From b4fbe0ba3a1dfd973640fb45dc8de74c089650db Mon Sep 17 00:00:00 2001
From: shirim <shirim@il.ibm.com>
Date: Thu, 9 Nov 2023 21:45:09 +0200
Subject: [PATCH] Use Equal instead of ContainedIn and avoid duplicated lines
 in final presentation

---
 pkg/ibmvpc/examples/acl_testing5subnetsDiff.txt |  2 +-
 pkg/vpcmodel/diffSubnets_test.go                | 14 +++++++-------
 pkg/vpcmodel/semanticDiffSubnets.go             | 15 +++++++++------
 3 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/pkg/ibmvpc/examples/acl_testing5subnetsDiff.txt b/pkg/ibmvpc/examples/acl_testing5subnetsDiff.txt
index 8ec89d285..65e6a5073 100644
--- a/pkg/ibmvpc/examples/acl_testing5subnetsDiff.txt
+++ b/pkg/ibmvpc/examples/acl_testing5subnetsDiff.txt
@@ -1,8 +1,8 @@
 Analysis for diff between VPC test-vpc-ky1 and VPC test-vpc-ky2
 diff-type: added source: sub1-2-ky destination: sub1-1-ky dir1: protocol: TCP dir2: No connection
 diff-type: added source: sub1-3-ky destination: sub1-1-ky dir1: protocol: TCP dir2: No connection
-
 diff-type: changed source: sub2-1-ky destination: Public Internet [8.8.8.8/32] dir1: protocol: UDP dst-ports: 53 dir2: protocol: UDP dst-ports: 43,53
+
 diff-type: removed source: sub2-1-ky destination: Public Internet [8.8.8.0/29] dir1: No connection dir2: protocol: UDP dst-ports: 53 *
 diff-type: removed source: sub2-1-ky destination: Public Internet [8.8.8.10/31] dir1: No connection dir2: protocol: UDP dst-ports: 53 *
 diff-type: removed source: sub2-1-ky destination: Public Internet [8.8.8.12/30] dir1: No connection dir2: protocol: UDP dst-ports: 53 *
diff --git a/pkg/vpcmodel/diffSubnets_test.go b/pkg/vpcmodel/diffSubnets_test.go
index 0f3203237..5a6585cac 100644
--- a/pkg/vpcmodel/diffSubnets_test.go
+++ b/pkg/vpcmodel/diffSubnets_test.go
@@ -80,7 +80,7 @@ func configSimpleSubnetSubtract() (subnetConfigConn1, subnetConfigConn2 *SubnetC
 
 func TestSimpleSubnetSubtract(t *testing.T) {
 	subnetConfigConn1, subnetConfigConn2 := configSimpleSubnetSubtract()
-	subnet1Subtract2, err := subnetConfigConn1.subtract(subnetConfigConn2)
+	subnet1Subtract2, err := subnetConfigConn1.subtract(subnetConfigConn2, true)
 	if err != nil {
 		fmt.Println("error:", err.Error())
 	}
@@ -88,7 +88,7 @@ func TestSimpleSubnetSubtract(t *testing.T) {
 	fmt.Printf("subnet1Subtract2:\n%v\n", subnet1Subtract2Str)
 	require.Equal(t, err, nil)
 	newLines := strings.Count(subnet1Subtract2Str, "\n")
-	require.Equal(t, 4, newLines)
+	require.Equal(t, 5, newLines)
 	require.Contains(t, subnet1Subtract2Str, "diff-type: added source: subnet0 destination: subnet1 "+
 		"dir1: All Connections dir2: No connection, workloads-diff-info: workloads subnet0 and subnet1 added")
 	require.Contains(t, subnet1Subtract2Str, "diff-type: added source: subnet1 destination: subnet2 "+
@@ -97,17 +97,17 @@ func TestSimpleSubnetSubtract(t *testing.T) {
 		"dir1: All Connections dir2: No connection")
 	require.Contains(t, subnet1Subtract2Str, "diff-type: added source: subnet3 destination: subnet1 "+
 		"dir1: All Connections dir2: No connection, workloads-diff-info: workload subnet1 added")
+	require.Contains(t, subnet1Subtract2Str, "diff-type: changed source: subnet3 destination: subnet4 dir1: "+
+		"protocol: TCP src-ports: 10-100 dst-ports: 443 dir2: All Connections\n")
 
