chore(ME-3976): add allowed networks messages and stats

[btoonk]

Summary by CodeRabbit

• New Features

  • Added a new message type for socket statistics, including fields for bytes and packets.
  • Introduced new message types for allowed networks and their configurations.
  • Enhanced control stream response with a field for specifying allowed networks.

• Refactor

  • Updated message structure in protocol buffer definitions to support detailed socket and network statistics.

[coderabbitai]

Warning

There were issues while running some tools. Please review the errors and either fix the tool’s configuration or disable the tool if it’s a critical failure.

🔧 buf (1.47.2)

common/messages.proto

Config file YAML parsing error: yaml: unmarshal errors:
line 1: cannot unmarshal !!str lint:{u... into bufconfig.externalFileVersion. Please check your buf configuration file for YAML syntax errors.

connector/connector.proto

Config file YAML parsing error: yaml: unmarshal errors:
line 1: cannot unmarshal !!str lint:{u... into bufconfig.externalFileVersion. Please check your buf configuration file for YAML syntax errors.

Walkthrough

The pull request introduces modifications to the protocol buffer definitions in common/messages.proto and connector/connector.proto. New message types SocketsStatsMessage and SocketStatsMessage are added to accommodate socket statistics, including fields for bytes and packets. In connector.proto, the ControlStreamResponse is updated to include a new field allowed_networks, along with the addition of message types AllowedNetworks, AllowedNetworksSocketConfig, and AllowedNetworksSubnets, enhancing the response's capability to convey network-related information.

Changes

File	Change Summary
common/messages.proto	- Added SocketsStatsMessage with fields: timestamp, bytes_in, bytes_out, packets_in, packets_out, socket_id - Added SocketStatsMessage with repeated field socket_stats - Updated StatsMessage to include SocketsStatsMessage as sockets_stats
connector/connector.proto	- Added new message types: AllowedNetworks, AllowedNetworksSocketConfig, AllowedNetworksSubnets - Updated ControlStreamResponse to include allowed_networks field of type AllowedNetworks - Updated ControlStreamRequest to reflect changes in ControlStreamResponse

Sequence Diagram

sequenceDiagram
    participant Client
    participant Server
    Client->>Server: ControlStreamRequest with AllowedNetworks
    Server-->>Client: ControlStreamResponse with allowed_networks
    Note over Server: Process and respond with allowed network configurations

Loading

Poem

🐰 Protobuf Bunny's Network Dance 🌐
Socket stats and fields galore,
Allowed networks open the door,
Messages leap with a joyful cheer,
In the code, new paths appear,
A rabbit's code, both swift and neat! 🚀

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

connector/connector.proto (1)

294-304: LGTM! Well-structured message hierarchy

The AllowedNetworks message hierarchy is logically organized using appropriate data structures. Consider adding comments to document the purpose of each message type and field.

Add documentation comments like this:

+// AllowedNetworks represents the network access configuration for devices
 message AllowedNetworks {
   map<string, AllowedNetworksSocketConfig> devices = 1;
 }

+// AllowedNetworksSocketConfig represents the socket-specific network configuration for a device
 message AllowedNetworksSocketConfig {
   map<string, AllowedNetworksSubnets> sockets = 1;
 }

+// AllowedNetworksSubnets represents the list of subnets allowed for a specific socket
 message AllowedNetworksSubnets {
   repeated string subnets = 1;
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ad15de3 and 12f04e8.

⛔ Files ignored due to path filters (12)

• common/messages.pb.go is excluded by !**/*.pb.go
• connector/connector.pb.go is excluded by !**/*.pb.go
• gen/kotlin/border0/common/v1/NetworkDeviceStatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/WireGuardPeerKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSocketConfigKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSubnetsKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/ControlStreamRequestKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/ControlStreamResponseKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/StatsKt.kt is excluded by !**/gen/**
• gen/swift/connector.pb.swift is excluded by !**/gen/**
• gen/swift/messages.pb.swift is excluded by !**/gen/**

📒 Files selected for processing (2)

• common/messages.proto (1 hunks)
• connector/connector.proto (3 hunks)

🔇 Additional comments (4)

common/messages.proto (1)

33-33: LGTM! Well-structured field addition

The optional socket_id field is properly integrated into NetworkDeviceStatsMessage, maintaining backward compatibility and following protobuf best practices.

connector/connector.proto (3)

35-35: LGTM! Clean type replacement

The stats field type change maintains backward compatibility while introducing the new Stats message structure.

