From b50eced489765a4cabcc0596dee189e4f5381aec Mon Sep 17 00:00:00 2001 From: Selton Fiuza <40501884+seltonfiuza@users.noreply.github.com> Date: Sun, 19 Sep 2021 08:47:19 -0300 Subject: [PATCH] [Refactor/TRA-3692] rename test rules to traffic validation (#281) --- cli/cmd/tap.go | 4 ++++ cli/cmd/tapRunner.go | 13 +++++++++++-- cli/config/configStructs/tapConfig.go | 6 ++++-- docs/POLICY_RULES.md | 4 ++-- 4 files changed, 21 insertions(+), 6 deletions(-) diff --git a/cli/cmd/tap.go b/cli/cmd/tap.go index 899ac1f4a..52d4e912d 100644 --- a/cli/cmd/tap.go +++ b/cli/cmd/tap.go @@ -2,6 +2,7 @@ package cmd import ( "errors" + "fmt" "os" "github.com/up9inc/mizu/cli/config" @@ -67,4 +68,7 @@ func init() { tapCmd.Flags().String(configStructs.HumanMaxEntriesDBSizeTapName, defaultTapConfig.HumanMaxEntriesDBSize, "Override the default max entries db size") tapCmd.Flags().Bool(configStructs.DryRunTapName, defaultTapConfig.DryRun, "Preview of all pods matching the regex, without tapping them") tapCmd.Flags().String(configStructs.EnforcePolicyFile, defaultTapConfig.EnforcePolicyFile, "Yaml file with policy rules") + + tapCmd.Flags().String(configStructs.EnforcePolicyFileDeprecated, defaultTapConfig.EnforcePolicyFileDeprecated, "Yaml file with policy rules") + tapCmd.Flags().MarkDeprecated(configStructs.EnforcePolicyFileDeprecated, fmt.Sprintf("Use --%s instead", configStructs.EnforcePolicyFile)) } diff --git a/cli/cmd/tapRunner.go b/cli/cmd/tapRunner.go index e4d6042a9..535bbacb1 100644 --- a/cli/cmd/tapRunner.go +++ b/cli/cmd/tapRunner.go @@ -47,14 +47,23 @@ func RunMizuTap() { logger.Log.Errorf(uiUtils.Error, fmt.Sprintf("Error parsing regex-masking: %v", errormessage.FormatError(err))) return } + var mizuValidationRules string - if config.Config.Tap.EnforcePolicyFile != "" { - mizuValidationRules, err = readValidationRules(config.Config.Tap.EnforcePolicyFile) + if config.Config.Tap.EnforcePolicyFile != "" || config.Config.Tap.EnforcePolicyFileDeprecated != "" { + var trafficValidation string + if config.Config.Tap.EnforcePolicyFile != "" { + trafficValidation = config.Config.Tap.EnforcePolicyFile + } else { + trafficValidation = config.Config.Tap.EnforcePolicyFileDeprecated + } + + mizuValidationRules, err = readValidationRules(trafficValidation) if err != nil { logger.Log.Errorf(uiUtils.Error, fmt.Sprintf("Error reading policy file: %v", errormessage.FormatError(err))) return } } + kubernetesProvider, err := kubernetes.NewProvider(config.Config.KubeConfigPath()) if err != nil { logger.Log.Error(err) diff --git a/cli/config/configStructs/tapConfig.go b/cli/config/configStructs/tapConfig.go index 10ea29cc0..729f582f8 100644 --- a/cli/config/configStructs/tapConfig.go +++ b/cli/config/configStructs/tapConfig.go @@ -16,7 +16,8 @@ const ( DisableRedactionTapName = "no-redact" HumanMaxEntriesDBSizeTapName = "max-entries-db-size" DryRunTapName = "dry-run" - EnforcePolicyFile = "test-rules" + EnforcePolicyFile = "traffic-validation" + EnforcePolicyFileDeprecated = "test-rules" ) type TapConfig struct { @@ -32,7 +33,8 @@ type TapConfig struct { DisableRedaction bool `yaml:"no-redact" default:"false"` HumanMaxEntriesDBSize string `yaml:"max-entries-db-size" default:"200MB"` DryRun bool `yaml:"dry-run" default:"false"` - EnforcePolicyFile string `yaml:"test-rules"` + EnforcePolicyFile string `yaml:"traffic-validation"` + EnforcePolicyFileDeprecated string `yaml:"test-rules"` ApiServerResources Resources `yaml:"api-server-resources"` TapperResources Resources `yaml:"tapper-resources"` } diff --git a/docs/POLICY_RULES.md b/docs/POLICY_RULES.md index dce7257b6..23b3fdc50 100644 --- a/docs/POLICY_RULES.md +++ b/docs/POLICY_RULES.md @@ -24,14 +24,14 @@ To use this feature - create simple rules file (see details below) and pass this ```shell -mizu tap --test-rules rules.yaml PODNAME +mizu tap --traffic-validation rules.yaml PODNAME ``` ## Rules file structure -The structure of the test-rules-file is: +The structure of the traffic-validation-file is: * `name`: string, name of the rule * `type`: string, type of the rule, must be `json` or `header` or `latency`