Report connections count between two workloads to Otterize cloud (#284)

Author: zohar7ch

src/mapper/pkg/cloudclient/generated.go

@@ -552,6 +552,12 @@ enum ComponentType {
 	NETWORK_MAPPER
 }
 
+input ConnectionsCount {
+	current: Int!
+	removed: Int!
+	added: Int!
+}
+
 type CreateGitHubIntegrationResponse {
 	integration: Integration!
 	nextURL: String!
@@ -1427,6 +1433,7 @@ input IntentInput {
 	internet: InternetConfigInput
 	status: IntentStatusInput
 	resolutionData: String
+	connectionsCount: ConnectionsCount
 }
 
 input IntentRequestInput {
@@ -2340,6 +2347,12 @@ type Query {
 		clientServiceId: ID!
 		serverServiceId: ID!
 	): [NetworkPolicy!]!
+""" Get edge connections count """
+	edgeConnectionsCount(
+		clientId: ID!
+		serverId: ID!
+		lastSeenAfter: Time!
+	): Int!
 """Get access log"""
 	accessLog(
 		filter: InputAccessLogFilter
@@ -2559,13 +2572,17 @@ enum RegulationCode {
 	ZERO_TRUST_EGRESS_ACCESS_COVERED
 	ZERO_TRUST_EXTERNAL_INGRESS_TAGGED
 	ZERO_TRUST_ALL_INTRA_CLUSTER_ACCESS_COVERED
+	THREAT_INTELLIGENCE
+"""Detect known IOCs (IPs, domain names) against ingress and egress Internet traffic"""
+	THREAT_INTELLIGENCE_KNOWN_IOCS
 }
 
 enum RegulationStandard {
 	PCI_4_0
 	PII
 	HIPAA
 	ZERO_TRUST
+	THREAT_INTELLIGENCE
 }
 
 input ReportServiceMetadataInput {

src/mapper/pkg/cloudclient/schema.graphql

@@ -58,6 +58,11 @@ func (c *CloudUploader) NotifyIntents(ctx context.Context, intents []intentsstor
 				Resources: httpResourceToHTTPConfInput(intent.Intent.HTTPResources),
 			},
 		}
+
+		if intent.ConnectionsCount != nil {
+			toCloud.Intent.ConnectionsCount = intent.ConnectionsCount
+		}
+
 		if intent.Intent.Client.PodOwnerKind != nil && intent.Intent.Client.PodOwnerKind.Kind != "" {
 			toCloud.Intent.ClientWorkloadKind = lo.ToPtr(intent.Intent.Client.PodOwnerKind.Kind)
 		}

src/mapper/pkg/clouduploader/cloud_upload.go

@@ -49,9 +49,11 @@ func (s *CloudUploaderTestSuite) addIntent(source string, srcNamespace string, d
 	s.intentsHolder.AddIntent(
 		testTimestamp,
 		model.Intent{
-			Client: &model.OtterizeServiceIdentity{Name: source, Namespace: srcNamespace},
-			Server: &model.OtterizeServiceIdentity{Name: destination, Namespace: dstNamespace},
+			Client:         &model.OtterizeServiceIdentity{Name: source, Namespace: srcNamespace},
+			Server:         &model.OtterizeServiceIdentity{Name: destination, Namespace: dstNamespace},
+			ResolutionData: lo.ToPtr("handleInternalTrafficTCPResult"),
 		},
+		[]int64{int64(20205)},
 	)
 }
 
@@ -75,12 +77,14 @@ func intentInput(clientName string, namespace string, serverName string, serverN
 	}
 
 	return cloudclient.IntentInput{
-		ClientName:      nilIfEmpty(clientName),
-		ServerName:      nilIfEmpty(serverName),
-		Namespace:       nilIfEmpty(namespace),
-		ServerNamespace: nilIfEmpty(serverNamespace),
-		Topics:          []*cloudclient.KafkaConfigInput{},
-		Resources:       []*cloudclient.HTTPConfigInput{},
+		ClientName:       nilIfEmpty(clientName),
+		ServerName:       nilIfEmpty(serverName),
+		Namespace:        nilIfEmpty(namespace),
+		ServerNamespace:  nilIfEmpty(serverNamespace),
+		Topics:           []*cloudclient.KafkaConfigInput{},
+		Resources:        []*cloudclient.HTTPConfigInput{},
+		ResolutionData:   lo.ToPtr("handleInternalTrafficTCPResult"),
+		ConnectionsCount: lo.ToPtr(cloudclient.ConnectionsCount{Current: lo.ToPtr(1), Added: lo.ToPtr(1), Removed: lo.ToPtr(0)}),
 	}
 }
 
@@ -151,7 +155,7 @@ func (s *CloudUploaderTestSuite) TestUploadIntentsWithOperations() {
 		},
 	}
 
-	s.intentsHolder.AddIntent(testTimestamp, discoveredProduce)
+	s.intentsHolder.AddIntent(testTimestamp, discoveredProduce, make([]int64, 0))
 
 	discoveredConsume := model.Intent{
 		Client: &model.OtterizeServiceIdentity{Name: "client1", Namespace: s.testNamespace},
@@ -166,7 +170,7 @@ func (s *CloudUploaderTestSuite) TestUploadIntentsWithOperations() {
 		HTTPResources: []model.HTTPResource{},
 	}
 
-	s.intentsHolder.AddIntent(testTimestamp, discoveredConsume)
+	s.intentsHolder.AddIntent(testTimestamp, discoveredConsume, make([]int64, 0))
 	cloudIntent := []cloudclient.IntentInput{
 		{
 			ClientName:      lo.ToPtr("client1"),
@@ -191,7 +195,7 @@ func (s *CloudUploaderTestSuite) TestUploadIntentsWithOperations() {
 	s.cloudUploader.NotifyIntents(context.Background(), s.intentsHolder.GetNewIntentsSinceLastGet())
 
 	newTimestamp := testTimestamp.Add(time.Hour)
-	s.intentsHolder.AddIntent(newTimestamp, discoveredProduce)
+	s.intentsHolder.AddIntent(newTimestamp, discoveredProduce, make([]int64, 0))
 
 	produceOnly := []cloudclient.IntentInput{
 		{
@@ -250,6 +254,8 @@ func (s *CloudUploaderTestSuite) TestUploadSameIntentOnce() {
 
 	s.cloudUploader.NotifyIntents(context.Background(), s.intentsHolder.GetNewIntentsSinceLastGet())
 
+	// We will upload the same intent twice, so we expect the add count to be 0
+	intents[0].ConnectionsCount.Added = lo.ToPtr(0)
 	s.clientMock.EXPECT().ReportDiscoveredIntents(gomock.Any(), GetMatcher(intents)).Return(nil).Times(1)
 	s.addIntent("client", s.testNamespace, "server", s.testNamespace)
 	s.cloudUploader.NotifyIntents(context.Background(), s.intentsHolder.GetNewIntentsSinceLastGet())