - return nameWithBracketsInfo(r.vpe, r.Address()) -} - -func (r *ReservedIP) ExtendedName(c *vpcmodel.VPCConfig) string { +func (r *ReservedIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c.IsMultipleVPCsConfig { + if c != nil && c.IsMultipleVPCsConfig { prefix = r.VPC().Name() + vpcmodel.Deliminator } - return prefix + r.NameForAnalyzerOut() + return prefix + nameWithBracketsInfo(r.vpe, r.Address()) } // used for synthesis output func (r *ReservedIP) SynthesisResourceName() string { - return r.VPC().NameForAnalyzerOut() + vpcmodel.Deliminator + r.vpe + return r.VPC().Name() + vpcmodel.Deliminator + r.vpe } func (r *ReservedIP) SynthesisKind() spec.ResourceType { @@ -70,7 +66,12 @@ type PrivateIP struct { block *ipblock.IPBlock } -func (pip *PrivateIP) NameForAnalyzerOut() string { +func (pip *PrivateIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { + prefix := "" + if c != nil && c.IsMultipleVPCsConfig { + prefix = pip.VPC().Name() + vpcmodel.Deliminator + } + kind := "LB private IP" address := pip.Address() if !pip.original { @@ -78,16 +79,8 @@ func (pip *PrivateIP) NameForAnalyzerOut() string { // todo - use ToRangesListString() instead of ListToPrint() address = strings.Join(pip.block.ListToPrint(), ",") } - name := nameWithBracketsInfo(pip.loadBalancer.NameForAnalyzerOut(), kind) - return nameWithBracketsInfo(name, address) -} - -func (pip *PrivateIP) ExtendedName(c *vpcmodel.VPCConfig) string { - prefix := "" - if c.IsMultipleVPCsConfig { - prefix = pip.VPC().Name() + vpcmodel.Deliminator - } - return prefix + pip.NameForAnalyzerOut() + name := nameWithBracketsInfo(pip.loadBalancer.Name(), kind) + return prefix + nameWithBracketsInfo(name, address) } // AbstractedToNodeSet returns the pip load balancer if it was abstracted @@ -111,16 +104,12 @@ func (n *IKSNode) VsiName() string { return "" } -func (n *IKSNode) NameForAnalyzerOut() string { - return nameWithBracketsInfo(n.Name(), n.Address()) -} - -func (n *IKSNode) ExtendedName(c *vpcmodel.VPCConfig) string { +func (n *IKSNode) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c.IsMultipleVPCsConfig { + if c != nil && c.IsMultipleVPCsConfig { prefix = n.VPC().Name() + vpcmodel.Deliminator } - return prefix + n.NameForAnalyzerOut() + return prefix + nameWithBracketsInfo(n.Name(), n.Address()) } // vpe can be in multiple zones - depending on the zones of its network interfaces.. @@ -173,9 +162,9 @@ type LoadBalancer struct { func (lb *LoadBalancer) nameWithKind() string { return nameWithBracketsInfo(lb.ResourceName, lb.Kind()) } -func (lb *LoadBalancer) ExtendedName(c *vpcmodel.VPCConfig) string { +func (lb *LoadBalancer) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c.IsMultipleVPCsConfig { + if c != nil && c.IsMultipleVPCsConfig { prefix = lb.VPC().Name() + vpcmodel.Deliminator } return prefix + lb.nameWithKind() @@ -248,10 +237,10 @@ func (lbr *LoadBalancerRule) IsIngress() bool { func (lbr *LoadBalancerRule) String(detail bool) string { if lbr.Deny(false) { return fmt.Sprintf("%s will not connect to %s, since it is not its pool member\n", - lbr.lb.nameWithKind(), lbr.dst.NameForAnalyzerOut()) + lbr.lb.nameWithKind(), lbr.dst.NameForAnalyzerOut(nil)) } return fmt.Sprintf("%s may initiate a connection to %s, which is one of its pool members\n", - lbr.lb.nameWithKind(), lbr.dst.NameForAnalyzerOut()) + lbr.lb.nameWithKind(), lbr.dst.NameForAnalyzerOut(nil)) } // routing resource elements diff --git a/pkg/linter/lintTCPReposnseBlocked.go b/pkg/linter/lintTCPReposnseBlocked.go index a781c8bd3..43b5ee58a 100644 --- a/pkg/linter/lintTCPReposnseBlocked.go +++ b/pkg/linter/lintTCPReposnseBlocked.go @@ -76,7 +76,7 @@ func (finding *blockedTCPResponseConn) string() string { vpcSrcName := finding.getVpcName(0) vpcDstName := finding.getVpcName(1) srcToDstStr := fmt.Sprintf("from \"%v%s\" to \"%v%s\"", - vpcSrcName, finding.src.NameForAnalyzerOut(), vpcDstName, finding.dst.NameForAnalyzerOut()) + vpcSrcName, finding.src.NameForAnalyzerOut(nil), vpcDstName, finding.dst.NameForAnalyzerOut(nil)) return fmt.Sprintf("In the connection %s %s response is blocked", srcToDstStr, strings.ReplaceAll(finding.tcpRspDisable.String(), "protocol: ", "")) @@ -99,7 +99,7 @@ type blockedTCPResponseConnJSON struct { func (finding *blockedTCPResponseConn) toJSON() any { vpcSrcName := finding.vpc()[0].Name() vpcDstName := finding.vpc()[1].Name() - res := blockedTCPResponseConnJSON{Src: vpcSrcName + deliminator + finding.src.NameForAnalyzerOut(), - Dst: vpcDstName + deliminator + finding.dst.NameForAnalyzerOut(), TCPRspDisable: connection.ToJSON(finding.tcpRspDisable)} + res := blockedTCPResponseConnJSON{Src: vpcSrcName + deliminator + finding.src.NameForAnalyzerOut(nil), + Dst: vpcDstName + deliminator + finding.dst.NameForAnalyzerOut(nil), TCPRspDisable: connection.ToJSON(finding.tcpRspDisable)} return res } diff --git a/pkg/vpcmodel/abstractVPC.go b/pkg/vpcmodel/abstractVPC.go index 5e34628ad..805f5edd3 100644 --- a/pkg/vpcmodel/abstractVPC.go +++ b/pkg/vpcmodel/abstractVPC.go @@ -21,12 +21,12 @@ const ( type VPCResourceIntf interface { UID() string Name() string - NameForAnalyzerOut() string - // ExtendedName returns a resource name that includes its VPC as prefix when necessary. + // NameForAnalyzerOut returns a string to be printed for output + // when config file is passed to the method it returns a resource name that + // includes its VPC as prefix when necessary. // for example, a subnet with name "s1" within VPC "v1" will have extended name: "v1/s1" - // note this method is relevant only for Node and Subnet objects. // note it adds the prefix only for input config that has multiple VPCs context. - ExtendedName(*VPCConfig) string + NameForAnalyzerOut(*VPCConfig) string ZoneName() string Kind() string VPC() VPCResourceIntf // the VPC to which this resource belongs to @@ -51,10 +51,6 @@ func (n *VPCResource) Name() string { return n.ResourceName } -func (n *VPCResource) NameForAnalyzerOut() string { - return n.ResourceName -} - func (n *VPCResource) SynthesisResourceName() string { return n.VPC().Name() + Deliminator + n.ResourceName } @@ -63,12 +59,12 @@ func (n *VPCResource) SynthesisKind() spec.ResourceType { return "" } -func (n *VPCResource) ExtendedName(c *VPCConfig) string { +func (n *VPCResource) NameForAnalyzerOut(c *VPCConfig) string { prefix := "" - if c.IsMultipleVPCsConfig { + if c != nil && c.IsMultipleVPCsConfig { prefix = n.VPC().Name() + Deliminator } - return prefix + n.NameForAnalyzerOut() + return prefix + n.ResourceName } func (n *VPCResource) UID() string { diff --git a/pkg/vpcmodel/explainabilityConnectivity.go b/pkg/vpcmodel/explainabilityConnectivity.go index 990a531f8..0c7a3659d 100644 --- a/pkg/vpcmodel/explainabilityConnectivity.go +++ b/pkg/vpcmodel/explainabilityConnectivity.go @@ -394,7 +394,7 @@ func (c *VPCConfig) getConnectedResource(node Node) (VPCResourceIntf, error) { func (c *VPCConfig) getContainingConfigNode(node Node) (Node, error) { nodeIPBlock := node.IPBlock() if nodeIPBlock == nil { // string cidr does not represent a legal cidr, would be handled earlier - return nil, fmt.Errorf("node %v does not refer to a legal IP", node.NameForAnalyzerOut()) + return nil, fmt.Errorf("node %v does not refer to a legal IP", node.NameForAnalyzerOut(nil)) } for _, configNode := range c.Nodes { if configNode.IsInternal() { @@ -441,14 +441,14 @@ func (v *VPCConnectivity) getConnection(c *VPCConfig, src, dst Node) (conn *deta } errMsg := "could not find containing config node for %v" if srcForConnection == nil { - return nil, fmt.Errorf(errMsg, src.NameForAnalyzerOut()) + return nil, fmt.Errorf(errMsg, src.NameForAnalyzerOut(nil)) } dstForConnection, err2 := c.getConnectedResource(dst) if err2 != nil { return nil, err2 } if dstForConnection == nil { - return