simplify_output flag (#576)

* simplify_output

Signed-off-by: haim-kermany <[email protected]>

* simplify_output -> simplify_graph

Signed-off-by: haim-kermany <[email protected]>

* simplify_output -> simplify_graph

Signed-off-by: haim-kermany <[email protected]>

* update md

Signed-off-by: haim-kermany <[email protected]>

* lint

Signed-off-by: haim-kermany <[email protected]>

* update scheme md

Signed-off-by: haim-kermany <[email protected]>

---------

Signed-off-by: haim-kermany <[email protected]>

Author: haim-kermany

README.md

@@ -95,6 +95,8 @@ The arguments to `--resource_list` and to `--base_resource_list` should be one o
   *shorthand* `-f`
 - `--expected_output <file name>`\
   A file path to the expected query output (for connectivity or semantic_diff queries).\
+- `--simplify_graph`\
+  simplify the connectivity graph, (relevant only when output_format is dot or jpg)
 - `--pr_url <URL>`\
    Write output as GitHub PR comment. URL points to the relevant `comments` resource in the GitHub API.\
    e.g., https://api.github.com/repos/shift-left-netconfig/online-boutique/issues/1/comments

docs/SchemeFileFormat.md

@@ -82,6 +82,7 @@ The supported entries in the outputConfiguration object are as follows:
 |------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
 | outputFormat     | Output format specification.                                                                                                                                                                                                                                                                                                                                                                                                           | string [ txt / yaml / csv / md / dot / jpg/ txt_no_fw_rules] |
 | outputPath       | A file path to redirect output into.                                                                                                                                                                                                                                                                                                                                                                                                   | string                                                       |
+| simplifyGraph    | Choose if to simplify the connectivity graph.                                                                                                                                                                                                                                                                                                                                                                                          | bool  [default: False]                                       |
 | outputEndpoints  | Choose endpoints type in output.                                                                                                                                                                                                                                                                                                                                                                                                       | string [ pods / deployments ]                                |
 | subset           | A dict object with the defined subset elements to display in the output                                                                                                                                                                                                                                                                                                                                                                | [subset](#subset) object                                     |
 | fullExplanation  | Choose if to print all counterexamples causing the query result in the output                                                                                                                                                                                                                                                                                                                                                          | bool                                                         |

nca/FWRules/ConnectivityGraph.py

@@ -330,18 +330,19 @@ def get_connections_without_fw_rules_txt_format(self, connectivity_msg=None, exc
         lines_list.extend(sorted(list(lines)))
         return '\n'.join(lines_list)
 
-    def get_connectivity_dot_format_str(self, connectivity_restriction=None):
+    def get_connectivity_dot_format_str(self, connectivity_restriction=None, simplify_graph=False):
         """
         :param Union[str,None] connectivity_restriction: specify if connectivity is restricted to
                TCP / non-TCP , or not
+        :param simplify_graph[bool, False] whether to simplify the dot output graph
         :rtype str
         :return: a string with content of dot format for connectivity graph
         """
         restriction_title = f', for {connectivity_restriction} connections' if connectivity_restriction else ''
         query_title = f'{self.output_config.queryName}/' if self.output_config.queryName else ''
         name = f'{query_title}{self.output_config.configName}{restriction_title}'
 
-        dot_graph = DotGraph(name)
+        dot_graph = DotGraph(name, do_not_subgraph=simplify_graph)
         peers_groups = self._get_equals_groups()
         # we are going to treat a peers_group as one peer.
         # the first peer in the peers_group is representing the group

nca/FWRules/DotGraph.py

@@ -30,6 +30,7 @@ class Node:
         name: str
         node_type: int
         label: str
+        title: str
 
     @dataclass
     class Edge:
@@ -38,13 +39,14 @@ class Edge:
         label: str
         is_dir: bool
 
-    def __init__(self, name):
+    def __init__(self, name, do_not_subgraph):
         self.subgraphs = {}
         self.name = name
         self.edges = []
         self.all_nodes = {}
         self.labels = set()
         self.labels_dict = {}
+        self.do_not_subgraph = do_not_subgraph
         self.node_styles = \
             {self.NodeType.IPBlock: 'shape=box fontcolor=red2',
              self.NodeType.Pod: 'shape=box fontcolor=blue',
@@ -74,9 +76,11 @@ def add_node(self, subgraph, name, node_type, label):
         param label: node label
         """
         label = [tok.strip() for tok in label if tok != '']
+        title = subgraph if self.do_not_subgraph else ''
+        subgraph = '' if self.do_not_subgraph else subgraph
         if subgraph not in self.subgraphs:
             self.subgraphs[subgraph] = self.Subgraph(subgraph)
-        node = self.Node(name, node_type, label)
+        node = self.Node(name, node_type, label, title)
         self.subgraphs[subgraph].nodes.append(node)
         self.all_nodes[name] = node
         if node_type in {self.NodeType.Clique, self.NodeType.BiClique}:
@@ -191,7 +195,11 @@ def _node_to_str(self, node):
             table = f'<<table border="{border}" cellspacing="0">'
             for line in node.label:
                 if line:
-                    table += f'<tr><td>{line}</td></tr>'
+                    if node.title:
+                        table += f'<tr><td>{node.title}/{line}</td></tr>'
+                    else:
+                        table += f'<tr><td>{line}</td></tr>'
+
             table += '</table>>'
             label = f'label={table}'
             node_desc = f'{label} {self.node_styles[node.node_type]} tooltip=\"{self.node_tooltip[node.node_type]}\"'

nca/NetworkConfig/NetworkConfigQuery.py

@@ -1031,7 +1031,7 @@ def dot_format_from_connections_dict(self, connections, peers, connectivity_rest
         :return the connectivity map in dot-format, considering connectivity_restriction if required
         """
         conn_graph = self._get_conn_graph(connections, peers)
-        return conn_graph.get_connectivity_dot_format_str(connectivity_restriction)
+        return conn_graph.get_connectivity_dot_format_str(connectivity_restriction, self.output_config.simplifyGraph)
 
