From 9cef23a24859e382617ebc218086447af1f3d97d Mon Sep 17 00:00:00 2001
From: Yair Slobodin <yair.slobodin@ibm.com>
Date: Wed, 18 Dec 2024 13:13:11 +0200
Subject: [PATCH 1/2] munir changes

---
 pkg/io/commonACL.go             |  3 ++-
 pkg/io/commonSG.go              |  3 ++-
 pkg/io/jsonio/unmarshalConns.go |  3 ++-
 pkg/io/tfio/acl.go              | 17 ++++++-----------
 pkg/io/tfio/sg.go               |  7 ++-----
 pkg/ir/sg.go                    |  3 ++-
 pkg/ir/spec.go                  |  5 +++--
 pkg/optimize/sg/sg.go           |  2 +-
 pkg/synth/sg.go                 |  4 +++-
 pkg/utils/utils.go              |  2 +-
 10 files changed, 24 insertions(+), 25 deletions(-)

diff --git a/pkg/io/commonACL.go b/pkg/io/commonACL.go
index 5eb2878..4adfe77 100644
--- a/pkg/io/commonACL.go
+++ b/pkg/io/commonACL.go
@@ -8,6 +8,7 @@ package io
 import (
 	"errors"
 	"fmt"
+	"slices"
 	"strconv"
 
 	"github.com/np-guard/models/pkg/netp"
@@ -24,7 +25,7 @@ func WriteACL(collection *ir.ACLCollection, vpc string) ([][]string, error) {
 		if err != nil {
 			return nil, err
 		}
-		res = append(res, aclTable...)
+		res = slices.Concat(res, aclTable)
 	}
 	return res, nil
 }
diff --git a/pkg/io/commonSG.go b/pkg/io/commonSG.go
index 021f5a5..b286822 100644
--- a/pkg/io/commonSG.go
+++ b/pkg/io/commonSG.go
@@ -8,6 +8,7 @@ package io
 import (
 	"errors"
 	"fmt"
+	"slices"
 
 	"github.com/np-guard/models/pkg/netp"
 	"github.com/np-guard/models/pkg/netset"
@@ -26,7 +27,7 @@ func WriteSG(collection *ir.SGCollection, vpc string) ([][]string, error) {
 			if err != nil {
 				return nil, err
 			}
-			res = append(res, sgTable...)
+			res = slices.Concat(res, sgTable)
 		}
 	}
 	return res, nil
diff --git a/pkg/io/jsonio/unmarshalConns.go b/pkg/io/jsonio/unmarshalConns.go
index 7dcd002..8f4a514 100644
--- a/pkg/io/jsonio/unmarshalConns.go
+++ b/pkg/io/jsonio/unmarshalConns.go
@@ -10,6 +10,7 @@ import (
 	"errors"
 	"fmt"
 	"log"
+	"slices"
 
 	"github.com/np-guard/models/pkg/netp"
 	"github.com/np-guard/models/pkg/spec"
@@ -26,7 +27,7 @@ func (r *Reader) translateConnections(conns []spec.SpecRequiredConnectionsElem,
 		if err != nil {
 			return nil, err
 		}
-		res = append(res, connections...)
+		res = slices.Concat(res, connections)
 	}
 	return res, nil
 }
diff --git a/pkg/io/tfio/acl.go b/pkg/io/tfio/acl.go
index 93fce63..2bbde48 100644
--- a/pkg/io/tfio/acl.go
+++ b/pkg/io/tfio/acl.go
@@ -8,6 +8,7 @@ package tfio
 
 import (
 	"fmt"
+	"slices"
 	"strings"
 