nil, fmt.Errorf(errMsg, dst.NameForAnalyzerOut()) + return nil, fmt.Errorf(errMsg, dst.NameForAnalyzerOut(nil)) } var ok bool srcMapValue, ok := v.AllowedConnsCombinedResponsive[srcForConnection] @@ -457,7 +457,7 @@ func (v *VPCConnectivity) getConnection(c *VPCConfig, src, dst Node) (conn *deta } if !ok { return nil, fmt.Errorf("error: there is a connection between %v and %v, but connection computation failed", - srcForConnection.NameForAnalyzerOut(), dstForConnection.NameForAnalyzerOut()) + srcForConnection.NameForAnalyzerOut(nil), dstForConnection.NameForAnalyzerOut(nil)) } return conn, nil } diff --git a/pkg/vpcmodel/explainabilityPrint.go b/pkg/vpcmodel/explainabilityPrint.go index b22ecc040..2ee57a34b 100644 --- a/pkg/vpcmodel/explainabilityPrint.go +++ b/pkg/vpcmodel/explainabilityPrint.go @@ -64,7 +64,7 @@ func endPointInterpretation(c *VPCConfig, userInput string, nodes []Node) string } networkInterfaces := make([]string, len(nodes)) for i, node := range nodes { - networkInterfaces[i] = node.ExtendedName(c) + networkInterfaces[i] = node.NameForAnalyzerOut(c) } return strings.Join(networkInterfaces, comma) } @@ -139,7 +139,7 @@ func (g *groupedConnLine) explainabilityLineStr(c *VPCConfig, connQuery *connect externalRouter, crossVpcRouter, crossVpcRules := expDetails.externalRouter, expDetails.crossVpcRouter, expDetails.crossVpcRules privateSubnetRule := g.CommonProperties.expDetails.privateSubnetRule if externalRouter != nil && isExternal { - externalRouterHeader = "External traffic via " + externalRouter.Kind() + ": " + externalRouter.NameForAnalyzerOut() + newLine + externalRouterHeader = "External traffic via " + externalRouter.Kind() + ": " + externalRouter.NameForAnalyzerOut(nil) + newLine } if loadBalancerRule != nil { loadBalancerHeader = "Load Balancer: " + loadBalancerRule.String(true) @@ -149,7 +149,7 @@ func (g *groupedConnLine) explainabilityLineStr(c *VPCConfig, connQuery *connect crossVpcConnection, crossRouterFilterHeader, crossRouterFilterDetails = crossRouterDetails(c, crossVpcRouter, crossVpcRules, src, dst) // noConnection is the 1 above when no connectivity - noConnection := noConnectionHeader(src.ExtendedName(c), dst.ExtendedName(c), connQuery) + newLine + noConnection := noConnectionHeader(src.NameForAnalyzerOut(c), dst.NameForAnalyzerOut(c), connQuery) + newLine // resourceEffectHeader is "2" above rules := expDetails.rules @@ -312,7 +312,8 @@ func existingConnectionStr(c *VPCConfig, connQuery *connection.Set, src, dst End // Computing the header, "1" described in explainabilityLineStr respondConnStr := respondString(conn) if connQuery == nil { - resComponents = append(resComponents, fmt.Sprintf("Connections from %v to %v: %v%v\n", src.ExtendedName(c), dst.ExtendedName(c), + resComponents = append(resComponents, fmt.Sprintf("Connections from %v to %v: %v%v\n", + src.NameForAnalyzerOut(c), dst.NameForAnalyzerOut(c), conn.allConn.String(), respondConnStr)) } else { properSubsetConn := "" @@ -320,7 +321,7 @@ func existingConnectionStr(c *VPCConfig, connQuery *connection.Set, src, dst End properSubsetConn = "(note that not all queried protocols/ports are allowed)\n" } resComponents = append(resComponents, fmt.Sprintf("Connections are allowed from %s to %s%s%s\n%s", - src.ExtendedName(c), dst.ExtendedName(c), connHeader(conn.allConn), respondConnStr, properSubsetConn)) + src.NameForAnalyzerOut(c), dst.NameForAnalyzerOut(c), connHeader(conn.allConn), respondConnStr, properSubsetConn)) } resComponents = append(resComponents, path, details) return strings.Join(resComponents, newLine) @@ -423,7 +424,7 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src externalRouter, crossVpcRouter RoutingResource, crossVpcConnection *connection.Set, rules *rulesConnection, privateSubnetRule PrivateSubnetRule) string { var pathSlice []string - pathSlice = append(pathSlice, "\t"+src.NameForAnalyzerOut()) + pathSlice = append(pathSlice, "\t"+src.NameForAnalyzerOut(nil)) if loadBalancerBlocking { // todo: add loadBalancer as part of the path and also as blocking??? separate PR? // connection is stopped at the src itself: @@ -441,7 +442,7 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src return blockedPathStr(pathSlice) } if isExternal { - externalRouterStr := newLineTab + externalRouter.Kind() + space + externalRouter.NameForAnalyzerOut() + externalRouterStr := newLineTab + externalRouter.Kind() + space + externalRouter.NameForAnalyzerOut(nil) // externalRouter is fip - add its cidr if externalRouter.Kind() == fipRouter { externalRouterStr += space + externalRouter.ExternalIP() @@ -449,7 +450,7 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src pathSlice = append(pathSlice, externalRouterStr) } else if crossVpcRouterInPath { // src and dst are internal and there is a cross vpc Router pathSlice = append(pathSlice, newLineTab+src.(InternalNodeIntf).Subnet().VPC().Name(), - crossVpcRouter.Kind()+space+crossVpcRouter.NameForAnalyzerOut()) + crossVpcRouter.Kind()+space+crossVpcRouter.NameForAnalyzerOut(nil)) if crossVpcConnection.IsEmpty() { // cross vpc (tgw) denys connection pathSlice[len(pathSlice)-1] = blockedLeft + pathSlice[len(pathSlice)-1] // blocking cross-vpc router return blockedPathStr(pathSlice) @@ -463,9 +464,9 @@ func pathStr(allRulesDetails *rulesDetails, filtersRelevant map[string]bool, src } // got here: full path if len(ingressPath) == 0 { - pathSlice = append(pathSlice, newLineTab+dst.NameForAnalyzerOut()) + pathSlice = append(pathSlice, newLineTab+dst.NameForAnalyzerOut(nil)) } else { - pathSlice = append(pathSlice, dst.NameForAnalyzerOut()) + pathSlice = append(pathSlice, dst.NameForAnalyzerOut(nil)) } return strings.Join(pathSlice, arrow) } diff --git a/pkg/vpcmodel/externalNetwork.go b/pkg/vpcmodel/externalNetwork.go index 321c844b3..ec06fa861 100644 --- a/pkg/vpcmodel/externalNetwork.go +++ b/pkg/vpcmodel/externalNetwork.go @@ -68,7 +68,7 @@ func (exn *ExternalNetwork) Name() string { return exn.ResourceType + " [" + exn.CidrStr + "]" } -func (exn *ExternalNetwork) NameForAnalyzerOut() string { +func (exn *ExternalNetwork) NameForAnalyzerOut(c *VPCConfig) string { return exn.Name() } @@ -80,10 +80,6 @@ func (exn *ExternalNetwork) SynthesisKind() spec.ResourceType { return spec.ResourceTypeExternal } -func (exn *ExternalNetwork) ExtendedName(c *VPCConfig) string { - return exn.Name() -} - func (exn *ExternalNetwork) IsInternal() bool { return false } diff --git a/pkg/vpcmodel/grouping.go b/pkg/vpcmodel/grouping.go index f9d057ea3..643ebbae2 100644 --- a/pkg/vpcmodel/grouping.go +++ b/pkg/vpcmodel/grouping.go @@ -142,8 +142,7 @@ type GroupConnLines struct { // EndpointElem can be Node(networkInterface) / groupedExternalNodes / groupedEndpointsElems / NodeSet(subnet or LB) type EndpointElem interface { Name() string - NameForAnalyzerOut() string - ExtendedName(*VPCConfig) string + NameForAnalyzerOut(*VPCConfig) string UID() string IsExternal() bool FormattableResource @@ -156,7 +155,7 @@ type groupedConnLine struct { } func (g *groupedConnLine) String(c *VPCConfig) string { - return g.Src.ExtendedName(c) + " => " + g.Dst.ExtendedName(c) + " : " + g.ConnLabel(true) + return g.Src.NameForAnalyzerOut(c) + " => " + g.Dst.NameForAnalyzerOut(c) + " : " + g.ConnLabel(true) } func (g *groupedConnLine) ConnLabel(full bool) string { @@ -216,11 +215,7 @@ func endpointElemResources(e EndpointElem) []VPCResourceIntf { type groupedEndpointsElems []EndpointElem func (g *groupedEndpointsElems) Name() string { - return listEndpointElemStr(*g, EndpointElem.NameForAnalyzerOut) -} - -func (g *groupedEndpointsElems) NameForAnalyzerOut() string { - return g.Name() + return listEndpointElemStrWithConfig(*g, EndpointElem.NameForAnalyzerOut) } func (g *groupedEndpointsElems) SynthesisResourceName() string { @@ -240,9 +235,9 @@ func (g *groupedEndpointsElems) SynthesisKind() spec.ResourceType { return spec.ResourceTypeSegment } -func (g *groupedEndpointsElems) ExtendedName(c *VPCConfig) string { - if !c.IsMultipleVPCsConfig { // this if is so that in relevant unittest we can avoid creating a vpc - return g.NameForAnalyzerOut() +func (g *groupedEndpointsElems) NameForAnalyzerOut(c *VPCConfig) string { + if c == nil || !c.IsMultipleVPCsConfig { // this if is so that in relevant unittest we can avoid creating a vpc + return g.Name() } prefix := "" if vpcResource, ok := (*g)[0].