diff --git a/pkg/netpol/connlist/connlist_test.go b/pkg/netpol/connlist/connlist_test.go index 79bef84f..5a940fdd 100644 --- a/pkg/netpol/connlist/connlist_test.go +++ b/pkg/netpol/connlist/connlist_test.go @@ -913,4 +913,9 @@ var goodPathTests = []struct { focusWorkload: "ratings-v1-b6994bb9", outputFormats: ExposureValidFormats, }, + { + testDirName: "test_exposure_minimal_netpol_analysis", + exposureAnalysis: true, + outputFormats: []string{output.DOTFormat}, + }, } diff --git a/pkg/netpol/connlist/conns_formatter_dot.go b/pkg/netpol/connlist/conns_formatter_dot.go index 73c564e9..5c0951ae 100644 --- a/pkg/netpol/connlist/conns_formatter_dot.go +++ b/pkg/netpol/connlist/conns_formatter_dot.go @@ -23,9 +23,12 @@ const ( peerLineClosing = "]" allPeersLbl = "all pods" allNamespacesLbl = "all namespaces" + edgeWeightLabel = " weight=" + ingWeight = "1" + egWeight = "0.5" ) -var edgeLineFormat = fmt.Sprintf("\t%%q -> %%q [label=%%q color=\"gold2\" fontcolor=\"darkgreen\"]") +var edgeLineFormat = fmt.Sprintf("\t%%q -> %%q [label=%%q color=\"gold2\" fontcolor=\"darkgreen\"%%s]") var peerLineFormatPrefix = fmt.Sprintf("\t%%q [label=%%q color=%%q fontcolor=%%q") // formatDOT: implements the connsFormatter interface for dot output format @@ -35,7 +38,7 @@ type formatDOT struct { // getEdgeLine formats an edge line from a Peer2PeerConnection struct , to be used for dot graph func getEdgeLine(c Peer2PeerConnection) string { connStr := common.ConnStrFromConnProperties(c.AllProtocolsAndPorts(), c.ProtocolsAndPorts()) - return fmt.Sprintf(edgeLineFormat, c.Src().String(), c.Dst().String(), connStr) + return fmt.Sprintf(edgeLineFormat, c.Src().String(), c.Dst().String(), connStr, "") } // peerNameAndColorByType returns the peer label and color to be represented in the graph, and whether the peer is @@ -179,9 +182,9 @@ func getEntireClusterLine() string { // getExposureEdgeLine formats an exposure connection edge line for dot graph func getExposureEdgeLine(realPeerStr, repPeerStr string, isIngress bool, conn *common.ConnectionSet) string { if isIngress { - return fmt.Sprintf(edgeLineFormat, repPeerStr, realPeerStr, conn.String()) + return fmt.Sprintf(edgeLineFormat, repPeerStr, realPeerStr, conn.String(), edgeWeightLabel+ingWeight) } - return fmt.Sprintf(edgeLineFormat, realPeerStr, repPeerStr, conn.String()) + return fmt.Sprintf(edgeLineFormat, realPeerStr, repPeerStr, conn.String(), edgeWeightLabel+egWeight) } // getRepPeerLine formats a representative peer line for dot graph diff --git a/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot b/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot index be08ac3b..07134224 100644 --- a/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot +++ b/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot @@ -29,21 +29,21 @@ digraph { "{ingress-controller}" [label="{ingress-controller}" color="blue" fontcolor="blue"] "backend/checkout[Deployment]" -> "backend/notification[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "backend/checkout[Deployment]" -> "backend/recommendation[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "backend/checkout[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen"] + "backend/checkout[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen" weight=0.5] "backend/checkout[Deployment]" -> "payments/gateway[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "backend/recommendation[Deployment]" -> "backend/catalog[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "backend/recommendation[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen"] + "backend/recommendation[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen" weight=0.5] "backend/reports[Deployment]" -> "backend/catalog[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "backend/reports[Deployment]" -> "backend/recommendation[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "backend/reports[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "frontend/asset-cache[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "frontend/webapp[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] + "backend/reports[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen" weight=0.5] + "entire-cluster" -> "frontend/asset-cache[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "frontend/webapp[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen" weight=1] "frontend/webapp[Deployment]" -> "backend/checkout[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "frontend/webapp[Deployment]" -> "backend/recommendation[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "frontend/webapp[Deployment]" -> "backend/reports[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "frontend/webapp[Deployment]" -> "backend/shipping[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "frontend/webapp[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen"] - "payments/gateway[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen"] + "frontend/webapp[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen" weight=0.5] + "payments/gateway[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen" weight=0.5] "payments/gateway[Deployment]" -> "payments/mastercard-processor[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "payments/gateway[Deployment]" -> "payments/visa-processor[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "{ingress-controller}" -> "frontend/asset-cache[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] diff --git a/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.png b/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.png index 7f50b1da..b0b1b9f2 100644 Binary files a/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.png and b/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.svg b/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.svg index 02ff911a..61ff3052 100644 --- a/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_acs-security-demos_connlist_output.dot.svg @@ -4,249 +4,249 @@ - - - + + + cluster_backend - -backend + +backend cluster_frontend - -frontend + +frontend cluster_payments - -payments + +payments backend/catalog[Deployment] - -catalog[Deployment] + +catalog[Deployment] backend/checkout[Deployment] - -checkout[Deployment] + +checkout[Deployment] backend/notification[Deployment] - -notification[Deployment] + +notification[Deployment] backend/checkout[Deployment]->backend/notification[Deployment] - - -TCP 8080 + + +TCP 8080 backend/recommendation[Deployment] - -recommendation[Deployment] + +recommendation[Deployment] backend/checkout[Deployment]->backend/recommendation[Deployment] - - -TCP 8080 + + +TCP 8080 payments/gateway[Deployment] - -gateway[Deployment] + +gateway[Deployment] backend/checkout[Deployment]->payments/gateway[Deployment] - - -TCP 8080 + + +TCP 8080 entire-cluster - -entire-cluster + +entire-cluster backend/checkout[Deployment]->entire-cluster - - -UDP 5353 + + +UDP 5353 backend/recommendation[Deployment]->backend/catalog[Deployment] - - -TCP 8080 + + +TCP 8080 backend/recommendation[Deployment]->entire-cluster - - -UDP 5353 + + +UDP 5353 backend/reports[Deployment] - -reports[Deployment] + +reports[Deployment] backend/reports[Deployment]->backend/catalog[Deployment] - - -TCP 8080 + + +TCP 8080 backend/reports[Deployment]->backend/recommendation[Deployment] - - -TCP 8080 + + +TCP 8080 backend/reports[Deployment]->entire-cluster - - -UDP 5353 + + +UDP 5353 backend/shipping[Deployment] - -shipping[Deployment] + +shipping[Deployment] frontend/asset-cache[Deployment] - -asset-cache[Deployment] + +asset-cache[Deployment] frontend/webapp[Deployment] - -webapp[Deployment] + +webapp[Deployment] frontend/webapp[Deployment]->backend/checkout[Deployment] - - -TCP 8080 + + +TCP 8080 frontend/webapp[Deployment]->backend/recommendation[Deployment] - - -TCP 8080 + + +TCP 8080 frontend/webapp[Deployment]->backend/reports[Deployment] - - -TCP 8080 + + +TCP 8080 frontend/webapp[Deployment]->backend/shipping[Deployment] - - -TCP 8080 + + +TCP 8080 frontend/webapp[Deployment]->entire-cluster - - -UDP 5353 + + +UDP 5353 payments/mastercard-processor[Deployment] - -mastercard-processor[Deployment] + +mastercard-processor[Deployment] payments/gateway[Deployment]->payments/mastercard-processor[Deployment] - - -TCP 8080 + + +TCP 8080 payments/visa-processor[Deployment] - -visa-processor[Deployment] + +visa-processor[Deployment] payments/gateway[Deployment]->payments/visa-processor[Deployment] - - -TCP 8080 + + +TCP 8080 payments/gateway[Deployment]->entire-cluster - - -UDP 5353 + + +UDP 5353 entire-cluster->frontend/asset-cache[Deployment] - - -TCP 8080 + + +TCP 8080 entire-cluster->frontend/webapp[Deployment] - - -TCP 8080 + + +TCP 8080 {ingress-controller} - -{ingress-controller} + +{ingress-controller} {ingress-controller}->frontend/asset-cache[Deployment] - - -TCP 8080 + + +TCP 8080 {ingress-controller}->frontend/webapp[Deployment] - - -TCP 8080 + + +TCP 8080 diff --git a/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot b/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot index 9547ce51..d24097c9 100644 --- a/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot +++ b/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot @@ -16,11 +16,11 @@ digraph { } "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "{ingress-controller}" [label="{ingress-controller}" color="blue" fontcolor="blue"] - "entire-cluster" -> "frontend/webapp[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "frontend/webapp[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen" weight=1] "frontend/webapp[Deployment]" -> "backend/checkout[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "frontend/webapp[Deployment]" -> "backend/recommendation[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "frontend/webapp[Deployment]" -> "backend/reports[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "frontend/webapp[Deployment]" -> "backend/shipping[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "frontend/webapp[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen"] + "frontend/webapp[Deployment]" -> "entire-cluster" [label="UDP 5353" color="gold2" fontcolor="darkgreen" weight=0.5] "{ingress-controller}" -> "frontend/webapp[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.png b/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.png index b4067d6f..51c008cf 100644 Binary files a/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.png and b/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.svg b/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.svg index f0d5cd40..34332c3a 100644 --- a/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_acs-security-demos_focus_workload_frontend_webapp_connlist_output.dot.svg @@ -4,10 +4,10 @@ - + - + cluster_backend @@ -15,8 +15,8 @@ cluster_frontend - -frontend + +frontend @@ -45,69 +45,69 @@ frontend/webapp[Deployment] - -webapp[Deployment] + +webapp[Deployment] frontend/webapp[Deployment]->backend/checkout[Deployment] - - -TCP 8080 + + +TCP 8080 frontend/webapp[Deployment]->backend/recommendation[Deployment] - - -TCP 8080 + + +TCP 8080 frontend/webapp[Deployment]->backend/reports[Deployment] - - -TCP 8080 + + +TCP 8080 frontend/webapp[Deployment]->backend/shipping[Deployment] - - -TCP 8080 + + +TCP 8080 entire-cluster - -entire-cluster + +entire-cluster frontend/webapp[Deployment]->entire-cluster - - -UDP 5353 + + +UDP 5353 entire-cluster->frontend/webapp[Deployment] - - -TCP 8080 + + +TCP 8080 {ingress-controller} - -{ingress-controller} + +{ingress-controller} {ingress-controller}->frontend/webapp[Deployment] - - -TCP 8080 + + +TCP 8080 diff --git a/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot b/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot index 5a522bf6..30deec41 100644 --- a/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot +++ b/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot @@ -21,9 +21,9 @@ digraph { "default/ratings-v1-b6994bb9[ReplicaSet]" -> "default/reviews-v1-545db77b95[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "default/ratings-v1-b6994bb9[ReplicaSet]" -> "default/reviews-v2-7bf8c9648f[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "default/ratings-v1-b6994bb9[ReplicaSet]" -> "default/reviews-v3-84779c7bbc[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "default/ratings-v1-b6994bb9[ReplicaSet]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "default/ratings-v1-b6994bb9[ReplicaSet]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] "default/reviews-v1-545db77b95[ReplicaSet]" -> "default/ratings-v1-b6994bb9[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "default/reviews-v2-7bf8c9648f[ReplicaSet]" -> "default/ratings-v1-b6994bb9[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "default/reviews-v3-84779c7bbc[ReplicaSet]" -> "default/ratings-v1-b6994bb9[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "default/ratings-v1-b6994bb9[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "default/ratings-v1-b6994bb9[ReplicaSet]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.png b/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.png index c06fa245..88fc3f11 100644 Binary files a/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.png and b/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.svg b/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.svg index c7f26094..75aa064f 100644 --- a/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_k8s_ingress_test_focus_workload_ratings-v1-b6994bb9_connlist_output.dot.svg @@ -4,10 +4,10 @@ - + - + cluster_default @@ -16,21 +16,21 @@ default/details-v1-79f774bdb9[ReplicaSet] - -details-v1-79f774bdb9[ReplicaSet] + +details-v1-79f774bdb9[ReplicaSet] default/ratings-v1-b6994bb9[ReplicaSet] - -ratings-v1-b6994bb9[ReplicaSet] + +ratings-v1-b6994bb9[ReplicaSet] default/details-v1-79f774bdb9[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - -All Connections + + +All Connections @@ -41,23 +41,23 @@ default/productpage-v1-6b746f74dc[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - -All Connections + + +All Connections default/ratings-v1-b6994bb9[ReplicaSet]->default/details-v1-79f774bdb9[ReplicaSet] - - -All Connections + + +All Connections default/ratings-v1-b6994bb9[ReplicaSet]->default/productpage-v1-6b746f74dc[ReplicaSet] - - -All Connections + + +All Connections @@ -68,8 +68,8 @@ default/ratings-v1-b6994bb9[ReplicaSet]->default/reviews-v1-545db77b95[ReplicaSet] - - + + All Connections @@ -81,8 +81,8 @@ default/ratings-v1-b6994bb9[ReplicaSet]->default/reviews-v2-7bf8c9648f[ReplicaSet] - - + + All Connections @@ -94,8 +94,8 @@ default/ratings-v1-b6994bb9[ReplicaSet]->default/reviews-v3-84779c7bbc[ReplicaSet] - - + + All Connections @@ -107,57 +107,57 @@ default/ratings-v1-b6994bb9[ReplicaSet]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster default/ratings-v1-b6994bb9[ReplicaSet]->entire-cluster - - -All Connections + + +All Connections default/reviews-v1-545db77b95[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - -All Connections + + +All Connections default/reviews-v2-7bf8c9648f[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - -All Connections + + +All Connections default/reviews-v3-84779c7bbc[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - + + All Connections 0.0.0.0-255.255.255.255->default/ratings-v1-b6994bb9[ReplicaSet] - - -All Connections + + +All Connections entire-cluster->default/ratings-v1-b6994bb9[ReplicaSet] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot b/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot index 7ec831b9..4201887f 100644 --- a/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot +++ b/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot @@ -23,9 +23,9 @@ digraph { "default/reviews-v3-84779c7bbc[ReplicaSet]" -> "default/ratings-v1-b6994bb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen"] "default/unicorn[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] "default/unicorn[Deployment]" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen"] - "default/unicorn[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "default/unicorn[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "default/unicorn[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] + "entire-cluster" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "default/unicorn[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "{ingress-controller}" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen"] "{ingress-controller}" -> "default/unicorn[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.png b/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.png index 0e91bbc9..6956c56c 100644 Binary files a/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.png and b/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.svg b/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.svg index 544bd53f..46fabdae 100644 --- a/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_k8s_ingress_test_new_connlist_output.dot.svg @@ -4,172 +4,172 @@ - - - + + + cluster_default - -default + +default default/details-v1-79f774bdb9[ReplicaSet] - -details-v1-79f774bdb9[ReplicaSet] + +details-v1-79f774bdb9[ReplicaSet] default/productpage-v1-6b746f74dc[ReplicaSet] - -productpage-v1-6b746f74dc[ReplicaSet] + +productpage-v1-6b746f74dc[ReplicaSet] default/ratings-v1-b6994bb9[ReplicaSet] - -ratings-v1-b6994bb9[ReplicaSet] + +ratings-v1-b6994bb9[ReplicaSet] default/reviews-v1-545db77b95[ReplicaSet] - -reviews-v1-545db77b95[ReplicaSet] + +reviews-v1-545db77b95[ReplicaSet] default/reviews-v1-545db77b95[ReplicaSet]->default/productpage-v1-6b746f74dc[ReplicaSet] - - -TCP 9080 + + +TCP 9080 default/reviews-v1-545db77b95[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - -TCP 9080 + + +TCP 9080 default/reviews-v2-7bf8c9648f[ReplicaSet] - -reviews-v2-7bf8c9648f[ReplicaSet] + +reviews-v2-7bf8c9648f[ReplicaSet] default/reviews-v2-7bf8c9648f[ReplicaSet]->default/productpage-v1-6b746f74dc[ReplicaSet] - - -TCP 9080 + + +TCP 9080 default/reviews-v2-7bf8c9648f[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - -TCP 9080 + + +TCP 9080 default/reviews-v3-84779c7bbc[ReplicaSet] - -reviews-v3-84779c7bbc[ReplicaSet] + +reviews-v3-84779c7bbc[ReplicaSet] default/reviews-v3-84779c7bbc[ReplicaSet]->default/productpage-v1-6b746f74dc[ReplicaSet] - - -TCP 9080 + + +TCP 9080 default/reviews-v3-84779c7bbc[ReplicaSet]->default/ratings-v1-b6994bb9[ReplicaSet] - - -TCP 9080 + + +TCP 9080 default/unicorn[Deployment] - -unicorn[Deployment] + +unicorn[Deployment] default/unicorn[Deployment]->default/details-v1-79f774bdb9[ReplicaSet] - - -TCP 9080 + + +TCP 9080 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 default/unicorn[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster default/unicorn[Deployment]->entire-cluster - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255->default/unicorn[Deployment] - - -All Connections + + +All Connections entire-cluster->default/details-v1-79f774bdb9[ReplicaSet] - - -TCP 9080 + + +TCP 9080 entire-cluster->default/unicorn[Deployment] - - -All Connections + + +All Connections {ingress-controller} - -{ingress-controller} + +{ingress-controller} {ingress-controller}->default/details-v1-79f774bdb9[ReplicaSet] - - -TCP 9080 + + +TCP 9080 {ingress-controller}->default/unicorn[Deployment] - - -TCP 8080 + + +TCP 8080 diff --git a/test_outputs/connlist/exposure_k8s_ingress_test_new_focus_workload_details-v1-79f774bdb9_connlist_output.dot b/test_outputs/connlist/exposure_k8s_ingress_test_new_focus_workload_details-v1-79f774bdb9_connlist_output.dot index e007e982..afe9d3a4 100644 --- a/test_outputs/connlist/exposure_k8s_ingress_test_new_focus_workload_details-v1-79f774bdb9_connlist_output.dot +++ b/test_outputs/connlist/exposure_k8s_ingress_test_new_focus_workload_details-v1-79f774bdb9_connlist_output.dot @@ -9,6 +9,6 @@ digraph { "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "{ingress-controller}" [label="{ingress-controller}" color="blue" fontcolor="blue"] "default/unicorn[Deployment]" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen" weight=1] "{ingress-controller}" -> "default/details-v1-79f774bdb9[ReplicaSet]" [label="TCP 9080" color="gold2" fontcolor="darkgreen"] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot b/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot index 1fbf2e95..9e9701b0 100644 --- a/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot +++ b/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot @@ -31,7 +31,7 @@ digraph { "default/checkoutservice[Deployment]" -> "default/paymentservice[Deployment]" [label="TCP 50051" color="gold2" fontcolor="darkgreen"] "default/checkoutservice[Deployment]" -> "default/productcatalogservice[Deployment]" [label="TCP 3550" color="gold2" fontcolor="darkgreen"] "default/checkoutservice[Deployment]" -> "default/shippingservice[Deployment]" [label="TCP 50051" color="gold2" fontcolor="darkgreen"] - "default/checkoutservice[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen"] + "default/checkoutservice[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen" weight=0.5] "default/frontend[Deployment]" -> "default/adservice[Deployment]" [label="TCP 9555" color="gold2" fontcolor="darkgreen"] "default/frontend[Deployment]" -> "default/cartservice[Deployment]" [label="TCP 7070" color="gold2" fontcolor="darkgreen"] "default/frontend[Deployment]" -> "default/checkoutservice[Deployment]" [label="TCP 5050" color="gold2" fontcolor="darkgreen"] @@ -39,12 +39,12 @@ digraph { "default/frontend[Deployment]" -> "default/productcatalogservice[Deployment]" [label="TCP 3550" color="gold2" fontcolor="darkgreen"] "default/frontend[Deployment]" -> "default/recommendationservice[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] "default/frontend[Deployment]" -> "default/shippingservice[Deployment]" [label="TCP 50051" color="gold2" fontcolor="darkgreen"] - "default/frontend[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen"] + "default/frontend[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen" weight=0.5] "default/loadgenerator[Deployment]" -> "default/frontend[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "default/loadgenerator[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen"] + "default/loadgenerator[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen" weight=0.5] "default/recommendationservice[Deployment]" -> "default/productcatalogservice[Deployment]" [label="TCP 