 	"github.com/np-guard/models/pkg/netp"
@@ -23,13 +24,10 @@ func (w *Writer) WriteACL(c *ir.ACLCollection, vpc string) error {
 	if err != nil {
 		return err
 	}
-	output := collection.Print()
-	_, err = w.w.WriteString(output)
-	if err != nil {
+	if _, err := w.w.WriteString(collection.Print()); err != nil {
 		return err
 	}
-	err = w.w.Flush()
-	return err
+	return w.w.Flush()
 }
 
 func aclCollection(t *ir.ACLCollection, vpc string) (*tf.ConfigFile, error) {
@@ -37,9 +35,9 @@ func aclCollection(t *ir.ACLCollection, vpc string) (*tf.ConfigFile, error) {
 	var acls = make([]tf.Block, len(sortedACLs))
 	i := 0
 	for _, subnet := range sortedACLs {
-		comment := "\n"
 		vpcName := ir.VpcFromScopedResource(subnet)
 		acl := t.ACLs[vpcName][subnet]
+		comment := "\n"
 		if len(sortedACLs) > 1 { // not a single nacl
 			comment = fmt.Sprintf("\n# %v [%v]", subnet, subnetCidr(acl))
 		}
@@ -110,11 +108,8 @@ func aclProtocol(t netp.Protocol) []tf.Block {
 	switch p := t.(type) {
 	case netp.TCPUDP:
 		return []tf.Block{{
-			Name: strings.ToLower(string(p.ProtocolString())),
-			Arguments: append(
-				portRange(p.DstPorts(), "port"),
-				portRange(p.SrcPorts(), "source_port")...,
-			),
+			Name:      strings.ToLower(string(p.ProtocolString())),
+			Arguments: slices.Concat(portRange(p.DstPorts(), "port"), portRange(p.SrcPorts(), "source_port")),
 		}}
 	case netp.ICMP:
 		return []tf.Block{{
diff --git a/pkg/io/tfio/sg.go b/pkg/io/tfio/sg.go
index 2d027f0..e710dc4 100644
--- a/pkg/io/tfio/sg.go
+++ b/pkg/io/tfio/sg.go
@@ -23,13 +23,10 @@ func (w *Writer) WriteSG(c *ir.SGCollection, vpc string) error {
 	if err != nil {
 		return err
 	}
-	output := collection.Print()
-	_, err = w.w.WriteString(output)
-	if err != nil {
+	if _, err := w.w.WriteString(collection.Print()); err != nil {
 		return err
 	}
-	err = w.w.Flush()
-	return err
+	return w.w.Flush()
 }
 
 func sgCollection(collection *ir.SGCollection, vpc string) (*tf.ConfigFile, error) {
diff --git a/pkg/ir/sg.go b/pkg/ir/sg.go
index 3b87780..7cb6242 100644
--- a/pkg/ir/sg.go
+++ b/pkg/ir/sg.go
@@ -8,6 +8,7 @@ package ir
 import (
 	"fmt"
 	"reflect"
+	"slices"
 
 	"github.com/np-guard/models/pkg/netp"
 	"github.com/np-guard/models/pkg/netset"
@@ -104,7 +105,7 @@ func (a *SG) Add(rule *SGRule) {
 }
 
 func (a *SG) AllRules() []*SGRule {
-	return append(a.InboundRules, a.OutboundRules...)
+	return slices.Concat(a.InboundRules, a.OutboundRules)
 }
 
 func (c *SGCollection) VpcNames() []string {
diff --git a/pkg/ir/spec.go b/pkg/ir/spec.go
index ca70b0f..a8a723e 100644
--- a/pkg/ir/spec.go
+++ b/pkg/ir/spec.go
@@ -8,6 +8,7 @@ package ir
 
 import (
 	"fmt"
+	"slices"
 	"strings"
 
