merge

README.md

@@ -14,7 +14,7 @@ Use the `vpcgen` CLI tool with one of the following commands:
 
 ## Synthesis
 #### nACLs Generation 
-a required connection between NIFs/VSIs/VPEs implies connectivity will be allowed between the subnets they are contained in.
+A required connection between NIFs/VSIs/VPEs implies connectivity will be allowed between the subnets they are contained in.
 
 #### SGs Generation
 A Security Group, generated for a specific VSI (or for one of its NIFs), will be applied to all the NIFs of the VSI. The same goes for Reserved IPs of a VPE.
@@ -26,7 +26,6 @@ The input supports subnets, subnet segments, CIDR segments, NIFs, NIF segments,
 #### Options
 ```commandline
 Flags:
-  -h, --help                help for synth
   -s, --spec string         JSON file containing spec file
 ```
 
@@ -85,6 +84,8 @@ make build
 bin/vpcgen synth acl -c test/data/acl_testing5/config_object.json -s test/data/acl_testing5/conn_spec.json
 
 bin/vpcgen synth sg -c test/data/sg_testing3/config_object.json -s test/data/sg_testing3/conn_spec.json
+
+bin/vpcgen optimize sg -c test/data/optimize_sg_redundant/config_object.json
 ```
 
 **Note**: Windows environment users should replace all `/` with `\`.

pkg/io/common.go

@@ -32,7 +32,7 @@ func direction(d ir.Direction) string {
 func printProtocolName(protocol netp.Protocol) string {
 	switch p := protocol.(type) {
 	case netp.ICMP:
-		return "ICMP"
+		return string(netp.ProtocolStringICMP)
 	case netp.TCPUDP:
 		return strings.ToUpper(string(p.ProtocolString()))
 	case netp.AnyProtocol:

pkg/io/commonACL.go

@@ -8,6 +8,7 @@ package io
 import (
 	"errors"
 	"fmt"
+	"slices"
 	"strconv"
 	"strings"
 
@@ -28,13 +29,13 @@ func WriteACL(collection *ir.ACLCollection, vpc string) ([][]string, error) {
 			if err != nil {
 				return nil, err
 			}
-			res = append(res, aclTable...)
+			res = slices.Concat(res, aclTable)
 		}
 	}
 	return res, nil
 }
 
-func ACLHeader() [][]string {
+func makeACLHeader() [][]string {
 	return [][]string{{
 		"Acl",
 		"Subnet",

pkg/io/commonSG.go

@@ -8,6 +8,7 @@ package io
 import (
 	"errors"
 	"fmt"
+	"slices"
 
 	"github.com/np-guard/models/pkg/netp"
 	"github.com/np-guard/models/pkg/netset"
@@ -26,13 +27,13 @@ func WriteSG(collection *ir.SGCollection, vpc string) ([][]string, error) {
 			if err != nil {
 				return nil, err
 			}
-			res = append(res, sgTable...)
+			res = slices.Concat(res, sgTable)
 		}
 	}
 	return res, nil
 }
 
-func SGHeader() [][]string {
+func makeSGHeader() [][]string {
 	return [][]string{{
 		"SG",
 		"Direction",

pkg/io/csvWriter.go

@@ -8,6 +8,7 @@ package io
 import (
 	"encoding/csv"
 	"io"
+	"slices"
 
 	"github.com/np-guard/vpc-network-config-synthesis/pkg/ir"
 )
@@ -26,13 +27,13 @@ func (w *CSVWriter) WriteSG(collection *ir.SGCollection, vpc string, _ bool) err
 	if err != nil {
 		return err
 	}
-	return w.w.WriteAll(append(SGHeader(), sgTable...))
+	return w.w.WriteAll(slices.Concat(makeSGHeader(), sgTable))
 }
 
 func (w *CSVWriter) WriteACL(collection *ir.ACLCollection, vpc string, _ bool) error {
 	aclTable, err := WriteACL(collection, vpc)
 	if err != nil {
 		return err
 	}
-	return w.w.WriteAll(append(ACLHeader(), aclTable...))
+	return w.w.WriteAll(slices.Concat(makeACLHeader(), aclTable))
 }

pkg/io/jsonio/unmarshalConns.go

@@ -10,6 +10,7 @@ import (
 	"errors"
 	"fmt"
 	"log"
+	"slices"
 
 	"github.com/np-guard/models/pkg/netp"
 	"github.com/np-guard/models/pkg/spec"
@@ -26,7 +27,7 @@ func (r *Reader) translateConnections(conns []spec.SpecRequiredConnectionsElem,
 		if err != nil {
 			return nil, err
 		}
-		res = append(res, connections...)
+		res = slices.Concat(res, connections)
 	}
 	return res, nil
 }

pkg/io/mdWriter.go

@@ -8,15 +8,13 @@ package io
 import (
 	"bufio"
 	"io"
+	"slices"
 	"strings"
 
