Skip to content

Commit

Permalink
Optimize json output fmt (#223)
Browse files Browse the repository at this point in the history
  • Loading branch information
YairSlobodin1 authored Dec 19, 2024
1 parent 623a955 commit f82ccd5
Show file tree
Hide file tree
Showing 6 changed files with 2,125 additions and 20 deletions.
8 changes: 3 additions & 5 deletions cmd/subcmds/output.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func writeOutput(args *inArgs, collection ir.Collection, vpcNames []string, isSy

func writeCollection(args *inArgs, collection ir.Collection, vpc string, isSynth bool) (*bytes.Buffer, error) {
var data bytes.Buffer
writer, err := pickWriter(args, &data, isSynth)
writer, err := pickWriter(args, &data)
if err != nil {
return nil, err
}
Expand All @@ -70,7 +70,7 @@ func writeCollection(args *inArgs, collection ir.Collection, vpc string, isSynth
return &data, nil
}

func pickWriter(args *inArgs, data *bytes.Buffer, isSynth bool) (ir.Writer, error) {
func pickWriter(args *inArgs, data *bytes.Buffer) (ir.Writer, error) {
w := bufio.NewWriter(data)
switch args.outputFmt {
case tfOutputFormat:
Expand All @@ -80,9 +80,7 @@ func pickWriter(args *inArgs, data *bytes.Buffer, isSynth bool) (ir.Writer, erro
case mdOutputFormat:
return io.NewMDWriter(w), nil
case jsonOutputFormat:
if isSynth {
return confio.NewWriter(w, args.configFile)
}
return confio.NewWriter(w, args.configFile)
}
return nil, fmt.Errorf("bad output format: %q", args.outputFmt)
}
Expand Down
57 changes: 57 additions & 0 deletions pkg/io/confio/optimizeSG.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
/*
Copyright 2023- IBM Inc. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/

package confio

import (
"github.com/IBM/vpc-go-sdk/vpcv1"

configModel "github.com/np-guard/cloud-resource-collector/pkg/ibm/datamodel"

"github.com/np-guard/vpc-network-config-synthesis/pkg/ir"
)

// updateSGs updates the config object file with the optimized SG rules
func updateSGs(model *configModel.ResourcesContainerModel, collection *ir.SGCollection) error {
sgRefMap := parseSGRefMap(model)
for _, sg := range model.SecurityGroupList {
if sg.Name == nil || sg.VPC == nil || sg.VPC.Name == nil {
continue
}
if err := updateSG(&sg.SecurityGroup, collection.SGs[*sg.VPC.Name][ir.SGName(*sg.Name)], sgRefMap); err != nil {
return err
}
}
return nil
}

func updateSG(sg *vpcv1.SecurityGroup, optimizedSG *ir.SG, sgRefMap map[string]*vpcv1.SecurityGroupRuleRemoteSecurityGroupReference) error {
optimizedRules := optimizedSG.AllRules()
if len(optimizedRules) >= len(sg.Rules) {
return nil
}
sg.Rules = make([]vpcv1.SecurityGroupRuleIntf, len(optimizedRules))
for i, rule := range optimizedRules {
r, err := makeSGRuleItem(sgRefMap, rule, i)
if err != nil {
return err
}
sg.Rules[i] = r
}
return nil
}