---

56-56: LGTM! Well-placed addition

The allowed_networks field is properly integrated into ControlStreamResponse, following the PR objectives.

---

306-308: LGTM! Well-designed stats aggregation

The Stats message appropriately uses a repeated field to collect multiple network device statistics, integrating well with the socket_id addition in NetworkDeviceStatsMessage.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

connector/connector.proto (2)

295-305: Add documentation for the network configuration hierarchy.

The new message types create a well-structured hierarchy for network configurations, but documentation would help clarify:

1. The purpose and relationship between devices, sockets, and subnets
2. Expected format and validation rules for subnet strings
3. Examples of typical configurations

Consider adding comments like:

+ // AllowedNetworks represents the network access configuration for multiple devices
 message AllowedNetworks {
+  // Map of device IDs to their socket configurations
   map<string, AllowedNetworksSocketConfig> devices = 1;
 }

+ // AllowedNetworksSocketConfig represents the socket-level network configuration for a device
 message AllowedNetworksSocketConfig {
+  // Map of socket IDs to their allowed subnets
   map<string, AllowedNetworksSubnets> sockets = 1;
 }

+ // AllowedNetworksSubnets represents the allowed subnets for a socket
 message AllowedNetworksSubnets {
+  // List of allowed subnets in CIDR notation (e.g., "192.168.1.0/24")
   repeated string subnets = 1;
 }

---

307-309: Consider a more generic field name for future extensibility.

The field name network_device_stats is very specific. If this message might need to support other types of stats in the future, consider using a more generic name like stats or device_stats.

 message Stats {
-  repeated border0.common.v1.StatsMessage network_device_stats = 1;
+  repeated border0.common.v1.StatsMessage stats = 1;
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 12f04e8 and 0c4bc6c.

⛔ Files ignored due to path filters (11)

• common/messages.pb.go is excluded by !**/*.pb.go
• connector/connector.pb.go is excluded by !**/*.pb.go
• gen/kotlin/border0/common/v1/NetworkDeviceStatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/WireGuardPeerKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSocketConfigKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSubnetsKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/ControlStreamRequestKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/StatsKt.kt is excluded by !**/gen/**
• gen/swift/connector.pb.swift is excluded by !**/gen/**
• gen/swift/messages.pb.swift is excluded by !**/gen/**

📒 Files selected for processing (2)

• common/messages.proto (1 hunks)
• connector/connector.proto (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• common/messages.proto

🔇 Additional comments (2)

connector/connector.proto (2)

57-57: LGTM! Field addition follows proper sequencing.

The allowed_networks field is well-placed within the ControlStreamResponse message.

---

36-36: Verify the coexistence of both stats fields.

The addition of combined_stats alongside the existing stats field suggests a transition period. Consider:

1. Adding documentation to clarify the relationship between these fields
2. Whether both fields should be used simultaneously

✅ Verification successful

The coexistence of both stats fields is intentional and well-designed

The combined_stats field (type Stats) is designed to handle multiple stats messages, while the original stats field handles single messages. This is a valid pattern where:

• stats (field 17): Single StatsMessage for individual stats
• combined_stats (field 18): Collection of multiple stats messages via the new Stats wrapper

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for usage patterns of both stats fields
rg -A 5 "stats.*combined_stats|combined_stats.*stats" 

Length of output: 55

---

Script:

#!/bin/bash
# Search for Stats message definition and its usage
ast-grep --pattern 'message Stats {
  $$$
}'

# Search for any comments or documentation about stats fields
rg -B 2 -A 2 '(stats|combined_stats).*=.*(\d+);'

# Search for imports or references to stats messages
rg -l "Stats|StatsMessage"

Length of output: 8840

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

common/messages.proto (2)

34-34: Document the purpose of socket_id field.

Please add a comment explaining:

• The purpose of the socket_id field
• Its relationship with other fields in the message
• When it's expected to be set/unset

    uint64 packets_in = 4;
    uint64 packets_out = 5;
-    optional string socket_id = 6;
+    // Unique identifier for the socket connection associated with these stats.
+    // Set when stats are for a specific socket, unset for aggregate device stats.
+    optional string socket_id = 6;

---

37-38: Enhance CombinedNetworkDeviceStatsMessage with metadata.

Consider adding metadata fields to make the combined stats more useful:

• Timestamp for when the stats were aggregated
• Source/purpose identifier
• Documentation explaining when to use combined vs individual stats

 message CombinedNetworkDeviceStatsMessage {
+    // Timestamp when these stats were aggregated
+    google.protobuf.Timestamp timestamp = 1;
+    // Identifier for the source/purpose of these combined stats
+    string source = 2;
+    // Collection of network device stats
     repeated NetworkDeviceStatsMessage stats = 1;
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0c4bc6c and b25b018.

