Skip to content

Commit

Permalink
Enhance discovered intents by including details on identity resolutio…
Browse files Browse the repository at this point in the history
…n methods (#255)
  • Loading branch information
omris94 authored Dec 10, 2024
1 parent 0f75fb6 commit 3f83af8
Show file tree
Hide file tree
Showing 9 changed files with 863 additions and 63 deletions.
50 changes: 31 additions & 19 deletions src/mapper/pkg/cloudclient/generated.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

81 changes: 74 additions & 7 deletions src/mapper/pkg/cloudclient/schema.graphql
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,11 @@ type AzureResource {
resource: String!
}

type BasicEntity {
id: ID!
name: String!
}

"""The `Boolean` scalar type represents `true` or `false`."""
scalar Boolean

Expand Down Expand Up @@ -598,6 +603,7 @@ enum EdgeAccessStatusReason {
INTENTS_OPERATOR_NOT_ENFORCING_MISSING_APPLIED_INTENT
INTENTS_OPERATOR_NOT_ENFORCING_KAFKA_INTENTS_NOT_REQUIRED_FOR_TOPIC
MISSING_APPLIED_INTENT
MISSING_APPLIED_CLOUD_RESOURCE_INTENT
NOT_IN_PROTECTED_SERVICES
INTENTS_OPERATOR_NEVER_CONNECTED
NETWORK_MAPPER_NEVER_CONNECTED
Expand Down Expand Up @@ -705,15 +711,35 @@ input ExternallyManagedPolicyWorkloadInput {
type FeatureFlags {
isCloudServicesDetectionEnabled: Boolean
isCloudSecurityEnabled: Boolean
useClientIntentsV2: Boolean
}

type Finding {
hash: String!
service: BasicEntity!
serviceNamespace: BasicEntity
server: BasicEntity!
cluster: BasicEntity!
intentsOperatorState: IntentsOperatorState
clusterRelatedServices: [Service!]
reason: String!
status: FindingStatus!
ignoredReason: String
type: FindingType!
}

"""NEW findings"""
enum FindingStatus {
OPEN
RESOLVED
IGNORED
}

type FindingStatusHistory {
timestamp: Time!
status: FindingStatus!
reason: String
}

type FindingSummary {
standard: RegulationStandard!
codeLabel: String!
Expand All @@ -728,6 +754,11 @@ type FindingSummary {
requirements: [FindingSummary!]
}

type FindingSummaryResponse {
findingSummaries: [FindingSummaryV2!]!
timestamp: Time!
}

type FindingSummaryV2 {
standard: RegulationStandard!
code: RegulationCode!
Expand All @@ -736,13 +767,20 @@ type FindingSummaryV2 {
description: String!
validationDescription: String
status: FindingStatus!
ignoredReason: String
serviceTotalCount: Int!
serviceOpenCount: Int!
clusterTotalCount: Int!
clusterOpenCount: Int!
requirements: [FindingSummaryV2!]
}

"""NEW findings"""
enum FindingType {
SERVICE
CLUSTER
}

"""The `Float` scalar type represents signed double-precision fractional values as specified by [IEEE 754](http://en.wikipedia.org/wiki/IEEE_floating_point)."""
scalar Float

Expand Down Expand Up @@ -942,6 +980,7 @@ input InputAccessLogFilter {
input InputFeatureFlags {
isCloudServicesDetectionEnabled: Boolean
isCloudSecurityEnabled: Boolean
useClientIntentsV2: Boolean
}

""" Findings filter """
Expand All @@ -960,6 +999,10 @@ input InputFindingFilter {
regulationIds: InputIDFilterValue
""" Findings filter """
environmentIds: InputIDFilterValue
""" Findings filter """
findingTypes: InputIDFilterValue
""" Findings filter """
hashes: InputIDFilterValue
}

input InputIDFilterValue {
Expand Down Expand Up @@ -1124,8 +1167,10 @@ type Intent {
input IntentInput {
namespace: String!
clientName: String!
clientResolutionData: String
clientWorkloadKind: String
serverName: String!
serverResolutionData: String
serverWorkloadKind: String
serverAlias: ServerAliasInput
serverNamespace: String
Expand All @@ -1141,6 +1186,7 @@ input IntentInput {
gcpPermissions: [String!]
internet: InternetConfigInput
status: IntentStatusInput
resolutionData: String
}

