From 302333b4ae4dbb675f9eb055af890d78a43465e5 Mon Sep 17 00:00:00 2001 From: lirazyehezkel <61656597+lirazyehezkel@users.noreply.github.com> Date: Sun, 3 Jul 2022 11:32:23 +0300 Subject: [PATCH] TRA-4622 Remove rules feature UI (#1178) * Removed policy rules (validation rules) feature * updated test pcap * Remove rules * fix replay in rules Co-authored-by: Roy Island Co-authored-by: RoyUP9 <87927115+RoyUP9@users.noreply.github.com> Co-authored-by: Roee Gadot --- agent/go.mod | 1 - agent/go.sum | 2 - agent/pkg/api/main.go | 12 +- agent/pkg/entries/entries_provider.go | 15 --- agent/pkg/models/models.go | 7 - agent/pkg/replay/replay.go | 2 - agent/pkg/replay/replay_internal_test.go | 2 - agent/pkg/rules/rulesHTTP.go | 124 ------------------ cli/cmd/tap.go | 1 - cli/cmd/tapRunner.go | 22 +--- cli/config/configStructs/tapConfig.go | 2 - cli/resources/createResources.go | 8 +- shared/consts.go | 1 - shared/go.mod | 5 +- shared/go.sum | 1 - shared/kubernetes/provider.go | 5 +- shared/models.go | 85 ------------ shared/sliceUtils.go | 9 -- tap/api/api.go | 46 +++---- tap/extensions/amqp/Makefile | 2 +- tap/extensions/amqp/main.go | 1 - tap/extensions/http/Makefile | 2 +- tap/extensions/http/main.go | 1 - tap/extensions/kafka/Makefile | 2 +- tap/extensions/kafka/main.go | 1 - tap/extensions/redis/Makefile | 2 +- tap/extensions/redis/main.go | 1 - .../EntryDetailed/EntryDetailed.tsx | 3 - .../EntrySections/EntrySections.tsx | 107 --------------- .../EntryViewer/AutoRepresentation.tsx | 17 +-- .../EntryDetailed/EntryViewer/EntryViewer.tsx | 8 +- .../EntryListItem/EntryListItem.module.sass | 25 ---- .../EntryListItem/EntryListItem.tsx | 47 +------ 33 files changed, 36 insertions(+), 533 deletions(-) delete mode 100644 agent/pkg/rules/rulesHTTP.go diff --git a/agent/go.mod b/agent/go.mod index 3fb330b82..402bedaa6 100644 --- a/agent/go.mod +++ b/agent/go.mod @@ -30,7 +30,6 @@ require ( github.com/up9inc/mizu/tap/extensions/kafka v0.0.0 github.com/up9inc/mizu/tap/extensions/redis v0.0.0 github.com/wI2L/jsondiff v0.1.1 - github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0 k8s.io/api v0.23.3 k8s.io/apimachinery v0.23.3 k8s.io/client-go v0.23.3 diff --git a/agent/go.sum b/agent/go.sum index bce84c23e..7829bd7c0 100644 --- a/agent/go.sum +++ b/agent/go.sum @@ -707,8 +707,6 @@ github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6Ut github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0 h1:6fRhSjgLCkTD3JnJxvaJ4Sj+TYblw757bqYgZaOq5ZY= -github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0/go.mod h1:/LWChgwKmvncFJFHJ7Gvn9wZArjbV5/FppcK2fKk/tI= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= diff --git a/agent/pkg/api/main.go b/agent/pkg/api/main.go index 72015113c..0a5f4aba3 100644 --- a/agent/pkg/api/main.go +++ b/agent/pkg/api/main.go @@ -12,7 +12,6 @@ import ( "time" "github.com/up9inc/mizu/agent/pkg/dependency" - "github.com/up9inc/mizu/agent/pkg/models" "github.com/up9inc/mizu/agent/pkg/oas" "github.com/up9inc/mizu/agent/pkg/servicemap" @@ -101,20 +100,13 @@ func startReadingChannel(outputItems <-chan *tapApi.OutputChannelItem, extension for item := range outputItems { extension := extensionsMap[item.Protocol.Name] - resolvedSource, resolvedDestionation, namespace := resolveIP(item.ConnectionInfo) + resolvedSource, resolvedDestination, namespace := resolveIP(item.ConnectionInfo) if namespace == "" && item.Namespace != tapApi.UnknownNamespace { namespace = item.Namespace } - mizuEntry := extension.Dissector.Analyze(item, resolvedSource, resolvedDestionation, namespace) - if extension.Protocol.Name == "http" { - harEntry, err := har.NewEntry(mizuEntry.Request, mizuEntry.Response, mizuEntry.StartTime, mizuEntry.ElapsedTime) - if err == nil { - rules, _, _ := models.RunValidationRulesState(*harEntry, mizuEntry.Destination.Name) - mizuEntry.Rules = rules - } - } + mizuEntry := extension.Dissector.Analyze(item, resolvedSource, resolvedDestination, namespace) data, err := json.Marshal(mizuEntry) if err != nil { diff --git a/agent/pkg/entries/entries_provider.go b/agent/pkg/entries/entries_provider.go index f06948c11..b20f2c6f1 100644 --- a/agent/pkg/entries/entries_provider.go +++ b/agent/pkg/entries/entries_provider.go @@ -8,7 +8,6 @@ import ( basenine "github.com/up9inc/basenine/client/go" "github.com/up9inc/mizu/agent/pkg/app" - "github.com/up9inc/mizu/agent/pkg/har" "github.com/up9inc/mizu/agent/pkg/models" "github.com/up9inc/mizu/logger" "github.com/up9inc/mizu/shared" @@ -95,24 +94,10 @@ func (e *BasenineEntriesProvider) GetEntry(singleEntryRequest *models.SingleEntr return nil, err } - var rules []map[string]interface{} - var isRulesEnabled bool - if protocol.Name == "http" { - harEntry, _ := har.NewEntry(entry.Request, entry.Response, entry.StartTime, entry.ElapsedTime) - _, rulesMatched, _isRulesEnabled := models.RunValidationRulesState(*harEntry, entry.Destination.Name) - isRulesEnabled = _isRulesEnabled - inrec, _ := json.Marshal(rulesMatched) - if err := json.Unmarshal(inrec, &rules); err != nil { - logger.Log.Error(err) - } - } - return &tapApi.EntryWrapper{ Protocol: *protocol, Representation: string(representation), Data: entry, Base: base, - Rules: rules, - IsRulesEnabled: isRulesEnabled, }, nil } diff --git a/agent/pkg/models/models.go b/agent/pkg/models/models.go index a145fdc90..1823225e4 100644 --- a/agent/pkg/models/models.go +++ b/agent/pkg/models/models.go @@ -4,7 +4,6 @@ import ( "encoding/json" "github.com/up9inc/mizu/agent/pkg/har" - "github.com/up9inc/mizu/agent/pkg/rules" tapApi "github.com/up9inc/mizu/tap/api" basenine "github.com/up9inc/basenine/client/go" @@ -143,9 +142,3 @@ type ExtendedCreator struct { *har.Creator Source *string `json:"_source"` } - -func RunValidationRulesState(harEntry har.Entry, service string) (tapApi.ApplicableRules, []rules.RulesMatched, bool) { - resultPolicyToSend, isEnabled := rules.MatchRequestPolicy(harEntry, service) - statusPolicyToSend, latency, numberOfRules := rules.PassedValidationRules(resultPolicyToSend) - return tapApi.ApplicableRules{Status: statusPolicyToSend, Latency: latency, NumberOfRules: numberOfRules}, resultPolicyToSend, isEnabled -} diff --git a/agent/pkg/replay/replay.go b/agent/pkg/replay/replay.go index 51b873e74..fbb078634 100644 --- a/agent/pkg/replay/replay.go +++ b/agent/pkg/replay/replay.go @@ -171,8 +171,6 @@ func ExecuteRequest(replayData *Details, timeout time.Duration) *Response { Representation: string(representation), Data: entryUnmarshalled, Base: base, - Rules: nil, - IsRulesEnabled: false, }, ErrorMessage: "", } diff --git a/agent/pkg/replay/replay_internal_test.go b/agent/pkg/replay/replay_internal_test.go index 4fa23ac8e..33ed9647c 100644 --- a/agent/pkg/replay/replay_internal_test.go +++ b/agent/pkg/replay/replay_internal_test.go @@ -97,8 +97,6 @@ func TestValid(t *testing.T) { Representation: string(representation), Data: entry, Base: base, - Rules: nil, - IsRulesEnabled: false, } t.Logf("%+v", result) //data, _ := json.MarshalIndent(result, "", " ") diff --git a/agent/pkg/rules/rulesHTTP.go b/agent/pkg/rules/rulesHTTP.go deleted file mode 100644 index 21815f515..000000000 --- a/agent/pkg/rules/rulesHTTP.go +++ /dev/null @@ -1,124 +0,0 @@ -package rules - -import ( - "encoding/base64" - "encoding/json" - "fmt" - "reflect" - "regexp" - "strings" - - "github.com/up9inc/mizu/agent/pkg/har" - - "github.com/up9inc/mizu/logger" - - "github.com/up9inc/mizu/shared" - "github.com/yalp/jsonpath" -) - -type RulesMatched struct { - Matched bool `json:"matched"` - Rule shared.RulePolicy `json:"rule"` -} - -func appendRulesMatched(rulesMatched []RulesMatched, matched bool, rule shared.RulePolicy) []RulesMatched { - return append(rulesMatched, RulesMatched{Matched: matched, Rule: rule}) -} - -func ValidatePath(URLFromRule string, URL string) bool { - if URLFromRule != "" { - matchPath, err := regexp.MatchString(URLFromRule, URL) - if err != nil || !matchPath { - return false - } - } - return true -} - -func ValidateService(serviceFromRule string, service string) bool { - if serviceFromRule != "" { - matchService, err := regexp.MatchString(serviceFromRule, service) - if err != nil || !matchService { - return false - } - } - return true -} - -func MatchRequestPolicy(harEntry har.Entry, service string) (resultPolicyToSend []RulesMatched, isEnabled bool) { - enforcePolicy, err := shared.DecodeEnforcePolicy(fmt.Sprintf("%s%s", shared.ConfigDirPath, shared.ValidationRulesFileName)) - if err == nil && len(enforcePolicy.Rules) > 0 { - isEnabled = true - } - for _, rule := range enforcePolicy.Rules { - if !ValidatePath(rule.Path, harEntry.Request.URL) || !ValidateService(rule.Service, service) { - continue - } - if rule.Type == "json" { - var bodyJsonMap interface{} - contentTextDecoded, _ := base64.StdEncoding.DecodeString(harEntry.Response.Content.Text) - if err := json.Unmarshal(contentTextDecoded, &bodyJsonMap); err != nil { - continue - } - out, err := jsonpath.Read(bodyJsonMap, rule.Key) - if err != nil || out == nil { - continue - } - var matchValue bool - if reflect.TypeOf(out).Kind() == reflect.String { - matchValue, err = regexp.MatchString(rule.Value, out.