-
Notifications
You must be signed in to change notification settings - Fork 2
/
topology.go
426 lines (368 loc) · 11.5 KB
/
topology.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
package machinery
import (
"errors"
"fmt"
"strings"
"github.com/emicklei/dot"
"github.com/samber/lo"
"k8s.io/apimachinery/pkg/runtime/schema"
k8stypes "k8s.io/apimachinery/pkg/types"
)
type TopologyOptions struct {
Targetables []Targetable
Policies []Policy
Objects []Object
Links []LinkFunc
AllowLoops bool
}
type LinkFunc struct {
From schema.GroupKind
To schema.GroupKind
Func func(child Object) (parents []Object)
}
type TopologyOptionsFunc func(*TopologyOptions)
// WithTargetables adds targetables to the options to initialize a new topology.
func WithTargetables[T Targetable](targetables ...T) TopologyOptionsFunc {
return func(o *TopologyOptions) {
o.Targetables = append(o.Targetables, lo.Map(targetables, func(targetable T, _ int) Targetable {
return targetable
})...)
}
}
// WithPolicies adds policies to the options to initialize a new topology.
func WithPolicies[T Policy](policies ...T) TopologyOptionsFunc {
return func(o *TopologyOptions) {
o.Policies = append(o.Policies, lo.Map(policies, func(policy T, _ int) Policy {
return policy
})...)
}
}
// WithObjects adds generic objects to the options to initialize a new topology.
// Do not use this function to add targetables or policies.
// Use WithLinks to define the relationships between objects of any kind.
func WithObjects[T Object](objects ...T) TopologyOptionsFunc {
return func(o *TopologyOptions) {
o.Objects = append(o.Objects, lo.Map(objects, func(object T, _ int) Object {
return object
})...)
}
}
// WithLinks adds link functions to the options to initialize a new topology.
func WithLinks(links ...LinkFunc) TopologyOptionsFunc {
return func(o *TopologyOptions) {
o.Links = append(o.Links, links...)
}
}
// AllowLoops allows the creation of a topology that may contain loops
func AllowLoops() TopologyOptionsFunc {
return func(o *TopologyOptions) {
o.AllowLoops = true
}
}
// NewTopology returns a network of targetable resources, attached policies, and other kinds of objects.
// The topology is represented as a directed acyclic graph (DAG) with the structure given by link functions.
// The links between policies to targteables are inferred from the policies' target references.
// The targetables, policies, objects and link functions are provided as options.
func NewTopology(options ...TopologyOptionsFunc) (*Topology, error) {
o := &TopologyOptions{}
for _, f := range options {
f(o)
}
policies := o.Policies
policiesByTargetRef := make(map[string][]Policy)
for i := range policies {
policy := policies[i]
for _, targetRef := range policy.GetTargetRefs() {
if policiesByTargetRef[targetRef.GetLocator()] == nil {
policiesByTargetRef[targetRef.GetLocator()] = make([]Policy, 0)
}
policiesByTargetRef[targetRef.GetLocator()] = append(policiesByTargetRef[targetRef.GetLocator()], policy)
}
}
targetables := lo.Map(o.Targetables, func(t Targetable, _ int) Targetable {
t.SetPolicies(policiesByTargetRef[t.GetLocator()])
return t
})
graph := dot.NewGraph(dot.Directed)
addObjectsToGraph(graph, o.Objects)
addTargetablesToGraph(graph, targetables)
linkables := append(o.Objects, lo.Map(targetables, AsObject[Targetable])...)
linkables = append(linkables, lo.Map(policies, AsObject[Policy])...)
for _, link := range o.Links {
children := lo.Filter(linkables, func(l Object, _ int) bool {
return l.GroupVersionKind().GroupKind() == link.To
})
for _, child := range children {
for _, parent := range link.Func(child) {
if parent != nil {
addEdgeToGraph(graph, fmt.Sprintf("%s -> %s", link.From.Kind, link.To.Kind), parent, child)
}
}
}
}
addPoliciesToGraph(graph, policies)
var err error
if !o.AllowLoops && !isDAG(graph) {
err = errors.New("loop detected in the graph, check linking functions")
}
return &Topology{
graph: graph,
objects: lo.SliceToMap(o.Objects, associateLocator[Object]),
targetables: lo.SliceToMap(targetables, associateLocator[Targetable]),
policies: lo.SliceToMap(policies, associateLocator[Policy]),
}, err
}
// Topology models a network of related targetables and respective policies attached to them.
type Topology struct {
graph *dot.Graph
targetables map[string]Targetable
policies map[string]Policy
objects map[string]Object
}
// Targetables returns all targetable nodes in the topology.