-	cfg2Subtract1, err := subnetConfigConn2.subtract(subnetConfigConn1)
+	cfg2Subtract1, err := subnetConfigConn2.subtract(subnetConfigConn1, false)
 	if err != nil {
 		fmt.Println("error:", err.Error())
 	}
 	require.Equal(t, err, nil)
 	subnet2Subtract1Str := cfg2Subtract1.EnhancedString(false)
 	fmt.Printf("cfg2Subtract1:\n%v", subnet2Subtract1Str)
-	require.Contains(t, subnet2Subtract1Str, "diff-type: changed source: subnet3 destination: subnet4 dir1: "+
-		"protocol: TCP src-ports: 10-100 dst-ports: 443 dir2: All Connections\n")
-	require.Contains(t, subnet2Subtract1Str, "diff-type: removed source: subnet4 destination: subnet5 dir1: "+
+	require.Equal(t, subnet2Subtract1Str, "diff-type: removed source: subnet4 destination: subnet5 dir1: "+
 		"No connection dir2: All Connections, workloads-diff-info: workload subnet5 removed\n")
 }
 
@@ -165,7 +165,7 @@ func TestSimpleIPAndSubnetSubtract(t *testing.T) {
 	}
 
 	// verified bit by bit :-)
-	cfg1SubCfg2, err := alignedCfgConn1.subtract(alignedCfgConn2)
+	cfg1SubCfg2, err := alignedCfgConn1.subtract(alignedCfgConn2, true)
 	if err != nil {
 		fmt.Println("error:", err.Error())
 	}
diff --git a/pkg/vpcmodel/semanticDiffSubnets.go b/pkg/vpcmodel/semanticDiffSubnets.go
index 22239622f..7ac836ac4 100644
--- a/pkg/vpcmodel/semanticDiffSubnets.go
+++ b/pkg/vpcmodel/semanticDiffSubnets.go
@@ -67,11 +67,11 @@ func (configs ConfigsForDiff) GetSubnetsDiff(grouping bool) (*DiffBetweenSubnets
 	if err != nil {
 		return nil, err
 	}
-	subnet1Subtract2, err1 := alignedConfigConnectivity1.subtract(alignedConfigConnectivity2)
+	subnet1Subtract2, err1 := alignedConfigConnectivity1.subtract(alignedConfigConnectivity2, true)
 	if err1 != nil {
 		return nil, err1
 	}
-	subnet2Subtract1, err2 := alignedConfigConnectivity2.subtract(alignedConfigConnectivity1)
+	subnet2Subtract1, err2 := alignedConfigConnectivity2.subtract(alignedConfigConnectivity1, false)
 	if err2 != nil {
 		return nil, err2
 	}
@@ -105,9 +105,12 @@ func (c *VPCConfig) getVPCResourceInfInOtherConfig(other *VPCConfig, ep VPCResou
 	return nil, nil
 }
 
-// subtract Subtract one SubnetConnectivityMap from the other
+// subtract Subtract one SubnetConnectivityMap from the other:
+// connections may be identical, non-existing in other or existing in other but changed;
+// the latter are included only if includeChanged, to avoid duplication in the final presentation
+//
 // assumption: any connection from connectivity and "other" have src (dst) which are either disjoint or equal
-func (subnetConfConnectivity *SubnetConfigConnectivity) subtract(other *SubnetConfigConnectivity) (
+func (subnetConfConnectivity *SubnetConfigConnectivity) subtract(other *SubnetConfigConnectivity, includeChanged bool) (
 	connectivitySubtract SubnetsDiff, err error) {
 	connectivitySubtract = map[VPCResourceIntf]map[VPCResourceIntf]*connectionDiff{}
 	for src, endpointConns := range subnetConfConnectivity.subnetConnectivity {
@@ -131,8 +134,8 @@ func (subnetConfConnectivity *SubnetConfigConnectivity) subtract(other *SubnetCo
 				if otherSrc, ok := other.subnetConnectivity[srcInOther]; ok {
 					if otherConn, ok := otherSrc[dstInOther]; ok {
 						// ToDo: https://github.com/np-guard/vpc-network-config-analyzer/issues/199
-						if conns.Equals(otherConn) {
-							continue // no diff
+						if !includeChanged || conns.Equal(otherConn) {
+							continue
 						}
 						connDiff.conn2 = otherConn
 						connDiff.diff = ChangedConnection