(string)) - if err != nil { - continue - } - logger.Log.Info(matchValue, rule.Value) - } else { - val := fmt.Sprint(out) - matchValue, err = regexp.MatchString(rule.Value, val) - if err != nil { - continue - } - } - resultPolicyToSend = appendRulesMatched(resultPolicyToSend, matchValue, rule) - } else if rule.Type == "header" { - for j := range harEntry.Response.Headers { - matchKey, err := regexp.MatchString(rule.Key, harEntry.Response.Headers[j].Name) - if err != nil { - continue - } - if matchKey { - matchValue, err := regexp.MatchString(rule.Value, harEntry.Response.Headers[j].Value) - if err != nil { - continue - } - resultPolicyToSend = appendRulesMatched(resultPolicyToSend, matchValue, rule) - } - } - } else { - resultPolicyToSend = appendRulesMatched(resultPolicyToSend, true, rule) - } - } - return -} - -func PassedValidationRules(rulesMatched []RulesMatched) (bool, int64, int) { - var numberOfRulesMatched = len(rulesMatched) - var responseTime int64 = -1 - - if numberOfRulesMatched == 0 { - return false, 0, numberOfRulesMatched - } - - for _, rule := range rulesMatched { - if !rule.Matched { - return false, responseTime, numberOfRulesMatched - } else { - if strings.ToLower(rule.Rule.Type) == "slo" { - if rule.Rule.ResponseTime < responseTime || responseTime == -1 { - responseTime = rule.Rule.ResponseTime - } - } - } - } - - return true, responseTime, numberOfRulesMatched -} diff --git a/cli/cmd/tap.go b/cli/cmd/tap.go index b008e931c..fa6ce500c 100644 --- a/cli/cmd/tap.go +++ b/cli/cmd/tap.go @@ -53,7 +53,6 @@ func init() { tapCmd.Flags().String(configStructs.HumanMaxEntriesDBSizeTapName, defaultTapConfig.HumanMaxEntriesDBSize, "Override the default max entries db size") tapCmd.Flags().String(configStructs.InsertionFilterName, defaultTapConfig.InsertionFilter, "Set the insertion filter. Accepts string or a file path.") tapCmd.Flags().Bool(configStructs.DryRunTapName, defaultTapConfig.DryRun, "Preview of all pods matching the regex, without tapping them") - tapCmd.Flags().String(configStructs.EnforcePolicyFile, defaultTapConfig.EnforcePolicyFile, "Yaml file path with policy rules") tapCmd.Flags().Bool(configStructs.ServiceMeshName, defaultTapConfig.ServiceMesh, "Record decrypted traffic if the cluster is configured with a service mesh and with mtls") tapCmd.Flags().Bool(configStructs.TlsName, defaultTapConfig.Tls, "Record tls traffic") tapCmd.Flags().Bool(configStructs.ProfilerName, defaultTapConfig.Profiler, "Run pprof server") diff --git a/cli/cmd/tapRunner.go b/cli/cmd/tapRunner.go index 66af62d2c..5c6d87b79 100644 --- a/cli/cmd/tapRunner.go +++ b/cli/cmd/tapRunner.go @@ -12,7 +12,6 @@ import ( "github.com/up9inc/mizu/cli/telemetry" "github.com/up9inc/mizu/cli/utils" - "gopkg.in/yaml.v3" core "k8s.io/api/core/v1" k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -45,16 +44,6 @@ func RunMizuTap() { apiProvider = apiserver.NewProvider(GetApiServerUrl(config.Config.Tap.GuiPort), apiserver.DefaultRetries, apiserver.DefaultTimeout) - var err error - var serializedValidationRules string - if config.Config.Tap.EnforcePolicyFile != "" { - serializedValidationRules, err = readValidationRules(config.Config.Tap.EnforcePolicyFile) - if err != nil { - logger.Log.Errorf(uiUtils.Error, fmt.Sprintf("Error reading policy file: %v", errormessage.FormatError(err))) - return - } - } - kubernetesProvider, err := getKubernetesProviderForCli() if err != nil { return @@ -98,7 +87,7 @@ func RunMizuTap() { } logger.Log.Infof("Waiting for Mizu Agent to start...") - if state.mizuServiceAccountExists, err = resources.CreateTapMizuResources(ctx, kubernetesProvider, serializedValidationRules, serializedMizuConfig, config.Config.IsNsRestrictedMode(), config.Config.MizuResourcesNamespace, config.Config.AgentImage, config.Config.Tap.MaxEntriesDBSizeBytes(), config.Config.Tap.ApiServerResources, config.Config.ImagePullPolicy(), config.Config.LogLevel(), config.Config.Tap.Profiler); err != nil { + if state.mizuServiceAccountExists, err = resources.CreateTapMizuResources(ctx, kubernetesProvider, serializedMizuConfig, config.Config.IsNsRestrictedMode(), config.Config.MizuResourcesNamespace, config.Config.AgentImage, config.Config.Tap.MaxEntriesDBSizeBytes(), config.Config.Tap.ApiServerResources, config.Config.ImagePullPolicy(), config.Config.LogLevel(), config.Config.Tap.Profiler); err != nil { var statusError *k8serrors.StatusError if errors.As(err, &statusError) && (statusError.ErrStatus.Reason == metav1.StatusReasonAlreadyExists) { logger.Log.Info("Mizu is already