// The list can be filtered by providing one or more filter functions.
func (t *Topology) Targetables() *collection[Targetable] {
return &collection[Targetable]{
topology: t,
items: t.targetables,
}
}
// Policies returns all policies in the topology.
// The list can be filtered by providing one or more filter functions.
func (t *Topology) Policies() *collection[Policy] {
return &collection[Policy]{
topology: t,
items: t.policies,
}
}
// Objects returns all non-targetable, non-policy object nodes in the topology.
// The list can be filtered by providing one or more filter functions.
func (t *Topology) Objects() *collection[Object] {
return &collection[Object]{
topology: t,
items: t.objects,
}
}
func (t *Topology) ToDot() string {
return t.graph.String()
}
func addObjectsToGraph[T Object](graph *dot.Graph, objects []T) []dot.Node {
return lo.Map(objects, func(object T, _ int) dot.Node {
name := strings.TrimPrefix(namespacedName(object.GetNamespace(), object.GetName()), string(k8stypes.Separator))
n := graph.Node(string(object.GetLocator()))
n.Label(fmt.Sprintf("%s\n%s", object.GroupVersionKind().Kind, name))
n.Attr("shape", "ellipse")
return n
})
}
func addTargetablesToGraph[T Targetable](graph *dot.Graph, targetables []T) {
for _, node := range addObjectsToGraph(graph, targetables) {
node.Attrs(
"shape", "box",
"style", "filled",
"fillcolor", "#e5e5e5",
)
}
}
func addPoliciesToGraph[T Policy](graph *dot.Graph, policies []T) {
for i, policyNode := range addObjectsToGraph(graph, policies) {
policyNode.Attrs(
"shape", "note",
"style", "dashed",
)
// Policy -> Target edges
for _, targetRef := range policies[i].GetTargetRefs() {
targetNode, found := graph.FindNodeById(string(targetRef.GetLocator()))
if !found {
continue
}
edge := graph.Edge(policyNode, targetNode)
edge.Attr("comment", "Policy -> Target")
edge.Dashed()
}
}
}
func addEdgeToGraph(graph *dot.Graph, name string, parent, child Object) {
p, foundParent := graph.FindNodeById(string(parent.GetLocator()))
c, foundChild := graph.FindNodeById(string(child.GetLocator()))
if foundParent && foundChild {
edge := graph.Edge(p, c)
edge.Attr("comment", name)
}
}
// isDAG returns true if no loops are detected in a given graph
func isDAG(g *dot.Graph) bool {
// Based on Kahn's algorithm
// https://en.wikipedia.org/wiki/Topological_sorting#Kahn's_algorithm
type node struct {
id string
parents map[string]interface{}
children []*node
}
type graph struct {
nodes []*node
}
// build simplified graph
nodes := g.FindNodes()
build := func(g *dot.Graph) *graph {
graph_ := &graph{
nodes: make([]*node, len(nodes)),
}
nodeIndex := make(map[string]*node)
for _, n := range nodes {
nodeIndex[n.ID()] = &node{
id: n.ID(),
parents: make(map[string]interface{}),
children: make([]*node, 0),
}
}
for index, n := range nodes {
simpleNode := nodeIndex[n.ID()]
if simpleNode == nil {
panic("it should never happen")
}
for from, edges := range g.EdgesMap() {
if lo.ContainsBy(edges, func(edge dot.Edge) bool {
return edge.To().ID() == simpleNode.id
}) {
simpleNode.parents[from] = nil
}
}
edges := g.EdgesMap()[simpleNode.id]
for _, edge := range edges {
simpleNode.children = append(simpleNode.children, nodeIndex[edge.To().ID()])
}
graph_.nodes[index] = simpleNode
}
return graph_
}
graph_ := build(g)
// Run kahn's algorithm
s := lo.Filter(graph_.nodes, func(node *node, _ int) bool {
return len(node.parents) == 0
})
for len(s) != 0 {
var n *node
n, s = s[0], s[1:]
for len(n.children) != 0 {
var m *node
m, n.children = n.children[0], n.children[1:]
delete(m.parents, n.id)
if len(m.parents) == 0 {
s = append(s, m)
}
}
}
for _, n := range graph_.nodes {
if len(n.children) > 0 {
return false
}
}
return true
}
func associateLocator[T Object](obj T) (string, T) {
return obj.GetLocator(), obj
}
type collection[T Object] struct {
topology *Topology
items map[string]T
}
type FilterFunc func(Object) bool
// Targetables returns all targetable nodes in the collection.