     def dot_format_from_props(self, props, peers, connectivity_restriction=None):
         """

nca/Resources/NetworkPolicy.py

@@ -116,7 +116,7 @@ def __str__(self):
         return self.full_name()
 
     def __eq__(self, other):
-        if type(self) == type(other):
+        if type(self) is type(other):
             self.sync_opt_props()
             other.sync_opt_props()
             return \

nca/Utils/OutputConfiguration.py

@@ -19,7 +19,7 @@ def __init__(self, output_config_dict=None, query_name=''):
         default_output_config = {'fwRulesRunInTestMode': False, 'fwRulesDebug': False,
                                  'fwRulesGroupByLabelSinglePod': False, 'fwRulesFilterSystemNs': False,
                                  'fwRulesMaxIter': 10, 'outputFormat': 'txt', 'outputPath': None,
-                                 'fwRulesOverrideAllowedLabels': None, 'prURL': None,
+                                 'simplifyGraph': False, 'fwRulesOverrideAllowedLabels': None, 'prURL': None,
                                  'connectivityFilterIstioEdges': True, 'outputEndpoints': 'deployments',
                                  'subset': {}, 'explain': None, 'fullExplanation': False, 'excludeIPv6Range': True}
 

nca/nca_cli.py

@@ -153,6 +153,7 @@ def run_args(args):  # noqa: C901
 
     output_config = OutputConfiguration({'outputFormat': args.output_format or 'txt',
                                          'outputPath': args.file_out or None,
+                                         'simplifyGraph': args.simplify_graph or False,
                                          'prURL': args.pr_url or None,
                                          'outputEndpoints': args.output_endpoints,
                                          'subset': {},
@@ -326,6 +327,9 @@ def nca_main(argv=None):
     parser.add_argument('--file_out', '-f', type=str, help='A file path to which output is redirected')
     parser.add_argument('--expected_output', type=str, help='A file path of the expected query output,'
                                                             'relevant only with --connectivity and --semantic_diff')
+    parser.add_argument('--simplify_graph', action='store_true',
+                        help='simplify the connectivity graph,'
+                             'relevant only when output_format is dot or jpg')
     parser.add_argument('--pr_url', type=str, help='The full api url for adding a PR comment')
     parser.add_argument('--return_0', action='store_true', help='Force a return value 0')
     parser.add_argument('--version', '-v', action='store_true', help='Print version and exit')

tests/fw_rules_tests/policies/expected_output/poc1-scheme_output.dot

@@ -6,24 +6,18 @@ digraph {
 	subgraph cluster_map_explanation {
 	dict_box [label=<<table border="0" cellspacing="0"><tr><td  align="text">Connectivity legend<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 3550" href="bogus">tcp3550     TCP 3550<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 50051" href="bogus">tcp50051     TCP 50051<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 5050" href="bogus">tcp5050     TCP 5050<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 6379" href="bogus">tcp6379     TCP 6379<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 7000" href="bogus">tcp7000     TCP 7000<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 7070" href="bogus">tcp7070     TCP 7070<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 8080" href="bogus">tcp8080     TCP 8080<br align="left" /></td></tr><tr><td align="text" tooltip="TCP 9555" href="bogus">tcp9555     TCP 9555<br align="left" /></td></tr></table>> shape=box]
 	"0.0.0.0/0" [label=<<table border="0" cellspacing="0"><tr><td>0.0.0.0/0</td></tr></table>> shape=box fontcolor=red2 tooltip="IP Block"]
-subgraph cluster_default_namespace{
-	label="default"
-	fontsize=20
-	fontcolor=blue
-	tooltip="Namespace"
-	"default/adservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>adservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/cartservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>cartservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/checkoutservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>checkoutservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/currencyservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>currencyservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/emailservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>emailservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/frontend(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>frontend(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/loadgenerator(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>loadgenerator(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/paymentservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>paymentservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/productcatalogservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>productcatalogservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/recommendationservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>recommendationservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/redis-cart(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>redis-cart(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-	"default/shippingservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>shippingservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
-}
+	"default/adservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/adservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/cartservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/cartservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/checkoutservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/checkoutservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/currencyservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/currencyservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/emailservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/emailservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/frontend(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/frontend(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/loadgenerator(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/loadgenerator(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/paymentservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/paymentservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/productcatalogservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/productcatalogservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/recommendationservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/recommendationservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/redis-cart(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/redis-cart(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
+	"default/shippingservice(Deployment)" [label=<<table border="0" cellspacing="0"><tr><td>default/shippingservice(Deployment)</td></tr></table>> shape=box fontcolor=blue tooltip="Workload"]
 	"0.0.0.0/0" -> "default/frontend(Deployment)"[label="tcp8080" labeltooltip="TCP 8080" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none]
 	"default/cartservice(Deployment)" -> "default/redis-cart(Deployment)"[label="tcp6379" labeltooltip="TCP 6379" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none]
 	"default/checkoutservice(Deployment)" -> "default/cartservice(Deployment)"[label="tcp7070" labeltooltip="TCP 7070" color=darkorange4 fontcolor=darkgreen dir=both arrowhead=normal arrowtail=none]

tests/fw_rules_tests/policies/poc1-scheme.yaml

@@ -31,6 +31,7 @@ queries:
   outputConfiguration:
     outputFormat: dot
     outputPath: null
+    simplifyGraph: true
     fwRulesRunInTestMode: false
   expectedOutput: expected_output/poc1-scheme_output.dot
 - name: connectivity_map_csv