running in this namespace, change the `mizu-resources-namespace` configuration or run `mizu clean` to remove the currently running Mizu instance") @@ -240,15 +229,6 @@ func getErrorDisplayTextForK8sTapManagerError(err kubernetes.K8sTapManagerError) } } -func readValidationRules(file string) (string, error) { - rules, err := shared.DecodeEnforcePolicy(file) - if err != nil { - return "", err - } - newContent, _ := yaml.Marshal(&rules) - return string(newContent), nil -} - func getMizuApiFilteringOptions() (*api.TrafficFilteringOptions, error) { var compiledRegexSlice []*api.SerializableRegexp diff --git a/cli/config/configStructs/tapConfig.go b/cli/config/configStructs/tapConfig.go index ab245573a..ad43d3ab1 100644 --- a/cli/config/configStructs/tapConfig.go +++ b/cli/config/configStructs/tapConfig.go @@ -23,7 +23,6 @@ const ( HumanMaxEntriesDBSizeTapName = "max-entries-db-size" InsertionFilterName = "insertion-filter" DryRunTapName = "dry-run" - EnforcePolicyFile = "traffic-validation-file" ServiceMeshName = "service-mesh" TlsName = "tls" ProfilerName = "profiler" @@ -42,7 +41,6 @@ type TapConfig struct { HumanMaxEntriesDBSize string `yaml:"max-entries-db-size" default:"200MB"` InsertionFilter string `yaml:"insertion-filter" default:""` DryRun bool `yaml:"dry-run" default:"false"` - EnforcePolicyFile string `yaml:"traffic-validation-file"` ApiServerResources shared.Resources `yaml:"api-server-resources"` TapperResources shared.Resources `yaml:"tapper-resources"` ServiceMesh bool `yaml:"service-mesh" default:"false"` diff --git a/cli/resources/createResources.go b/cli/resources/createResources.go index 91a7bf8ef..d71fcd85c 100644 --- a/cli/resources/createResources.go +++ b/cli/resources/createResources.go @@ -14,14 +14,14 @@ import ( core "k8s.io/api/core/v1" ) -func CreateTapMizuResources(ctx context.Context, kubernetesProvider *kubernetes.Provider, serializedValidationRules string, serializedMizuConfig string, isNsRestrictedMode bool, mizuResourcesNamespace string, agentImage string, maxEntriesDBSizeBytes int64, apiServerResources shared.Resources, imagePullPolicy core.PullPolicy, logLevel logging.Level, profiler bool) (bool, error) { +func CreateTapMizuResources(ctx context.Context, kubernetesProvider *kubernetes.Provider, serializedMizuConfig string, isNsRestrictedMode bool, mizuResourcesNamespace string, agentImage string, maxEntriesDBSizeBytes int64, apiServerResources shared.Resources, imagePullPolicy core.PullPolicy, logLevel logging.Level, profiler bool) (bool, error) { if !isNsRestrictedMode { if err := createMizuNamespace(ctx, kubernetesProvider, mizuResourcesNamespace); err != nil { return false, err } } - if err := createMizuConfigmap(ctx, kubernetesProvider, serializedValidationRules, serializedMizuConfig, mizuResourcesNamespace); err != nil { + if err := createMizuConfigmap(ctx, kubernetesProvider, serializedMizuConfig, mizuResourcesNamespace); err != nil { return false, err } @@ -71,8 +71,8 @@ func createMizuNamespace(ctx context.Context, kubernetesProvider *kubernetes.Pro return err } -func createMizuConfigmap(ctx context.Context, kubernetesProvider *kubernetes.Provider, serializedValidationRules string, serializedMizuConfig string, mizuResourcesNamespace string) error { - err := kubernetesProvider.CreateConfigMap(ctx, mizuResourcesNamespace, kubernetes.ConfigMapName, serializedValidationRules, serializedMizuConfig) +func createMizuConfigmap(ctx context.Context, kubernetesProvider *kubernetes.Provider, serializedMizuConfig string, mizuResourcesNamespace string) error { + err := kubernetesProvider.CreateConfigMap(ctx, mizuResourcesNamespace, kubernetes.ConfigMapName, serializedMizuConfig) return err } diff --git a/shared/consts.go b/shared/consts.go index ab6a60324..8293c7940 100644 --- a/shared/consts.go +++ b/shared/consts.go @@ -6,7 +6,6 @@ const ( NodeNameEnvVar = "NODE_NAME" ConfigDirPath = "/app/config/" DataDirPath = "/app/data/" - ValidationRulesFileName = "validation-rules.yaml" ConfigFileName = "mizu-config.json" DefaultApiServerPort = 8899 LogLevelEnvVar = "LOG_LEVEL" diff --git a/shared/go.mod b/shared/go.mod index b19620063..54e6d1927 100644 --- a/shared/go.mod +++ b/shared/go.mod @@ -4,11 +4,9 @@ go 1.17 require ( github.com/docker/go-units v0.4.0 - github.com/golang-jwt/jwt/v4 v4.2.0 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 github.com/up9inc/mizu/logger v0.0.0 github.com/up9inc/mizu/tap/api v0.0.0 - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b k8s.io/api v0.23.3 k8s.io/apimachinery v0.23.3 k8s.io/client-go v0.23.3 @@ -38,11 +36,11 @@ require ( github.com/go-openapi/jsonreference v0.19.6 // indirect github.com/go-openapi/swag v0.21.1 // indirect github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang-jwt/jwt/v4 v4.2.0 // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/btree v1.0.1 // indirect github.com/google/go-cmp v0.5.7 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/martian v2.1.0+incompatible // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.3.0 // indirect github.com/googleapis/gnostic v0.5.5 // indirect @@ -81,6 +79,7 @@ require ( google.golang.org/protobuf v1.27.