// The list can be filtered by providing one or more filter functions.
func (c *collection[T]) Targetables() *collection[Targetable] {
return &collection[Targetable]{
topology: c.topology,
items: c.topology.targetables,
}
}
// Policies returns all policies in the collection.
// The list can be filtered by providing one or more filter functions.
func (c *collection[T]) Policies() *collection[Policy] {
return &collection[Policy]{
topology: c.topology,
items: c.topology.policies,
}
}
// Objects returns all non-targetable, non-policy object nodes in the collection.
// The list can be filtered by providing one or more filter functions.
func (c *collection[T]) Objects() *collection[Object] {
return &collection[Object]{
topology: c.topology,
items: c.topology.objects,
}
}
// List returns all items nodes in the collection.
// The list can be filtered by providing one or more filter functions.
func (c *collection[T]) Items(filters ...FilterFunc) []T {
return lo.Filter(lo.Values(c.items), func(item T, _ int) bool {
for _, f := range filters {
if !f(item) {
return false
}
}
return true
})
}
// Roots returns all items that have no parents in the collection.
func (c *collection[T]) Roots() []T {
return lo.Filter(lo.Values(c.items), func(item T, _ int) bool {
return len(c.Parents(item)) == 0
})
}
// Parents returns all parents of a given item in the collection.
func (c *collection[T]) Parents(item Object) []T {
var parents []T
for from, edges := range c.topology.graph.EdgesMap() {
if !lo.ContainsBy(edges, func(edge dot.Edge) bool {
return edge.To().ID() == item.GetLocator()
}) {
continue
}
parent, found := c.items[from]
if !found {
continue
}
parents = append(parents, parent)
}
return parents
}
// Children returns all children of a given item in the collection.
func (c *collection[T]) Children(item Object) []T {
return lo.FilterMap(c.topology.graph.EdgesMap()[item.GetLocator()], func(edge dot.Edge, _ int) (T, bool) {
child, found := c.items[edge.To().ID()]
return child, found
})
}
// Paths returns all paths from a source item to a destination item in the collection.
// The order of the elements in the inner slices represents a path from the source to the destination.
func (c *collection[T]) Paths(from, to Object) [][]T {
if from == nil || to == nil {
return nil
}
var paths [][]T
var path []T
visited := make(map[string]bool)
c.dfs(from, to, path, &paths, visited)
return paths
}
// dfs performs a depth-first search to find all paths from a source item to a destination item in the collection.
func (c *collection[T]) dfs(current, to Object, path []T, paths *[][]T, visited map[string]bool) {
currentLocator := current.GetLocator()
if visited[currentLocator] {
return
}
path = append(path, c.items[currentLocator])
visited[currentLocator] = true
if currentLocator == to.GetLocator() {
pathCopy := make([]T, len(path))
copy(pathCopy, path)
*paths = append(*paths, pathCopy)
} else {
for _, child := range c.Children(current) {
c.dfs(child, to, path, paths, visited)
}
}
path = path[:len(path)-1]
visited[currentLocator] = false
}