⛔ Files ignored due to path filters (9)

• common/messages.pb.go is excluded by !**/*.pb.go
• gen/kotlin/border0/common/v1/NetworkDeviceStatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/StatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/WireGuardPeerKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSocketConfigKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSubnetsKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/StatsKt.kt is excluded by !**/gen/**
• gen/swift/messages.pb.swift is excluded by !**/gen/**

📒 Files selected for processing (2)

• common/messages.proto (2 hunks)
• connector/connector.proto (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• connector/connector.proto

🔇 Additional comments (1)

common/messages.proto (1)

24-24: Consider using specific message types instead of combining stats.

Based on previous discussions (see PR #41), the StatsMessage was designed to have different message types per type. Consider using specific message types (e.g., SocketTrafficStatsMessage) instead of combining stats into a single message.

Run this script to verify if there are any other specific stats message types that could be reused:

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

connector/connector.proto (1)

294-305: Add field documentation for the new message types.

While the structure is clear, the new message types lack documentation explaining their purpose and the expected content of their fields.

Consider adding documentation:

 message AllowedNetworks {
+  // Map of device IDs to their socket configurations
   map<string, AllowedNetworksSocketConfig> devices = 1;
 }

 message AllowedNetworksSocketConfig {
+  // Map of socket IDs to their allowed subnets
   map<string, AllowedNetworksSubnets> sockets = 1;
 }

 message AllowedNetworksSubnets {
+  // List of CIDR notation subnets allowed for this socket
   repeated string subnets = 1;
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b25b018 and 4ce17eb.

⛔ Files ignored due to path filters (8)

• common/messages.pb.go is excluded by !**/*.pb.go
• gen/kotlin/border0/common/v1/StatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/WireGuardPeerKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSocketConfigKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSubnetsKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/StatsKt.kt is excluded by !**/gen/**
• gen/swift/messages.pb.swift is excluded by !**/gen/**

📒 Files selected for processing (2)

• common/messages.proto (2 hunks)
• connector/connector.proto (2 hunks)

🔇 Additional comments (3)

common/messages.proto (2)

24-24: LGTM! Field addition follows existing pattern.

The new field sockets_stats in the StatsMessage oneof follows the established pattern and naming convention.

---

36-43: LGTM! Stats structure is consistent.

The SocketsStatsMessage follows the same structure as NetworkDeviceStatsMessage, maintaining consistency in the codebase.

connector/connector.proto (1)

56-56: LGTM! Field addition matches request structure.

The new field allowed_networks in ControlStreamResponse aligns with field number 17 in ControlStreamRequest, maintaining symmetry.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

common/messages.proto (1)

24-24: Consider performance implications of socket stats collection.

The new socket stats structure allows tracking individual socket metrics. For systems with a large number of sockets:

1. Consider implementing sampling or aggregation strategies.
2. Document recommended collection frequency.
3. Consider adding fields for configuration (e.g., sampling rate, aggregation period).

Also applies to: 36-43, 46-48

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4ce17eb and 30a9dff.

⛔ Files ignored due to path filters (11)

• common/messages.pb.go is excluded by !**/*.pb.go
• gen/kotlin/border0/common/v1/CombinedNetworkDeviceStatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/SocketStatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/SocketsStatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/StatsMessageKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/common/v1/WireGuardPeerKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSocketConfigKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/AllowedNetworksSubnetsKt.kt is excluded by !**/gen/**
• gen/kotlin/border0/v1/StatsKt.kt is excluded by !**/gen/**
• gen/swift/messages.pb.swift is excluded by !**/gen/**

📒 Files selected for processing (2)

• common/messages.proto (2 hunks)
• connector/connector.proto (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• connector/connector.proto

🔇 Additional comments (3)

common/messages.proto (3)

24-24: LGTM! Field addition follows the discussed pattern.

The addition of sockets_stats field aligns with the existing pattern of having different message types per stats type, as discussed in PR #41.

---

46-48: LGTM! Clear container message structure.

The message structure follows protobuf best practices with a clear plural name for a collection of stats.

---

36-43: Consider adding validation for socket_id format.

The socket_id field is defined as a string without any format constraints. Consider documenting the expected format in comments and adding validation in the implementation.

Run this script to check if there's any existing socket_id validation or format documentation: