diff output updates (#214)

* diff output updates

* Update tests/acs-security-demos-added-workloads/diff_output_from_acs-security-demos.csv

Co-authored-by: Adi Sosnovich <[email protected]>

* fixes

* fix

---------

Co-authored-by: Adi Sosnovich <[email protected]>

cmd/netpolicy/cmd/command_test.go

@@ -382,14 +382,17 @@ func TestCommands(t *testing.T) {
  "--output",
  "txt",
  },
- // expected first 3 rows
  expectedOutput: "Connectivity diff:\n" +
- "source: 0.0.0.0-255.255.255.255, destination: default/unicorn[Deployment], " +
- "dir1: No Connections, dir2: All Connections, diff-type: added (workload default/unicorn[Deployment] added)\n" +
- "source: default/redis-cart[Deployment], destination: default/unicorn[Deployment], " +
- "dir1: No Connections, dir2: All Connections, diff-type: added (workload default/unicorn[Deployment] added)",
- containment: true,
- isErr: false,
+ "diff-type: added, source: 0.0.0.0-255.255.255.255, destination: default/unicorn[Deployment], dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added\n" +
+ "diff-type: added, source: default/redis-cart[Deployment], destination: default/unicorn[Deployment], dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added\n" +
+ "diff-type: added, source: default/unicorn[Deployment], destination: 0.0.0.0-255.255.255.255, dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added\n" +
+ "diff-type: added, source: default/unicorn[Deployment], destination: default/redis-cart[Deployment], dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added",
+ exact: true,
+ isErr: false,
  },
  {
  name: "test_legal_diff_txt_output_with_file",
@@ -404,15 +407,18 @@ func TestCommands(t *testing.T) {
  "-f",
  outFileName,
  },
- // expected first 3 rows
  expectedOutput: "Connectivity diff:\n" +
- "source: 0.0.0.0-255.255.255.255, destination: default/unicorn[Deployment], " +
- "dir1: No Connections, dir2: All Connections, diff-type: added (workload default/unicorn[Deployment] added)\n" +
- "source: default/redis-cart[Deployment], destination: default/unicorn[Deployment], " +
- "dir1: No Connections, dir2: All Connections, diff-type: added (workload default/unicorn[Deployment] added)",
- containment: true,
- isErr: false,
- hasFile: true,
+ "diff-type: added, source: 0.0.0.0-255.255.255.255, destination: default/unicorn[Deployment], dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added\n" +
+ "diff-type: added, source: default/redis-cart[Deployment], destination: default/unicorn[Deployment], dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added\n" +
+ "diff-type: added, source: default/unicorn[Deployment], destination: 0.0.0.0-255.255.255.255, dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added\n" +
+ "diff-type: added, source: default/unicorn[Deployment], destination: default/redis-cart[Deployment], dir1:" +
+ " No Connections, dir2: All Connections, workloads-diff-info: workload default/unicorn[Deployment] added",
+ exact: true,
+ isErr: false,
+ hasFile: true,
  },
  {
  name: "test_legal_diff_csv_output",
@@ -425,14 +431,18 @@ func TestCommands(t *testing.T) {
  "--output",
  "csv",
  },
- // expected first 3 rows
- expectedOutput: "source,destination,dir1,dir2,diff-type\n" +
- "0.0.0.0-255.255.255.255,default/unicorn[Deployment],No Connections," +
- "All Connections,added (workload default/unicorn[Deployment] added)\n" +
- "default/redis-cart[Deployment],default/unicorn[Deployment],No Connections,All Connections," +
- "added (workload default/unicorn[Deployment] added)",
- containment: true,
- isErr: false,
+ expectedOutput: "diff-type,source,destination,dir1,dir2,workloads-diff-info\n" +
+ "added,0.0.0.0-255.255.255.255,default/unicorn[Deployment],No Connections,All Connections," +
+ "workload default/unicorn[Deployment] added\n" +
+ "added,default/redis-cart[Deployment],default/unicorn[Deployment],No Connections,All Connections," +
+ "workload default/unicorn[Deployment] added\n" +
+ "added,default/unicorn[Deployment],0.0.0.0-255.255.255.255,No Connections,All Connections," +
+ "workload default/unicorn[Deployment] added\n" +
+ "added,default/unicorn[Deployment],default/redis-cart[Deployment],No Connections,All Connections," +
+ "workload default/unicorn[Deployment] added\n" +
+ "",
+ exact: true,
+ isErr: false,
  },
  {
  name: "test_legal_diff_md_output",
@@ -445,13 +455,18 @@ func TestCommands(t *testing.T) {
  "--output",
  "md",
  },
- // expected first 3 rows
- expectedOutput: "| source | destination | dir1 | dir2 | diff-type |\n" +
- "|--------|-------------|------|------|-----------|\n" +
- "| 0.0.0.0-255.255.255.255 | default/unicorn[Deployment] | No Connections | All Connections |" +
- " added (workload default/unicorn[Deployment] added) |",
- containment: true,
- isErr: false,
+ expectedOutput: "| diff-type | source | destination | dir1 | dir2 | workloads-diff-info |\n" +
+ "|-----------|--------|-------------|------|------|---------------------|\n" +
+ "| added | 0.0.0.0-255.255.255.255 | default/unicorn[Deployment] | No Connections " +
+ "| All Connections | workload default/unicorn[Deployment] added |\n" +
+ "| added | default/redis-cart[Deployment] | default/unicorn[Deployment] | No Connections " +
+ "| All Connections | workload default/unicorn[Deployment] added |\n" +
+ "| added | default/unicorn[Deployment] | 0.0.0.0-255.255.255.255 | No Connections " +
+ "| All Connections | workload default/unicorn[Deployment] added |\n" +
+ "| added | default/unicorn[Deployment] | default/redis-cart[Deployment] | No Connections " +
+ "| All Connections | workload default/unicorn[Deployment] added |",
+ exact: true,
+ isErr: false,
  },
  }
 