3550" color="gold2" fontcolor="darkgreen"] - "default/recommendationservice[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen"] + "default/recommendationservice[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen" weight=0.5] "default/redis-cart[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "default/redis-cart[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "default/redis-cart[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "default/redis-cart[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] + "entire-cluster" -> "default/redis-cart[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.png b/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.png index f0471d18..d4e96dea 100644 Binary files a/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.png and b/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.svg b/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.svg index 1e94aac7..58dfce45 100644 --- a/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_onlineboutique_workloads_connlist_output.dot.svg @@ -4,25 +4,25 @@ - - - + + + cluster_default - -default + +default cluster_all namespaces - -all namespaces + +all namespaces default/adservice[Deployment] - -adservice[Deployment] + +adservice[Deployment] @@ -33,54 +33,54 @@ default/checkoutservice[Deployment] - -checkoutservice[Deployment] + +checkoutservice[Deployment] default/checkoutservice[Deployment]->default/cartservice[Deployment] - - -TCP 7070 + + +TCP 7070 default/currencyservice[Deployment] - -currencyservice[Deployment] + +currencyservice[Deployment] default/checkoutservice[Deployment]->default/currencyservice[Deployment] - - -TCP 7000 + + +TCP 7000 default/emailservice[Deployment] - -emailservice[Deployment] + +emailservice[Deployment] default/checkoutservice[Deployment]->default/emailservice[Deployment] - - -TCP 8080 + + +TCP 8080 default/paymentservice[Deployment] - -paymentservice[Deployment] + +paymentservice[Deployment] default/checkoutservice[Deployment]->default/paymentservice[Deployment] - - -TCP 50051 + + +TCP 50051 @@ -91,9 +91,9 @@ default/checkoutservice[Deployment]->default/productcatalogservice[Deployment] - - -TCP 3550 + + +TCP 3550 @@ -104,170 +104,170 @@ default/checkoutservice[Deployment]->default/shippingservice[Deployment] - - -TCP 50051 + + +TCP 50051 pod with {k8s-app=kube-dns}_in_all namespaces - -pod with {k8s-app=kube-dns} + +pod with {k8s-app=kube-dns} default/checkoutservice[Deployment]->pod with {k8s-app=kube-dns}_in_all namespaces - - -UDP 53 + + +UDP 53 default/frontend[Deployment] - -frontend[Deployment] + +frontend[Deployment] default/frontend[Deployment]->default/adservice[Deployment] - - -TCP 9555 + + +TCP 9555 default/frontend[Deployment]->default/cartservice[Deployment] - - -TCP 7070 + + +TCP 7070 default/frontend[Deployment]->default/checkoutservice[Deployment] - - -TCP 5050 + + +TCP 5050 default/frontend[Deployment]->default/currencyservice[Deployment] - - -TCP 7000 + + +TCP 7000 default/frontend[Deployment]->default/productcatalogservice[Deployment] - - -TCP 3550 + + +TCP 3550 default/recommendationservice[Deployment] - -recommendationservice[Deployment] + +recommendationservice[Deployment] default/frontend[Deployment]->default/recommendationservice[Deployment] - - -TCP 8080 + + +TCP 8080 default/frontend[Deployment]->default/shippingservice[Deployment] - - -TCP 50051 + + +TCP 50051 default/frontend[Deployment]->pod with {k8s-app=kube-dns}_in_all namespaces - - -UDP 53 + + +UDP 53 default/loadgenerator[Deployment] - -loadgenerator[Deployment] + +loadgenerator[Deployment] default/loadgenerator[Deployment]->default/frontend[Deployment] - - -TCP 8080 + + +TCP 8080 default/loadgenerator[Deployment]->pod with {k8s-app=kube-dns}_in_all namespaces - - -UDP 53 + + +UDP 53 default/recommendationservice[Deployment]->default/productcatalogservice[Deployment] - - -TCP 3550 + + +TCP 3550 default/recommendationservice[Deployment]->pod with {k8s-app=kube-dns}_in_all namespaces - - -UDP 53 + + +UDP 53 default/redis-cart[Deployment] - -redis-cart[Deployment] + +redis-cart[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 default/redis-cart[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster default/redis-cart[Deployment]->entire-cluster - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255->default/redis-cart[Deployment] - - -All Connections + + +All Connections entire-cluster->default/redis-cart[Deployment] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_onlineboutique_workloads_focus_workload_default_loadgenerator_connlist_output.dot b/test_outputs/connlist/exposure_onlineboutique_workloads_focus_workload_default_loadgenerator_connlist_output.dot index 9ea42352..eca6acf3 100644 --- a/test_outputs/connlist/exposure_onlineboutique_workloads_focus_workload_default_loadgenerator_connlist_output.dot +++ b/test_outputs/connlist/exposure_onlineboutique_workloads_focus_workload_default_loadgenerator_connlist_output.dot @@ -13,5 +13,5 @@ digraph { label="all namespaces" } "default/loadgenerator[Deployment]" -> "default/frontend[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] - "default/loadgenerator[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen"] + "default/loadgenerator[Deployment]" -> "pod with {k8s-app=kube-dns}_in_all namespaces" [label="UDP 53" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot b/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot index c8063873..230dd594 100644 --- a/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot @@ -8,7 +8,7 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.png b/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.png index 753459cd..20ee5d99 100644 Binary files a/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.svg index 4470ca01..74fb8371 100644 --- a/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_allow_all_connlist_output.dot.svg @@ -4,60 +4,60 @@ - - - + + + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot b/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot index 7691d155..5ee9863a 100644 --- a/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot @@ -6,6 +6,6 @@ digraph { label="hello-world" } "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.png b/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.png index 2cfba6e5..eaff0c55 100644 Binary files a/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.svg index 563b131a..09fe8d04 100644 --- a/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_allow_all_in_cluster_connlist_output.dot.svg @@ -4,40 +4,40 @@ - - - + + + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 diff --git a/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot b/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot index b1b4b934..3acf9940 100644 --- a/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot @@ -8,5 +8,5 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.png b/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.png index a0185708..3e8d7bbe 100644 Binary files a/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.svg index 2e61b233..854920c0 100644 --- a/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_allow_egress_deny_ingress_connlist_output.dot.svg @@ -4,46 +4,46 @@ - + - + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_allow_ingress_deny_egress_connlist_output.dot b/test_outputs/connlist/exposure_test_allow_ingress_deny_egress_connlist_output.dot index 946354ef..723f9ab9 100644 --- a/test_outputs/connlist/exposure_test_allow_ingress_deny_egress_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_allow_ingress_deny_egress_connlist_output.dot @@ -8,5 +8,5 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot b/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot index 7691d155..5ee9863a 100644 --- a/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot @@ -6,6 +6,6 @@ digraph { label="hello-world" } "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.png b/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.png index 2cfba6e5..eaff0c55 100644 Binary files a/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.svg index 563b131a..09fe8d04 100644 --- a/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_conn_entire_cluster_with_empty_selectors_connlist_output.dot.svg @@ -4,40 +4,40 @@ - - - + + + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 diff --git a/test_outputs/connlist/exposure_test_conn_to_all_pods_in_a_new_ns_connlist_output.dot b/test_outputs/connlist/exposure_test_conn_to_all_pods_in_a_new_ns_connlist_output.dot index f7b288da..bc0a3c2c 100644 --- a/test_outputs/connlist/exposure_test_conn_to_all_pods_in_a_new_ns_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_conn_to_all_pods_in_a_new_ns_connlist_output.dot @@ -12,6 +12,6 @@ digraph { label="backend" } "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "all pods_in_backend" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "all pods_in_backend" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot b/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot index 1a28f3d5..60176a68 100644 --- a/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot @@ -14,6 +14,6 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "pod with {role=monitoring}_in_namespace with {effect=NoSchedule}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] + "pod with {role=monitoring}_in_namespace with {effect=NoSchedule}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.png b/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.png index e8a306eb..88c1f49f 100644 Binary files a/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.svg index 552a8b92..3da67cba 100644 --- a/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_conn_with_new_pod_selector_and_ns_selector_connlist_output.dot.svg @@ -4,64 +4,64 @@ - + - + cluster_namespace with {effect=NoSchedule} - -namespace with {effect=NoSchedule} + +namespace with {effect=NoSchedule} cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections pod with {role=monitoring}_in_namespace with {effect=NoSchedule} - -pod with {role=monitoring} + +pod with {role=monitoring} pod with {role=monitoring}_in_namespace with {effect=NoSchedule}->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 diff --git a/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot b/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot index ae9b6637..60629d05 100644 --- a/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot @@ -9,6 +9,6 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "pod with {role=monitoring}_in_hello-world" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] + "pod with {role=monitoring}_in_hello-world" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.png b/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.png index 5e2d43ce..19b9cfc3 100644 Binary files a/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.svg index 61c3f7f8..022a57a1 100644 --- a/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_conn_with_only_pod_selector_connlist_output.dot.svg @@ -4,59 +4,59 @@ - + - + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections pod with {role=monitoring}_in_hello-world - -pod with {role=monitoring} + +pod with {role=monitoring} pod with {role=monitoring}_in_hello-world->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 diff --git a/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot b/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot index 7a58729c..4fd84e5f 100644 --- a/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot @@ -14,6 +14,6 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "pod with {role=monitoring}_in_all namespaces" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] + "pod with {role=monitoring}_in_all namespaces" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.png b/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.png index 1d21a3b2..474519b5 100644 Binary files a/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.svg index 883ab21c..d147b6b2 100644 --- a/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_conn_with_pod_selector_in_any_ns_connlist_output.dot.svg @@ -4,64 +4,64 @@ - + - - -cluster_hello_world - -hello-world - + cluster_all namespaces - -all namespaces + +all namespaces + + +cluster_hello_world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections pod with {role=monitoring}_in_all namespaces - -pod with {role=monitoring} + +pod with {role=monitoring} pod with {role=monitoring}_in_all namespaces->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 diff --git a/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot b/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot index ed23a74b..86fcc5e3 100644 --- a/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot @@ -12,6 +12,6 @@ digraph { label="namespace with {foo.com/managed-state=managed}" } "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8000" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "all pods_in_namespace with {foo.com/managed-state=managed}" [label="TCP http" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8000" color="gold2" fontcolor="darkgreen" weight=1] + "hello-world/workload-a[Deployment]" -> "all pods_in_namespace with {foo.com/managed-state=managed}" [label="TCP http" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.png b/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.png index 426a24d5..7466ab6e 100644 Binary files a/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.svg index 7427bb3d..fba8ecb2 100644 --- a/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_egress_exposure_with_named_port_connlist_output.dot.svg @@ -4,51 +4,51 @@ - + - + cluster_namespace with {foo.com/managed_state=managed} - -namespace with {foo.com/managed-state=managed} + +namespace with {foo.com/managed-state=managed} cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] all pods_in_namespace with {foo.com/managed-state=managed} - -all pods + +all pods hello-world/workload-a[Deployment]->all pods_in_namespace with {foo.com/managed-state=managed} - - -TCP http + + +TCP http entire-cluster - -entire-cluster + +entire-cluster entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8000 + + +TCP 8000 diff --git a/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot b/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot index cb4661d3..ad44ddab 100644 --- a/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot @@ -8,6 +8,6 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="TCP