(VPCResourceIntf); ok { @@ -253,9 +248,9 @@ func (g *groupedEndpointsElems) ExtendedName(c *VPCConfig) string { } // add the vpc prefix only once for grouped elements which are always of the same VPC if prefix != "" && len(*g) > 1 { - return prefix + "[" + g.NameForAnalyzerOut() + "]" + return prefix + "[" + g.Name() + "]" } - return prefix + g.NameForAnalyzerOut() + return prefix + g.Name() } func (g *groupedEndpointsElems) UID() string { @@ -282,7 +277,7 @@ func (g *groupedExternalNodes) Name() string { return prefix + g.String() } -func (g *groupedExternalNodes) NameForAnalyzerOut() string { +func (g *groupedExternalNodes) NameForAnalyzerOut(c *VPCConfig) string { return g.Name() } @@ -304,10 +299,6 @@ func (g *groupedExternalNodes) CidrOrAddress() string { return g.String() } -func (g *groupedExternalNodes) ExtendedName(c *VPCConfig) string { - return g.Name() -} - // UID of externalNetwork returns Name, so uses here the same functionality. // This is since UID for externalNodes is not defined and Name() is actually unique, func (g *groupedExternalNodes) UID() string { @@ -433,7 +424,7 @@ func (g *GroupConnLines) addLineToExternalGrouping(res *[]*groupedConnLine, dstNode, dstIsNode := dst.(Node) if dst.IsExternal() && !dstIsNode || src.IsExternal() && !srcIsNode { - return fmt.Errorf("%s or %s is External but not a node", src.NameForAnalyzerOut(), dst.NameForAnalyzerOut()) + return fmt.Errorf("%s or %s is External but not a node", src.NameForAnalyzerOut(nil), dst.NameForAnalyzerOut(nil)) } if dst.IsExternal() && src.IsExternal() { return fmt.Errorf("unexpected grouping - both src and dst external") @@ -642,6 +633,15 @@ func listEndpointElemStr(eps []EndpointElem, fn func(ep EndpointElem) string) st return strings.Join(endpointsStrings, commaSeparator) } +func listEndpointElemStrWithConfig(eps []EndpointElem, fn func(ep EndpointElem, c *VPCConfig) string) string { + endpointsStrings := make([]string, len(eps)) + for i, ep := range eps { + endpointsStrings[i] = fn(ep, nil) + } + sort.Strings(endpointsStrings) + return strings.Join(endpointsStrings, commaSeparator) +} + func (g *groupedExternalNodes) String() string { // 1. Created a list of IPBlocks cidrList := make([]string, len(*g)) diff --git a/pkg/vpcmodel/grouping_test.go b/pkg/vpcmodel/grouping_test.go index 1a0cc3f88..5b17df392 100644 --- a/pkg/vpcmodel/grouping_test.go +++ b/pkg/vpcmodel/grouping_test.go @@ -70,16 +70,13 @@ func (m *mockNetIntf) UID() string { func (m *mockNetIntf) Name() string { return m.name } -func (m *mockNetIntf) NameForAnalyzerOut() string { - return m.Name() -} func (m *mockNetIntf) SynthesisResourceName() string { return m.name } func (m *mockNetIntf) SynthesisKind() spec.ResourceType { return "" } -func (m *mockNetIntf) ExtendedName(c *VPCConfig) string { +func (m *mockNetIntf) NameForAnalyzerOut(c *VPCConfig) string { return m.name } func (m *mockNetIntf) ZoneName() string { @@ -115,16 +112,13 @@ func (m *mockSubnet) UID() string { func (m *mockSubnet) Name() string { return m.name } -func (m *mockSubnet) NameForAnalyzerOut() string { - return m.Name() -} func (m *mockSubnet) SynthesisResourceName() string { return m.name } func (m *mockSubnet) SynthesisKind() spec.ResourceType { return "" } -func (m *mockSubnet) ExtendedName(c *VPCConfig) string { +func (m *mockSubnet) NameForAnalyzerOut(c *VPCConfig) string { return m.name } func (m *mockSubnet) Nodes() []Node { diff --git a/pkg/vpcmodel/jsonOutput.go b/pkg/vpcmodel/jsonOutput.go index a5d2302ce..dd0cdc5fd 100644 --- a/pkg/vpcmodel/jsonOutput.go +++ b/pkg/vpcmodel/jsonOutput.go @@ -64,10 +64,10 @@ type diffLine struct { func sortConnLines(connLines []connLine) { sort.Slice(connLines, func(i, j int) bool { - if connLines[i].Src.NameForAnalyzerOut() != connLines[j].Src.NameForAnalyzerOut() { - return connLines[i].Src.NameForAnalyzerOut() < connLines[j].Src.NameForAnalyzerOut() + if connLines[i].Src.NameForAnalyzerOut(nil) != connLines[j].Src.NameForAnalyzerOut(nil) { + return connLines[i].Src.NameForAnalyzerOut(nil) < connLines[j].Src.NameForAnalyzerOut(nil) } - return connLines[i].Dst.NameForAnalyzerOut() < connLines[j].Dst.NameForAnalyzerOut() + return connLines[i].Dst.NameForAnalyzerOut(nil) < connLines[j].Dst.NameForAnalyzerOut(nil) }) } @@ -150,10 +150,10 @@ func sortDiffLines(diffLines []diffLine) { if diffLines[i].DstChange != diffLines[j].DstChange { return diffLines[i].DstChange < diffLines[j].DstChange } - if diffLines[i].Src.NameForAnalyzerOut() != diffLines[j].Src.NameForAnalyzerOut() { - return diffLines[i].Src.NameForAnalyzerOut() < diffLines[j].Src.NameForAnalyzerOut() + if diffLines[i].Src.NameForAnalyzerOut(nil) != diffLines[j].Src.NameForAnalyzerOut(nil) { + return diffLines[i].Src.NameForAnalyzerOut(nil) < diffLines[j].Src.NameForAnalyzerOut(nil) } - return diffLines[i].Dst.NameForAnalyzerOut() < diffLines[j].Dst.NameForAnalyzerOut() + return diffLines[i].Dst.NameForAnalyzerOut(nil) < diffLines[j].Dst.NameForAnalyzerOut(nil) }) } diff --git a/pkg/vpcmodel/mdOutput.go b/pkg/vpcmodel/mdOutput.go index 5bd6c7e0d..15073d47d 100644 --- a/pkg/vpcmodel/mdOutput.go +++ b/pkg/vpcmodel/mdOutput.go @@ -102,8 +102,8 @@ func (m *MDoutputFormatter) getGroupedDiffOutput(diff *diffBetweenCfgs) []string diffType, endpointsDiff := diffAndEndpointsDescription(line.CommonProperties.connDiff.diff, line.Src, line.Dst, line.CommonProperties.connDiff.thisMinusOther) conn1Str, conn2Str := conn1And2Str(line.CommonProperties.connDiff) - lines[i] = fmt.Sprintf("| %s | %s | %s | %s | %s | %s |", diffType, line.Src.NameForAnalyzerOut(), - line.Dst.NameForAnalyzerOut(), conn1Str, conn2Str, endpointsDiff) + lines[i] = fmt.Sprintf("| %s | %s | %s | %s | %s | %s |", diffType, line.Src.NameForAnalyzerOut(nil), + line.Dst.NameForAnalyzerOut(nil), conn1Str, conn2Str, endpointsDiff) } return lines } @@ -114,5 +114,5 @@ func connectivityLineMD(src, dst, conn string) string { } func getGroupedMDLine(line *groupedConnLine) string { - return connectivityLineMD(line.Src.NameForAnalyzerOut(), line.Dst.NameForAnalyzerOut(), line.CommonProperties.groupingStrKey) + return connectivityLineMD(line.Src.NameForAnalyzerOut(nil), line.Dst.NameForAnalyzerOut(nil), line.CommonProperties.groupingStrKey) } diff --git a/pkg/vpcmodel/multiExplainability.go b/pkg/vpcmodel/multiExplainability.go index 0caca37c7..27aa17f1f 100644 --- a/pkg/vpcmodel/multiExplainability.go +++ b/pkg/vpcmodel/multiExplainability.go @@ -43,8 +43,8 @@ func MultiExplain(srcDstCouples []explainInputEntry, vpcConns map[string]*VPCCon multiExplanation := make([]explainOutputEntry, len(srcDstCouples)) for i, srcDstCouple := range srcDstCouples { emptyExplain := &Explanation{ - src: srcDstCouple.src.NameForAnalyzerOut(), - dst: srcDstCouple.dst.NameForAnalyzerOut(), + src: srcDstCouple.src.NameForAnalyzerOut(nil), + dst: srcDstCouple.dst.NameForAnalyzerOut(nil), } if srcDstCouple.c == nil { // no vpc config implies missing cross-vpc router between src and dst which are not in the same VPC @@ -70,8 +70,8 @@ func MultiExplain(srcDstCouples []explainInputEntry, vpcConns map[string]*VPCCon multiExplanation[i] = explainOutputEntry{emptyExplain, errConn} continue } - explain, errExplain := srcDstCouple.c.explainConnectivityForVPC(srcDstCouple.src.NameForAnalyzerOut(), - srcDstCouple.dst.NameForAnalyzerOut(), + explain, errExplain := srcDstCouple.c.explainConnectivityForVPC(srcDstCouple.src.NameForAnalyzerOut(nil), + srcDstCouple.dst.NameForAnalyzerOut(nil), srcNodes, dstNodes, nil, connectivity) if errExplain != nil { multiExplanation[i] = explainOutputEntry{emptyExplain, errExplain} @@ -105,7 +105,7 @@ func (c *VPCConfig) getNodesFromEndpoint(endpoint EndpointElem) ([]Node, error) } return disjointNodes, nil } - return nil, fmt.Errorf("np-Guard error: %v not of type InternalNodeIntf or groupedExternalNodes", endpoint.NameForAnalyzerOut()) + return nil, fmt.Errorf("np-Guard error: %v not of type InternalNodeIntf or groupedExternalNodes", endpoint.NameForAnalyzerOut(nil)) } // CreateMultiExplanationsInput given configs and results of connectivity analysis, generates input diff --git a/pkg/vpcmodel/nodesConnectivity.go b/pkg/vpcmodel/nodesConnectivity.go index b1036cb31..88d34cb71 100644 --- a/pkg/vpcmodel/nodesConnectivity.go +++ b/pkg/vpcmodel/nodesConnectivity.go @@ -340,11 +340,11 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getCombinedConnsStr(on } srcName := srcNode.CidrOrAddress() if srcNode.IsInternal() { - srcName = src.NameForAnalyzerOut() + srcName = src.NameForAnalyzerOut(nil) } dstName := dstNode.CidrOrAddress() if dstNode.IsInternal() { - dstName = dst.NameForAnalyzerOut() + dstName = dst.NameForAnalyzerOut(nil) } var connsStr string if onlyBidirectional { diff --git a/pkg/vpcmodel/routing_paths.go b/pkg/vpcmodel/routing_paths.go index a7466bd13..9404c35b7 100644 --- a/pkg/vpcmodel/routing_paths.go +++ b/pkg/vpcmodel/routing_paths.go @@ -102,7 +102,7 @@ func (p Path) Equal(otherPath Path) bool { func (e *Endpoint) string() string { switch { case e.VpcResource != nil: - return fmt.Sprintf("%s - %s", e.VpcResource.Kind(), e.VpcResource.NameForAnalyzerOut()) + return fmt.Sprintf("%s - %s", e.VpcResource.Kind(), e.VpcResource.NameForAnalyzerOut(nil)) case e.IPBlock != nil: return e.IPBlock.String() case e.NextHop != nil: diff --git a/pkg/vpcmodel/semanticDiff.go b/pkg/vpcmodel/semanticDiff.go index 5a53c65a1..1b69df9be 100644 --- a/pkg/vpcmodel/semanticDiff.go +++ b/pkg/vpcmodel/semanticDiff.go @@ -142,7 +142,7 @@ func (c *VPCConfig) getVPCResourceInfInOtherConfig(other *VPCConfig, ep VPCResou nodeSameCidr := findNodeWithCidr(other.Nodes, node.CidrStr) return nodeSameCidr, nil } - return nil, fmt.Errorf(castingNodeErr, ep.NameForAnalyzerOut()) + return nil, fmt.Errorf(castingNodeErr, ep.NameForAnalyzerOut(nil)) } // endpoint is a vsi or a subnet, depending on diffAnalysis value if diffAnalysis == Vsis { @@ -150,14 +150,14 @@ func (c *VPCConfig) getVPCResourceInfInOtherConfig(other *VPCConfig, ep VPCResou if !node.IsInternal() { continue } - if node.NameForAnalyzerOut() == ep.NameForAnalyzerOut() { + if node.NameForAnalyzerOut(nil) == ep.NameForAnalyzerOut(nil) { res = VPCResourceIntf(node) return res, nil } } } else if diffAnalysis == Subnets { for _, subnet := range other.Subnets { - if subnet.NameForAnalyzerOut() == ep.NameForAnalyzerOut() { + if subnet.NameForAnalyzerOut(nil) == ep.NameForAnalyzerOut(nil) { res = VPCResourceIntf(subnet) return res, nil } @@ -266,7 +266,7 @@ func printGroupedDiffLine(diffAnalysis diffAnalysisType, src, dst EndpointElem, diffInfo := getDiffInfo(diffAnalysis, diffInfoBody) connDiffStr := fmt.Sprintf(configsStr, conn1Str, conn2Str, diffInfo) printDiff := fmt.Sprintf("%s, source: %s, destination: %s, %s\n", diffTypeStr, - src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), connDiffStr) + src.NameForAnalyzerOut(nil), dst.NameForAnalyzerOut(nil), connDiffStr) return printDiff } @@ -322,12 +322,12 @@ func diffAndEndpointsDescription(diff DiffType, src, dst EndpointElem, thisMinus } switch diff { case missingSrcEP: - return addOrRemoved, fmt.Sprintf(doubleString, src.NameForAnalyzerOut(), addOrRemoved) + return addOrRemoved, fmt.Sprintf(doubleString, src.NameForAnalyzerOut(nil), addOrRemoved) case missingDstEP: - return addOrRemoved, fmt.Sprintf(doubleString, dst.NameForAnalyzerOut(), addOrRemoved) + return addOrRemoved, fmt.Sprintf(doubleString, dst.NameForAnalyzerOut(nil), addOrRemoved) case missingSrcDstEP: return addOrRemoved, fmt.Sprintf("%s and %s %s", - src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), addOrRemoved) + src.NameForAnalyzerOut(nil), dst.NameForAnalyzerOut(nil), addOrRemoved) case missingConnection: return addOrRemoved, "" case changedConnection: @@ -459,13 +459,13 @@ func (responsiveConnMap *GeneralResponsiveConnectivityMap) actualAlignSrcOrDstGi if node, ok := src.(Node); ok { origIPBlock = node.IPBlock() } else { - return nil, fmt.Errorf(castingNodeErr, node.NameForAnalyzerOut()) + return nil, fmt.Errorf(castingNodeErr, node.NameForAnalyzerOut(nil)) } } else { if node, ok := dst.(Node); ok { origIPBlock = node.IPBlock() } else { - return nil, fmt.Errorf(castingNodeErr, node.NameForAnalyzerOut()) + return nil, fmt.Errorf(castingNodeErr, node.NameForAnalyzerOut(nil)) } } if err != nil { @@ -530,14 +530,14 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb if srcNode, ok := src.(Node); ok { ipbList = append(ipbList, srcNode.IPBlock()) } else { - return nil, fmt.Errorf(castingNodeErr, src.NameForAnalyzerOut()) + return nil, fmt.Errorf(castingNodeErr, src.NameForAnalyzerOut(nil)) } } if dst.IsExternal() { if dstNode, ok := dst.(Node); ok { ipbList = append(ipbList, dstNode.IPBlock()) } else { - return nil, fmt.Errorf(castingNodeErr, dst.NameForAnalyzerOut()) + return nil, fmt.Errorf(castingNodeErr, dst.NameForAnalyzerOut(nil)) } } } @@ -579,8 +579,8 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb // return areIntersecting, err1 // } // if intersecting { -// areIntersecting += fmt.Sprintf("<%v, %v> and <%v, %v> intersects\n", src.NameForAnalyzerOut(), -// dst.NameForAnalyzerOut(), otherSrc.NameForAnalyzerOut(), otherDst.NameForAnalyzerOut()) +// areIntersecting += fmt.Sprintf("<%v, %v> and <%v, %v> intersects\n", src.NameForAnalyzerOut(nil), +// dst.NameForAnalyzerOut(nil), otherSrc.NameForAnalyzerOut(nil), otherDst.NameForAnalyzerOut(nil)) // } // } // } @@ -624,7 +624,7 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb // return false, nil // } // if isMySubnet { // implies that isOtherSubnet as well -// if mySubnet.NameForAnalyzerOut() == otherSubnet.NameForAnalyzerOut() { +// if mySubnet.NameForAnalyzerOut(nil) == otherSubnet.NameForAnalyzerOut(nil) { // return true, nil // } // return false, nil @@ -658,7 +658,7 @@ func (responsiveConnMap GeneralResponsiveConnectivityMap) getIPBlocksList() (ipb // if conns.isEmpty() { // continue // } -// fmt.Printf("\t%v => %v %v\n", src.NameForAnalyzerOut(), dst.NameForAnalyzerOut(), conns.string()) +// fmt.Printf("\t%v => %v %v\n", src.NameForAnalyzerOut(nil), dst.NameForAnalyzerOut(nil), conns.string()) // } // } // } diff --git a/pkg/vpcmodel/semanticDiff_test.go b/pkg/vpcmodel/semanticDiff_test.go index b6cfa1eca..354bdda1c 100644 --- a/pkg/vpcmodel/semanticDiff_test.go +++ b/pkg/vpcmodel/semanticDiff_test.go @@ -409,7 +409,7 @@ func (connDiff *connectivityDiff) string(diffAnalysis diffAnalysisType, thisMinu diffType, diffInfoBody := diffAndEndpointsDescription(connDiff.diff, src, dst, thisMinusOther) diffInfo := getDiffInfo(diffAnalysis, diffInfoBody) printDiff := fmt.Sprintf("%v %s, source: %s, destination: %s, ", diffTypeStr, diffType, - src.NameForAnalyzerOut(), dst.NameForAnalyzerOut()) + src.NameForAnalyzerOut(nil), dst.NameForAnalyzerOut(nil)) printDiff += fmt.Sprintf(configsStr, conn1Str, conn2Str, diffInfo) + "\n" strList = append(strList, printDiff) } diff --git a/pkg/vpcmodel/subnetsConnectivity.go b/pkg/vpcmodel/subnetsConnectivity.go index 6f1425d0e..fc56bf75c 100644 --- a/pkg/vpcmodel/subnetsConnectivity.go +++ b/pkg/vpcmodel/subnetsConnectivity.go @@ -50,11 +50,11 @@ func subnetConnLine(subnet string, conn *connection.Set) string { func (c *ConfigBasedConnectivityResults) string() string { res := "Ingress: \n" for n, conn := range c.IngressAllowedConns { - res += subnetConnLine(n.NameForAnalyzerOut(), conn) + res += subnetConnLine(n.NameForAnalyzerOut(nil), conn) } res += "Egress: \n" for n, conn := range c.EgressAllowedConns { - res += subnetConnLine(n.NameForAnalyzerOut(), conn) + res += subnetConnLine(n.NameForAnalyzerOut(nil), conn) } return res @@ -65,7 +65,7 @@ var _ = (*VPCsubnetConnectivity).printAllowedConns // avoiding "unused" warning // print AllowedConns (not combined) func (v *VPCsubnetConnectivity) printAllowedConns() { for n, connMap := range v.AllowedConns { - fmt.Println(n.NameForAnalyzerOut()) + fmt.Println(n.NameForAnalyzerOut(nil)) fmt.Println(connMap.string()) fmt.Println("-----------------") } @@ -86,7 +86,7 @@ func (c *VPCConfig) ipblockToNamedResourcesInConfig(ipb *ipblock.IPBlock, exclud // the ACL splits connectivity to part of that subnet, // this is currently not supported in subnets connectivity analysis return nil, fmt.Errorf("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet %s", - subnet.NameForAnalyzerOut()) + subnet.NameForAnalyzerOut(nil)) } } @@ -277,7 +277,7 @@ func (v *VPCsubnetConnectivity) computeAllowedConnsCombined() (GeneralConnectivi if egressConns == nil { // should not get here return nil, fmt.Errorf("could not find egress connection from %s to %s", - concPeerNode.NameForAnalyzerOut(), subnetNodeSet.NameForAnalyzerOut()) + concPeerNode.NameForAnalyzerOut(nil), subnetNodeSet.NameForAnalyzerOut(nil)) } combinedConns = conns.Intersect(egressConns) // for subnets cross-vpc connection, add intersection with tgw connectivity (prefix filters) diff --git a/pkg/vpcmodel/textOutput.go b/pkg/vpcmodel/textOutput.go index 432821fa2..27c1fff21 100644 --- a/pkg/vpcmodel/textOutput.go +++ b/pkg/vpcmodel/textOutput.go @@ -19,7 +19,7 @@ func multipleVPCsConfigHeader(c *VPCConfig) (string, error) { return "", errors.New("unexpected config of multiple VPCs connected by TGW, missing TGW resource") } tgw := c.RoutingResources[0] - return fmt.Sprintf("Connectivity between VPCs connected by TGW %s (UID: %s)\n", tgw.NameForAnalyzerOut(), tgw.UID()), nil + return fmt.Sprintf("Connectivity between VPCs connected by TGW %s (UID: %s)\n", tgw.NameForAnalyzerOut(nil), tgw.UID()), nil } func headerOfAnalyzedVPC(uc OutputUseCase, vpcName, vpc2Name string, c1 *VPCConfig, diff --git a/pkg/vpcmodel/unifyGrouping.go b/pkg/vpcmodel/unifyGrouping.go index 69812bb49..253c3dcb8 100644 --- a/pkg/vpcmodel/unifyGrouping.go +++ b/pkg/vpcmodel/unifyGrouping.go @@ -65,9 +65,9 @@ func getPublicNetworkNode() *groupedExternalNodes { // if exists, nil otherwise func (cachedGrouped *cacheGroupedElements) getExistEndpointElemFromCache( grouped *groupedEndpointsElems) *groupedEndpointsElems { - // since the endpoints (vsis/subnets) are sorted before printed, grouped.NameForAnalyzerOut() will be identical + // since the endpoints (vsis/subnets) are sorted before printed, grouped.NameForAnalyzerOut(nil) will be identical // to equiv groupedEndpointsElems - if existingGrouped, ok := cachedGrouped.groupedEndpointsElemsMap[grouped.NameForAnalyzerOut()]; ok { + if existingGrouped, ok := cachedGrouped.groupedEndpointsElemsMap[grouped.NameForAnalyzerOut(nil)]; ok { return existingGrouped } return nil @@ -88,7 +88,7 @@ func (cachedGrouped *cacheGroupedElements) getAndSetEndpointElemFromCache( // sets pointer of an element to cachedGrouped.groupedEndpointsElemsMap func (cachedGrouped *cacheGroupedElements) setEndpointElemFromCache( groupedElem *groupedEndpointsElems) { - cachedGrouped.groupedEndpointsElemsMap[groupedElem.NameForAnalyzerOut()] = groupedElem + cachedGrouped.groupedEndpointsElemsMap[groupedElem.NameForAnalyzerOut(nil)] = groupedElem } // 2. Similar to the above, functionality related to cachedGrouped.groupedExternalNodesMap @@ -96,7 +96,7 @@ func (cachedGrouped *cacheGroupedElements) setEndpointElemFromCache( // if exists, nil otherwise func (cachedGrouped *cacheGroupedElements) getExistGroupedExternalFromCache( grouped *groupedExternalNodes) *groupedExternalNodes { - if existingGrouped, ok := cachedGrouped.groupedExternalNodesMap[grouped.NameForAnalyzerOut()]; ok { + if existingGrouped, ok := cachedGrouped.groupedExternalNodesMap[grouped.NameForAnalyzerOut(nil)]; ok { return existingGrouped } return nil @@ -104,7 +104,7 @@ func (cachedGrouped *cacheGroupedElements) getExistGroupedExternalFromCache( func (cachedGrouped *cacheGroupedElements) setGroupedExternalFromCache( groupedExternal *groupedExternalNodes) { - cachedGrouped.groupedExternalNodesMap[groupedExternal.NameForAnalyzerOut()] = groupedExternal + cachedGrouped.groupedExternalNodesMap[groupedExternal.NameForAnalyzerOut(nil)] = groupedExternal } func (cachedGrouped *cacheGroupedElements) getAndSetGroupedExternalFromCache( @@ -131,7 +131,7 @@ func (o *OutputGenerator) UnificationDebugPrint() string { if g2, ok := elg[k]; ok { if g != g2 { outString += fmt.Sprintf("pointer %p of %s and pointer %p of the same %s \n", - g, g.NameForAnalyzerOut(), g2, g2.NameForAnalyzerOut()) + g, g.NameForAnalyzerOut(nil), g2, g2.NameForAnalyzerOut(nil)) } } elg[k] = g From 0f9482f03351559365648a44d362818c9c294b12 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 24 Sep 2024 13:31:45 +0300 Subject: [PATCH 07/12] fix --- pkg/commonvpc/vpc.go | 4 ++-- pkg/ibmvpc/vpc.go | 16 ++++++++-------- pkg/vpcmodel/abstractVPC.go | 4 ++-- pkg/vpcmodel/vpcConfig.go | 8 ++++++++ 4 files changed, 20 insertions(+), 12 deletions(-) diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index d41ae8c44..9b202273d 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -92,8 +92,8 @@ func (ni *NetworkInterface) VsiName() string { func (ni *NetworkInterface) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c != nil && c.IsMultipleVPCsConfig { - prefix = ni.VPC().Name() + vpcmodel.Deliminator + if c != nil { + prefix = c.MultipleVPCsConfigPrefix(ni.VPC().Name()) } return prefix + nameWithBracketsInfo(ni.Vsi, ni.Address()) } diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index 229c0263a..4e828e04d 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -39,8 +39,8 @@ type ReservedIP struct { func (r *ReservedIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c != nil && c.IsMultipleVPCsConfig { - prefix = r.VPC().Name() + vpcmodel.Deliminator + if c != nil { + prefix = c.MultipleVPCsConfigPrefix(r.VPC().Name()) } return prefix + nameWithBracketsInfo(r.vpe, r.Address()) } @@ -68,8 +68,8 @@ type PrivateIP struct { func (pip *PrivateIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c != nil && c.IsMultipleVPCsConfig { - prefix = pip.VPC().Name() + vpcmodel.Deliminator + if c != nil { + prefix = c.MultipleVPCsConfigPrefix(pip.VPC().Name()) } kind := "LB private IP" @@ -106,8 +106,8 @@ func (n *IKSNode) VsiName() string { func (n *IKSNode) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c != nil && c.IsMultipleVPCsConfig { - prefix = n.VPC().Name() + vpcmodel.Deliminator + if c != nil { + prefix = c.MultipleVPCsConfigPrefix(n.VPC().Name()) } return prefix + nameWithBracketsInfo(n.Name(), n.Address()) } @@ -164,8 +164,8 @@ func (lb *LoadBalancer) nameWithKind() string { } func (lb *LoadBalancer) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { prefix := "" - if c != nil && c.IsMultipleVPCsConfig { - prefix = lb.VPC().Name() + vpcmodel.Deliminator + if c != nil { + prefix = c.MultipleVPCsConfigPrefix(lb.VPC().Name()) } return prefix + lb.nameWithKind() } diff --git a/pkg/vpcmodel/abstractVPC.go b/pkg/vpcmodel/abstractVPC.go index 805f5edd3..5e9e68924 100644 --- a/pkg/vpcmodel/abstractVPC.go +++ b/pkg/vpcmodel/abstractVPC.go @@ -61,8 +61,8 @@ func (n *VPCResource) SynthesisKind() spec.ResourceType { func (n *VPCResource) NameForAnalyzerOut(c *VPCConfig) string { prefix := "" - if c != nil && c.IsMultipleVPCsConfig { - prefix = n.VPC().Name() + Deliminator + if c != nil { + prefix = c.MultipleVPCsConfigPrefix(n.VPC().Name()) } return prefix + n.ResourceName } diff --git a/pkg/vpcmodel/vpcConfig.go b/pkg/vpcmodel/vpcConfig.go index ea1866d14..76e1105db 100644 --- a/pkg/vpcmodel/vpcConfig.go +++ b/pkg/vpcmodel/vpcConfig.go @@ -44,6 +44,14 @@ type VPCConfig struct { IsMultipleVPCsConfig bool } +// MultipleVPCsConfigPrefix returns the passed prefix when config is multi-vpc +func (c *VPCConfig) MultipleVPCsConfigPrefix(prefix string) string { + if c.IsMultipleVPCsConfig { + return prefix + Deliminator + } + return "" +} + func (c *VPCConfig) SubnetCidrToSubnetElem(cidr string) (Subnet, error) { for _, subnet := range c.Subnets { if subnet.CIDR() == cidr { From ffe3b88b0b6225d12e59198d8bbab0c2e404e91a Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 24 Sep 2024 16:17:24 +0300 Subject: [PATCH 08/12] fix --- pkg/commonvpc/vpc.go | 14 +++++++++----- pkg/ibmvpc/vpc.go | 25 ++++--------------------- pkg/vpcmodel/vpcConfig.go | 6 +++--- 3 files changed, 16 insertions(+), 29 deletions(-) diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index 9b202273d..4499d1871 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -91,11 +91,7 @@ func (ni *NetworkInterface) VsiName() string { } func (ni *NetworkInterface) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - prefix := "" - if c != nil { - prefix = c.MultipleVPCsConfigPrefix(ni.VPC().Name()) - } - return prefix + nameWithBracketsInfo(ni.Vsi, ni.Address()) + return MultipleVPCsConfigPrefix(c, ni.VPC().Name()) + nameWithBracketsInfo(ni.Vsi, ni.Address()) } func nameWithBracketsInfo(name, inBrackets string) string { @@ -737,3 +733,11 @@ func getTableConnEffect(connQuery, conn *connection.Set) (*connection.Set, vpcmo return conn.Intersect(connQuery), vpcmodel.PartlyAllow } } + +// MultipleVPCsConfigPrefix returns the passed vpcName when config is multi-vpc +func MultipleVPCsConfigPrefix(c *vpcmodel.VPCConfig, vpcName string) string { + if c != nil && c.IsMultipleVPCsConfig { + return c.MultipleVPCsConfigPrefix(vpcName) + } + return "" +} diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index 4e828e04d..7bc915b7e 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -38,11 +38,7 @@ type ReservedIP struct { } func (r *ReservedIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - prefix := "" - if c != nil { - prefix = c.MultipleVPCsConfigPrefix(r.VPC().Name()) - } - return prefix + nameWithBracketsInfo(r.vpe, r.Address()) + return commonvpc.MultipleVPCsConfigPrefix(c, r.VPC().Name()) + nameWithBracketsInfo(r.vpe, r.Address()) } // used for synthesis output @@ -67,11 +63,6 @@ type PrivateIP struct { } func (pip *PrivateIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - prefix := "" - if c != nil { - prefix = c.MultipleVPCsConfigPrefix(pip.VPC().Name()) - } - kind := "LB private IP" address := pip.Address() if !pip.original { @@ -80,7 +71,7 @@ func (pip *PrivateIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { address = strings.Join(pip.block.ListToPrint(), ",") } name := nameWithBracketsInfo(pip.loadBalancer.Name(), kind) - return prefix + nameWithBracketsInfo(name, address) + return commonvpc.MultipleVPCsConfigPrefix(c, pip.VPC().Name()) + nameWithBracketsInfo(name, address) } // AbstractedToNodeSet returns the pip load balancer if it was abstracted @@ -105,11 +96,7 @@ func (n *IKSNode) VsiName() string { } func (n *IKSNode) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - prefix := "" - if c != nil { - prefix = c.MultipleVPCsConfigPrefix(n.VPC().Name()) - } - return prefix + nameWithBracketsInfo(n.Name(), n.Address()) + return commonvpc.MultipleVPCsConfigPrefix(c, n.VPC().Name()) + nameWithBracketsInfo(n.Name(), n.Address()) } // vpe can be in multiple zones - depending on the zones of its network interfaces.. @@ -163,11 +150,7 @@ func (lb *LoadBalancer) nameWithKind() string { return nameWithBracketsInfo(lb.ResourceName, lb.Kind()) } func (lb *LoadBalancer) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - prefix := "" - if c != nil { - prefix = c.MultipleVPCsConfigPrefix(lb.VPC().Name()) - } - return prefix + lb.nameWithKind() + return commonvpc.MultipleVPCsConfigPrefix(c, lb.VPC().Name()) + lb.nameWithKind() } func (lb *LoadBalancer) Nodes() []vpcmodel.Node { diff --git a/pkg/vpcmodel/vpcConfig.go b/pkg/vpcmodel/vpcConfig.go index 76e1105db..73221f87d 100644 --- a/pkg/vpcmodel/vpcConfig.go +++ b/pkg/vpcmodel/vpcConfig.go @@ -44,10 +44,10 @@ type VPCConfig struct { IsMultipleVPCsConfig bool } -// MultipleVPCsConfigPrefix returns the passed prefix when config is multi-vpc -func (c *VPCConfig) MultipleVPCsConfigPrefix(prefix string) string { +// MultipleVPCsConfigPrefix returns the passed vpcName when config is multi-vpc +func (c *VPCConfig) MultipleVPCsConfigPrefix(vpcName string) string { if c.IsMultipleVPCsConfig { - return prefix + Deliminator + return vpcName + Deliminator } return "" } From af7f35328fb6fcacdb9ce36aba23cabfd2b543bb Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 24 Sep 2024 19:26:38 +0300 Subject: [PATCH 09/12] fix tests --- pkg/commonvpc/vpc.go | 10 +++++----- pkg/ibmvpc/vpc.go | 8 ++++---- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index 4499d1871..5d1f4859e 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -91,7 +91,7 @@ func (ni *NetworkInterface) VsiName() string { } func (ni *NetworkInterface) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return MultipleVPCsConfigPrefix(c, ni.VPC().Name()) + nameWithBracketsInfo(ni.Vsi, ni.Address()) + return MultipleVPCsConfigPrefix(c, ni.VPCResource) + nameWithBracketsInfo(ni.Vsi, ni.Address()) } func nameWithBracketsInfo(name, inBrackets string) string { @@ -734,10 +734,10 @@ func getTableConnEffect(connQuery, conn *connection.Set) (*connection.Set, vpcmo } } -// MultipleVPCsConfigPrefix returns the passed vpcName when config is multi-vpc -func MultipleVPCsConfigPrefix(c *vpcmodel.VPCConfig, vpcName string) string { - if c != nil && c.IsMultipleVPCsConfig { - return c.MultipleVPCsConfigPrefix(vpcName) +// MultipleVPCsConfigPrefix returns the vpcName of the passed resource when config is multi-vpc +func MultipleVPCsConfigPrefix(c *vpcmodel.VPCConfig, resource vpcmodel.VPCResource) string { + if c != nil && resource.VPC() != nil { + return c.MultipleVPCsConfigPrefix(resource.VPC().Name()) } return "" } diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index 7bc915b7e..d41352134 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -38,7 +38,7 @@ type ReservedIP struct { } func (r *ReservedIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return commonvpc.MultipleVPCsConfigPrefix(c, r.VPC().Name()) + nameWithBracketsInfo(r.vpe, r.Address()) + return commonvpc.MultipleVPCsConfigPrefix(c, r.VPCResource) + nameWithBracketsInfo(r.vpe, r.Address()) } // used for synthesis output @@ -71,7 +71,7 @@ func (pip *PrivateIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { address = strings.Join(pip.block.ListToPrint(), ",") } name := nameWithBracketsInfo(pip.loadBalancer.Name(), kind) - return commonvpc.MultipleVPCsConfigPrefix(c, pip.VPC().Name()) + nameWithBracketsInfo(name, address) + return commonvpc.MultipleVPCsConfigPrefix(c, pip.VPCResource) + nameWithBracketsInfo(name, address) } // AbstractedToNodeSet returns the pip load balancer if it was abstracted @@ -96,7 +96,7 @@ func (n *IKSNode) VsiName() string { } func (n *IKSNode) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return commonvpc.MultipleVPCsConfigPrefix(c, n.VPC().Name()) + nameWithBracketsInfo(n.Name(), n.Address()) + return commonvpc.MultipleVPCsConfigPrefix(c, n.VPCResource) + nameWithBracketsInfo(n.Name(), n.Address()) } // vpe can be in multiple zones - depending on the zones of its network interfaces.. @@ -150,7 +150,7 @@ func (lb *LoadBalancer) nameWithKind() string { return nameWithBracketsInfo(lb.ResourceName, lb.Kind()) } func (lb *LoadBalancer) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return commonvpc.MultipleVPCsConfigPrefix(c, lb.VPC().Name()) + lb.nameWithKind() + return commonvpc.MultipleVPCsConfigPrefix(c, lb.VPCResource) + lb.nameWithKind() } func (lb *LoadBalancer) Nodes() []vpcmodel.Node { From 15cc8eeab006b7eb022a25702ed6d40ad505b6f8 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 24 Sep 2024 19:40:10 +0300 Subject: [PATCH 10/12] fix --- pkg/vpcmodel/abstractVPC.