pkg/netpol/diff/diff_formatter.go

@@ -18,20 +18,20 @@ type diffFormatter interface {
 
 const (
  noConns = "No Connections"
- infoPrefix = " (workload "
- infoSuffix = ")"
+ infoPrefix = "workload "
  space = " "
  and = " and "
 )
 
 var newLine = fmt.Sprintln("")
 
 type singleDiffFields struct {
- src string
- dst string
- dir1Conn string
- dir2Conn string
- diffType string
+ diffType string
+ src string
+ dst string
+ dir1Conn string
+ dir2Conn string
+ workloadDiffInfo string
 }
 
 func formDiffFieldsDataOfDiffConns(diffConns []*ConnsPair) (netpolsDiff, ingressDiff []*singleDiffFields) {
@@ -41,11 +41,12 @@ func formDiffFieldsDataOfDiffConns(diffConns []*ConnsPair) (netpolsDiff, ingress
  firstDirConn, secondDirConn := getDirsConnsStrings(d)
  srcStr, dstStr, isSrcIngress := getConnPeersStrings(d)
  diffData := &singleDiffFields{
- src: srcStr,
- dst: dstStr,
- dir1Conn: firstDirConn,
- dir2Conn: secondDirConn,
- diffType: getDiffInfo(d),
+ diffType: d.diffType,
+ src: srcStr,
+ dst: dstStr,
+ dir1Conn: firstDirConn,
+ dir2Conn: secondDirConn,
+ workloadDiffInfo: getDiffInfo(d),
  }
  if isSrcIngress {
  ingressRes = append(ingressRes, diffData)
@@ -81,12 +82,9 @@ func getDirsConnsStrings(c *ConnsPair) (dir1Str, dir2Str string) {
 
 // computes the diff string (if to include added/removed workloads)
 func getDiffInfo(c *ConnsPair) string {
- if c.diffType == changedType {
- return changedType
- }
  srcStr, dstStr, _ := getConnPeersStrings(c)
+ diffInfo := ""
  // handling added or removed diff data
- diffInfo := c.diffType
  includedSrcFlag := false
  if c.newOrLostSrc || c.newOrLostDst {
  diffInfo += infoPrefix
@@ -100,7 +98,7 @@ func getDiffInfo(c *ConnsPair) string {
  }
  diffInfo += dstStr
  }
- diffInfo += space + c.diffType + infoSuffix
+ diffInfo += space + c.diffType
  }
  return diffInfo
 }
@@ -160,16 +158,21 @@ func (t *diffFormatText) writeDiffOutput(connsDiff ConnectivityDiff) (string, er
 }
 
 func (t *diffFormatText) singleDiffLine(d *singleDiffFields) string {
- return fmt.Sprintf("source: %s, destination: %s, dir1: %s, dir2: %s, diff-type: %s",
- d.src, d.dst, d.dir1Conn, d.dir2Conn, d.diffType)
+ diffLine := fmt.Sprintf("diff-type: %s, source: %s, destination: %s, dir1: %s, dir2: %s", d.diffType,
+ d.src, d.dst, d.dir1Conn, d.dir2Conn)
+ if d.workloadDiffInfo != "" {
+ return diffLine + ", workloads-diff-info: " + d.workloadDiffInfo
+ }
+ return diffLine
 }
 
