diff --git a/pkg/awsvpc/analysis_output_test.go b/pkg/awsvpc/analysis_output_test.go index da8dca05d..64f4a41ea 100644 --- a/pkg/awsvpc/analysis_output_test.go +++ b/pkg/awsvpc/analysis_output_test.go @@ -10,61 +10,73 @@ import ( "fmt" "testing" - "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" ) const analysisOut = "analysis_out" -var tests = []*commonvpc.VpcGeneralTest{ +var tests = []*testfunc.VpcAnalysisTest{ { - InputConfig: "basic_config_with_sg", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "basic_config_with_sg", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "aws_sg_1", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "aws_sg_1", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "aws_sg_1", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "aws_sg_1", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, }, { - InputConfig: "aws_acl_1", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "aws_acl_1", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "aws_mixed", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "aws_mixed", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "aws_mixed", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "aws_mixed", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, }, } // uncomment the function below to run for updating the expected output -/* -func TestAllWithGeneration(t *testing.T) { + +/*func TestReportWithGeneration(t *testing.T) { // tests is the list of tests to run for testIdx := range tests { tt := tests[testIdx] - commonvpc.TestAll(tt, t, commonvpc.OutputGeneration, &AWSresourcesContainer{}, analysisOut, tt.InputConfig) + tt.TestAnalysisSingleTest(t, testfunc.OutputGeneration, &AWSresourcesContainer{}, analysisOut, tt.InputConfig) } fmt.Println("done") -} -*/ -func TestAllWithComparison(t *testing.T) { +}*/ + +func TestReportWithComparison(t *testing.T) { // tests is the list of tests to run for testIdx := range tests { tt := tests[testIdx] - commonvpc.TestAll(tt, t, commonvpc.OutputComparison, &AWSresourcesContainer{}, analysisOut, tt.InputConfig) + tt.TestAnalysisSingleTest(t, testfunc.OutputComparison, &AWSresourcesContainer{}, analysisOut, tt.InputConfig) } fmt.Println("done") } diff --git a/pkg/awsvpc/explainability_test.go b/pkg/awsvpc/explainability_test.go index 4f78bda17..6ac5236b6 100644 --- a/pkg/awsvpc/explainability_test.go +++ b/pkg/awsvpc/explainability_test.go @@ -10,111 +10,109 @@ import ( "fmt" "testing" - "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" - "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" ) -var explainTests = []*commonvpc.VpcGeneralTest{ +var explainTests = []*testfunc.VpcExplainTest{ // existing connection between two endpoints of different subnets { - Name: "ip_to_ip", - InputConfig: "aws_sg_1", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "ip_to_ip", + InputConfig: "aws_sg_1", + }, ESrc: "10.240.40.217", EDst: "10.240.20.43", - Format: vpcmodel.Text, DetailExplain: true, }, // non-existing connection between two endpoints of different subnets due to one of the nacls { - Name: "nacl_blocking", - InputConfig: "aws_mixed", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "nacl_blocking", + InputConfig: "aws_mixed", + }, ESrc: "10.240.2.28", EDst: "10.240.32.122", - Format: vpcmodel.Text, DetailExplain: true, }, // existing sub-connection between two endpoints of the same subnet // todo: https://github.com/np-guard/vpc-network-config-analyzer/issues/859 { - Name: "same_subnet_partial_connection", - InputConfig: "aws_mixed", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "same_subnet_partial_connection", + InputConfig: "aws_mixed", + }, ESrc: "10.240.32.122", EDst: "10.240.32.91", - Format: vpcmodel.Text, DetailExplain: true, }, // no connection between two endpoints of the same subnet { - Name: "subnet_to_subnet", - InputConfig: "aws_mixed", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "subnet_to_subnet", + InputConfig: "aws_mixed", + }, ESrc: "private2", EDst: "private1", - Format: vpcmodel.Text, DetailExplain: true, }, // connection to the public internet blocked by sg and private subnet { - Name: "to_external_private_subnet", - InputConfig: "aws_sg_1", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "to_external_private_subnet", + InputConfig: "aws_sg_1", + }, ESrc: "10.240.20.245", EDst: "161.26.0.0", - Format: vpcmodel.Text, DetailExplain: true, }, // existing connection to the public internet { - Name: "to_external_public_subnet", - InputConfig: "aws_sg_1", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "to_external_public_subnet", + InputConfig: "aws_sg_1", + }, ESrc: "10.240.10.42", EDst: "161.26.0.0", - Format: vpcmodel.Text, DetailExplain: true, }, // existing connection from the public internet { - Name: "from_external_public_subnet", - InputConfig: "aws_mixed", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "from_external_public_subnet", + InputConfig: "aws_mixed", + }, ESrc: "147.235.0.0/16", EDst: "10.240.0.96", - Format: vpcmodel.Text, DetailExplain: true, }, // connection to the public internet blocked only by private subnet { - Name: "to_external_blocked_only_private_subnet", - InputConfig: "aws_sg_1_allow_sg_private", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "to_external_blocked_only_private_subnet", + InputConfig: "aws_sg_1_allow_sg_private", + }, ESrc: "10.240.20.245", EDst: "161.26.0.0", - Format: vpcmodel.Text, DetailExplain: true, }, } -func TestAll(t *testing.T) { +func TestExplainWithComparsion(t *testing.T) { // explainTests is the list of tests to run for testIdx := range explainTests { tt := explainTests[testIdx] - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - rc := &AWSresourcesContainer{} - commonvpc.RunExplainTest(tt, t, rc) - }) + tt.TestSingleExplain(t, testfunc.OutputComparison, &AWSresourcesContainer{}, tt.Name) } fmt.Println("done") } // uncomment the function below for generating the expected output files instead of comparing -/* -func TestAllWithGeneration(t *testing.T) { + +/*func TestExplainWithGeneration(t *testing.T) { // tests is the list of tests to run for testIdx := range explainTests { tt := explainTests[testIdx] - tt.Mode = commonvpc.OutputGeneration - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - rc := &AWSresourcesContainer{} - commonvpc.RunExplainTest(tt, t,rc) - }) + tt.TestSingleExplain(t, commonvpc.OutputGeneration, &AWSresourcesContainer{}, tt.Name) } fmt.Println("done") }*/ diff --git a/pkg/awsvpc/lint_test.go b/pkg/awsvpc/lint_test.go index 61565ebfd..683c5da67 100644 --- a/pkg/awsvpc/lint_test.go +++ b/pkg/awsvpc/lint_test.go @@ -10,39 +10,45 @@ import ( "fmt" "testing" - "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" ) -var lintTests = []*commonvpc.VpcGeneralTest{ +var lintTests = []*testfunc.VpcLintTest{ { - Name: "aws_acl1", - InputConfig: "aws_acl_1", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "aws_acl1", + InputConfig: "aws_acl_1", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "aws_mixed", - InputConfig: "aws_mixed", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "aws_mixed", + InputConfig: "aws_mixed", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "aws_sg_1", - InputConfig: "aws_sg_1", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "aws_sg_1", + InputConfig: "aws_sg_1", + }, + Enable: []string{"sg-split-subnet"}, Disable: []string{"nacl-split-subnet", "subnet-cidr-overlap", "nacl-unattached", "sg-unattached", "sg-rule-cidr-out-of-range", "nacl-rule-cidr-out-of-range", "tcp-response-blocked", "sg-rule-implied", "nacl-rule-shadowed"}, }, } -func TestAllLint(t *testing.T) { +func TestLintWithComparsion(t *testing.T) { // lintTests is the list of tests to run for testIdx := range lintTests { tt := lintTests[testIdx] - tt.Mode = commonvpc.OutputComparison + tt.Mode = testfunc.OutputComparison t.Run(tt.Name, func(t *testing.T) { t.Parallel() rc := &AWSresourcesContainer{} - commonvpc.RunLintTest(tt, t, rc) + tt.TestSingleLint(t, rc) }) } fmt.Println("done") @@ -54,11 +60,11 @@ func TestAllLint(t *testing.T) { // tests is the list of tests to run for testIdx := range lintTests { tt := lintTests[testIdx] - tt.Mode = commonvpc.OutputGeneration + tt.Mode = testfunc.OutputGeneration t.Run(tt.Name, func(t *testing.T) { t.Parallel() rc := &AWSresourcesContainer{} - commonvpc.RunLintTest(tt, t, rc) + tt.TestSingleLint(t, rc) }) } fmt.Println("done") diff --git a/pkg/commonvpc/testfunc/analysis_output_test_functionality.go b/pkg/commonvpc/testfunc/analysis_output_test_functionality.go new file mode 100644 index 000000000..948051757 --- /dev/null +++ b/pkg/commonvpc/testfunc/analysis_output_test_functionality.go @@ -0,0 +1,29 @@ +/* +Copyright 2023- IBM Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package testfunc + +import ( + _ "embed" + "testing" + + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" +) + +type VpcAnalysisTest struct { + VpcTestCommon + Grouping bool + NoLbAbstract bool +} + +func (tt *VpcAnalysisTest) TestAnalysisSingleTest(t *testing.T, mode testMode, rc commonvpc.ResourcesContainer, testDir, testName string) { + tt.Name = testName + tt.setMode(mode) + t.Run(tt.Name, func(t *testing.T) { + t.Parallel() + tt.runSingleCommonTest(t, testDir, rc, tt.Grouping, tt.NoLbAbstract, nil) + }) +} diff --git a/pkg/commonvpc/analysis_output_test_functionality.go b/pkg/commonvpc/testfunc/common_test_functionality.go similarity index 53% rename from pkg/commonvpc/analysis_output_test_functionality.go rename to pkg/commonvpc/testfunc/common_test_functionality.go index f4dd3af4e..6f8f1989d 100644 --- a/pkg/commonvpc/analysis_output_test_functionality.go +++ b/pkg/commonvpc/testfunc/common_test_functionality.go @@ -4,32 +4,23 @@ Copyright 2023- IBM Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package commonvpc +package testfunc import ( - _ "embed" "errors" "fmt" "os" - "path/filepath" "strings" "testing" - "github.com/np-guard/models/pkg/netp" + "path/filepath" "github.com/stretchr/testify/require" - "github.com/np-guard/vpc-network-config-analyzer/pkg/linter" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" ) -/* -tests for the entire flow: - - input from config json file - - output comparison, for the possible output use-cases - - currently comparing only txt output formats -*/ - type testMode int const ( @@ -39,44 +30,12 @@ const ( ) const ( - examplesDir = "examples/" - inputDir = "input/" - outDir = "out/" -) - -const errString = "err: %s" -const carriageReturn = "\r" + examplesDir = "examples/" + inputDir = "input/" + outDir = "out/" + errString = "err: %s" + carriageReturn = "\r" -type VpcGeneralTest struct { - Name string // test name - // todo: support multiple configs input - InputConfig string // name (relative path) of input config file (json) - InputConfig2nd string // 2nd input file for diff - ExpectedOutput map[vpcmodel.OutputUseCase]string // expected output file path - ActualOutput map[vpcmodel.OutputUseCase]string // actual output file path - UseCases []vpcmodel.OutputUseCase // the list of output use cases to test - ErrPerUseCase map[vpcmodel.OutputUseCase]error - ResourceGroup string // filter vpc configs by resource group - Regions []string // filter vpc configs by region - Mode testMode - Grouping bool - NoLbAbstract bool - Format vpcmodel.OutFormat - VpcList []string - ESrc string - EDst string - EProtocol netp.ProtocolString - ESrcMinPort int64 - ESrcMaxPort int64 - EDstMinPort int64 - EDstMaxPort int64 - DetailExplain bool - Enable []string - Disable []string - PrintAllLints bool -} - -const ( ActualOutFilePrefix = "out_" InputFilePrefix = "input_" suffixOutFileWithGrouping = "_with_grouping" @@ -91,7 +50,6 @@ const ( txtOutSuffix = ".txt" mdOutSuffix = ".md" JSONOutSuffix = ".json" - secJSONOutSuffix = "_2nd.json" drawioOutSuffix = ".drawio" archDrawioOutSuffix = "_arch.drawio" svgOutSuffix = ".svg" @@ -100,6 +58,28 @@ const ( archHTMLOutSuffix = "_arch.html" ) +/* +tests for the entire flow: + - input from config json file + - output comparison, for the possible output use-cases + - currently comparing only txt output formats +*/ + +type VpcTestCommon struct { + Name string // test name + // todo: support multiple configs input + InputConfig string // name (relative path) of input config file (json) + ExpectedOutput map[vpcmodel.OutputUseCase]string // expected output file path + ActualOutput map[vpcmodel.OutputUseCase]string // actual output file path + UseCases []vpcmodel.OutputUseCase // the list of output use cases to test + ErrPerUseCase map[vpcmodel.OutputUseCase]error + Format vpcmodel.OutFormat + ResourceGroup string // filter vpc configs by resource group + Regions []string // filter vpc configs by region + Mode testMode + VpcList []string +} + // getTestFileName returns expected file name and actual file name, for the relevant use case func getTestFileName(testName string, uc vpcmodel.OutputUseCase, @@ -162,81 +142,8 @@ func getTestFileName(testName string, return expectedFileName, actualFileName, nil } -func getTestFileSuffix(format vpcmodel.OutFormat) (suffix string, err error) { - switch format { - case vpcmodel.Text: - return txtOutSuffix, nil - case vpcmodel.MD: - return mdOutSuffix, nil - case vpcmodel.JSON: - return JSONOutSuffix, nil - case vpcmodel.Synthesis: - return JSONOutSuffix, nil - case vpcmodel.DRAWIO: - return drawioOutSuffix, nil - case vpcmodel.ARCHDRAWIO: - return archDrawioOutSuffix, nil - case vpcmodel.SVG: - return svgOutSuffix, nil - case vpcmodel.ARCHSVG: - return archSvgOutSuffix, nil - case vpcmodel.HTML: - return htmlOutSuffix, nil - case vpcmodel.ARCHHTML: - return archHTMLOutSuffix, nil - default: - return "", errors.New("unexpected out format") - } -} - -func (tt *VpcGeneralTest) RunTest(t *testing.T, testDir string, rc ResourcesContainer) { - // init test - set the input/output file names according to test name - tt.InitTest() - - // get vpcConfigs obj from parsing + analyzing input config file - vpcConfigs := GetVPCConfigs(t, tt, true, rc) - var vpcConfigs2nd *vpcmodel.MultipleVPCConfigs - diffUseCase := false - explainUseCase := false - for _, useCase := range tt.UseCases { - if useCase == vpcmodel.SubnetsDiff || useCase == vpcmodel.EndpointsDiff { - diffUseCase = true - } - if useCase == vpcmodel.Explain { - explainUseCase = true - } - } - if diffUseCase { - vpcConfigs2nd = GetVPCConfigs(t, tt, false, rc) - vpcConfigs.SetConfigsToCompare(vpcConfigs2nd.Configs()) - } else { // inputConfig2nd should be ignored if not diffUseCase - tt.InputConfig2nd = "" - } - - var explanationArgs *vpcmodel.ExplanationArgs - if explainUseCase { - explanationArgs = vpcmodel.NewExplanationArgs(tt.ESrc, tt.EDst, string(tt.EProtocol), - tt.ESrcMinPort, tt.ESrcMaxPort, tt.EDstMinPort, tt.EDstMaxPort, tt.DetailExplain) - } - - // generate actual output for all use cases specified for this test - for _, uc := range tt.UseCases { - err := RunTestPerUseCase(t, tt, vpcConfigs, uc, tt.Mode, testDir, explanationArgs) - require.Equal(t, tt.ErrPerUseCase[uc], err, "comparing actual err to expected err") - } - for uc, outFile := range tt.ActualOutput { - fmt.Printf("test %s use-case %d - generated output file: %s\n", tt.Name, uc, outFile) - } -} - -// GetVPCConfigs returns *vpcmodel.MultipleVPCConfigs obj for the input test (config json file) -func GetVPCConfigs(t *testing.T, tt *VpcGeneralTest, firstCfg bool, rc ResourcesContainer) *vpcmodel.MultipleVPCConfigs { - var inputConfig string - if firstCfg { - inputConfig = tt.InputConfig - } else { - inputConfig = tt.InputConfig2nd - } +// getVPCConfigs returns *vpcmodel.MultipleVPCConfigs obj for the input test (config json file) +func (tt *VpcTestCommon) getVPCConfigs(t *testing.T, inputConfig string, rc commonvpc.ResourcesContainer) *vpcmodel.MultipleVPCConfigs { inputConfigFile := filepath.Join(GetTestsDirInput(), inputConfig) err := rc.ParseResourcesFromFile(inputConfigFile) if err != nil { @@ -249,10 +156,9 @@ func GetVPCConfigs(t *testing.T, tt *VpcGeneralTest, firstCfg bool, rc Resources return vpcConfigs } -// InitTest: based on the test name, set the input config file name, and the output +// initTest based on the test name, set the input config file name, and the output // files names (actual and expected), per use case -func (tt *VpcGeneralTest) InitTest() { - tt.InputConfig2nd = InputFilePrefix + tt.InputConfig + secJSONOutSuffix +func (tt *VpcTestCommon) initTest() { tt.InputConfig = InputFilePrefix + tt.InputConfig + JSONOutSuffix tt.ExpectedOutput = map[vpcmodel.OutputUseCase]string{} tt.ActualOutput = map[vpcmodel.OutputUseCase]string{} @@ -267,61 +173,36 @@ func (tt *VpcGeneralTest) InitTest() { } } -func CompareOrRegenerateOutputPerTest(t *testing.T, - mode testMode, - actualOutput string, - testDir string, - tt *VpcGeneralTest, - uc vpcmodel.OutputUseCase) error { - if mode == OutputComparison { - expectedOutput, err := os.ReadFile(tt.ExpectedOutput[uc]) - if err != nil { - t.Fatalf(errString, err) - } - expectedOutputStr := string(expectedOutput) - if cleanStr(expectedOutputStr) != cleanStr(actualOutput) { - compareTextualResult(expectedOutputStr, actualOutput, testDir) - t.Fatalf("output mismatch expected-vs-actual on test name: %s, use case: %d", tt.Name, uc) - } - } else if mode == OutputGeneration { - fmt.Printf("outputGeneration\n") - // create or override expected output file - if _, err := vpcmodel.WriteToFile(actualOutput, tt.ExpectedOutput[uc]); err != nil { - return err - } - } - return nil -} - -func initTestFileNames(tt *VpcGeneralTest, - uc vpcmodel.OutputUseCase, - vpcName string, - allVPCs bool, - testDirOut string) error { +func (tt *VpcTestCommon) initTestFileNames(uc vpcmodel.OutputUseCase, + vpcName string, allVPCs, detailExplain bool, testDirOut string, grouping, noLbAbstract bool) error { expectedFileName, actualFileName, err := getTestFileName( - tt.Name, uc, tt.Grouping, tt.NoLbAbstract, tt.DetailExplain, tt.Format, vpcName, allVPCs, tt.VpcList) + tt.Name, uc, grouping, noLbAbstract, detailExplain, tt.Format, vpcName, allVPCs, tt.VpcList) if err != nil { return err } - tt.ActualOutput[uc] = filepath.Join(GetTestsDirOut(testDirOut), actualFileName) - tt.ExpectedOutput[uc] = filepath.Join(GetTestsDirOut(testDirOut), expectedFileName) + tt.ActualOutput[uc] = filepath.Join(getTestsDirOut(testDirOut), actualFileName) + tt.ExpectedOutput[uc] = filepath.Join(getTestsDirOut(testDirOut), expectedFileName) return nil } // runTestPerUseCase runs the connectivity analysis for the required use case and compares/generates the output -func RunTestPerUseCase(t *testing.T, - tt *VpcGeneralTest, +func (tt *VpcTestCommon) runTestPerUseCase(t *testing.T, cConfigs *vpcmodel.MultipleVPCConfigs, uc vpcmodel.OutputUseCase, mode testMode, outDir string, + grouping, noLbAbstract bool, explanationArgs *vpcmodel.ExplanationArgs) error { + detailExplain := false + if explanationArgs != nil { + detailExplain = explanationArgs.Detail + } allVpcs := len(tt.VpcList) == 0 - if err := initTestFileNames(tt, uc, "", allVpcs, outDir); err != nil { + if err := tt.initTestFileNames(uc, "", allVpcs, detailExplain, outDir, grouping, noLbAbstract); err != nil { return err } - og, err := vpcmodel.NewOutputGenerator(cConfigs, tt.Grouping, uc, tt.Format == vpcmodel.ARCHDRAWIO, - explanationArgs, tt.Format, !tt.NoLbAbstract) + og, err := vpcmodel.NewOutputGenerator(cConfigs, grouping, uc, tt.Format == vpcmodel.ARCHDRAWIO, + explanationArgs, tt.Format, !noLbAbstract) if err != nil { return err } @@ -329,12 +210,39 @@ func RunTestPerUseCase(t *testing.T, if err != nil { return err } - if err := CompareOrRegenerateOutputPerTest(t, mode, actualOutput, outDir, tt, uc); err != nil { + if err := compareOrRegenerateOutputPerTest(t, mode, actualOutput, outDir, tt.Name, tt.ExpectedOutput, uc); err != nil { return err } return nil } +func getTestFileSuffix(format vpcmodel.OutFormat) (suffix string, err error) { + switch format { + case vpcmodel.Text: + return txtOutSuffix, nil + case vpcmodel.MD: + return mdOutSuffix, nil + case vpcmodel.JSON: + return JSONOutSuffix, nil + case vpcmodel.Synthesis: + return JSONOutSuffix, nil + case vpcmodel.DRAWIO: + return drawioOutSuffix, nil + case vpcmodel.ARCHDRAWIO: + return archDrawioOutSuffix, nil + case vpcmodel.SVG: + return svgOutSuffix, nil + case vpcmodel.ARCHSVG: + return archSvgOutSuffix, nil + case vpcmodel.HTML: + return htmlOutSuffix, nil + case vpcmodel.ARCHHTML: + return archHTMLOutSuffix, nil + default: + return "", errors.New("unexpected out format") + } +} + // comparison should be insensitive to line comparators; cleaning strings from line comparators func cleanStr(str string) string { return strings.ReplaceAll(strings.ReplaceAll(str, "/n", ""), carriageReturn, "") @@ -343,8 +251,8 @@ func cleanStr(str string) string { // compareTextualResult is called in case of output mismatch, to provide more details on the difference func compareTextualResult(expected, actual, testDir string) { var err1, err2 error - _, err1 = vpcmodel.WriteToFile(expected, filepath.Join(GetTestsDirOut(testDir), "expected.txt")) - _, err2 = vpcmodel.WriteToFile(actual, filepath.Join(GetTestsDirOut(testDir), "actual.txt")) + _, err1 = vpcmodel.WriteToFile(expected, filepath.Join(getTestsDirOut(testDir), "expected.txt")) + _, err2 = vpcmodel.WriteToFile(actual, filepath.Join(getTestsDirOut(testDir), "actual.txt")) if err1 != nil || err2 != nil { fmt.Printf("compareTextualResult: error writing actual/expected output to files: %s, %s \n", err1, err2) } @@ -365,18 +273,40 @@ func compareTextualResult(expected, actual, testDir string) { } } -// GetTestsDirOut returns the path to the dir where test output files are located -func GetTestsDirOut(testDir string) string { +// getTestsDirOut returns the path to the dir where test output files are located +func getTestsDirOut(testDir string) string { currentDir, _ := os.Getwd() return filepath.Join(currentDir, examplesDir+outDir+testDir) } -// getTestsDir returns the path to the dir where test input files are located +// GetTestsDirInput returns the path to the dir where test input files are located func GetTestsDirInput() string { currentDir, _ := os.Getwd() return filepath.Join(currentDir, examplesDir+inputDir) } +func compareOrRegenerateOutputPerTest(t *testing.T, mode testMode, actualOutput, testDir, name string, + expectedOutput map[vpcmodel.OutputUseCase]string, uc vpcmodel.OutputUseCase) error { + if mode == OutputComparison { + expectedOutput, err := os.ReadFile(expectedOutput[uc]) + if err != nil { + t.Fatalf(errString, err) + } + expectedOutputStr := string(expectedOutput) + if cleanStr(expectedOutputStr) != cleanStr(actualOutput) { + compareTextualResult(expectedOutputStr, actualOutput, testDir) + t.Fatalf("output mismatch expected-vs-actual on test name: %s, use case: %d", name, uc) + } + } else if mode == OutputGeneration { + fmt.Printf("outputGeneration\n") + // create or override expected output file + if _, err := vpcmodel.WriteToFile(actualOutput, expectedOutput[uc]); err != nil { + return err + } + } + return nil +} + var formatsAvoidComparisonAndGeneration = map[vpcmodel.OutFormat]bool{ vpcmodel.DRAWIO: true, vpcmodel.ARCHDRAWIO: true, @@ -386,94 +316,29 @@ var formatsAvoidComparisonAndGeneration = map[vpcmodel.OutFormat]bool{ vpcmodel.ARCHHTML: true, } -func TestAll(tt *VpcGeneralTest, t *testing.T, mode testMode, rc ResourcesContainer, testDir, testName string) { - // todo - remove the following if when drawio is stable +// todo - remove once drawio is stable +func (tt *VpcTestCommon) setMode(mode testMode) { if formatsAvoidComparisonAndGeneration[tt.Format] { tt.Mode = OutputIgnore } else { tt.Mode = mode } - tt.Name = testName - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - tt.RunTest(t, testDir, rc) - }) } -/////////////////////////////////////////////////////////////////////////////////////////// -// explainability: -////////////////////////////////////////////////////////////////////////////////////////////// - -const explainOut = "explain_out" - -func RunExplainTest(tt *VpcGeneralTest, t *testing.T, rc ResourcesContainer) { - // all tests in explain mode - tt.UseCases = []vpcmodel.OutputUseCase{vpcmodel.Explain} +func (tt *VpcTestCommon) runSingleCommonTest(t *testing.T, testDir string, rc commonvpc.ResourcesContainer, + grouping, noLbAbstract bool, explanationArgs *vpcmodel.ExplanationArgs) { // init test - set the input/output file names according to test name - tt.InitTest() + tt.initTest() // get vpcConfigs obj from parsing + analyzing input config file - vpcConfigs := GetVPCConfigs(t, tt, true, rc) - explanationArgs := vpcmodel.NewExplanationArgs(tt.ESrc, tt.EDst, string(tt.EProtocol), - tt.ESrcMinPort, tt.ESrcMaxPort, tt.EDstMinPort, tt.EDstMaxPort, tt.DetailExplain) + vpcConfigs := tt.getVPCConfigs(t, tt.InputConfig, rc) // generate actual output for all use cases specified for this test - err := RunTestPerUseCase(t, tt, vpcConfigs, vpcmodel.Explain, tt.Mode, explainOut, explanationArgs) - require.Equal(t, tt.ErrPerUseCase[vpcmodel.Explain], err, "comparing explain actual err to expected err") - for uc, outFile := range tt.ActualOutput { - fmt.Printf("explain test %s use-case %d - generated output file: %s\n", tt.Name, uc, outFile) + for _, uc := range tt.UseCases { + err := tt.runTestPerUseCase(t, vpcConfigs, uc, tt.Mode, testDir, grouping, noLbAbstract, explanationArgs) + require.Equal(t, tt.ErrPerUseCase[uc], err, "comparing actual err to expected err") } -} - -/////////////////////////////////////////////////////////////////////////////////////////// -// lint: -////////////////////////////////////////////////////////////////////////////////////////////// - -const lintOut = "lint_out" - -func RunLintTest(tt *VpcGeneralTest, t *testing.T, rc ResourcesContainer) { - // all tests in lint mode - // output use case is not significant here, but being used so that lint test can rely on existing mechanism - tt.UseCases = []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints} - // init test - set the input/output file names according to test name - tt.InitTest() - - // get vpcConfigs obj from parsing + analyzing input config file - vpcConfigs := GetVPCConfigs(t, tt, true, rc) - - // generate actual output for all use cases specified for this test - err := runLintTestPerUseCase(t, tt, vpcConfigs.Configs(), lintOut) - require.Equal(t, tt.ErrPerUseCase[vpcmodel.AllEndpoints], err, "comparing lint actual err to expected err") for uc, outFile := range tt.ActualOutput { - fmt.Printf("lint test %s use-case %d - generated output file: %s\n", tt.Name, uc, outFile) - } -} - -// runExplainTestPerUseCase executes lint for the required use case and compares/generates the output -func runLintTestPerUseCase(t *testing.T, - tt *VpcGeneralTest, - cConfigs map[string]*vpcmodel.VPCConfig, - outDir string) error { - // output use case is not significant here, but being used so that lint test can rely on existing mechanism - initLintTestFileNames(tt, outDir) - _, actualOutput, _ := linter.LinterExecute(cConfigs, tt.PrintAllLints, tt.Enable, tt.Disable) - if err := CompareOrRegenerateOutputPerTest(t, tt.Mode, actualOutput, lintOut, tt, vpcmodel.AllEndpoints); err != nil { - return err + fmt.Printf("test %s use-case %d - generated output file: %s\n", tt.Name, uc, outFile) } - return nil -} - -func initLintTestFileNames(tt *VpcGeneralTest, testDir string) { - expectedFileName, actualFileName := getLintTestFileName(tt.Name) - // output use case is not significant here, but being used so that lint test can rely on existing mechanism - tt.ActualOutput[vpcmodel.AllEndpoints] = filepath.Join(GetTestsDirOut(testDir), actualFileName) - tt.ExpectedOutput[vpcmodel.AllEndpoints] = filepath.Join(GetTestsDirOut(testDir), expectedFileName) -} - -// getLintTestFileName returns expected file name and actual file name, for the relevant use case -func getLintTestFileName(testName string) (expectedFileName, actualFileName string) { - res := testName + "_Lint" - expectedFileName = res - actualFileName = ActualOutFilePrefix + res - return expectedFileName, actualFileName } diff --git a/pkg/commonvpc/testfunc/explain_test_functionality.go b/pkg/commonvpc/testfunc/explain_test_functionality.go new file mode 100644 index 000000000..488d0b013 --- /dev/null +++ b/pkg/commonvpc/testfunc/explain_test_functionality.go @@ -0,0 +1,47 @@ +/* +Copyright 2023- IBM Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package testfunc + +import ( + "testing" + + "github.com/np-guard/models/pkg/netp" + + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" +) + +type VpcExplainTest struct { + VpcTestCommon + ESrc string + EDst string + EProtocol netp.ProtocolString + ESrcMinPort int64 + ESrcMaxPort int64 + EDstMinPort int64 + EDstMaxPort int64 + DetailExplain bool +} + +/////////////////////////////////////////////////////////////////////////////////////////// +// explainability: +////////////////////////////////////////////////////////////////////////////////////////////// + +const explainOut = "explain_out" + +func (tt *VpcExplainTest) TestSingleExplain(t *testing.T, mode testMode, rc commonvpc.ResourcesContainer, testName string) { + tt.Name = testName + tt.setMode(mode) + explanationArgs := vpcmodel.NewExplanationArgs(tt.ESrc, tt.EDst, string(tt.EProtocol), + tt.ESrcMinPort, tt.ESrcMaxPort, tt.EDstMinPort, tt.EDstMaxPort, tt.DetailExplain) + tt.UseCases = []vpcmodel.OutputUseCase{vpcmodel.Explain} + tt.Format = vpcmodel.Text + t.Run(tt.Name, func(t *testing.T) { + t.Parallel() + tt.runSingleCommonTest(t, explainOut, rc, false, false, explanationArgs) + }) +} diff --git a/pkg/commonvpc/testfunc/lint_test_functionality.go b/pkg/commonvpc/testfunc/lint_test_functionality.go new file mode 100644 index 000000000..df2e1159a --- /dev/null +++ b/pkg/commonvpc/testfunc/lint_test_functionality.go @@ -0,0 +1,78 @@ +/* +Copyright 2023- IBM Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package testfunc + +import ( + "fmt" + "testing" + + "path/filepath" + + "github.com/stretchr/testify/require" + + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/linter" + "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" +) + +type VpcLintTest struct { + VpcTestCommon + Enable []string + Disable []string + PrintAllLints bool +} + +/////////////////////////////////////////////////////////////////////////////////////////// +// lint: +////////////////////////////////////////////////////////////////////////////////////////////// + +const lintOut = "lint_out" + +func (tt *VpcLintTest) TestSingleLint(t *testing.T, rc commonvpc.ResourcesContainer) { + // all tests in lint mode + // output use case is not significant here, but being used so that lint test can rely on existing mechanism + tt.UseCases = []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints} + // init test - set the input/output file names according to test name + tt.initTest() + + // get vpcConfigs obj from parsing + analyzing input config file + vpcConfigs := tt.getVPCConfigs(t, tt.InputConfig, rc) + + // generate actual output for all use cases specified for this test + err := tt.runLintTest(t, vpcConfigs.Configs(), lintOut) + require.Equal(t, tt.ErrPerUseCase[vpcmodel.AllEndpoints], err, "comparing lint actual err to expected err") + for uc, outFile := range tt.ActualOutput { + fmt.Printf("lint test %s use-case %d - generated output file: %s\n", tt.Name, uc, outFile) + } +} + +// runExplainTestPerUseCase executes lint for the required use case and compares/generates the output +func (tt *VpcLintTest) runLintTest(t *testing.T, cConfigs map[string]*vpcmodel.VPCConfig, outDir string) error { + // output use case is not significant here, but being used so that lint test can rely on existing mechanism + tt.initLintTestFileNames(outDir) + _, actualOutput, _ := linter.LinterExecute(cConfigs, tt.PrintAllLints, tt.Enable, tt.Disable) + if err := compareOrRegenerateOutputPerTest(t, tt.Mode, actualOutput, lintOut, tt.Name, tt.ExpectedOutput, + vpcmodel.AllEndpoints); err != nil { + return err + } + return nil +} + +func (tt *VpcLintTest) initLintTestFileNames(testDir string) { + expectedFileName, actualFileName := getLintTestFileName(tt.Name) + // output use case is not significant here, but being used so that lint test can rely on existing mechanism + tt.ActualOutput[vpcmodel.AllEndpoints] = filepath.Join(getTestsDirOut(testDir), actualFileName) + tt.ExpectedOutput[vpcmodel.AllEndpoints] = filepath.Join(getTestsDirOut(testDir), expectedFileName) +} + +// getLintTestFileName returns expected file name and actual file name, for the relevant use case +func getLintTestFileName(testName string) (expectedFileName, actualFileName string) { + res := testName + "_Lint" + expectedFileName = res + actualFileName = ActualOutFilePrefix + res + return expectedFileName, actualFileName +} diff --git a/pkg/commonvpc/testfunc/semantic_diff_test_functionality.go b/pkg/commonvpc/testfunc/semantic_diff_test_functionality.go new file mode 100644 index 000000000..128d1e5c6 --- /dev/null +++ b/pkg/commonvpc/testfunc/semantic_diff_test_functionality.go @@ -0,0 +1,53 @@ +/* +Copyright 2023- IBM Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package testfunc + +import ( + _ "embed" + "fmt" + "testing" + + "github.com/stretchr/testify/require" + + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" +) + +const secJSONOutSuffix = "_2nd.json" + +type VpcDiffTest struct { + VpcTestCommon + InputConfig2nd string // 2nd input file for diff +} + +func (tt *VpcDiffTest) TestDiffSingle(t *testing.T, mode testMode, rc commonvpc.ResourcesContainer, testDir, testName string) { + tt.Name = testName + tt.setMode(mode) + t.Run(tt.Name, func(t *testing.T) { + t.Parallel() + tt.runDiffSingleTest(t, testDir, rc) + }) +} + +func (tt *VpcDiffTest) runDiffSingleTest(t *testing.T, testDir string, rc commonvpc.ResourcesContainer) { + // init test - set the input/output file names according to test name + tt.InputConfig2nd = InputFilePrefix + tt.InputConfig + secJSONOutSuffix + tt.initTest() + + // get vpcConfigs obj from parsing + analyzing input config file + vpcConfigs := tt.getVPCConfigs(t, tt.InputConfig, rc) + vpcConfigs2nd := tt.getVPCConfigs(t, tt.InputConfig2nd, rc) + vpcConfigs.SetConfigsToCompare(vpcConfigs2nd.Configs()) + + // generate actual output for all use cases specified for this test + for _, uc := range tt.UseCases { + err := tt.runTestPerUseCase(t, vpcConfigs, uc, tt.Mode, testDir, false, false, nil) + require.Equal(t, tt.ErrPerUseCase[uc], err, "comparing diff's actual err to expected err") + } + for uc, outFile := range tt.ActualOutput { + fmt.Printf("test %s use-case %d - generated output file: %s\n", tt.Name, uc, outFile) + } +} diff --git a/pkg/ibmvpc/analysis_output_test.go b/pkg/ibmvpc/analysis_output_test.go index 77118e0ec..7c5a236bb 100644 --- a/pkg/ibmvpc/analysis_output_test.go +++ b/pkg/ibmvpc/analysis_output_test.go @@ -12,7 +12,7 @@ import ( "fmt" "testing" - "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" ) @@ -25,195 +25,261 @@ tests for the entire flow: const analysisOut = "analysis_out" -var tests = []*commonvpc.VpcGeneralTest{ +var tests = []*testfunc.VpcAnalysisTest{ { - InputConfig: "acl_testing5", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.MD, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.MD, + }, }, { - InputConfig: "acl_testing5_old", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.MD, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5_old", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.MD, + }, }, { - InputConfig: "acl_testing5", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "acl_testing5_old", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5_old", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "acl_testing5", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, // batch1: cover all use-cases, with text output Format , no Grouping { - InputConfig: "acl_testing3", - // TODO: currently skipping uc3 since it is not supported with partial subnet connectivity - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.SingleSubnet}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + // TODO: currently skipping uc3 since it is not supported with partial subnet connectivity + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.SingleSubnet}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, }, { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, + Grouping: true, }, { - InputConfig: "tg-prefix-filters", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tg-prefix-filters", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, + Grouping: true, }, { - InputConfig: "sg_testing1_new", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.SingleSubnet, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.SingleSubnet, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.SingleSubnet, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.SingleSubnet, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "sg_testing_3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing_3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "sg_testing_3_with_empty_remote", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing_3_with_empty_remote", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, }, // batch2: only vsi-level use-case, with Grouping , text Format { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "sg_testing1_new", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, // respond enabled only on part of the TCP connection { - InputConfig: "sg_testing1_new_respond_partly", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new_respond_partly", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, // batch2.5: only vsi-level use-case, with Grouping , drawio Format { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, { - InputConfig: "sg_testing1_new", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, { - InputConfig: "iks_config_object", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_config_object", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, { - InputConfig: "mult_NIs_single_VSI", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "mult_NIs_single_VSI", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, //batch3: only vsi-level use-case, no Grouping, with md output formats { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.MD, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.MD, + }, }, { - InputConfig: "sg_testing1_new", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.MD, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.MD, + }, }, { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.MD, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.MD, + }, }, { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, }, { - InputConfig: "sg_testing1_new", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, }, { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, }, { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.ARCHDRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.ARCHDRAWIO, + }, }, { - InputConfig: "sg_testing1_new", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.ARCHDRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.ARCHDRAWIO, + }, }, { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.ARCHDRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.ARCHDRAWIO, + }, }, { - InputConfig: "sg_testing1_new_grouping", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new_grouping", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, + Grouping: true, }, // iks-nodes example // iks_config_object example has three SG, one of them two targets - a pgw and a LB. @@ -224,227 +290,229 @@ var tests = []*commonvpc.VpcGeneralTest{ // 4. inbound, udp, ports 1-65535 { - InputConfig: "iks_config_object", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_config_object", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "iks_config_object", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_config_object", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, Grouping: true, NoLbAbstract: true, - Format: vpcmodel.Text, }, // json examples { - InputConfig: "demo_with_instances", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.JSON, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.JSON, + }, }, { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.JSON, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.JSON, + }, }, // multi-vpc config example { - InputConfig: "acl_testing3_with_two_vpcs", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, - VpcList: []string{"crn:12"}, // specify the vpc to analyze + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3_with_two_vpcs", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + VpcList: []string{"crn:12"}, // specify the vpc to analyze + }, }, // vpe example { - InputConfig: "demo_with_instances_vpes", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "demo_with_instances_vpes", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, }, // multi-vpc config examples { - InputConfig: "experiments_env", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, - }, - { - InputConfig: "experiments_env", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, - VpcList: []string{"crn:1", "crn:17"}, - }, - { - InputConfig: "experiments_env", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.JSON, - }, - { - InputConfig: "multiple_vpcs", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.Text, - }, - // diff examples: - { - InputConfig: "acl_testing5", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.SubnetsDiff}, - Format: vpcmodel.Text, - }, - { - InputConfig: "acl_testing5", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.SubnetsDiff}, - Format: vpcmodel.MD, - }, - { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.Text, - }, - { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.MD, - }, - { - InputConfig: "sg_testing1_new", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.Text, - }, - { // example with diff with partial TCP respond - InputConfig: "sg_testing1_copy", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.Text, - }, - { // example with diff in which the diff is in the amount of TCP respond enabled - InputConfig: "sg_testing1_new_respond_partly", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "experiments_env", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, }, { - // diff between VPCs of different UIDs - InputConfig: "sg_testing_3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "experiments_env", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + VpcList: []string{"crn:1", "crn:17"}, + }, }, { - // diff between identical VPCs - InputConfig: "sg_testing_default", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "experiments_env", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.JSON, + }, }, { - // ports manipulation - InputConfig: "sg_testing1_diff_ports", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "multiple_vpcs", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, // tgw examples { - InputConfig: "tgw_basic_example", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tgw_basic_example", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "tgw_basic_example_multiple_regions", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tgw_basic_example_multiple_regions", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "tgw_basic_example_with_some_default_deny", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tgw_basic_example_with_some_default_deny", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "tgw_larger_example", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tgw_larger_example", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "tgw_larger_example", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, - Grouping: true, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tgw_larger_example", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "tg-prefix-filters", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tg-prefix-filters", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, }, // tgw examples with drawio { - InputConfig: "tgw_larger_example", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tgw_larger_example", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.HTML, + }, }, { - InputConfig: "tgw_larger_example", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Format: vpcmodel.DRAWIO, - Grouping: true, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "tgw_larger_example", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, // multivpc drawio: { - InputConfig: "multiple_vpcs", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "multiple_vpcs", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.DRAWIO, + }, }, { - InputConfig: "multiple_vpcs", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "multiple_vpcs", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, { - InputConfig: "experiments_env", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.ARCHDRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "experiments_env", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.ARCHDRAWIO, + }, }, { - InputConfig: "experiments_env", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "experiments_env", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, + Grouping: true, }, // resource group filtering example // ete-storage-project and ete-backup-and-storage vpcs expected to be filtered out // global-tg-ky and local-tg-ky tgws expected to be filtered out { - InputConfig: "multi_resource_groups", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, - ResourceGroup: "ola", + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "multi_resource_groups", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + ResourceGroup: "ola", + }, }, // region filtering example // zn-vpc1, zn-vpc2, zn-vpc3 expected to be filtered out // global-tg-zn and local-tg-zn tgws expected to be filtered out { - InputConfig: "multi_regions", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, - Regions: []string{"us-east"}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "multi_regions", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + Regions: []string{"us-east"}, + }, }, { - InputConfig: "iks_workers_large", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_workers_large", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "iks_workers_large", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Grouping: false, - Format: vpcmodel.DRAWIO, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_workers_large", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.DRAWIO, + }, + Grouping: false, }, { - InputConfig: "iks_workers_large", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, - Grouping: true, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_workers_large", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.HTML, + }, + Grouping: true, }, { - InputConfig: "iks_workers_large", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.ARCHSVG, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_workers_large", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.ARCHSVG, + }, + Grouping: true, }, // commented until https://github.com/np-guard/vpc-network-config-analyzer/issues/847 is fixed // { @@ -455,73 +523,95 @@ var tests = []*commonvpc.VpcGeneralTest{ // }, // Grouping test of identical names different resources and thus different UIDs that should not be merged { - InputConfig: "sg_testing1_new_dup_subnets_names", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new_dup_subnets_names", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "iks_workers_large", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_workers_large", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, Grouping: true, NoLbAbstract: true, - Format: vpcmodel.HTML, }, { - InputConfig: "iks_workers_large", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_workers_large", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.DRAWIO, + }, Grouping: true, NoLbAbstract: true, - Format: vpcmodel.DRAWIO, }, // LB examples: { - InputConfig: "lb_bad_practice", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "lb_bad_practice", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "lb_bad_practice", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "lb_bad_practice", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, }, { - InputConfig: "iks_w_lb", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "iks_w_lb", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, + Grouping: true, }, { - InputConfig: "lb_policies", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "lb_policies", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, + Grouping: true, }, { - InputConfig: "load_balancer", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "load_balancer", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints, vpcmodel.AllSubnets}, + Format: vpcmodel.HTML, + }, Grouping: true, NoLbAbstract: true, - Format: vpcmodel.HTML, }, { - InputConfig: "load_balancer", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "load_balancer", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "load_balancer", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "load_balancer", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, Grouping: true, NoLbAbstract: true, - Format: vpcmodel.Text, }, { - InputConfig: "nacl_split_subnet", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "nacl_split_subnet", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, }, // filters_split_lb_subnet example has one load balancer with three subnets, subnets Cidrs: // 10.240.65.0/24 @@ -546,111 +636,131 @@ var tests = []*commonvpc.VpcGeneralTest{ // vsi1-sub3[10.240.128.5] => alb[LB private IP][10.240.65.4] : All Connections // is over approximated to: // vsi1-sub3[10.240.128.5] => alb[LoadBalancer] : All Connections ** - { - InputConfig: "filters_split_lb_subnet", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "filters_split_lb_subnet", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, Grouping: false, NoLbAbstract: true, }, { - InputConfig: "filters_split_lb_subnet", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.Text, - Grouping: false, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "filters_split_lb_subnet", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: false, }, { - InputConfig: "filters_split_lb_subnet", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "filters_split_lb_subnet", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, Grouping: true, NoLbAbstract: true, }, { - InputConfig: "hub_n_spoke_1", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "hub_n_spoke_1", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "hub_n_spoke_1", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "hub_n_spoke_1", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, Grouping: true, NoLbAbstract: true, }, { - InputConfig: "fabricated", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.HTML, - Grouping: true, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "fabricated", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.HTML, + }, + Grouping: true, }, { - InputConfig: "vni_basic", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "vni_basic", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.Text, + }, + Grouping: true, }, { - InputConfig: "vni_basic", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, - Grouping: true, - Format: vpcmodel.HTML, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "vni_basic", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + Format: vpcmodel.HTML, + }, + Grouping: true, }, } // uncomment the function below to run for updating the expected output /* -func TestAllWithGeneration(t *testing.T) { +func TestReportWithGeneration(t *testing.T) { // tests is the list of tests to run for testIdx := range tests { tt := tests[testIdx] - commonvpc.TestAll(tt, t, commonvpc.OutputGeneration, &IBMresourcesContainer{}, analysisOut, tt.InputConfig) + tt.TestAnalysisSingleTest(t, testfunc.OutputGeneration, &IBMresourcesContainer{}, analysisOut, tt.InputConfig) } fmt.Println("done") } */ -func TestAllWithComparison(t *testing.T) { + +func TestReportWithComparison(t *testing.T) { // tests is the list of tests to run for testIdx := range tests { tt := tests[testIdx] - commonvpc.TestAll(tt, t, commonvpc.OutputComparison, &IBMresourcesContainer{}, analysisOut, tt.InputConfig) + tt.TestAnalysisSingleTest(t, testfunc.OutputComparison, &IBMresourcesContainer{}, analysisOut, tt.InputConfig) } fmt.Println("done") } // TestUnsupportedAnalysis demonstrates cases where analysis is not supported func TestUnsupportedAnalysis(t *testing.T) { - tests := []*commonvpc.VpcGeneralTest{ + tests := []*testfunc.VpcAnalysisTest{ { // here the connectivity per subnet is getting split to few parts by various local ranges within the subnet cidr, // and the split is by the ACL's rules "local" part (e.g. "from" in egress rule / "to" in ingress rule) - Name: "unsupported_analysis_acl_testing3", - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.Text, - ErrPerUseCase: map[vpcmodel.OutputUseCase]error{ - vpcmodel.AllSubnets: errors.New("unsupported connectivity map with partial subnet ranges per connectivity result"), + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "unsupported_analysis_acl_testing3", + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + ErrPerUseCase: map[vpcmodel.OutputUseCase]error{ + vpcmodel.AllSubnets: errors.New("unsupported connectivity map with partial subnet ranges per connectivity result"), + }, + Mode: testfunc.OutputGeneration, }, - Mode: commonvpc.OutputGeneration, }, { // here the split is by ACL's rules "remote" part (e.g. "to" in egress rule / "from" in ingress rule) - Name: "unsupported_nacl_split_subnet", - InputConfig: "nacl_split_subnet", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Format: vpcmodel.Text, - ErrPerUseCase: map[vpcmodel.OutputUseCase]error{ - vpcmodel.AllSubnets: errors.New("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet sub1"), + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "unsupported_nacl_split_subnet", + InputConfig: "nacl_split_subnet", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + Format: vpcmodel.Text, + ErrPerUseCase: map[vpcmodel.OutputUseCase]error{ + vpcmodel.AllSubnets: errors.New("unsupported subnets connectivity analysis - no consistent connectivity for entire subnet sub1"), + }, + Mode: testfunc.OutputGeneration, }, - Mode: commonvpc.OutputGeneration, }, } // tests is the list of tests to run for testIdx := range tests { tt := tests[testIdx] - commonvpc.TestAll(tt, t, tt.Mode, &IBMresourcesContainer{}, analysisOut, tt.Name) + tt.TestAnalysisSingleTest(t, tt.Mode, &IBMresourcesContainer{}, analysisOut, tt.Name) } fmt.Println("done") } diff --git a/pkg/ibmvpc/diff_test.go b/pkg/ibmvpc/diff_test.go new file mode 100644 index 000000000..1085e01af --- /dev/null +++ b/pkg/ibmvpc/diff_test.go @@ -0,0 +1,117 @@ +/* +Copyright 2023- IBM Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package ibmvpc + +import ( + _ "embed" + "fmt" + "testing" + + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" +) + +var diffTests = []*testfunc.VpcDiffTest{ + // diff tests: + { + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.SubnetsDiff}, + Format: vpcmodel.Text, + }, + }, + { + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.SubnetsDiff}, + Format: vpcmodel.MD, + }, + }, + { + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.Text, + }, + }, + { + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.MD, + }, + }, + { + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.Text, + }, + }, + { // example with diff with partial TCP respond + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_copy", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.Text, + }, + }, + { // example with diff in which the diff is in the amount of TCP respond enabled + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_new_respond_partly", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.Text, + }, + }, + { + // diff between VPCs of different UIDs + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing_3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.Text, + }, + }, + { + // diff between identical VPCs + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing_default", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.Text, + }, + }, + { + // ports manipulation + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "sg_testing1_diff_ports", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.EndpointsDiff}, + Format: vpcmodel.Text, + }, + }, +} + +// uncomment the function below to run for updating the expected output + +/* +func TestDiffWithGeneration(t *testing.T) { + // tests is the list of tests to run + for testIdx := range diffTests { + tt := diffTests[testIdx] + tt.TestDiffSingle(t, testfunc.OutputGeneration, &IBMresourcesContainer{}, analysisOut, tt.InputConfig) + } + fmt.Println("done") +} +*/ + +const diffOut = "diff_out" + +func TestDiffWithComparison(t *testing.T) { + // tests is the list of tests to run + for testIdx := range diffTests { + tt := diffTests[testIdx] + tt.TestDiffSingle(t, testfunc.OutputComparison, &IBMresourcesContainer{}, diffOut, tt.InputConfig) + } + fmt.Println("done") +} diff --git a/pkg/ibmvpc/examples/out/analysis_out/acl_testing3_all_vpcs_endpointsDiff.md b/pkg/ibmvpc/examples/out/diff_out/acl_testing3_all_vpcs_endpointsDiff.md similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/acl_testing3_all_vpcs_endpointsDiff.md rename to pkg/ibmvpc/examples/out/diff_out/acl_testing3_all_vpcs_endpointsDiff.md diff --git a/pkg/ibmvpc/examples/out/analysis_out/acl_testing3_all_vpcs_endpointsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/acl_testing3_all_vpcs_endpointsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/acl_testing3_all_vpcs_endpointsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/acl_testing3_all_vpcs_endpointsDiff.txt diff --git a/pkg/ibmvpc/examples/out/analysis_out/acl_testing5_all_vpcs_subnetsDiff.md b/pkg/ibmvpc/examples/out/diff_out/acl_testing5_all_vpcs_subnetsDiff.md similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/acl_testing5_all_vpcs_subnetsDiff.md rename to pkg/ibmvpc/examples/out/diff_out/acl_testing5_all_vpcs_subnetsDiff.md diff --git a/pkg/ibmvpc/examples/out/analysis_out/acl_testing5_all_vpcs_subnetsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/acl_testing5_all_vpcs_subnetsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/acl_testing5_all_vpcs_subnetsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/acl_testing5_all_vpcs_subnetsDiff.txt diff --git a/pkg/ibmvpc/examples/out/analysis_out/sg_testing1_copy_all_vpcs_endpointsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/sg_testing1_copy_all_vpcs_endpointsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/sg_testing1_copy_all_vpcs_endpointsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/sg_testing1_copy_all_vpcs_endpointsDiff.txt diff --git a/pkg/ibmvpc/examples/out/analysis_out/sg_testing1_diff_ports_all_vpcs_endpointsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/sg_testing1_diff_ports_all_vpcs_endpointsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/sg_testing1_diff_ports_all_vpcs_endpointsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/sg_testing1_diff_ports_all_vpcs_endpointsDiff.txt diff --git