 	"github.com/np-guard/models/pkg/netp"
@@ -312,8 +313,8 @@ func (s *Definitions) lookupSegment(segment map[ID]*SegmentDetails, name string,
 		if err != nil {
 			return nil, err
 		}
-		res.CidrsWhenLocal = append(res.CidrsWhenLocal, element.CidrsWhenLocal...)
-		res.CidrsWhenRemote = append(res.CidrsWhenRemote, element.CidrsWhenRemote...)
+		res.CidrsWhenLocal = slices.Concat(res.CidrsWhenLocal, element.CidrsWhenLocal)
+		res.CidrsWhenRemote = slices.Concat(res.CidrsWhenRemote, element.CidrsWhenRemote)
 	}
 	segmentDetails.ConnectedResource = res
 	return res, nil
diff --git a/pkg/optimize/sg/sg.go b/pkg/optimize/sg/sg.go
index dc49400..fed4507 100644
--- a/pkg/optimize/sg/sg.go
+++ b/pkg/optimize/sg/sg.go
@@ -135,7 +135,7 @@ func (s *sgOptimizer) reduceSGRules(rules []*ir.SGRule, direction ir.Direction)
 		optimizedRulesToIPAddrs = originalRulesToIPAddrs
 	}
 
-	return append(optimizedRulesToSG, optimizedRulesToIPAddrs...)
+	return slices.Concat(optimizedRulesToSG, optimizedRulesToIPAddrs)
 }
 
 func reduceRulesSGRemote(cubes *sgCubesPerProtocol, direction ir.Direction) []*ir.SGRule {
diff --git a/pkg/synth/sg.go b/pkg/synth/sg.go
index 0caec38..54190b1 100644
--- a/pkg/synth/sg.go
+++ b/pkg/synth/sg.go
@@ -6,6 +6,8 @@ SPDX-License-Identifier: Apache-2.0
 package synth
 
 import (
+	"slices"
+
 	"github.com/np-guard/models/pkg/netp"
 
 	"github.com/np-guard/vpc-network-config-synthesis/pkg/ir"
@@ -98,7 +100,7 @@ func isSGRemote(t ir.ResourceType) bool {
 
 // generate SGs for blocked endpoints (endpoints that do not appear in Spec)
 func (s *SGSynthesizer) generateSGsForBlockedResources() string {
-	blockedResources := append(utils.TrueKeyValues(s.spec.BlockedInstances), utils.TrueKeyValues(s.spec.BlockedVPEs)...)
+	blockedResources := slices.Concat(utils.TrueKeyValues(s.spec.BlockedInstances), utils.TrueKeyValues(s.spec.BlockedVPEs))
 	for _, resource := range blockedResources {
 		sg := s.result.LookupOrCreate(ir.SGName(resource)) // an empty SG allows no connections
 		sg.Attached = []ir.ID{resource}
diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go
index e5f14e2..d919189 100644
--- a/pkg/utils/utils.go
+++ b/pkg/utils/utils.go
@@ -26,7 +26,7 @@ func SortedMapKeys[T cmp.Ordered, V any](m map[T]V) []T {
 func SortedAllInnerMapsKeys[T, K cmp.Ordered, V any](m map[K]map[T]V) []T {
 	keys := make([]T, 0)
 	for _, vpc := range m {
-		keys = append(keys, MapKeys(vpc)...)
+		keys = slices.Concat(keys, MapKeys(vpc))
 	}
 	slices.Sort(keys)
 	return keys

From 927d85b1e232ffdb3e231ac56778178a9e2cc04c Mon Sep 17 00:00:00 2001
From: Yair Slobodin <yair.slobodin@ibm.com>
Date: Wed, 18 Dec 2024 14:20:19 +0200
Subject: [PATCH 2/2] fix

---
 pkg/io/common.go      |  2 +-
 pkg/io/commonACL.go   |  2 +-
 pkg/io/commonSG.go    |  2 +-
 pkg/io/csvWriter.go   |  4 ++--
 pkg/io/mdWriter.go    | 21 +++++++--------------
 pkg/io/tfio/acl.go    |  6 +++---
 pkg/io/tfio/common.go |  5 +++++
 pkg/io/tfio/sg.go     |  4 ++--
 8 files changed, 22 insertions(+), 24 deletions(-)