 // /////////////////////////
 // diffFormatMD: implements the diffFormatter interface for md output format
 type diffFormatMD struct {
 }
 
-var mdHeader = "| source | destination | dir1 | dir2 | diff-type |\n|--------|-------------|------|------|-----------|"
+var mdHeader = "| diff-type | source | destination | dir1 | dir2 | workloads-diff-info |\n" +
+ "|-----------|--------|-------------|------|------|---------------------|"
 
 // returns md string format of connections diff from connectivityDiff object
 func (md *diffFormatMD) writeDiffOutput(connsDiff ConnectivityDiff) (string, error) {
@@ -180,16 +183,16 @@ func (md *diffFormatMD) writeDiffOutput(connsDiff ConnectivityDiff) (string, err
 }
 
 func (md *diffFormatMD) singleDiffLine(d *singleDiffFields) string {
- return fmt.Sprintf("| %s | %s | %s | %s | %s |",
- d.src, d.dst, d.dir1Conn, d.dir2Conn, d.diffType)
+ return fmt.Sprintf("| %s | %s | %s | %s | %s | %s |",
+ d.diffType, d.src, d.dst, d.dir1Conn, d.dir2Conn, d.workloadDiffInfo)
 }
 
 // /////////////////////////
 // diffFormatCSV: implements the diffFormatter interface for csv output format
 type diffFormatCSV struct {
 }
 
-var csvHeader = []string{"source", "destination", "dir1", "dir2", "diff-type"}
+var csvHeader = []string{"diff-type", "source", "destination", "dir1", "dir2", "workloads-diff-info"}
 
 func (cs *diffFormatCSV) writeDiffOutput(connsDiff ConnectivityDiff) (string, error) {
  changesSortedByCategory := writeDiffLinesOrderedByCategory(connsDiff, cs)
@@ -210,5 +213,5 @@ func (cs *diffFormatCSV) writeDiffOutput(connsDiff ConnectivityDiff) (string, er
 }
 
 func (cs *diffFormatCSV) singleDiffLine(d *singleDiffFields) string {
- return fmt.Sprintf("%s;%s;%s;%s;%s", d.src, d.dst, d.dir1Conn, d.dir2Conn, d.diffType)
+ return fmt.Sprintf("%s;%s;%s;%s;%s;%s", d.diffType, d.src, d.dst, d.dir1Conn, d.dir2Conn, d.workloadDiffInfo)
 }

pkg/netpol/diff/diff_test.go

@@ -50,7 +50,6 @@ func TestDiff(t *testing.T) {
  secondDirName: "onlineboutique_workloads_changed_workloads",
  formats: allFormats,
  },
-
  {
  // description:
  // **changed netpols: default/frontend-netpol

tests/acs-security-demos-added-workloads/diff_output_from_acs-security-demos.csv

@@ -1,4 +1,4 @@
-source,destination,dir1,dir2,diff-type
-payments/gateway[Deployment],payments/visa-processor-v2[Deployment],No Connections,TCP 8080,added (workload payments/visa-processor-v2[Deployment] added)
-{ingress-controller},frontend/blog[Deployment],No Connections,TCP 8080,added (workload frontend/blog[Deployment] added)
-{ingress-controller},zeroday/zeroday[Deployment],No Connections,TCP 8080,added (workload zeroday/zeroday[Deployment] added)
+diff-type,source,destination,dir1,dir2,workloads-diff-info
+added,payments/gateway[Deployment],payments/visa-processor-v2[Deployment],No Connections,TCP 8080,workload payments/visa-processor-v2[Deployment] added
+added,{ingress-controller},frontend/blog[Deployment],No Connections,TCP 8080,workload frontend/blog[Deployment] added
+added,{ingress-controller},zeroday/zeroday[Deployment],No Connections,TCP 8080,workload zeroday/zeroday[Deployment] added

tests/acs-security-demos-added-workloads/diff_output_from_acs-security-demos.md

@@ -1,5 +1,5 @@
-| source | destination | dir1 | dir2 | diff-type |
-|--------|-------------|------|------|-----------|
-| payments/gateway[Deployment] | payments/visa-processor-v2[Deployment] | No Connections | TCP 8080 | added (workload payments/visa-processor-v2[Deployment] added) |
-| {ingress-controller} | frontend/blog[Deployment] | No Connections | TCP 8080 | added (workload frontend/blog[Deployment] added) |
-| {ingress-controller} | zeroday/zeroday[Deployment] | No Connections | TCP 8080 | added (workload zeroday/zeroday[Deployment] added) |
+| diff-type | source | destination | dir1 | dir2 | workloads-diff-info |
+|-----------|--------|-------------|------|------|---------------------|
+| added | payments/gateway[Deployment] | payments/visa-processor-v2[Deployment] | No Connections | TCP 8080 | workload payments/visa-processor-v2[Deployment] added |
+| added | {ingress-controller} | frontend/blog[Deployment] | No Connections | TCP 8080 | workload frontend/blog[Deployment] added |
+| added | {ingress-controller} | zeroday/zeroday[Deployment] | No Connections | TCP 8080 | workload zeroday/zeroday[Deployment] added |