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect k8s.io/cli-runtime v0.23.3 // indirect k8s.io/component-base v0.23.3 // indirect k8s.io/klog/v2 v2.40.1 // indirect diff --git a/shared/go.sum b/shared/go.sum index 4b3994c8c..c911dee99 100644 --- a/shared/go.sum +++ b/shared/go.sum @@ -282,7 +282,6 @@ github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/ github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= diff --git a/shared/kubernetes/provider.go b/shared/kubernetes/provider.go index c17a9ceb0..51da59d86 100644 --- a/shared/kubernetes/provider.go +++ b/shared/kubernetes/provider.go @@ -685,11 +685,8 @@ func (provider *Provider) handleRemovalError(err error) error { return err } -func (provider *Provider) CreateConfigMap(ctx context.Context, namespace string, configMapName string, serializedValidationRules string, serializedMizuConfig string) error { +func (provider *Provider) CreateConfigMap(ctx context.Context, namespace string, configMapName string, serializedMizuConfig string) error { configMapData := make(map[string]string) - if serializedValidationRules != "" { - configMapData[shared.ValidationRulesFileName] = serializedValidationRules - } configMapData[shared.ConfigFileName] = serializedMizuConfig configMap := &core.ConfigMap{ diff --git a/shared/models.go b/shared/models.go index 00170409f..f49880164 100644 --- a/shared/models.go +++ b/shared/models.go @@ -1,13 +1,8 @@ package shared import ( - "io/ioutil" - "strings" - "github.com/op/go-logging" - "github.com/up9inc/mizu/logger" - "gopkg.in/yaml.v3" v1 "k8s.io/api/core/v1" ) @@ -135,83 +130,3 @@ type HealthResponse struct { type VersionResponse struct { Ver string `json:"ver"` } - -type RulesPolicy struct { - Rules []RulePolicy `yaml:"rules"` -} - -type RulePolicy struct { - Type string `yaml:"type"` - Service string `yaml:"service"` - Path string `yaml:"path"` - Method string `yaml:"method"` - Key string `yaml:"key"` - Value string `yaml:"value"` - ResponseTime int64 `yaml:"response-time"` - Name string `yaml:"name"` -} - -type RulesMatched struct { - Matched bool `json:"matched"` - Rule RulePolicy `json:"rule"` -} - -func (r *RulePolicy) validateType() bool { - permitedTypes := []string{"json", "header", "slo"} - _, found := Find(permitedTypes, r.Type) - if !found { - logger.Log.Errorf("Only json, header and slo types are supported on rule definition. This rule will be ignored. rule name: %s", r.Name) - found = false - } - if strings.ToLower(r.Type) == "slo" { - if r.ResponseTime <= 0 { - logger.Log.Errorf("When rule type is slo, the field response-time should be specified and have a value >= 1. rule name: %s", r.Name) - found = false - } - } - return found -} - -func (rules *RulesPolicy) ValidateRulesPolicy() []int { - invalidIndex := make([]int, 0) - for i := range rules.Rules { - validated := rules.Rules[i].validateType() - if !validated { - invalidIndex = append(invalidIndex, i) - } - } - return invalidIndex -} - -func Find(slice []string, val string) (int, bool) { - for i, item := range slice { - if item == val { - return i, true - } - } - return -1, false -} - -func DecodeEnforcePolicy(path string) (RulesPolicy, error) { - content, err := ioutil.ReadFile(path) - enforcePolicy := RulesPolicy{} - if err != nil { - return enforcePolicy, err - } - err = yaml.Unmarshal(content, &enforcePolicy) - if err != nil { - return enforcePolicy, err - } - invalidIndex := enforcePolicy.ValidateRulesPolicy() - var k = 0 - if len(invalidIndex) != 0 { - for i, rule := range enforcePolicy.Rules { - if !ContainsInt(invalidIndex, i) { - enforcePolicy.Rules[k] = rule - k++ - } - } - enforcePolicy.Rules = enforcePolicy.Rules[:k] - } - return enforcePolicy, nil -} diff --git a/shared/sliceUtils.go b/shared/sliceUtils.go index 7664a9997..50818e347 100644 --- a/shared/sliceUtils.go +++ b/shared/sliceUtils.go @@ -10,15 +10,6 @@ func Contains(slice []string, containsValue string) bool { return false } -func ContainsInt(slice []int, containsValue int) bool { - for _, sliceValue := range slice { - if sliceValue == containsValue { - return true - } - } - return false -} - func Unique(slice []string) []string { keys := make(map[string]bool) var list []string diff --git a/tap/api/api.go b/tap/api/api.go index ba96464ad..5a5b4f050 100644 --- a/tap/api/api.go +++ b/tap/api/api.go @@ -164,40 +164,30 @@ type Entry struct { RequestSize int `json:"requestSize"` ResponseSize int `json:"responseSize"` ElapsedTime int64 `json:"elapsedTime"` - Rules ApplicableRules `json:"rules,omitempty"` } type EntryWrapper struct { - Protocol Protocol `json:"protocol"` - Representation string `json:"representation"` - Data *Entry `json:"data"` - Base *BaseEntry `json:"base"` - Rules []map[string]interface{} `json:"rulesMatched,omitempty"` - IsRulesEnabled bool `json:"isRulesEnabled"` + Protocol Protocol `json:"protocol"` + Representation string `json:"representation"` + Data *Entry `json:"data"` + Base *BaseEntry `json:"base"` } type BaseEntry struct { - Id string `json:"id"` - Protocol Protocol `json:"proto,omitempty"` - Capture Capture `json:"capture"` - Summary string `json:"summary,omitempty"` - SummaryQuery string `json:"summaryQuery,omitempty"` - Status int `json:"status"` - StatusQuery string `json:"statusQuery"` - Method string `json:"method,omitempty"` - MethodQuery string `json:"methodQuery,omitempty"` - Timestamp int64 `json:"timestamp,omitempty"` - Source *TCP `json:"src"` - Destination *TCP `json:"dst"` - IsOutgoing bool `json:"isOutgoing,omitempty"` - Latency int64 `json:"latency"` - Rules ApplicableRules `json:"rules,omitempty"` -} - -type ApplicableRules struct { - Latency int64 `json:"latency,omitempty"` - Status bool `json:"status,omitempty"` - NumberOfRules int `json:"numberOfRules,omitempty"` + Id string `json:"id"` + Protocol Protocol `json:"proto,omitempty"` + Capture Capture `json:"capture"` + Summary string `json:"summary,omitempty"` + SummaryQuery string `json:"summaryQuery,omitempty"` + Status int `json:"status"` + StatusQuery string `json:"statusQuery"` + Method string `json:"method,omitempty"` + MethodQuery string `json:"methodQuery,omitempty"` + Timestamp int64 `json:"timestamp,omitempty"` + Source *TCP `json:"src"` + Destination *TCP `json:"dst"` + IsOutgoing bool `json:"isOutgoing,omitempty"` + Latency int64 `json:"latency"` } const ( diff --git a/tap/extensions/amqp/Makefile b/tap/extensions/amqp/Makefile index c77ee4181..ddafae017 100644 --- a/tap/extensions/amqp/Makefile +++ b/tap/extensions/amqp/Makefile @@ -13,4 +13,4 @@ test-pull-bin: test-pull-expect: @mkdir -p expect - @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect13/amqp/\* expect + @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect14/amqp/\* expect diff --git a/tap/extensions/amqp/main.go b/tap/extensions/amqp/main.go index 213c8d715..2b0e61bc4 100644 --- a/tap/extensions/amqp/main.go +++ b/tap/extensions/amqp/main.go @@ -298,7 +298,6 @@ func (d dissecting) Summarize(entry *api.Entry) *api.BaseEntry { Destination: entry.Destination, IsOutgoing: entry.Outgoing, Latency: entry.ElapsedTime, - Rules: entry.Rules, } } diff --git a/tap/extensions/http/Makefile b/tap/extensions/http/Makefile index 70434e356..022628cb2 100644 --- a/tap/extensions/http/Makefile +++ b/tap/extensions/http/Makefile @@ -13,4 +13,4 @@ test-pull-bin: test-pull-expect: @mkdir -p expect - @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect13/http/\* expect + @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect14/http/\* expect diff --git a/tap/extensions/http/main.go b/tap/extensions/http/main.go index f6dc5f1bf..a8c3ac896 100644 --- a/tap/extensions/http/main.go +++ b/tap/extensions/http/main.go @@ -341,7 +341,6 @@ func (d dissecting) Summarize(entry *api.Entry) *api.BaseEntry { Destination: entry.Destination, IsOutgoing: entry.Outgoing, Latency: entry.ElapsedTime, - Rules: entry.Rules, } } diff --git a/tap/extensions/kafka/Makefile b/tap/extensions/kafka/Makefile index 01d91bc1c..180004d00 100644 --- a/tap/extensions/kafka/Makefile +++ b/tap/extensions/kafka/Makefile @@ -13,4 +13,4 @@ test-pull-bin: test-pull-expect: @mkdir -p expect - @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect13/kafka/\* expect + @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect14/kafka/\* expect diff --git a/tap/extensions/kafka/main.go b/tap/extensions/kafka/main.go index 485cb316d..895e09480 100644 --- a/tap/extensions/kafka/main.go +++ b/tap/extensions/kafka/main.go @@ -208,7 +208,6 @@ func (d dissecting) Summarize(entry *api.Entry) *api.BaseEntry { Destination: entry.Destination, IsOutgoing: entry.Outgoing, Latency: entry.ElapsedTime, - Rules: entry.Rules, } } diff --git a/tap/extensions/redis/Makefile b/tap/extensions/redis/Makefile index e46843191..eac30a4b8 100644 --- a/tap/extensions/redis/Makefile +++ b/tap/extensions/redis/Makefile @@ -13,4 +13,4 @@ test-pull-bin: test-pull-expect: @mkdir -p expect - @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect13/redis/\* expect + @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect14/redis/\* expect diff --git a/tap/extensions/redis/main.go b/tap/extensions/redis/main.go index f8caf66d5..57201a6e1 100644 --- a/tap/extensions/redis/main.go +++ b/tap/extensions/redis/main.go @@ -136,7 +136,6 @@ func (d dissecting) Summarize(entry *api.Entry) *api.BaseEntry { Destination: entry.Destination, IsOutgoing: entry.Outgoing, Latency: entry.ElapsedTime, - Rules: entry.Rules, } } diff --git a/ui-common/src/components/EntryDetailed/EntryDetailed.tsx b/ui-common/src/components/EntryDetailed/EntryDetailed.tsx index ac7a782ff..c063bf500 100644 --- a/ui-common/src/components/EntryDetailed/EntryDetailed.tsx +++ b/ui-common/src/components/EntryDetailed/EntryDetailed.tsx @@ -146,9 +146,6 @@ export const EntryDetailed = () => { {!isLoading && entryData && } diff --git a/ui-common/src/components/EntryDetailed/EntrySections/EntrySections.tsx b/ui-common/src/components/EntryDetailed/EntrySections/EntrySections.tsx index 6ff5b9682..aca4d8956 100644 --- a/ui-common/src/components/EntryDetailed/EntrySections/EntrySections.tsx +++ b/ui-common/src/components/EntryDetailed/EntrySections/EntrySections.tsx @@ -265,110 +265,3 @@ export const EntryTableSection: React.FC = ({ title, color, a } } - -interface EntryPolicySectionProps { - title: string, - color: string, - latency?: number, - arrayToIterate: any[], -} - -interface EntryPolicySectionCollapsibleTitleProps { - label: string; - matched: string; - expanded: boolean; - setExpanded: any; -} - -const EntryPolicySectionCollapsibleTitle: React.FC = ({ label, matched, expanded, setExpanded }) => { - return
- { - setExpanded(!expanded) - }} - > - {expanded ? '-' : '+'} - - - - {label} - {matched} - - -
-} - -interface EntryPolicySectionContainerProps { - label: string; - matched: string; - children?: any; -} - -export const EntryPolicySectionContainer: React.FC = ({ label, matched, children }) => { - const [expanded, setExpanded] = useState(false); - return } - > - {children} - -} - -export const EntryTablePolicySection: React.FC = ({ title, color, latency, arrayToIterate }) => { - return - { - arrayToIterate && arrayToIterate.length > 0 ? - - - - - {arrayToIterate.map(({ rule, matched }, index) => { - return ( - = latency : true) ? "Success" : "Failure"}> - { - - { - rule.Key && - - } - { - rule.ResponseTime !== 0 && - - } - { - rule.Method && - - } - { - rule.Path && - - } - { - rule.Service && - - } - { - rule.Type && - - } - { - rule.Value && - - } - - } - - ) - } - ) - } - -
Key: {rule.Key}
Response Time: {rule.ResponseTime}
Method: {rule.Method}
Path: {rule.Path}
Service: {rule.Service}
Type: {rule.Type}
Value: {rule.Value}
- - : No rules could be applied to this request. - } - -} diff --git a/ui-common/src/components/EntryDetailed/EntryViewer/AutoRepresentation.tsx b/ui-common/src/components/EntryDetailed/EntryViewer/AutoRepresentation.tsx index 8ce70aecd..c9a26e77f 100644 --- a/ui-common/src/components/EntryDetailed/EntryViewer/AutoRepresentation.tsx +++ b/ui-common/src/components/EntryDetailed/EntryViewer/AutoRepresentation.tsx @@ -2,7 +2,6 @@ import React, { useState, useCallback } from "react" import { useRecoilValue, useSetRecoilState } from "recoil" import entryDataAtom from "../../../recoil/entryData" import SectionsRepresentation from "./SectionsRepresentation"; -import { EntryTablePolicySection } from "../EntrySections/EntrySections"; import { ReactComponent as ReplayIcon } from './replay.svg'; import styles from './EntryViewer.module.sass'; import { Tabs } from "../../UI"; @@ -10,7 +9,7 @@ import replayRequestModalOpenAtom from "../../../recoil/replayRequestModalOpen"; const enabledProtocolsForReplay = ["http"] -export const AutoRepresentation: React.FC = ({ representation, isRulesEnabled, rulesMatched, elapsedTime, color, isDisplayReplay = false }) => { +export const AutoRepresentation: React.FC = ({ representation, color, isDisplayReplay = false }) => { const entryData = useRecoilValue(entryDataAtom) const setIsOpenRequestModal = useSetRecoilState(replayRequestModalOpenAtom) const isReplayDisplayed = useCallback(() => { @@ -33,7 +32,6 @@ export const AutoRepresentation: React.FC = ({ representation, isRulesEnabl const { request, response } = JSON.parse(representation); let responseTabIndex = 0; - let rulesTabIndex = 0; if (response) { TABS.push( @@ -45,16 +43,6 @@ export const AutoRepresentation: React.FC = ({ representation, isRulesEnabl responseTabIndex = TABS.length - 1; } - if (isRulesEnabled) { - TABS.push( - { - tab: 'Rules', - badge: null - } - ); - rulesTabIndex = TABS.length - 1; - } - return