a/pkg/ibmvpc/examples/out/analysis_out/sg_testing1_new_all_vpcs_endpointsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/sg_testing1_new_all_vpcs_endpointsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/sg_testing1_new_all_vpcs_endpointsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/sg_testing1_new_all_vpcs_endpointsDiff.txt diff --git a/pkg/ibmvpc/examples/out/analysis_out/sg_testing1_new_respond_partly_all_vpcs_endpointsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/sg_testing1_new_respond_partly_all_vpcs_endpointsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/sg_testing1_new_respond_partly_all_vpcs_endpointsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/sg_testing1_new_respond_partly_all_vpcs_endpointsDiff.txt diff --git a/pkg/ibmvpc/examples/out/analysis_out/sg_testing_3_all_vpcs_endpointsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/sg_testing_3_all_vpcs_endpointsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/sg_testing_3_all_vpcs_endpointsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/sg_testing_3_all_vpcs_endpointsDiff.txt diff --git a/pkg/ibmvpc/examples/out/analysis_out/sg_testing_default_all_vpcs_endpointsDiff.txt b/pkg/ibmvpc/examples/out/diff_out/sg_testing_default_all_vpcs_endpointsDiff.txt similarity index 100% rename from pkg/ibmvpc/examples/out/analysis_out/sg_testing_default_all_vpcs_endpointsDiff.txt rename to pkg/ibmvpc/examples/out/diff_out/sg_testing_default_all_vpcs_endpointsDiff.txt diff --git a/pkg/ibmvpc/explainability_test.go b/pkg/ibmvpc/explainability_test.go index 10b3759c5..69f7de9df 100644 --- a/pkg/ibmvpc/explainability_test.go +++ b/pkg/ibmvpc/explainability_test.go @@ -16,14 +16,14 @@ import ( "github.com/np-guard/models/pkg/connection" "github.com/np-guard/models/pkg/netp" - "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" ) // getConfigs returns *vpcmodel.MultipleVPCConfigs obj for the input test (config json file) func getConfig(t *testing.T, fileName string) *vpcmodel.MultipleVPCConfigs { - inputConfigFile := filepath.Join(commonvpc.GetTestsDirInput(), - commonvpc.InputFilePrefix+fileName+commonvpc.JSONOutSuffix) + inputConfigFile := filepath.Join(testfunc.GetTestsDirInput(), + testfunc.InputFilePrefix+fileName+testfunc.JSONOutSuffix) rc := IBMresourcesContainer{} err := rc.ParseResourcesFromFile(inputConfigFile) if err != nil { @@ -36,112 +36,127 @@ func getConfig(t *testing.T, fileName string) *vpcmodel.MultipleVPCConfigs { return vpcConfigs } -var explainTests = []*commonvpc.VpcGeneralTest{ +var explainTests = []*testfunc.VpcExplainTest{ { - Name: "VsiToVsi1", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiToVsi1", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi2-ky", EDst: "vsi3b-ky", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "VsiToVsi2", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiToVsi2", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi2-ky", EDst: "10.240.10.4", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "VsiToVsi3", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiToVsi3", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi3a-ky", EDst: "10.240.10.4", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "VsiToVsi4", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiToVsi4", + InputConfig: "sg_testing1_new", + }, ESrc: "10.240.10.4", EDst: "10.240.20.4", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "VsiToVsi5", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiToVsi5", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi3a-ky", EDst: "vsi2-ky", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "subnetToVsiSingleVpc", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "subnetToVsiSingleVpc", + InputConfig: "sg_testing1_new", + }, ESrc: "subnet1-ky", EDst: "10.240.20.4", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "externalToSubnet", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "externalToSubnet", + InputConfig: "sg_testing1_new", + }, ESrc: "161.26.0.0", EDst: "subnet3-ky", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "SimpleExternalSG1", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "SimpleExternalSG1", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "SimpleExternalSG2", - InputConfig: "sg_testing1_new", - ESrc: "161.26.0.0/16", - EDst: "vsi1-ky", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "SimpleExternalSG2", + InputConfig: "sg_testing1_new", + }, + ESrc: "161.26.0.0/16", + EDst: "vsi1-ky", }, { - Name: "SimpleExternalSG3", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "SimpleExternalSG3", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/32", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "SimpleExternalSG4", - InputConfig: "sg_testing1_new", - ESrc: "vsi3b-ky", - EDst: "161.26.0.0/32", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "SimpleExternalSG4", + InputConfig: "sg_testing1_new", + }, + ESrc: "vsi3b-ky", + EDst: "161.26.0.0/32", }, { - Name: "GroupingExternalSG1", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "GroupingExternalSG1", + InputConfig: "sg_testing1_new", + }, ESrc: "10.240.10.4", EDst: "161.26.0.0/8", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "GroupingExternalSG1", - InputConfig: "sg_testing1_new", - ESrc: "vsi1-ky", - EDst: "161.26.0.0/8", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "GroupingExternalSG1", + InputConfig: "sg_testing1_new", + }, + ESrc: "vsi1-ky", + EDst: "161.26.0.0/8", }, { - // the existing connection is exactly the one required by the query - Name: "QueryConnectionSGBasic1", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + // the existing connection is exactly the one required by the query + Name: "QueryConnectionSGBasic1", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", EProtocol: netp.ProtocolStringUDP, @@ -149,13 +164,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // the required connection is contained in the existing one per connection { - Name: "QueryConnectionSGBasic2", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGBasic2", + InputConfig: "sg_testing1_new", + }, ESrc: "10.240.10.4", EDst: "161.26.0.0/16", EProtocol: netp.ProtocolStringUDP, @@ -163,13 +179,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: 100, EDstMinPort: 443, EDstMaxPort: 443, - Format: vpcmodel.Text, DetailExplain: true, }, // the required connection is contained in the existing one per ip of src/dst { - Name: "QueryConnectionSGBasic3", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGBasic3", + InputConfig: "sg_testing1_new", + }, ESrc: "crn:v1:staging:public:is:us-south:a/6527::vpc:a456", // crn:v1:staging:public:is:us-south:a/6527::vpc:a456 is vsi1-ky EDst: "161.26.0.0/20", EProtocol: netp.ProtocolStringUDP, @@ -177,13 +194,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: 100, EDstMinPort: 443, EDstMaxPort: 443, - Format: vpcmodel.Text, DetailExplain: true, }, // the required connection exists for part of the dst ip { - Name: "QueryConnectionSGBasic4", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGBasic4", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/12", EProtocol: netp.ProtocolStringUDP, @@ -191,13 +209,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: 100, EDstMinPort: 443, EDstMaxPort: 443, - Format: vpcmodel.Text, DetailExplain: true, }, // a connection does not exist regardless of the query { - Name: "QueryConnectionSGBasic5", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGBasic5", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi1-ky", EDst: "vsi3a-ky", EProtocol: netp.ProtocolStringUDP, @@ -205,13 +224,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: 100, EDstMinPort: 443, EDstMaxPort: 443, - Format: vpcmodel.Text, DetailExplain: true, }, // a subset of the required ports exists { - Name: "QueryConnectionSGSubsetPorts", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGSubsetPorts", + InputConfig: "sg_testing1_new", + }, ESrc: "147.235.219.206/32", EDst: "vsi2-ky", EProtocol: netp.ProtocolStringTCP, @@ -219,22 +239,24 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: 10, EDstMaxPort: 30, - Format: vpcmodel.Text, DetailExplain: true, }, // all rules are relevant (for comparison) { - Name: "QueryConnectionSGRules1", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGRules1", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // only a subset of the rules are relevant, protocol wise { - Name: "QueryConnectionSGRules2", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGRules2", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", EProtocol: netp.ProtocolStringUDP, @@ -242,13 +264,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // only a subset of the rules are relevant, port wise and protocol wise { - Name: "QueryConnectionSGRules3", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGRules3", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", EProtocol: netp.ProtocolStringTCP, @@ -256,13 +279,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: 50, EDstMaxPort: 54, - Format: vpcmodel.Text, DetailExplain: true, }, // all rules are relevant, with specified port wise protocol { - Name: "QueryConnectionSGRules4", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "QueryConnectionSGRules4", + InputConfig: "sg_testing1_new", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", EProtocol: netp.ProtocolStringTCP, @@ -270,86 +294,96 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: 120, EDstMaxPort: 230, - Format: vpcmodel.Text, DetailExplain: true, }, // connection exists to external { - Name: "NACLExternal1", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLExternal1", + InputConfig: "acl_testing3", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", - Format: vpcmodel.Text, DetailExplain: true, }, // connection does not exist to external, blocked by egress { - Name: "NACLExternal2", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLExternal2", + InputConfig: "acl_testing3", + }, ESrc: "vsi1-ky", EDst: "100.128.0.0/32", - Format: vpcmodel.Text, DetailExplain: true, }, // connection does not exist to external, no fip router { - Name: "NACLExternal3", - InputConfig: "acl_testing3", - ESrc: "100.128.0.0/32", - EDst: "vsi1-ky", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLExternal3", + InputConfig: "acl_testing3", + }, + ESrc: "100.128.0.0/32", + EDst: "vsi1-ky", }, { - Name: "NACLInternal1", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLInternal1", + InputConfig: "acl_testing3", + }, ESrc: "vsi1-ky", EDst: "10.240.20.4", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "NACLInternal1", - InputConfig: "acl_testing3", - ESrc: "10.240.10.4", - EDst: "vsi2-ky", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLInternal1", + InputConfig: "acl_testing3", + }, + ESrc: "10.240.10.4", + EDst: "vsi2-ky", }, { - Name: "NACLInternal2", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLInternal2", + InputConfig: "acl_testing3", + }, ESrc: "vsi2-ky", EDst: "10.240.10.4", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "NACLInternal3", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLInternal3", + InputConfig: "acl_testing3", + }, ESrc: "vsi1-ky", EDst: "vsi3a-ky", - Format: vpcmodel.Text, DetailExplain: true, }, { // same subnet: no actual rules in nacl, but connection enabled - Name: "NACLInternal4", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLInternal4", + InputConfig: "acl_testing3", + }, ESrc: "vsi3b-ky", EDst: "vsi3a-ky", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "NACLGrouping", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLGrouping", + InputConfig: "acl_testing3", + }, ESrc: "10.240.10.4", EDst: "161.26.0.0/15", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "NACLQueryConnection1", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLQueryConnection1", + InputConfig: "acl_testing3", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", EProtocol: netp.ProtocolStringUDP, @@ -357,12 +391,13 