diff --git a/pkg/io/common.go b/pkg/io/common.go
index 4e4f9e3..1a0eb69 100644
--- a/pkg/io/common.go
+++ b/pkg/io/common.go
@@ -32,7 +32,7 @@ func direction(d ir.Direction) string {
 func printProtocolName(protocol netp.Protocol) string {
 	switch p := protocol.(type) {
 	case netp.ICMP:
-		return "ICMP"
+		return string(netp.ProtocolStringICMP)
 	case netp.TCPUDP:
 		return strings.ToUpper(string(p.ProtocolString()))
 	case netp.AnyProtocol:
diff --git a/pkg/io/commonACL.go b/pkg/io/commonACL.go
index 4adfe77..865e325 100644
--- a/pkg/io/commonACL.go
+++ b/pkg/io/commonACL.go
@@ -30,7 +30,7 @@ func WriteACL(collection *ir.ACLCollection, vpc string) ([][]string, error) {
 	return res, nil
 }
 
-func ACLHeader() [][]string {
+func makeACLHeader() [][]string {
 	return [][]string{{
 		"Acl",
 		"Subnet",
diff --git a/pkg/io/commonSG.go b/pkg/io/commonSG.go
index b286822..3a05a5e 100644
--- a/pkg/io/commonSG.go
+++ b/pkg/io/commonSG.go
@@ -33,7 +33,7 @@ func WriteSG(collection *ir.SGCollection, vpc string) ([][]string, error) {
 	return res, nil
 }
 
-func SGHeader() [][]string {
+func makeSGHeader() [][]string {
 	return [][]string{{
 		"SG",
 		"Direction",
diff --git a/pkg/io/csvWriter.go b/pkg/io/csvWriter.go
index 9a00128..4a31e67 100644
--- a/pkg/io/csvWriter.go
+++ b/pkg/io/csvWriter.go
@@ -27,7 +27,7 @@ func (w *CSVWriter) WriteSG(collection *ir.SGCollection, vpc string) error {
 	if err != nil {
 		return err
 	}
-	return w.w.WriteAll(slices.Concat(SGHeader(), sgTable))
+	return w.w.WriteAll(slices.Concat(makeSGHeader(), sgTable))
 }
 
 func (w *CSVWriter) WriteACL(collection *ir.ACLCollection, vpc string) error {
@@ -35,5 +35,5 @@ func (w *CSVWriter) WriteACL(collection *ir.ACLCollection, vpc string) error {
 	if err != nil {
 		return err
 	}
-	return w.w.WriteAll(slices.Concat(ACLHeader(), aclTable))
+	return w.w.WriteAll(slices.Concat(makeACLHeader(), aclTable))
 }
diff --git a/pkg/io/mdWriter.go b/pkg/io/mdWriter.go
index be47134..3b102b4 100644
--- a/pkg/io/mdWriter.go
+++ b/pkg/io/mdWriter.go
@@ -15,9 +15,6 @@ import (
 )
 
 const (
-	sgColsNum  = 7
-	aclColsNum = 10
-
 	leftAlign = " :--- "
 	separator = " | "
 )
@@ -36,7 +33,8 @@ func (w *MDWriter) WriteSG(collection *ir.SGCollection, vpc string) error {
 	if err != nil {
 		return err
 	}
-	return w.writeAll(slices.Concat(SGHeader(), addAligns(sgColsNum), sgTable))
+	sgHeader := makeSGHeader()
+	return w.writeAll(slices.Concat(sgHeader, addAligns(len(sgHeader[0])), sgTable))
 }
 
 func (w *MDWriter) WriteACL(collection *ir.ACLCollection, vpc string) error {
@@ -44,23 +42,18 @@ func (w *MDWriter) WriteACL(collection *ir.ACLCollection, vpc string) error {
 	if err != nil {
 		return err
 	}
-	return w.writeAll(slices.Concat(ACLHeader(), addAligns(aclColsNum), aclTable))
+	aclHeader := makeACLHeader()
+	return w.writeAll(slices.Concat(aclHeader, addAligns(len(aclHeader[0])), aclTable))
 }
 