tests/acs-security-demos-added-workloads/diff_output_from_acs-security-demos.txt

@@ -1,4 +1,4 @@
 Connectivity diff:
-source: payments/gateway[Deployment], destination: payments/visa-processor-v2[Deployment], dir1: No Connections, dir2: TCP 8080, diff-type: added (workload payments/visa-processor-v2[Deployment] added)
-source: {ingress-controller}, destination: frontend/blog[Deployment], dir1: No Connections, dir2: TCP 8080, diff-type: added (workload frontend/blog[Deployment] added)
-source: {ingress-controller}, destination: zeroday/zeroday[Deployment], dir1: No Connections, dir2: TCP 8080, diff-type: added (workload zeroday/zeroday[Deployment] added)
+diff-type: added, source: payments/gateway[Deployment], destination: payments/visa-processor-v2[Deployment], dir1: No Connections, dir2: TCP 8080, workloads-diff-info: workload payments/visa-processor-v2[Deployment] added
+diff-type: added, source: {ingress-controller}, destination: frontend/blog[Deployment], dir1: No Connections, dir2: TCP 8080, workloads-diff-info: workload frontend/blog[Deployment] added
+diff-type: added, source: {ingress-controller}, destination: zeroday/zeroday[Deployment], dir1: No Connections, dir2: TCP 8080, workloads-diff-info: workload zeroday/zeroday[Deployment] added

tests/acs-security-demos-new/diff_output_from_acs-security-demos.csv

@@ -1,13 +1,13 @@
-source,destination,dir1,dir2,diff-type
-backend/reports[Deployment],backend/catalog[Deployment],TCP 8080,TCP 9080,changed
-0.0.0.0-255.255.255.255,external/unicorn[Deployment],No Connections,All Connections,added (workload external/unicorn[Deployment] added)
-backend/checkout[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,added (workload external/unicorn[Deployment] added)
-backend/recommendation[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,added (workload external/unicorn[Deployment] added)
-backend/reports[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,added (workload external/unicorn[Deployment] added)
-external/unicorn[Deployment],0.0.0.0-255.255.255.255,No Connections,All Connections,added (workload external/unicorn[Deployment] added)
-external/unicorn[Deployment],frontend/webapp[Deployment],No Connections,TCP 8080,added (workload external/unicorn[Deployment] added)
-frontend/webapp[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,added (workload external/unicorn[Deployment] added)
-payments/gateway[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,added (workload external/unicorn[Deployment] added)
-frontend/webapp[Deployment],backend/shipping[Deployment],TCP 8080,No Connections,removed
-payments/gateway[Deployment],payments/mastercard-processor[Deployment],TCP 8080,No Connections,removed (workload payments/mastercard-processor[Deployment] removed)
-{ingress-controller},frontend/asset-cache[Deployment],TCP 8080,No Connections,removed
+diff-type,source,destination,dir1,dir2,workloads-diff-info
+changed,backend/reports[Deployment],backend/catalog[Deployment],TCP 8080,TCP 9080,
+added,0.0.0.0-255.255.255.255,external/unicorn[Deployment],No Connections,All Connections,workload external/unicorn[Deployment] added
+added,backend/checkout[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,workload external/unicorn[Deployment] added
+added,backend/recommendation[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,workload external/unicorn[Deployment] added
+added,backend/reports[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,workload external/unicorn[Deployment] added
+added,external/unicorn[Deployment],0.0.0.0-255.255.255.255,No Connections,All Connections,workload external/unicorn[Deployment] added
+added,external/unicorn[Deployment],frontend/webapp[Deployment],No Connections,TCP 8080,workload external/unicorn[Deployment] added
+added,frontend/webapp[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,workload external/unicorn[Deployment] added
+added,payments/gateway[Deployment],external/unicorn[Deployment],No Connections,UDP 5353,workload external/unicorn[Deployment] added
+removed,frontend/webapp[Deployment],backend/shipping[Deployment],TCP 8080,No Connections,
+removed,payments/gateway[Deployment],payments/mastercard-processor[Deployment],TCP 8080,No Connections,workload payments/mastercard-processor[Deployment] removed
+removed,{ingress-controller},frontend/asset-cache[Deployment],TCP 8080,No Connections,