http,local-dns" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="TCP http,local-dns" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.png b/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.png index 9bc187a7..cec43e53 100644 Binary files a/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.svg index f383374c..17ab16db 100644 --- a/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_egress_to_entire_cluster_with_named_ports_connlist_output.dot.svg @@ -4,53 +4,53 @@ - - - + + + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -TCP http,local-dns + + +TCP http,local-dns 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 0.0.0.0-255.255.255.255->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot b/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot new file mode 100644 index 00000000..8422f61d --- /dev/null +++ b/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot @@ -0,0 +1,17 @@ +digraph { + subgraph "cluster_default" { + color="black" + fontcolor="black" + "default/backend[Deployment]" [label="backend[Deployment]" color="blue" fontcolor="blue"] + "default/frontend[Deployment]" [label="frontend[Deployment]" color="blue" fontcolor="blue"] + label="default" + } + "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] + "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] + "0.0.0.0-255.255.255.255" -> "default/frontend[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen"] + "default/frontend[Deployment]" -> "0.0.0.0-255.255.255.255" [label="UDP 53" color="gold2" fontcolor="darkgreen"] + "default/frontend[Deployment]" -> "default/backend[Deployment]" [label="TCP 9090" color="gold2" fontcolor="darkgreen"] + "default/frontend[Deployment]" -> "entire-cluster" [label="UDP 53" color="gold2" fontcolor="darkgreen" weight=0.5] + "entire-cluster" -> "default/backend[Deployment]" [label="TCP 9090" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "default/frontend[Deployment]" [label="TCP 8080" color="gold2" fontcolor="darkgreen" weight=1] +} \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot.png b/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot.png new file mode 100644 index 00000000..2be66789 Binary files /dev/null and b/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot.svg new file mode 100644 index 00000000..afbe65b7 --- /dev/null +++ b/test_outputs/connlist/exposure_test_exposure_minimal_netpol_analysis_connlist_output.dot.svg @@ -0,0 +1,83 @@ + + + + + + + + +cluster_default + +default + + + +default/backend[Deployment] + +backend[Deployment] + + + +default/frontend[Deployment] + +frontend[Deployment] + + + +default/frontend[Deployment]->default/backend[Deployment] + + +TCP 9090 + + + +0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 + + + +default/frontend[Deployment]->0.0.0.0-255.255.255.255 + + +UDP 53 + + + +entire-cluster + +entire-cluster + + + +default/frontend[Deployment]->entire-cluster + + +UDP 53 + + + +0.0.0.0-255.255.255.255->default/frontend[Deployment] + + +TCP 8080 + + + +entire-cluster->default/backend[Deployment] + + +TCP 9090 + + + +entire-cluster->default/frontend[Deployment] + + +TCP 8080 + + + diff --git a/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot b/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot index 603b6f42..b8ee7b44 100644 --- a/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot @@ -13,7 +13,7 @@ digraph { } "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "all pods_in_namespace with {effect=NoSchedule,release=stable}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] + "all pods_in_namespace with {effect=NoSchedule,release=stable}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.png b/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.png index 64370c6a..ffc6f3e7 100644 Binary files a/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.svg index 2a6f74e7..7f8815c6 100644 --- a/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_exposure_to_namespace_with_multiple_labels_connlist_output.dot.svg @@ -4,64 +4,64 @@ - + - + cluster_hello_world - -hello-world + +hello-world cluster_namespace with {effect=NoSchedule,release=stable} - -namespace with {effect=NoSchedule,release=stable} + +namespace with {effect=NoSchedule,release=stable} hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections all pods_in_namespace with {effect=NoSchedule,release=stable} - -all pods + +all pods all pods_in_namespace with {effect=NoSchedule,release=stable}->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 diff --git a/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot b/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot index 3b9c32a0..1226912a 100644 --- a/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot @@ -7,7 +7,7 @@ digraph { } "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8000,8090" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8000,8090" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.png b/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.png index 577f3884..18d326ee 100644 Binary files a/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.svg index e62a2c8b..b8956e62 100644 --- a/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_ingress_from_entire_cluster_with_named_ports_connlist_output.dot.svg @@ -4,53 +4,53 @@ - - - + + + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8000,8090 + + +TCP 8000,8090 diff --git a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot index f38b4b98..1e80704e 100644 --- a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot @@ -9,12 +9,12 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] "hello-world/workload-a[Deployment]" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "hello-world/workload-b[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-b[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-b[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] "hello-world/workload-b[Deployment]" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.png b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.png index 8bd11244..06555efc 100644 Binary files a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.svg index e2d1206d..fa1c4ad4 100644 --- a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_connlist_output.dot.svg @@ -4,101 +4,101 @@ - - - + + + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] hello-world/workload-b[Deployment] - -workload-b[Deployment] + +workload-b[Deployment] hello-world/workload-a[Deployment]->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->entire-cluster - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 entire-cluster->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot index fe340f76..fda886a6 100644 --- a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot @@ -8,9 +8,9 @@ digraph { } "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] "hello-world/workload-a[Deployment]" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "hello-world/workload-b[Deployment]" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.png b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.png index 385744ba..33631576 100644 Binary files a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.svg index 7e6893e6..6020b18f 100644 --- a/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_matched_and_unmatched_rules_focus_workload_hello-world_workload-a_connlist_output.dot.svg @@ -4,10 +4,10 @@ - - - + + + cluster_hello_world @@ -41,36 +41,36 @@ hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->hello-world/workload-a[Deployment] -All Connections +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 diff --git a/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot b/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot index 7ed177fd..90a82ecf 100644 --- a/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot @@ -25,9 +25,9 @@ digraph { } "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "all pods_in_namespace with {effect=NoSchedule}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "all pods_in_namespace with {release=stable}" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "all pods_in_namespace with {effect=NoSchedule}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "all pods_in_namespace with {release=stable}" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.png b/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.png index ddb5e693..401d68a0 100644 Binary files a/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.svg index 84c0402a..8aeed015 100644 --- a/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_multiple_unmatched_rules_connlist_output.dot.svg @@ -8,16 +8,16 @@ viewBox="0.00 0.00 781.00 278.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> - -cluster_namespace with {effect=NoSchedule} - -namespace with {effect=NoSchedule} - cluster_namespace with {release=stable} namespace with {release=stable} + +cluster_namespace with {effect=NoSchedule} + +namespace with {effect=NoSchedule} + cluster_namespace with {foo.com/managed_state=managed} @@ -37,28 +37,28 @@ 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot b/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot index ede4a95f..013896a4 100644 --- a/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot @@ -15,13 +15,13 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050,8090" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-a[Deployment]" [label="TCP 8050,8090" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] "hello-world/workload-a[Deployment]" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "hello-world/workload-b[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-b[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-b[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] "hello-world/workload-b[Deployment]" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.png b/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.png index f91b07e0..33e1e953 100644 Binary files a/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.svg index 2be5b825..d6a41966 100644 --- a/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_new_namespace_conn_and_entire_cluster_connlist_output.dot.svg @@ -4,119 +4,119 @@ - - - + + + cluster_namespace with {foo.com/managed_state=managed} - -namespace with {foo.com/managed-state=managed} + +namespace with {foo.com/managed-state=managed} cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] hello-world/workload-b[Deployment] - -workload-b[Deployment] + +workload-b[Deployment] hello-world/workload-a[Deployment]->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->entire-cluster - - -All Connections + + +All Connections all pods_in_namespace with {foo.com/managed-state=managed} - -all pods + +all pods all pods_in_namespace with {foo.com/managed-state=managed}->hello-world/workload-a[Deployment] - - -TCP 8050,8090 + + +TCP 8050,8090 0.0.0.0-255.255.255.255->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8050 + + +TCP 8050 entire-cluster->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot b/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot index 617e402c..b6e6230c 100644 --- a/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot @@ -9,9 +9,9 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "hello-world/workload-b[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] "hello-world/workload-b[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-b[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-b[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] "hello-world/workload-b[Deployment]" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.png b/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.png index 8411c07d..97d0c6af 100644 Binary files a/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.svg index a49f7010..a2c61878 100644 --- a/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_only_matched_rules_connlist_output.dot.svg @@ -4,80 +4,80 @@ - + - + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] hello-world/workload-b[Deployment] - -workload-b[Deployment] + +workload-b[Deployment] hello-world/workload-a[Deployment]->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections hello-world/workload-b[Deployment]->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-b[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-b[Deployment]->entire-cluster - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections entire-cluster->hello-world/workload-b[Deployment] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot b/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot index d21ed1da..b2e98b2f 100644 --- a/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot @@ -15,9 +15,9 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-b[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-b[Deployment]" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-b[Deployment]" -> "all pods_in_namespace with {foo.com/managed-state=managed}" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] + "hello-world/workload-b[Deployment]" -> "all pods_in_namespace with {foo.com/managed-state=managed}" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.png b/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.png index 519fae63..5f3ea99c 100644 Binary files a/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.svg index 1add0800..de9abe64 100644 --- a/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_pod_exposed_only_to_representative_peers_connlist_output.dot.svg @@ -4,91 +4,91 @@ - - - - -cluster_hello_world - -hello-world - + + + cluster_namespace with {foo.com/managed_state=managed} - -namespace with {foo.com/managed-state=managed} + +namespace with {foo.com/managed-state=managed} + + +cluster_hello_world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections hello-world/workload-b[Deployment] - -workload-b[Deployment] + +workload-b[Deployment] all pods_in_namespace with {foo.com/managed-state=managed} - -all pods + +all pods hello-world/workload-b[Deployment]->all pods_in_namespace with {foo.com/managed-state=managed} - - -TCP 8050 + + +TCP 8050 all pods_in_namespace with {foo.com/managed-state=managed}->hello-world/workload-b[Deployment] - - -TCP 8050 + + +TCP 8050 0.0.0.0-255.255.255.255->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections diff --git a/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot b/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot index c5771fa9..9e1345cd 100644 --- a/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot @@ -12,7 +12,7 @@ digraph { label="namespace with {foo.com/managed-state=managed}" } "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] - "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-a[Deployment]" [label="TCP 