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "NACLQueryConnection2", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLQueryConnection2", + InputConfig: "acl_testing3", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", EProtocol: netp.ProtocolStringTCP, @@ -370,41 +405,45 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // src: one of these network interfaces, dst: internal address of 4 network interfaces { - Name: "NACLInternalSrcTo4DstInternal", - InputConfig: "acl_testing3", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLInternalSrcTo4DstInternal", + InputConfig: "acl_testing3", + }, ESrc: "vsi3b-ky", EDst: "10.240.30.4/26", - Format: vpcmodel.Text, DetailExplain: true, }, // src: internal address of 5 network interfaces, dst: external address that spans rules // "many to many" { - Name: "SGInternal3SrcToExternalGroup", - InputConfig: "sg_testing1_new", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "SGInternal3SrcToExternalGroup", + InputConfig: "sg_testing1_new", + }, ESrc: "10.240.30.4/24", EDst: "161.26.0.0/8", - Format: vpcmodel.Text, DetailExplain: true, }, // all rules { - Name: "NACLQueryConnectionRules2", - InputConfig: "acl_testing3_3rd", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLQueryConnectionRules2", + InputConfig: "acl_testing3_3rd", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", - Format: vpcmodel.Text, DetailExplain: true, }, // without the udp rule { - Name: "NACLQueryConnectionRules3", - InputConfig: "acl_testing3_3rd", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLQueryConnectionRules3", + InputConfig: "acl_testing3_3rd", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", EProtocol: netp.ProtocolStringTCP, @@ -412,13 +451,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // without the "all" rule since udp rule has higher priority { - Name: "NACLQueryConnectionRules4", - InputConfig: "acl_testing3_3rd", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLQueryConnectionRules4", + InputConfig: "acl_testing3_3rd", + }, ESrc: "10.240.10.4/32", EDst: "161.26.0.0/16", EProtocol: netp.ProtocolStringUDP, @@ -426,12 +466,13 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "NACLOnlyDenyNoConnQuery", - InputConfig: "acl_testing3_3rd", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLOnlyDenyNoConnQuery", + InputConfig: "acl_testing3_3rd", + }, ESrc: "vsi1-ky", EDst: "vsi2-ky", EProtocol: netp.ProtocolStringICMP, @@ -439,13 +480,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // allow connection subset of the queried one { - Name: "NACLQueryAllowSubset", - InputConfig: "acl_testing3_4th", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "NACLQueryAllowSubset", + InputConfig: "acl_testing3_4th", + }, ESrc: "vsi1-ky", EDst: "161.26.0.0/16", EProtocol: netp.ProtocolStringUDP, @@ -453,58 +495,63 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // two SGs attached to one VSI { - Name: "VsiWithTwoSgs", - InputConfig: "sg_testing1_new_2SGs", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiWithTwoSgs", + InputConfig: "sg_testing1_new_2SGs", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // two SGs attached to one VSI, only one enabling { - Name: "VsiWithTwoSgsOneEnabling", - InputConfig: "sg_testing1_new_2SGs_one_enabling", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiWithTwoSgsOneEnabling", + InputConfig: "sg_testing1_new_2SGs_one_enabling", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // two SGs attached to one VSI, none enabling { - Name: "VsiWithTwoSgsNeitherEnabling", - InputConfig: "sg_testing1_new_2SGs_none_enabling", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "VsiWithTwoSgsNeitherEnabling", + InputConfig: "sg_testing1_new_2SGs_none_enabling", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // respond enabled only on part of the TCP connection { - Name: "PartialTCPRespond", - InputConfig: "sg_testing1_new_respond_partly", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "PartialTCPRespond", + InputConfig: "sg_testing1_new_respond_partly", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // original path as well as respond enabled only on part of the TCP connection { - Name: "PartialTCPAndRespond", - InputConfig: "sg_testing1_new_partly_TCP_and_respond", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "PartialTCPAndRespond", + InputConfig: "sg_testing1_new_partly_TCP_and_respond", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // respond w.r.t. specific ports query - { - Name: "TCPRespondPortsQuery", - InputConfig: "sg_testing1_new_respond_partly", + {VpcTestCommon: testfunc.VpcTestCommon{ + Name: "TCPRespondPortsQuery", + InputConfig: "sg_testing1_new_respond_partly", + }, ESrc: "vsi3a-ky", EDst: "vsi1-ky", EProtocol: netp.ProtocolStringTCP, @@ -512,148 +559,165 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: 180, EDstMinPort: 20, EDstMaxPort: 60, - Format: vpcmodel.Text, DetailExplain: true, }, // the following three tests are within a single VPC in a multiVPC context // 2 vsi connection { - Name: "multiVPCVsiToVsi", - InputConfig: "tgw_larger_example", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multiVPCVsiToVsi", + InputConfig: "tgw_larger_example", + }, ESrc: "vsi31-ky", EDst: "vsi32-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // vsi to external connection { - Name: "multiVPCVsiToExternal", - InputConfig: "tgw_larger_example", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multiVPCVsiToExternal", + InputConfig: "tgw_larger_example", + }, ESrc: "test-vpc0-ky/vsi1-ky", EDst: "172.217.22.46/32", - Format: vpcmodel.Text, DetailExplain: true, }, // vsi to external missing router { - Name: "multiVPCVsiToExternalMissingRouter", - InputConfig: "tgw_larger_example", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multiVPCVsiToExternalMissingRouter", + InputConfig: "tgw_larger_example", + }, ESrc: "vsi11-ky", EDst: "172.217.22.46/32", - Format: vpcmodel.Text, DetailExplain: true, }, // tests for routing between vpcs: // connection enabled by specific allow prefix { - Name: "tgwEnabledSpecificFilter", - InputConfig: "tg-prefix-filters", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwEnabledSpecificFilter", + InputConfig: "tg-prefix-filters", + }, ESrc: "ky-vsi1-subnet20", EDst: "ky-vsi0-subnet2", - Format: vpcmodel.Text, DetailExplain: true, }, // connection enabled by default tgw definition (2 examples from 2 different input files, one detailed format) { - Name: "tgwEnableDefaultFilter", - InputConfig: "tg-prefix-filters", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwEnableDefaultFilter", + InputConfig: "tg-prefix-filters", + }, ESrc: "ky-vsi0-subnet5", EDst: "ky-vsi0-subnet11", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "tgwAnotherEnableDefaultDifFile", - InputConfig: "tgw_larger_example", - ESrc: "vsi11-ky", - EDst: "vsi21a-ky", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwAnotherEnableDefaultDifFile", + InputConfig: "tgw_larger_example", + }, + ESrc: "vsi11-ky", + EDst: "vsi21a-ky", }, // connection disabled by specific deny prefix { - Name: "tgwDisabledDenyPrefix", - InputConfig: "tg-prefix-filters", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwDisabledDenyPrefix", + InputConfig: "tg-prefix-filters", + }, ESrc: "ky-vsi1-subnet20", // test-vpc2-ky EDst: "ky-vsi0-subnet0", // test-vpc0-ky - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "tgwDisabledDenyPrefix", - InputConfig: "tg-prefix-filters", - ESrc: "ky-vsi1-subnet20", // test-vpc2-ky - EDst: "ky-vsi0-subnet0", // test-vpc0-ky - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwDisabledDenyPrefix", + InputConfig: "tg-prefix-filters", + }, + ESrc: "ky-vsi1-subnet20", // test-vpc2-ky + EDst: "ky-vsi0-subnet0", // test-vpc0-ky }, { - Name: "tgwAnotherExampleEnabledConn", - InputConfig: "tg-prefix-filters", - ESrc: "ky-vsi0-subnet5", - EDst: "ky-vsi0-subnet11", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwAnotherExampleEnabledConn", + InputConfig: "tg-prefix-filters", + }, + ESrc: "ky-vsi0-subnet5", + EDst: "ky-vsi0-subnet11", }, { - Name: "tgwExampleCidr", - InputConfig: "tg-prefix-filters", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwExampleCidr", + InputConfig: "tg-prefix-filters", + }, ESrc: "ky-vsi1-subnet20", EDst: "10.240.0.0/21", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "tgwSubnetToSubnet", - InputConfig: "tgw_larger_example", - ESrc: "test-vpc1-ky/subnet11-ky", - EDst: "subnet32-ky", - Format: vpcmodel.Text, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwSubnetToSubnet", + InputConfig: "tgw_larger_example", + }, + ESrc: "test-vpc1-ky/subnet11-ky", + EDst: "subnet32-ky", }, // connection disabled by lack of cross-vpc router (tgw) { - Name: "multiVPCNoCrossVPCRouter", - InputConfig: "multiVpc_larger_example_dup_names", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multiVPCNoCrossVPCRouter", + InputConfig: "multiVpc_larger_example_dup_names", + }, ESrc: "vsi1-ky", // test-vpc0-ky EDst: "vsi31-ky", // test-vpc3-ky - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "multiVPCSameNamesCrossVPCNoTgw", - InputConfig: "multiVpc_larger_example_dup_names", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multiVPCSameNamesCrossVPCNoTgw", + InputConfig: "multiVpc_larger_example_dup_names", + }, ESrc: "test-vpc0-ky/vsi1-ky", EDst: "test-vpc1-ky/vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, { - Name: "multiVPCSameNamesCrossVPCByAddrNoTgw", - InputConfig: "multiVpc_larger_example_dup_names", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multiVPCSameNamesCrossVPCByAddrNoTgw", + InputConfig: "multiVpc_larger_example_dup_names", + }, ESrc: "10.240.3.5", // vsi3a of test-vpc0-ky EDst: "10.240.12.4", // vsi2 of test-vpc1-ky - Format: vpcmodel.Text, DetailExplain: true, }, // TCP respond disabled by the tgw { - Name: "tgwDisablesTCPRespond", - InputConfig: "tg-prefix-filters", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "tgwDisablesTCPRespond", + InputConfig: "tg-prefix-filters", + }, ESrc: "ky-vsi0-subnet0", EDst: "ky-vsi0-subnet10", - Format: vpcmodel.Text, DetailExplain: true, }, // iks-node to iks-node { - Name: "IksNodeToIksNode", - InputConfig: "iks_config_object", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "IksNodeToIksNode", + InputConfig: "iks_config_object", + }, ESrc: "192.168.8.4", EDst: "192.168.4.4", - Format: vpcmodel.Text, DetailExplain: true, }, // vpe to iks-node, not all rules relevant { - Name: "vpeToIksNodeSubsetRules", - InputConfig: "iks_config_object", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "vpeToIksNodeSubsetRules", + InputConfig: "iks_config_object", + }, ESrc: "192.168.40.5", EDst: "192.168.0.4", EProtocol: netp.ProtocolStringTCP, @@ -661,13 +725,14 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // iks-node no connection (specific protocol) { - Name: "vpeToIksNodeNoProtocolConn", - InputConfig: "iks_config_object", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "vpeToIksNodeNoProtocolConn", + InputConfig: "iks_config_object", + }, ESrc: "192.168.40.5", EDst: "192.168.0.4", EProtocol: netp.ProtocolStringICMP, @@ -675,64 +740,58 @@ var explainTests = []*commonvpc.VpcGeneralTest{ ESrcMaxPort: connection.MaxPort, EDstMinPort: connection.MinPort, EDstMaxPort: connection.MaxPort, - Format: vpcmodel.Text, DetailExplain: true, }, // load_balancer to iks-node, which is a pool member, should be allowed { - Name: "LBToIksNode", - InputConfig: "iks_config_object", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "LBToIksNode", + InputConfig: "iks_config_object", + }, ESrc: "kube-clusterid:1-8fdd1d0a2ce34deba99d0f885451b1ca", EDst: "192.168.4.4", - Format: vpcmodel.Text, DetailExplain: true, }, // load_balancer to resIP, should be blocked by LB rule { - Name: "LBToResIPNode", - InputConfig: "iks_config_object", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "LBToResIPNode", + InputConfig: "iks_config_object", + }, ESrc: "kube-clusterid:1-8fdd1d0a2ce34deba99d0f885451b1ca", EDst: "192.168.32.5", - Format: vpcmodel.Text, DetailExplain: true, }, // multiNI to single NI { - Name: "multiNIsToSingleNI", - InputConfig: "mult_NIs_single_VSI", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multiNIsToSingleNI", + InputConfig: "mult_NIs_single_VSI", + }, ESrc: "vsi3-ky", EDst: "vsi1-ky", - Format: vpcmodel.Text, DetailExplain: true, }, // todo: add a test in which two SGs are connected to a VSI but only one of them enables the connection } -func TestAll(t *testing.T) { +func TestExplainWithComparsion(t *testing.T) { // explainTests is the list of tests to run for testIdx := range explainTests { tt := explainTests[testIdx] - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - rc := &IBMresourcesContainer{} - commonvpc.RunExplainTest(tt, t, rc) - }) + tt.TestSingleExplain(t, testfunc.OutputComparison, &IBMresourcesContainer{}, tt.Name) } fmt.Println("done") } // uncomment the function below for generating the expected output files instead of comparing -/*func TestAllWithGeneration(t *testing.T) { +/* +func TestExplainWithGeneration(t *testing.T) { // tests is the list of tests to run for testIdx := range explainTests { tt := explainTests[testIdx] - tt.Mode = commonvpc.OutputGeneration - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - rc := &IBMresourcesContainer{} - commonvpc.RunExplainTest(tt, t, rc) - }) + tt.TestSingleExplain(t, testfunc.OutputGeneration, &IBMresourcesContainer{}, tt.Name) } fmt.Println("done") }*/ diff --git a/pkg/ibmvpc/lint_test.go b/pkg/ibmvpc/lint_test.go index a7c82e3ae..670f51f12 100644 --- a/pkg/ibmvpc/lint_test.go +++ b/pkg/ibmvpc/lint_test.go @@ -10,77 +10,95 @@ import ( "fmt" "testing" - "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" ) -var lintTests = []*commonvpc.VpcGeneralTest{ +var lintTests = []*testfunc.VpcLintTest{ { - Name: "basic_acl3", - InputConfig: "acl_testing3", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "basic_acl3", + InputConfig: "acl_testing3", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "acl3_shadowed_rules", - InputConfig: "acl_testing3_with_redundant_rules", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "acl3_shadowed_rules", + InputConfig: "acl_testing3_with_redundant_rules", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "acl3_shadowed_rules_other_lints_disabled", - InputConfig: "acl_testing3_with_redundant_rules", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "acl3_shadowed_rules_other_lints_disabled", + InputConfig: "acl_testing3_with_redundant_rules", + }, Disable: []string{"nacl-split-subnet", "subnet-cidr-overlap", "nacl-unattached", "sg-unattached", "sg-rule-cidr-out-of-range", "nacl-rule-cidr-out-of-range", "tcp-response-blocked", "sg-rule-implied"}, }, { - Name: "acl3_3rd", - InputConfig: "acl_testing3_3rd", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "acl3_3rd", + InputConfig: "acl_testing3_3rd", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "basic_sg1", - InputConfig: "sg_testing1_new", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "basic_sg1", + InputConfig: "sg_testing1_new", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "multivpc", - InputConfig: "tgw_larger_example", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multivpc", + InputConfig: "tgw_larger_example", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "multivpc_print_all", - InputConfig: "tgw_larger_example", + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multivpc_print_all", + InputConfig: "tgw_larger_example", + }, PrintAllLints: true, Enable: []string{"sg-split-subnet"}, }, { - Name: "multivpc_partly_overlap", - InputConfig: "tgw_larger_example_partly_overlap", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "multivpc_partly_overlap", + InputConfig: "tgw_larger_example_partly_overlap", + }, + Enable: []string{"sg-split-subnet"}, }, { - Name: "PartialTCPRespond", - InputConfig: "sg_testing1_new_respond_partly", - Enable: []string{"sg-split-subnet"}, + VpcTestCommon: testfunc.VpcTestCommon{ + Name: "PartialTCPRespond", + InputConfig: "sg_testing1_new_respond_partly", + }, + Enable: []string{"sg-split-subnet"}, }, } -func TestAllLint(t *testing.T) { +func TestLintWithComparsion(t *testing.T) { // lintTests is the list of tests to run for testIdx := range lintTests { tt := lintTests[testIdx] - tt.Mode = commonvpc.OutputComparison + tt.Mode = testfunc.OutputComparison t.Run(tt.Name, func(t *testing.T) { t.Parallel() rc := &IBMresourcesContainer{} - commonvpc.RunLintTest(tt, t, rc) + tt.TestSingleLint(t, rc) }) } fmt.Println("done") } // uncomment the function below for generating the expected output files instead of comparing -/* -func TestAllLintWithGeneration(t *testing.T) { + +/*func TestLintWithGeneration(t *testing.T) { // tests is the list of tests to run for testIdx := range lintTests { tt := lintTests[testIdx] @@ -88,9 +106,8 @@ func TestAllLintWithGeneration(t *testing.T) { t.Run(tt.Name, func(t *testing.T) { t.Parallel() rc := &IBMresourcesContainer{} - commonvpc.RunLintTest(tt, t, rc) + tt.TestSingleLint(t, rc) }) } fmt.Println("done") -} -*/ +}*/ diff --git a/pkg/ibmvpc/naclAnalysis_test.go b/pkg/ibmvpc/naclAnalysis_test.go index d306d4425..f934ebfb4 100644 --- a/pkg/ibmvpc/naclAnalysis_test.go +++ b/pkg/ibmvpc/naclAnalysis_test.go @@ -16,11 +16,12 @@ import ( "github.com/np-guard/models/pkg/connection" "github.com/np-guard/models/pkg/ipblock" "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" ) func TestGetRules(t *testing.T) { rc := IBMresourcesContainer{} - err := rc.ParseResourcesFromFile(filepath.Join(commonvpc.GetTestsDirInput(), "input_acl_testing3.json")) + err := rc.ParseResourcesFromFile(filepath.Join(testfunc.GetTestsDirInput(), "input_acl_testing3.json")) require.Nilf(t, err, "err: %s", err) vpcConfigs, err := rc.VPCConfigsFromResources("", nil, nil) require.Nilf(t, err, "err: %s", err) diff --git a/pkg/ibmvpc/parser_test.go b/pkg/ibmvpc/parser_test.go index aba83a25d..27c4a92e5 100644 --- a/pkg/ibmvpc/parser_test.go +++ b/pkg/ibmvpc/parser_test.go @@ -16,12 +16,13 @@ import ( "github.com/np-guard/models/pkg/ipblock" "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" ) func TestVPCResourceModelRegion(t *testing.T) { rc := IBMresourcesContainer{} - err := rc.ParseResourcesFromFile(filepath.Join(commonvpc.GetTestsDirInput(), "input_multi_regions.json")) + err := rc.ParseResourcesFromFile(filepath.Join(testfunc.GetTestsDirInput(), "input_multi_regions.json")) require.Nilf(t, err, "err: %s", err) vpcConfigs := vpcmodel.NewMultipleVPCConfigs(common.IBM) diff --git a/pkg/ibmvpc/synthesis_output_test.go b/pkg/ibmvpc/synthesis_output_test.go index e3e568998..ae0016591 100644 --- a/pkg/ibmvpc/synthesis_output_test.go +++ b/pkg/ibmvpc/synthesis_output_test.go @@ -10,94 +10,78 @@ import ( "fmt" "testing" - "github.com/stretchr/testify/require" - - "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc" + "github.com/np-guard/vpc-network-config-analyzer/pkg/commonvpc/testfunc" "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel" ) const synthesisOut = "synthesis_out" -var synthesisTests = []*commonvpc.VpcGeneralTest{ +var synthesisTests = []*testfunc.VpcAnalysisTest{ { - InputConfig: "acl_testing3", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing3", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + }, }, { - InputConfig: "acl_testing4", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing4", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + }, }, { - InputConfig: "acl_testing5", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + }, }, // multi-vpc { - InputConfig: "multiple_vpcs", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "multiple_vpcs", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + }, }, { - InputConfig: "experiments_env", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "experiments_env", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllEndpoints}, + }, }, // grouping { - InputConfig: "acl_testing5", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Grouping: true, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "acl_testing5", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + }, + Grouping: true, }, { - InputConfig: "subnet_grouping", - UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, - Grouping: true, + VpcTestCommon: testfunc.VpcTestCommon{ + InputConfig: "subnet_grouping", + UseCases: []vpcmodel.OutputUseCase{vpcmodel.AllSubnets}, + }, + Grouping: true, }, } // uncomment the function below to run for updating the expected output -/* -func TestAllWithGeneration(t *testing.T) { - // tests is the list of tests to run + +/*func TestSynthesisWithGeneration(t *testing.T) { for testIdx := range synthesisTests { tt := synthesisTests[testIdx] - tt.Mode = commonvpc.OutputGeneration - tt.Name = tt.InputConfig tt.Format = vpcmodel.Synthesis - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - runTestSynthesis(tt, t) - }) + tt.TestAnalysisSingleTest(t, commonvpc.OutputGeneration, &IBMresourcesContainer{}, synthesisOut, tt.InputConfig) } fmt.Println("done") -} -*/ +}*/ -func TestAllSynthesis(t *testing.T) { +func TestSynthesisWithComparison(t *testing.T) { // tests is the list of tests to run for testIdx := range synthesisTests { tt := synthesisTests[testIdx] - tt.Mode = commonvpc.OutputComparison - tt.Name = tt.InputConfig tt.Format = vpcmodel.Synthesis - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - runTestSynthesis(tt, t) - }) + tt.TestAnalysisSingleTest(t, testfunc.OutputComparison, &IBMresourcesContainer{}, synthesisOut, tt.InputConfig) } fmt.Println("done") } - -func runTestSynthesis(tt *commonvpc.VpcGeneralTest, t *testing.T) { - // init test - set the input/output file names according to test name - tt.InitTest() - - // get vpcConfigs obj from parsing + analyzing input config file - vpcConfigs := commonvpc.GetVPCConfigs(t, tt, true, &IBMresourcesContainer{}) - // generate actual output for all use cases specified for this test - for _, uc := range tt.UseCases { - err := commonvpc.RunTestPerUseCase(t, tt, vpcConfigs, uc, tt.Mode, synthesisOut, nil) - require.Equal(t, tt.ErrPerUseCase[uc], err, "comparing actual err to expected err") - } - for uc, outFile := range tt.ActualOutput { - fmt.Printf("test %s use-case %d - generated output file: %s\n", tt.Name, uc, outFile) - } -} diff --git a/pkg/vpcmodel/explainabilityConnectivity.go b/pkg/vpcmodel/explainabilityConnectivity.go index 4ddeda101..1ef353690 100644 --- a/pkg/vpcmodel/explainabilityConnectivity.go +++ b/pkg/vpcmodel/explainabilityConnectivity.go @@ -69,7 +69,7 @@ type rulesAndConnDetails []*srcDstDetails func NewExplanationArgs(src, dst, protocol string, srcMinPort, srcMaxPort, dstMinPort, dstMaxPort int64, detail bool) *ExplanationArgs { return &ExplanationArgs{src: src, dst: dst, protocol: protocol, - srcMinPort: srcMinPort, srcMaxPort: srcMaxPort, dstMinPort: dstMinPort, dstMaxPort: dstMaxPort, detail: detail} + srcMinPort: srcMinPort, srcMaxPort: srcMaxPort, dstMinPort: dstMinPort, dstMaxPort: dstMaxPort, Detail: detail} } type Explanation struct { diff --git a/pkg/vpcmodel/explainabilityInput.go b/pkg/vpcmodel/explainabilityInput.go index c2e7f8dd0..7d40009af 100644 --- a/pkg/vpcmodel/explainabilityInput.go +++ b/pkg/vpcmodel/explainabilityInput.go @@ -25,7 +25,7 @@ type ExplanationArgs struct { srcMaxPort int64 dstMinPort int64 dstMaxPort int64 - detail bool + Detail bool } func (e *ExplanationArgs) Src() string { diff --git a/pkg/vpcmodel/output.go b/pkg/vpcmodel/output.go index 065d5ad5e..a935d2fe7 100644 --- a/pkg/vpcmodel/output.go +++ b/pkg/vpcmodel/output.go @@ -122,7 +122,7 @@ func NewOutputGenerator(cConfigs *MultipleVPCConfigs, grouping bool, uc OutputUs return nil, err } res.explanation = explanation - res.detailExplain = explanationArgs.detail + res.detailExplain = explanationArgs.Detail } } // only Graphic formats has a multi vpc common presentation