 func (w *MDWriter) writeAll(rows [][]string) error {
 	for _, row := range rows {
-		if _, err := w.w.WriteString(separator); err != nil {
-			return err
-		}
-		if _, err := w.w.WriteString(strings.Join(row, separator)); err != nil {
-			return err
-		}
-		if _, err := w.w.WriteString(separator + "\n"); err != nil {
+		finalString := separator + strings.Join(row, separator) + separator + "\n"
+		if _, err := w.w.WriteString(finalString); err != nil {
 			return err
 		}
 	}
-	w.w.Flush()
-	return nil
+	return w.w.Flush()
 }
 
 func addAligns(n int) [][]string {
diff --git a/pkg/io/tfio/acl.go b/pkg/io/tfio/acl.go
index 2bbde48..90a1fdf 100644
--- a/pkg/io/tfio/acl.go
+++ b/pkg/io/tfio/acl.go
@@ -69,10 +69,10 @@ func singleACL(t *ir.ACL, comment string) (tf.Block, error) {
 	}
 	return tf.Block{
 		Comment: comment,
-		Name:    "resource",
+		Name:    resourceConst,
 		Labels:  []string{quote("ibm_is_network_acl"), quote(aclName)},
 		Arguments: []tf.Argument{
-			{Name: "name", Value: quote(aclName)},
+			{Name: nameConst, Value: quote(aclName)},
 			{Name: "resource_group", Value: "local.acl_synth_resource_group_id"},
 			{Name: "vpc", Value: fmt.Sprintf("local.acl_synth_%s_id", ir.VpcFromScopedResource(t.Subnet))},
 		},
@@ -85,7 +85,7 @@ func aclRule(rule *ir.ACLRule, name string) (tf.Block, error) {
 		return tf.Block{}, err
 	}
 	arguments := []tf.Argument{
-		{Name: "name", Value: quote(name)}, //nolint:revive  // obvious false positive
+		{Name: nameConst, Value: quote(name)},
 		{Name: "action", Value: quote(action(rule.Action))},
 		{Name: "direction", Value: quote(direction(rule.Direction))},
 		{Name: "source", Value: quote(rule.Source.String())},
diff --git a/pkg/io/tfio/common.go b/pkg/io/tfio/common.go
index 96611c6..2cfe005 100644
--- a/pkg/io/tfio/common.go
+++ b/pkg/io/tfio/common.go
@@ -20,6 +20,11 @@ import (
 	"github.com/np-guard/vpc-network-config-synthesis/pkg/ir"
 )
 
+const (
+	resourceConst = "resource"
+	nameConst     = "name"
+)
+
 // Writer implements ir.Writer
 type Writer struct {
 	w *bufio.Writer
diff --git a/pkg/io/tfio/sg.go b/pkg/io/tfio/sg.go
index e710dc4..e41fd9d 100644
--- a/pkg/io/tfio/sg.go
+++ b/pkg/io/tfio/sg.go
@@ -71,7 +71,7 @@ func sg(sgName, vpcName string) (tf.Block, error) {
 		Labels:  []string{quote("ibm_is_security_group"), quote(tfSGName)},
 		Comment: comment,
 		Arguments: []tf.Argument{
-			{Name: "name", Value: quote("sg-" + tfSGName)},
+			{Name: nameConst, Value: quote("sg-" + tfSGName)},
 			{Name: "resource_group", Value: "local.sg_synth_resource_group_id"},
 			{Name: "vpc", Value: fmt.Sprintf("local.sg_synth_%s_id", vpcName)},
 		},
@@ -96,7 +96,7 @@ func sgRule(rule *ir.SGRule, sgName ir.SGName, i int) (tf.Block, error) {
 	}
 
 	return tf.Block{
-		Name:    "resource", //nolint:revive  // obvious false positive
+		Name:    resourceConst,
 		Labels:  []string{quote("ibm_is_security_group_rule"), ir.ChangeScoping(quote(ruleName))},
 		Comment: comment,
 		Arguments: []tf.Argument{