{
@@ -66,9 +54,6 @@ export const AutoRepresentation: React.FC = ({ representation, isRulesEnabl {response && currentTab === TABS[responseTabIndex].tab && } - {isRulesEnabled && currentTab === TABS[rulesTabIndex].tab && - - }
}
; } diff --git a/ui-common/src/components/EntryDetailed/EntryViewer/EntryViewer.tsx b/ui-common/src/components/EntryDetailed/EntryViewer/EntryViewer.tsx index 4c6391973..0b618d631 100644 --- a/ui-common/src/components/EntryDetailed/EntryViewer/EntryViewer.tsx +++ b/ui-common/src/components/EntryDetailed/EntryViewer/EntryViewer.tsx @@ -3,18 +3,12 @@ import { AutoRepresentation } from './AutoRepresentation'; interface Props { representation: any; - isRulesEnabled: boolean; - rulesMatched: any; color: string; - elapsedTime: number; } -const EntryViewer: React.FC = ({ representation, isRulesEnabled, rulesMatched, elapsedTime, color }) => { +const EntryViewer: React.FC = ({representation, color}) => { return diff --git a/ui-common/src/components/EntryListItem/EntryListItem.module.sass b/ui-common/src/components/EntryListItem/EntryListItem.module.sass index dd22fbd4e..c118a3a0f 100644 --- a/ui-common/src/components/EntryListItem/EntryListItem.module.sass +++ b/ui-common/src/components/EntryListItem/EntryListItem.module.sass @@ -20,31 +20,6 @@ .rowSelected border: 1px $blue-color solid -.ruleSuccessRow - background: #E8FFF1 - -.ruleSuccessRowSelected - border: 1px #6FCF97 solid - border-left: 5px #6FCF97 solid - -.ruleFailureRow - background: #FFE9EF - -.ruleFailureRowSelected - border: 1px $failure-color solid - border-left: 5px $failure-color solid - -.ruleNumberText - font-size: 12px - font-weight: 600 - white-space: nowrap - -.ruleNumberTextFailure - color: #DB2156 - -.ruleNumberTextSuccess - color: #219653 - .resolvedName text-overflow: ellipsis white-space: nowrap diff --git a/ui-common/src/components/EntryListItem/EntryListItem.tsx b/ui-common/src/components/EntryListItem/EntryListItem.tsx index a5037cc85..6f80b5894 100644 --- a/ui-common/src/components/EntryListItem/EntryListItem.tsx +++ b/ui-common/src/components/EntryListItem/EntryListItem.tsx @@ -37,13 +37,6 @@ interface Entry { dst: TCPInterface, isOutgoing?: boolean; latency: number; - rules: Rules; -} - -interface Rules { - status: boolean; - latency: number; - numberOfRules: number; } interface EntryProps { @@ -67,7 +60,6 @@ export const EntryItem: React.FC = ({entry, style, headingMode, name const isSelected = focusedEntryId === entry.id; const classification = getClassification(entry.status) - const numberOfRules = entry.rules.numberOfRules let ingoingIcon; let outgoingIcon; switch(classification) { @@ -87,35 +79,6 @@ export const EntryItem: React.FC = ({entry, style, headingMode, name break; } } - let additionalRulesProperties = ""; - let ruleSuccess = true; - let rule = 'latency' in entry.rules - if (rule) { - if (entry.rules.latency !== -1) { - if (entry.rules.latency >= entry.latency || !('latency' in entry)) { - additionalRulesProperties = styles.ruleSuccessRow - ruleSuccess = true - } else { - additionalRulesProperties = styles.ruleFailureRow - ruleSuccess = false - } - if (isSelected) { - additionalRulesProperties += ` ${entry.rules.latency >= entry.latency ? styles.ruleSuccessRowSelected : styles.ruleFailureRowSelected}` - } - } else { - if (entry.rules.status) { - additionalRulesProperties = styles.ruleSuccessRow - ruleSuccess = true - } else { - additionalRulesProperties = styles.ruleFailureRow - ruleSuccess = false - } - if (isSelected) { - additionalRulesProperties += ` ${entry.rules.status ? styles.ruleSuccessRowSelected : styles.ruleFailureRowSelected}` - } - } - } - const isStatusCodeEnabled = ((entry.proto.name === "http" && "status" in entry) || entry.status !== 0); @@ -123,7 +86,7 @@ export const EntryItem: React.FC = ({entry, style, headingMode, name
{ if (!setFocusedEntryId) return; setFocusedEntryId(entry.id); @@ -187,13 +150,7 @@ export const EntryItem: React.FC = ({entry, style, headingMode, name
- { - rule ? -
- {`Rules (${numberOfRules})`} -
- : "" - } +
{headingMode ?