 	"github.com/np-guard/vpc-network-config-synthesis/pkg/ir"
 )
 
 const (
-	sgColsNum  = 7
-	aclColsNum = 10
-
 	leftAlign = " :--- "
 	separator = " | "
 )
@@ -35,37 +33,33 @@ func (w *MDWriter) WriteSG(collection *ir.SGCollection, vpc string, _ bool) erro
 	if err != nil {
 		return err
 	}
-	return w.writeAll(append(append(SGHeader(), addAligns(sgColsNum)), sgTable...))
+	sgHeader := makeSGHeader()
+	return w.writeAll(slices.Concat(sgHeader, addAligns(len(sgHeader[0])), sgTable))
 }
 
 func (w *MDWriter) WriteACL(collection *ir.ACLCollection, vpc string, _ bool) error {
 	aclTable, err := WriteACL(collection, vpc)
 	if err != nil {
 		return err
 	}
-	return w.writeAll(append(append(ACLHeader(), addAligns(aclColsNum)), aclTable...))
+	aclHeader := makeACLHeader()
+	return w.writeAll(slices.Concat(aclHeader, addAligns(len(aclHeader[0])), aclTable))
 }
 
 func (w *MDWriter) writeAll(rows [][]string) error {
 	for _, row := range rows {
-		if _, err := w.w.WriteString(separator); err != nil {
-			return err
-		}
-		if _, err := w.w.WriteString(strings.Join(row, separator)); err != nil {
-			return err
-		}
-		if _, err := w.w.WriteString(separator + "\n"); err != nil {
+		finalString := separator + strings.Join(row, separator) + separator + "\n"
+		if _, err := w.w.WriteString(finalString); err != nil {
 			return err
 		}
 	}
-	w.w.Flush()
-	return nil
+	return w.w.Flush()
 }
 
-func addAligns(n int) []string {
+func addAligns(n int) [][]string {
 	res := make([]string, n)
 	for i := range n {
 		res[i] = leftAlign
 	}
-	return res
+	return [][]string{res}
 }

pkg/io/tfio/acl.go

@@ -8,6 +8,7 @@ package tfio
 
 import (
 	"fmt"
+	"slices"
 	"strings"
 
 	"github.com/np-guard/models/pkg/netp"
@@ -22,9 +23,7 @@ func (w *Writer) WriteACL(c *ir.ACLCollection, vpc string, _ bool) error {
 	if err != nil {
 		return err
 	}
-	output := collection.Print()
-	_, err = w.w.WriteString(output)
-	if err != nil {
+	if _, err := w.w.WriteString(collection.Print()); err != nil {
 		return err
 	}
 	return w.w.Flush()
@@ -66,10 +65,10 @@ func singleACL(acl *ir.ACL, vpcName string) (tf.Block, error) {
 	}
 	return tf.Block{
 		Comment: aclComment(acl),
-		Name:    "resource",
+		Name:    resourceConst,
 		Labels:  []string{quote("ibm_is_network_acl"), quote(aclName)},
 		Arguments: []tf.Argument{
-			{Name: "name", Value: quote(aclName)},
+			{Name: nameConst, Value: quote(aclName)},
 			{Name: "resource_group", Value: "local.acl_synth_resource_group_id"},
 			{Name: "vpc", Value: fmt.Sprintf("local.acl_synth_%s_id", vpcName)},
 		},
@@ -82,7 +81,7 @@ func aclRule(rule *ir.ACLRule, name string) (tf.Block, error) {
 		return tf.Block{}, err
 	}
 	arguments := []tf.Argument{
-		{Name: "name", Value: quote(name)}, //nolint:revive  // obvious false positive
+		{Name: nameConst, Value: quote(name)},
 		{Name: "action", Value: quote(action(rule.Action))},
 		{Name: "direction", Value: quote(direction(rule.Direction))},
 		{Name: "source", Value: quote(rule.Source.String())},
@@ -105,11 +104,8 @@ func aclProtocol(t netp.Protocol) []tf.Block {
 	switch p := t.(type) {
 	case netp.TCPUDP:
 		return []tf.Block{{
-			Name: strings.ToLower(string(p.ProtocolString())),
-			Arguments: append(
-				portRange(p.DstPorts(), "port"),
-				portRange(p.SrcPorts(), "source_port")...,
-			),
+			Name:      strings.ToLower(string(p.ProtocolString())),
+			Arguments: slices.Concat(portRange(p.DstPorts(), "port"), portRange(p.SrcPorts(), "source_port")),
 		}}
 	case netp.ICMP:
 		return []tf.Block{{

pkg/io/tfio/common.go

@@ -20,6 +20,11 @@ import (
 	"github.com/np-guard/vpc-network-config-synthesis/pkg/ir"
 )
 
+const (
+	resourceConst = "resource"
+	nameConst     = "name"
+)
+
 // Writer implements ir.Writer
 type Writer struct {
 	w *bufio.Writer

pkg/io/tfio/sg.go