type IntentStatus {
Expand Down Expand Up @@ -1571,6 +1617,16 @@ type Mutation {
component: Component
errors: [Error!]!
): Boolean!
setFindingsIgnoredByHashes(
hashes: [String!]!
ignored: Boolean!
reason: String
): Boolean!
setFindingsIgnoredByControlIds(
controlIds: [RegulationCode!]!
ignored: Boolean!
reason: String
): Boolean!
"""Create a new generic integration"""
createGenericIntegration(
name: String!
Expand Down Expand Up @@ -1765,11 +1821,6 @@ type Mutation {
id: ID!
userId: ID!
): ID!
"""Ignore domain for organization"""
ignoreOrganizationDomain(
id: ID!
domain: String!
): Organization!
reportProtectedServicesSnapshot(
namespace: String!
services: [ProtectedServiceInput!]!
Expand Down Expand Up @@ -1944,6 +1995,13 @@ type Query {
enableInternetIntents: Boolean
featureFlags: InputFeatureFlags
): ServiceClientIntents!
""" Get service ClientIntents by filter """
clientIntents(
filter: InputServiceFilter!
lastSeenAfter: Time
clusterIds: [ID!]
featureFlags: InputFeatureFlags
): [ClientIntentsFileRepresentation!]!
"""Get access log"""
accessLog(
filter: InputAccessLogFilter
Expand Down Expand Up @@ -1984,7 +2042,16 @@ type Query {
"""NEW findings"""
findingSummary(
filter: InputFindingFilter
): [FindingSummaryV2!]!
): FindingSummaryResponse!
findingsV2(
filter: InputFindingFilter
): [Finding!]!
findingStatusHistory(
hash: String!
): [FindingStatusHistory!]!
findingSummaryStatusHistory(
leafControlIDs: [RegulationCode!]!
): [FindingStatusHistory!]!
"""List integrations"""
integrations(
name: String
Expand Down
21 changes: 21 additions & 0 deletions src/mapper/pkg/clouduploader/cloud_upload.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package clouduploader

import (
"context"
"encoding/json"
"github.com/otterize/intents-operator/src/shared/errors"
"github.com/otterize/intents-operator/src/shared/serviceidresolver/serviceidentity"
"github.com/otterize/network-mapper/src/mapper/pkg/awsintentsholder"
Expand Down Expand Up @@ -62,6 +63,26 @@ func (c *CloudUploader) NotifyIntents(ctx context.Context, intents []intentsstor
if intent.Intent.Server.KubernetesService != nil {
toCloud.Intent.ServerAlias = &cloudclient.ServerAliasInput{Name: intent.Intent.Server.KubernetesService, Kind: lo.ToPtr(serviceidentity.KindService)}
}
if intent.Intent.Client.ResolutionData != nil && !lo.IsEmpty(*intent.Intent.Client.ResolutionData) {
jsonStr, err := json.Marshal(intent.Intent.Client.ResolutionData)
if err != nil {
logrus.WithError(err).Error("Failed to marshal client resolution data")
} else {
toCloud.Intent.ClientResolutionData = lo.ToPtr(string(jsonStr))
}

}
if intent.Intent.Server.ResolutionData != nil && !lo.IsEmpty(*intent.Intent.Server.ResolutionData) {
jsonStr, err := json.Marshal(intent.Intent.Server.ResolutionData)
if err != nil {
logrus.WithError(err).Error("Failed to marshal server resolution data")
} else {
toCloud.Intent.ServerResolutionData = lo.ToPtr(string(jsonStr))
}
}
if intent.Intent.ResolutionData != nil {
toCloud.Intent.ResolutionData = lo.ToPtr(*intent.Intent.ResolutionData)
}
// debug log all the fields of intent input one by one with their values
logrus.Debugf("intent ClientName: %s\t Namespace: %s\t ServerName: %s\t ServerNamespace: %s\t ClientWorkloadKind: %s\t ServerWorkloadKind: %s\t ServerAlias: %v", lo.FromPtr(toCloud.Intent.ClientName), lo.FromPtr(toCloud.Intent.Namespace), lo.FromPtr(toCloud.Intent.ServerName), lo.FromPtr(toCloud.Intent.ServerNamespace), lo.FromPtr(toCloud.Intent.ClientWorkloadKind), lo.FromPtr(toCloud.Intent.ServerWorkloadKind), lo.FromPtr(toCloud.Intent.ServerAlias))

Expand Down
Loading

0 comments on commit 3f83af8

Please sign in to comment.