func parseSGRefMap(model *configModel.ResourcesContainerModel) map[string]*vpcv1.SecurityGroupRuleRemoteSecurityGroupReference {
res := make(map[string]*vpcv1.SecurityGroupRuleRemoteSecurityGroupReference)
for _, sg := range model.SecurityGroupList {
res[*sg.Name] = &vpcv1.SecurityGroupRuleRemoteSecurityGroupReference{
ID: sg.ID,
CRN: sg.CRN,
Href: sg.Href,
Name: sg.Name,
}
}
return res
}
29 changes: 21 additions & 8 deletions pkg/io/confio/sg.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ func sgRemote(nameToSGRemoteRef map[string]*vpcv1.SecurityGroupRuleRemoteSecurit
st := rule.Remote.String()
switch t := rule.Remote.(type) {
case *netset.IPBlock:
if ipString := t.ToIPAddressString(); ipString != "" { // single IP address
if t.IsSingleIPAddress() { // single IP address
return &vpcv1.SecurityGroupRuleRemoteIP{
Address: &st,
}
Expand All @@ -72,13 +72,20 @@ func makeSGRuleItem(nameToSGRemoteRef map[string]*vpcv1.SecurityGroupRuleRemoteS
rule *ir.SGRule, i int) (vpcv1.SecurityGroupRuleIntf, error) {
iPVersion := utils.Ptr(ipv4Const)
direction := direction(rule.Direction)
cidrAll := netset.CidrAll
local := &vpcv1.SecurityGroupRuleLocal{
CIDRBlock: &cidrAll,
}
ref := allocateRef()
remote := sgRemote(nameToSGRemoteRef, rule)

var local vpcv1.SecurityGroupRuleLocalIntf
if rule.Local.IsSingleIPAddress() {
local = &vpcv1.SecurityGroupRuleLocalIP{
Address: utils.Ptr(rule.Local.FirstIPAddress()),
}
} else {
local = &vpcv1.SecurityGroupRuleLocalCIDR{
CIDRBlock: utils.Ptr(rule.Local.ToCidrList()[0]),
}
}

switch p := rule.Protocol.(type) {
case netp.TCPUDP:
data := tcpudp(p)
Expand Down Expand Up @@ -245,7 +252,7 @@ func updateSGEndpointGW(model *configModel.ResourcesContainerModel, collection *
return nil
}

func updateSG(model *configModel.ResourcesContainerModel, collection *ir.SGCollection) error {
func writeSGs(model *configModel.ResourcesContainerModel, collection *ir.SGCollection) error {
nameToSGRemoteRef := make(map[string]*vpcv1.SecurityGroupRuleRemoteSecurityGroupReference)
idToSGIndex := make(map[string]int, len(model.SecurityGroupList))
for i := range model.SecurityGroupList {
Expand All @@ -254,13 +261,19 @@ func updateSG(model *configModel.ResourcesContainerModel, collection *ir.SGColle

err1 := updateSGInstances(model, collection, nameToSGRemoteRef, idToSGIndex)
err2 := updateSGEndpointGW(model, collection, nameToSGRemoteRef, idToSGIndex)
globalIndex = 0 // making test results more predictable
return errors.Join(err1, err2)
}

func (w *Writer) WriteSG(collection *ir.SGCollection, _ string, isSynth bool) error {
if err := updateSG(w.model, collection); err != nil {
var err error
if isSynth {
err = writeSGs(w.model, collection)
} else {
err = updateSGs(w.model, collection)
}
if err != nil {
return err
}
globalIndex = 0 // making test results more predictable
return w.writeModel()
}
9 changes: 2 additions & 7 deletions pkg/synth/sg.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"slices"

"github.com/np-guard/models/pkg/netp"
"github.com/np-guard/models/pkg/netset"

"github.com/np-guard/vpc-network-config-synthesis/pkg/ir"
"github.com/np-guard/vpc-network-config-synthesis/pkg/utils"
Expand Down Expand Up @@ -65,13 +66,7 @@ func (s *SGSynthesizer) allowConnectionEndpoint(localEndpoint, remoteEndpoint *i
localSGName := ir.SGName(localEndpoint.Name)
localSG := s.result.LookupOrCreate(localSGName)
localSG.Targets = []ir.ID{ir.ID(localSGName)}
rule := &ir.SGRule{
Remote: sgRemote(remoteEndpoint, remoteType),
Direction: direction,
Protocol: p,
Explanation: ruleExplanation,
}
localSG.Add(rule)
localSG.Add(ir.NewSGRule(direction, sgRemote(remoteEndpoint, remoteType), p, netset.GetCidrAll(), ruleExplanation))
}

func sgRemote(resource *ir.NamedAddrs, t ir.ResourceType) ir.RemoteType {
Expand Down
Loading

0 comments on commit f82ccd5

Please sign in to comment.