8000,8090" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8000" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "all pods_in_namespace with {foo.com/managed-state=managed}" [label="TCP 8050" color="gold2" fontcolor="darkgreen"] + "all pods_in_namespace with {foo.com/managed-state=managed}" -> "hello-world/workload-a[Deployment]" [label="TCP 8000,8090" color="gold2" fontcolor="darkgreen" weight=1] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="TCP 8000" color="gold2" fontcolor="darkgreen" weight=1] + "hello-world/workload-a[Deployment]" -> "all pods_in_namespace with {foo.com/managed-state=managed}" [label="TCP 8050" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.png b/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.png index efa8a271..491159a4 100644 Binary files a/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.svg index c333dcbe..4fb7fa51 100644 --- a/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_same_unmatched_rule_in_ingress_egress_connlist_output.dot.svg @@ -4,58 +4,58 @@ - - - + + + cluster_namespace with {foo.com/managed_state=managed} - -namespace with {foo.com/managed-state=managed} + +namespace with {foo.com/managed-state=managed} cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] all pods_in_namespace with {foo.com/managed-state=managed} - -all pods + +all pods hello-world/workload-a[Deployment]->all pods_in_namespace with {foo.com/managed-state=managed} - - -TCP 8050 + + +TCP 8050 all pods_in_namespace with {foo.com/managed-state=managed}->hello-world/workload-a[Deployment] - - -TCP 8000,8090 + + +TCP 8000,8090 entire-cluster - -entire-cluster + +entire-cluster entire-cluster->hello-world/workload-a[Deployment] - - -TCP 8000 + + +TCP 8000 diff --git a/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot b/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot index c8063873..230dd594 100644 --- a/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot +++ b/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot @@ -8,7 +8,7 @@ digraph { "0.0.0.0-255.255.255.255" [label="0.0.0.0-255.255.255.255" color="red2" fontcolor="red2"] "entire-cluster" [label="entire-cluster" color="red2" fontcolor="red2" shape=diamond] "0.0.0.0-255.255.255.255" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "entire-cluster" -> "hello-world/workload-a[Deployment]" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=1] "hello-world/workload-a[Deployment]" -> "0.0.0.0-255.255.255.255" [label="All Connections" color="gold2" fontcolor="darkgreen"] - "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen"] + "hello-world/workload-a[Deployment]" -> "entire-cluster" [label="All Connections" color="gold2" fontcolor="darkgreen" weight=0.5] } \ No newline at end of file diff --git a/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.png b/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.png index 753459cd..20ee5d99 100644 Binary files a/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.png and b/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.png differ diff --git a/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.svg b/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.svg index 4470ca01..74fb8371 100644 --- a/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.svg +++ b/test_outputs/connlist/exposure_test_with_no_netpols_connlist_output.dot.svg @@ -4,60 +4,60 @@ - - - + + + cluster_hello_world - -hello-world + +hello-world hello-world/workload-a[Deployment] - -workload-a[Deployment] + +workload-a[Deployment] 0.0.0.0-255.255.255.255 - -0.0.0.0-255.255.255.255 + +0.0.0.0-255.255.255.255 hello-world/workload-a[Deployment]->0.0.0.0-255.255.255.255 - - -All Connections + + +All Connections entire-cluster - -entire-cluster + +entire-cluster hello-world/workload-a[Deployment]->entire-cluster - - -All Connections + + +All Connections 0.0.0.0-255.255.255.255->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections entire-cluster->hello-world/workload-a[Deployment] - - -All Connections + + +All Connections diff --git a/tests/test_exposure_minimal_netpol_analysis/backend.yaml b/tests/test_exposure_minimal_netpol_analysis/backend.yaml new file mode 100644 index 00000000..3537d90d --- /dev/null +++ b/tests/test_exposure_minimal_netpol_analysis/backend.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: backend +spec: + selector: + matchLabels: + app: backendservice + template: + metadata: + labels: + app: backendservice + spec: + containers: + - name: server + image: backendservice + ports: + - containerPort: 9090 + readinessProbe: + initialDelaySeconds: 10 + httpGet: + path: "/_healthz" + port: 9090 + livenessProbe: + initialDelaySeconds: 10 + httpGet: + path: "/_healthz" + port: 9090 + env: + - name: PORT + value: "9090" + resources: + requests: + cpu: 100m + memory: 64Mi + limits: + cpu: 200m + memory: 128Mi +--- +apiVersion: v1 +kind: Service +metadata: + name: backendservice +spec: + type: ClusterIP + selector: + app: backendservice + ports: + - name: http + port: 9090 + targetPort: 9090 + diff --git a/tests/test_exposure_minimal_netpol_analysis/frontend.yaml b/tests/test_exposure_minimal_netpol_analysis/frontend.yaml new file mode 100644 index 00000000..e877eceb --- /dev/null +++ b/tests/test_exposure_minimal_netpol_analysis/frontend.yaml @@ -0,0 +1,67 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: frontend +spec: + selector: + matchLabels: + app: frontend + template: + metadata: + labels: + app: frontend + spec: + containers: + - name: server + image: frontend + ports: + - containerPort: 8080 + readinessProbe: + initialDelaySeconds: 10 + httpGet: + path: "/_healthz" + port: 8080 + livenessProbe: + initialDelaySeconds: 10 + httpGet: + path: "/_healthz" + port: 8080 + env: + - name: PORT + value: "8080" + - name: BACKEND_SERVICE_ADDR + value: "backendservice:9090" + resources: + requests: + cpu: 100m + memory: 64Mi + limits: + cpu: 200m + memory: 128Mi +--- +apiVersion: v1 +kind: Service +metadata: + name: frontend +spec: + type: ClusterIP + selector: + app: frontend + ports: + - name: http + port: 80 + targetPort: 8080 +--- +apiVersion: v1 +kind: Service +metadata: + name: frontend-external +spec: + type: LoadBalancer + selector: + app: frontend + ports: + - name: http + port: 80 + targetPort: 8080 diff --git a/tests/test_exposure_minimal_netpol_analysis/netpols.yaml b/tests/test_exposure_minimal_netpol_analysis/netpols.yaml new file mode 100644 index 00000000..2c660edf --- /dev/null +++ b/tests/test_exposure_minimal_netpol_analysis/netpols.yaml @@ -0,0 +1,63 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + creationTimestamp: null + name: backend-netpol +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: 9090 + protocol: TCP + podSelector: + matchLabels: + app: backendservice + policyTypes: + - Ingress + - Egress +status: {} + +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + creationTimestamp: null + name: frontend-netpol +spec: + egress: + - ports: + - port: 9090 + protocol: TCP + to: + - podSelector: + matchLabels: + app: backendservice + - ports: + - port: 53 + protocol: UDP + ingress: + - ports: + - port: 8080 + protocol: TCP + podSelector: + matchLabels: + app: frontend + policyTypes: + - Ingress + - Egress +status: {} + +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + creationTimestamp: null + name: default-deny-in-namespace +spec: + podSelector: {} + policyTypes: + - Ingress + - Egress +status: {} +