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/vpcmodel/abstractVPC.go b/pkg/vpcmodel/abstractVPC.go index 5e9e68924..483414cd1 100644 --- a/pkg/vpcmodel/abstractVPC.go +++ b/pkg/vpcmodel/abstractVPC.go @@ -61,7 +61,7 @@ func (n *VPCResource) SynthesisKind() spec.ResourceType { func (n *VPCResource) NameForAnalyzerOut(c *VPCConfig) string { prefix := "" - if c != nil { + if c != nil && n.VPC() != nil { prefix = c.MultipleVPCsConfigPrefix(n.VPC().Name()) } return prefix + n.ResourceName From c9cb9cb57ed3a705da322fdd34ec0d79aaf160d6 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 24 Sep 2024 19:44:11 +0300 Subject: [PATCH 11/12] pass config param where possible --- pkg/awsvpc/parser.go | 6 +++--- pkg/ibmvpc/parser.go | 14 +++++++------- pkg/vpcmodel/explainabilityConnectivity.go | 8 ++++---- pkg/vpcmodel/explainabilityPrint.go | 2 +- pkg/vpcmodel/grouping.go | 2 +- pkg/vpcmodel/mdOutput.go | 6 +++--- pkg/vpcmodel/subnetsConnectivity.go | 16 ++++++++-------- pkg/vpcmodel/textOutput.go | 2 +- 8 files changed, 28 insertions(+), 28 deletions(-) diff --git a/pkg/awsvpc/parser.go b/pkg/awsvpc/parser.go index cc812b198..4d24d6761 100644 --- a/pkg/awsvpc/parser.go +++ b/pkg/awsvpc/parser.go @@ -446,15 +446,15 @@ func printConfig(c *vpcmodel.VPCConfig) { if n.IsExternal() { continue } - logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(c), n.UID()}, separator)) } logging.Debug("Subnets:") for _, n := range c.Subnets { - logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(c), n.UID()}, separator)) } logging.Debug("NodeSets:") for _, n := range c.NodeSets { - logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(c), n.UID()}, separator)) } logging.Debug("FilterResources:") for _, f := range c.FilterResources { diff --git a/pkg/ibmvpc/parser.go b/pkg/ibmvpc/parser.go index 1264d43f2..7d79f08a1 100644 --- a/pkg/ibmvpc/parser.go +++ b/pkg/ibmvpc/parser.go @@ -1517,19 +1517,19 @@ func printConfig(c *vpcmodel.VPCConfig) { if n.IsExternal() { continue } - logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CidrOrAddress(), n.NameForAnalyzerOut(c), n.UID()}, separator)) } logging.Debug("Subnets:") for _, n := range c.Subnets { - logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.CIDR(), n.NameForAnalyzerOut(c), n.UID()}, separator)) } logging.Debug("LoadBalancers:") for _, lb := range c.LoadBalancers { - logging.Debug(strings.Join([]string{lb.Kind(), lb.NameForAnalyzerOut(nil), lb.AddressRange().ToIPRanges(), lb.UID()}, separator)) + logging.Debug(strings.Join([]string{lb.Kind(), lb.NameForAnalyzerOut(c), lb.AddressRange().ToIPRanges(), lb.UID()}, separator)) } logging.Debug("NodeSets:") for _, n := range c.NodeSets { - logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(nil), n.UID()}, separator)) + logging.Debug(strings.Join([]string{n.Kind(), n.AddressRange().ToIPRanges(), n.NameForAnalyzerOut(c), n.UID()}, separator)) } logging.Debug("FilterResources:") for _, f := range c.FilterResources { @@ -1554,14 +1554,14 @@ func printConfig(c *vpcmodel.VPCConfig) { } logging.Debug("RoutingResources:") for _, r := range c.RoutingResources { - logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(nil), r.UID()}, separator)) + logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(c), r.UID()}, separator)) if tgw, ok := r.(*TransitGateway); ok { printTGWAvailableRoutes(tgw) } } logging.Debug("RoutingTables:") for _, r := range c.RoutingTables { - logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(nil), r.UID(), "vpc:", r.VPC().UID()}, separator)) + logging.Debug(strings.Join([]string{r.Kind(), r.NameForAnalyzerOut(c), r.UID(), "vpc:", r.VPC().UID()}, separator)) if rt, ok := r.(*ingressRoutingTable); ok { logging.Debug("ingress routing table") logging.Debug(rt.string()) @@ -1572,7 +1572,7 @@ func printConfig(c *vpcmodel.VPCConfig) { logging.Debug("subnets:") subnetsList := make([]string, len(rt.subnets)) for i := range rt.subnets { - subnetsList[i] = rt.subnets[i].NameForAnalyzerOut(nil) + subnetsList[i] = rt.subnets[i].NameForAnalyzerOut(c) } logging.Debug(strings.Join(subnetsList, ",")) } diff --git a/pkg/vpcmodel/explainabilityConnectivity.go b/pkg/vpcmodel/explainabilityConnectivity.go index 0c7a3659d..e2a6f291e 100644 --- a/pkg/vpcmodel/explainabilityConnectivity.go +++ b/pkg/vpcmodel/explainabilityConnectivity.go @@ -394,7 +394,7 @@ func (c *VPCConfig) getConnectedResource(node Node) (VPCResourceIntf, error) { func (c *VPCConfig) getContainingConfigNode(node Node) (Node, error) { nodeIPBlock := node.IPBlock() if nodeIPBlock == nil { // string cidr does not represent a legal cidr, would be handled earlier - return nil, fmt.Errorf("node %v does not refer to a legal IP", node.NameForAnalyzerOut(nil)) + return nil, fmt.Errorf("node %v does not refer to a legal IP", node.NameForAnalyzerOut(c)) } for _, configNode := range c.Nodes { if configNode.IsInternal() { @@ -441,14 +441,14 @@ func (v *VPCConnectivity) getConnection(c *VPCConfig, src, dst Node) (conn *deta } errMsg := "could not find containing config node for %v" if srcForConnection == nil { - return nil, fmt.Errorf(errMsg, src.NameForAnalyzerOut(nil)) + return nil, fmt.Errorf(errMsg, src.NameForAnalyzerOut(c)) } dstForConnection, err2 := c.getConnectedResource(dst) if err2 != nil { return nil, err2 } if dstForConnection == nil { - return nil, fmt.Errorf(errMsg, dst.NameForAnalyzerOut(nil)) + return nil, fmt.Errorf(errMsg, dst.NameForAnalyzerOut(c)) } var ok bool srcMapValue, ok := v.AllowedConnsCombinedResponsive[srcForConnection] @@ -457,7 +457,7 @@ func (v *VPCConnectivity) getConnection(c *VPCConfig, src, dst Node) (conn *deta } if !ok { return nil, fmt.Errorf("error: there is a connection between %v and %v, but connection computation failed", - srcForConnection.NameForAnalyzerOut(nil), dstForConnection.NameForAnalyzerOut(nil)) + srcForConnection.NameForAnalyzerOut(c), dstForConnection.NameForAnalyzerOut(c)) } return conn, nil } diff --git a/pkg/vpcmodel/explainabilityPrint.go b/pkg/vpcmodel/explainabilityPrint.go index 2ee57a34b..d0b054167 100644 --- a/pkg/vpcmodel/explainabilityPrint.go +++ b/pkg/vpcmodel/explainabilityPrint.go @@ -139,7 +139,7 @@ func (g *groupedConnLine) explainabilityLineStr(c *VPCConfig, connQuery *connect externalRouter, crossVpcRouter, crossVpcRules := expDetails.externalRouter, expDetails.crossVpcRouter, expDetails.crossVpcRules privateSubnetRule := g.CommonProperties.expDetails.privateSubnetRule if externalRouter != nil && isExternal { - externalRouterHeader = "External traffic via " + externalRouter.Kind() + ": " + externalRouter.NameForAnalyzerOut(nil) + newLine + externalRouterHeader = "External traffic via " + externalRouter.Kind() + ": " + externalRouter.NameForAnalyzerOut(c) + newLine } if loadBalancerRule != nil { loadBalancerHeader = "Load Balancer: " + loadBalancerRule.String(true) diff --git a/pkg/vpcmodel/grouping.go b/pkg/vpcmodel/grouping.go index 643ebbae2..0100cf275 100644 --- a/pkg/vpcmodel/grouping.go +++ b/pkg/vpcmodel/grouping.go @@ -424,7 +424,7 @@ func (g *GroupConnLines) addLineToExternalGrouping(res *[]*groupedConnLine, dstNode, dstIsNode := dst.(Node) if dst.IsExternal() && !dstIsNode || src.IsExternal() && !srcIsNode { - return fmt.Errorf("%s or %s is External but not a node", src.NameForAnalyzerOut(nil), dst.NameForAnalyzerOut(nil)) + return fmt.Errorf("%s or %s is External but not a node", src.NameForAnalyzerOut(g.config), dst.NameForAnalyzerOut(g.config)) } if dst.IsExternal() && src.IsExternal() { return fmt.Errorf("unexpected grouping - both src and dst external") diff --git a/pkg/vpcmodel/mdOutput.go b/pkg/vpcmodel/mdOutput.go index 15073d47d..5222f802a 100644 --- a/pkg/vpcmodel/mdOutput.go +++ b/pkg/vpcmodel/mdOutput.go @@ -91,7 +91,7 @@ func linesToOutput(connLines, lines []string) string { func (m *MDoutputFormatter) getGroupedOutput(connLines *GroupConnLines) []string { lines := make([]string, len(connLines.GroupedLines)) for i, line := range connLines.GroupedLines { - lines[i] = getGroupedMDLine(line) + lines[i] = getGroupedMDLine(line, connLines.config) } return lines } @@ -113,6 +113,6 @@ func connectivityLineMD(src, dst, conn string) string { return fmt.Sprintf("| %s | %s | %s |", src, dst, conn) } -func getGroupedMDLine(line *groupedConnLine) string { - return connectivityLineMD(line.Src.NameForAnalyzerOut(nil), line.Dst.NameForAnalyzerOut(nil), line.CommonProperties.groupingStrKey) +func getGroupedMDLine(line *groupedConnLine, c *VPCConfig) string { + return connectivityLineMD(line.Src.NameForAnalyzerOut(c), line.Dst.NameForAnalyzerOut(c), line.CommonProperties.groupingStrKey) } diff --git a/pkg/vpcmodel/subnetsConnectivity.go b/pkg/vpcmodel/subnetsConnectivity.go index fc56bf75c..2df029b44 100644 --- a/pkg/vpcmodel/subnetsConnectivity.go +++ b/pkg/vpcmodel/subnetsConnectivity.go @@ -47,14 +47,14 @@ func subnetConnLine(subnet string, conn *connection.Set) string { return fmt.Sprintf("%s : %s\n", subnet, conn.String()) } -func (c *ConfigBasedConnectivityResults) string() string { +func (c *ConfigBasedConnectivityResults) string(config *VPCConfig) string { res := "Ingress: \n" for n, conn := range c.IngressAllowedConns { - res += subnetConnLine(n.NameForAnalyzerOut(nil), conn) + res += subnetConnLine(n.NameForAnalyzerOut(config), conn) } res += "Egress: \n" for n, conn := range c.EgressAllowedConns { - res += subnetConnLine(n.NameForAnalyzerOut(nil), conn) + res += subnetConnLine(n.NameForAnalyzerOut(config), conn) } return res @@ -63,10 +63,10 @@ func (c *ConfigBasedConnectivityResults) string() string { var _ = (*VPCsubnetConnectivity).printAllowedConns // avoiding "unused" warning // print AllowedConns (not combined) -func (v *VPCsubnetConnectivity) printAllowedConns() { +func (v *VPCsubnetConnectivity) printAllowedConns(c *VPCConfig) { for n, connMap := range v.AllowedConns { - fmt.Println(n.NameForAnalyzerOut(nil)) - fmt.Println(connMap.string()) + fmt.Println(n.NameForAnalyzerOut(c)) + fmt.Println(connMap.string(v.VPCConfig)) fmt.Println("-----------------") } } @@ -86,7 +86,7 @@ func (c *VPCConfig) ipblockToNamedResourcesInConfig(ipb *ipblock.IPBlock, exclud // the ACL splits connectivity to part of that subnet, // this is currently not supported in subnets connectivity analysis return nil, fmt.Errorf("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet %s", - subnet.NameForAnalyzerOut(nil)) + subnet.NameForAnalyzerOut(c)) } } @@ -277,7 +277,7 @@ func (v *VPCsubnetConnectivity) computeAllowedConnsCombined() (GeneralConnectivi if egressConns == nil { // should not get here return nil, fmt.Errorf("could not find egress connection from %s to %s", - concPeerNode.NameForAnalyzerOut(nil), subnetNodeSet.NameForAnalyzerOut(nil)) + concPeerNode.NameForAnalyzerOut(v.VPCConfig), subnetNodeSet.NameForAnalyzerOut(v.VPCConfig)) } combinedConns = conns.Intersect(egressConns) // for subnets cross-vpc connection, add intersection with tgw connectivity (prefix filters) diff --git a/pkg/vpcmodel/textOutput.go b/pkg/vpcmodel/textOutput.go index 27c1fff21..285ea5028 100644 --- a/pkg/vpcmodel/textOutput.go +++ b/pkg/vpcmodel/textOutput.go @@ -19,7 +19,7 @@ func multipleVPCsConfigHeader(c *VPCConfig) (string, error) { return "", errors.New("unexpected config of multiple VPCs connected by TGW, missing TGW resource") } tgw := c.RoutingResources[0] - return fmt.Sprintf("Connectivity between VPCs connected by TGW %s (UID: %s)\n", tgw.NameForAnalyzerOut(nil), tgw.UID()), nil + return fmt.Sprintf("Connectivity between VPCs connected by TGW %s (UID: %s)\n", tgw.NameForAnalyzerOut(c), tgw.UID()), nil } func headerOfAnalyzedVPC(uc OutputUseCase, vpcName, vpc2Name string, c1 *VPCConfig, From c87a8bc83d8c3ea587ad997e72138a0c5239b115 Mon Sep 17 00:00:00 2001 From: Ola Saadi Date: Tue, 24 Sep 2024 19:51:05 +0300 Subject: [PATCH 12/12] fix --- pkg/commonvpc/vpc.go | 4 ++-- pkg/ibmvpc/vpc.go | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/pkg/commonvpc/vpc.go b/pkg/commonvpc/vpc.go index 5d1f4859e..ac99c542b 100644 --- a/pkg/commonvpc/vpc.go +++ b/pkg/commonvpc/vpc.go @@ -91,7 +91,7 @@ func (ni *NetworkInterface) VsiName() string { } func (ni *NetworkInterface) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return MultipleVPCsConfigPrefix(c, ni.VPCResource) + nameWithBracketsInfo(ni.Vsi, ni.Address()) + return MultipleVPCsConfigPrefix(c, &ni.VPCResource) + nameWithBracketsInfo(ni.Vsi, ni.Address()) } func nameWithBracketsInfo(name, inBrackets string) string { @@ -735,7 +735,7 @@ func getTableConnEffect(connQuery, conn *connection.Set) (*connection.Set, vpcmo } // MultipleVPCsConfigPrefix returns the vpcName of the passed resource when config is multi-vpc -func MultipleVPCsConfigPrefix(c *vpcmodel.VPCConfig, resource vpcmodel.VPCResource) string { +func MultipleVPCsConfigPrefix(c *vpcmodel.VPCConfig, resource *vpcmodel.VPCResource) string { if c != nil && resource.VPC() != nil { return c.MultipleVPCsConfigPrefix(resource.VPC().Name()) } diff --git a/pkg/ibmvpc/vpc.go b/pkg/ibmvpc/vpc.go index d41352134..af8bc3028 100644 --- a/pkg/ibmvpc/vpc.go +++ b/pkg/ibmvpc/vpc.go @@ -38,7 +38,7 @@ type ReservedIP struct { } func (r *ReservedIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return commonvpc.MultipleVPCsConfigPrefix(c, r.VPCResource) + nameWithBracketsInfo(r.vpe, r.Address()) + return commonvpc.MultipleVPCsConfigPrefix(c, &r.VPCResource) + nameWithBracketsInfo(r.vpe, r.Address()) } // used for synthesis output @@ -71,7 +71,7 @@ func (pip *PrivateIP) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { address = strings.Join(pip.block.ListToPrint(), ",") } name := nameWithBracketsInfo(pip.loadBalancer.Name(), kind) - return commonvpc.MultipleVPCsConfigPrefix(c, pip.VPCResource) + nameWithBracketsInfo(name, address) + return commonvpc.MultipleVPCsConfigPrefix(c, &pip.VPCResource) + nameWithBracketsInfo(name, address) } // AbstractedToNodeSet returns the pip load balancer if it was abstracted @@ -96,7 +96,7 @@ func (n *IKSNode) VsiName() string { } func (n *IKSNode) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return commonvpc.MultipleVPCsConfigPrefix(c, n.VPCResource) + nameWithBracketsInfo(n.Name(), n.Address()) + return commonvpc.MultipleVPCsConfigPrefix(c, &n.VPCResource) + nameWithBracketsInfo(n.Name(), n.Address()) } // vpe can be in multiple zones - depending on the zones of its network interfaces.. @@ -150,7 +150,7 @@ func (lb *LoadBalancer) nameWithKind() string { return nameWithBracketsInfo(lb.ResourceName, lb.Kind()) } func (lb *LoadBalancer) NameForAnalyzerOut(c *vpcmodel.VPCConfig) string { - return commonvpc.MultipleVPCsConfigPrefix(c, lb.VPCResource) + lb.nameWithKind() + return commonvpc.MultipleVPCsConfigPrefix(c, &lb.VPCResource) + lb.nameWithKind() } func (lb *LoadBalancer) Nodes() []vpcmodel.Node {