@@ -23,13 +23,10 @@ func (w *Writer) WriteSG(c *ir.SGCollection, vpc string, _ bool) error {
 	if err != nil {
 		return err
 	}
-	output := collection.Print()
-	_, err = w.w.WriteString(output)
-	if err != nil {
+	if _, err := w.w.WriteString(collection.Print()); err != nil {
 		return err
 	}
-	err = w.w.Flush()
-	return err
+	return w.w.Flush()
 }
 
 func sgCollection(collection *ir.SGCollection, vpc string) (*tf.ConfigFile, error) {
@@ -74,7 +71,7 @@ func sg(sG *ir.SG, vpcName string) (tf.Block, error) {
 		Labels:  []string{quote("ibm_is_security_group"), quote(sgName)},
 		Comment: comment,
 		Arguments: []tf.Argument{
-			{Name: "name", Value: quote("sg-" + sgName)},
+			{Name: nameConst, Value: quote("sg-" + sgName)},
 			{Name: "resource_group", Value: "local.sg_synth_resource_group_id"},
 			{Name: "vpc", Value: fmt.Sprintf("local.sg_synth_%s_id", vpcName)},
 		},
@@ -99,7 +96,7 @@ func sgRule(rule *ir.SGRule, sgName ir.SGName, i int) (tf.Block, error) {
 	}
 
 	return tf.Block{
-		Name:    "resource", //nolint:revive  // obvious false positive
+		Name:    resourceConst,
 		Labels:  []string{quote("ibm_is_security_group_rule"), ir.ChangeScoping(quote(ruleName))},
 		Comment: comment,
 		Arguments: []tf.Argument{

pkg/ir/acl.go

@@ -82,7 +82,7 @@ func (a *ACL) Rules() []*ACLRule {
 	}
 	rules := a.Internal
 	if len(a.External) != 0 {
-		rules = append(rules, append(makeDenyInternal(), a.External...)...)
+		rules = slices.Concat(rules, makeDenyInternal(), a.External)
 	}
 	return rules
 }

pkg/ir/sg.go

@@ -8,6 +8,7 @@ package ir
 import (
 	"fmt"
 	"reflect"
+	"slices"
 
 	"github.com/np-guard/models/pkg/netp"
 	"github.com/np-guard/models/pkg/netset"
@@ -77,7 +78,6 @@ func NewSG(sgName SGName) *SG {
 	return &SG{SGName: sgName,
 		InboundRules:  make(map[string][]*SGRule),
 		OutboundRules: make(map[string][]*SGRule),
-		Targets:       []ID{},
 	}
 }
 
@@ -112,10 +112,10 @@ func (a *SG) Add(rule *SGRule) {
 func (a *SG) AllRules() []*SGRule {
 	res := make([]*SGRule, 0)
 	for _, key := range utils.SortedMapKeys(a.InboundRules) {
-		res = append(res, a.InboundRules[key]...)
+		res = slices.Concat(res, a.InboundRules[key])
 	}
 	for _, key := range utils.SortedMapKeys(a.OutboundRules) {
-		res = append(res, a.OutboundRules[key]...)
+		res = slices.Concat(res, a.OutboundRules[key])
 	}
 	return res
 }

pkg/ir/spec.go

@@ -8,6 +8,7 @@ package ir
 
 import (
 	"fmt"
+	"slices"
 	"strings"
 
 	"github.com/np-guard/models/pkg/netp"
@@ -312,8 +313,8 @@ func (s *Definitions) lookupSegment(segment map[ID]*SegmentDetails, name string,
 		if err != nil {
 			return nil, err
 		}
-		res.CidrsWhenLocal = append(res.CidrsWhenLocal, element.CidrsWhenLocal...)
-		res.CidrsWhenRemote = append(res.CidrsWhenRemote, element.CidrsWhenRemote...)
+		res.CidrsWhenLocal = slices.Concat(res.CidrsWhenLocal, element.CidrsWhenLocal)
+		res.CidrsWhenRemote = slices.Concat(res.CidrsWhenRemote, element.CidrsWhenRemote)
 	}
 	segmentDetails.ConnectedResource = res
 	return res, nil

pkg/optimize/acl/acl.go

@@ -14,16 +14,16 @@ type (
 	aclOptimizer struct {
 		aclCollection *ir.ACLCollection
 		aclName       string
-		aclVPC        *string
+		aclVPC        string
 	}
 )
 
 func NewACLOptimizer(collection ir.Collection, aclName string) optimize.Optimizer {
 	components := ir.ScopingComponents(aclName)
 	if len(components) == 1 {
-		return &aclOptimizer{aclCollection: collection.(*ir.ACLCollection), aclName: aclName, aclVPC: nil}
+		return &aclOptimizer{aclCollection: collection.(*ir.ACLCollection), aclName: aclName, aclVPC: ""}
 	}
-	return &aclOptimizer{aclCollection: collection.(*ir.ACLCollection), aclName: components[1], aclVPC: &components[0]}
+	return &aclOptimizer{aclCollection: collection.(*ir.ACLCollection), aclName: components[1], aclVPC: components[0]}
 }
 
 func (a *aclOptimizer) Optimize() (ir.Collection, error) {