Merge pull request #6 from cloudgraphdev/feature/CG-1130

feat(networkAcl): add networkAcl service

Author: Christopher Brandt

README.md

@@ -62,7 +62,9 @@ CloudGraph Tencent Provider will ask you what regions you would like to crawl an
 | securityGroupRule | |
 | ccn | ccnAttachment |
 | ccnAttachment | ccn |
-| subnet | vpc, routeTable |
-| vpc | subnet, vpnGateway, routeTable |
+| networkAcl | subnet, vpc |
+| subnet | networkAcl, vpc, routeTable |
+| vpc | networkAcl, subnet, vpnGateway, routeTable |
 | vpnGateway | vpc, vpnGatewayRoute |
 | vpnGatewayRoute | vpnGateway |
+| securityGroup | | 

src/enums/schemasMap.ts

@@ -10,6 +10,9 @@ export default {
   [services.securityGroupRule]: 'tencentSecurityGroupRule',
   [services.ccn]: 'tencentCcn',
   [services.ccnAttachment]: 'tencentCcnAttachment',
+  [services.networkAcl]: 'tencentNetworkAcl',
+  [services.securityGroup]: 'tencentSecurityGroup',
+  [services.securityGroupRule]: 'tencentSecurityGroupRule',
   [services.subnet]: 'tencentSubnet',
   [services.vpc]: 'tencentVpc',
   [services.vpnGateway]: 'tencentVpnGateway',

src/enums/serviceMap.ts

@@ -1,4 +1,5 @@
 import services from './services'
+import TencentNetworkAcl from '../services/networkAcl'
 import TencentSecurityGroup from '../services/securityGroup'
 import TencentSecurityGroupRule from '../services/securityGroupRule'
 import TencentCcn from '../services/ccn'
@@ -22,6 +23,9 @@ export default {
   [services.securityGroupRule]: TencentSecurityGroupRule,
   [services.ccn]: TencentCcn,
   [services.ccnAttachment]: TencentCcnAttachment,
+  [services.networkAcl]: TencentNetworkAcl,
+  [services.securityGroup]: TencentSecurityGroup,
+  [services.securityGroupRule]: TencentSecurityGroupRule,
   [services.subnet]: TencentSubnet,
   [services.vpc]: TencentVpc,
   [services.vpnGateway]: TencentVpnGateway,

src/enums/services.ts

@@ -1,6 +1,7 @@
 export default {
   customerGateway: 'customerGateway',
   routeTable: 'routeTable',
+  networkAcl: 'networkAcl',
   securityGroup: 'securityGroup',
   securityGroupRule: 'securityGroupRule',
   ccn: 'ccn',

src/services/networkAcl/data.ts

@@ -0,0 +1,58 @@
+import * as tencentcloud from 'tencentcloud-sdk-nodejs'
+import { NetworkAcl } from 'tencentcloud-sdk-nodejs/tencentcloud/services/vpc/v20170312/vpc_models'
+import { ClientConfig } from 'tencentcloud-sdk-nodejs/tencentcloud/common/interface'
+import CloudGraph from '@cloudgraph/sdk'
+import groupBy from 'lodash/groupBy'
+import isEmpty from 'lodash/isEmpty'
+import loggerText from '../../properties/logger'
+import { TencentServiceInput } from '../../types'
+import { initTestEndpoint, generateTencentErrorLog } from '../../utils'
+
+const lt = { ...loggerText }
+const { logger } = CloudGraph
+export const serviceName = 'NetworkAcl'
+const apiEndpoint = initTestEndpoint(serviceName)
+
+export interface RawTencentNetworkAcl extends NetworkAcl {
+  id: string
+  region: string
+  subnets: string[]
+}
+
+export default async ({
+  regions,
+  config,
+}: TencentServiceInput): Promise<{
+  [region: string]: RawTencentNetworkAcl[]
+}> =>
+  new Promise(async resolve => {
+    const naclList: RawTencentNetworkAcl[] = []
+
+    for (const region of regions.split(',')) {
+      /**
+       * Get all NetworkACLs
+       */
+      try {
+        const VpcClient = tencentcloud.vpc.v20170312.Client
+        const clientConfig: ClientConfig  = { credential: config, region, profile: { httpProfile: { endpoint: apiEndpoint } } }
+        const vpc = new VpcClient(clientConfig)
+        const response = await vpc.DescribeNetworkAcls(null)
+
+        if (response && !isEmpty(response.NetworkAclSet)) {
+          for (const instance of response.NetworkAclSet) {
+            naclList.push({
+              id: instance.NetworkAclId,
+              ...instance,
+              subnets: instance?.SubnetSet?.map(subnet => subnet.SubnetId),
+              region,
+            })
+          }
+        }
+      } catch (error) {
+        generateTencentErrorLog(serviceName, 'vpc:DescribeNetworkAcls', error)
+      }
+    }
+
+    logger.debug(lt.foundResources(serviceName, naclList.length))
+    resolve(groupBy(naclList, 'region'))
+  })

src/services/networkAcl/format.ts

@@ -0,0 +1,38 @@
+import cuid from 'cuid'
+import { TencentNetworkAcl } from '../../types/generated'
+import { RawTencentNetworkAcl } from './data'
+
+export default ({
+  service,
+  account,
+  region,
+}: {
+  service: RawTencentNetworkAcl
+  account: string
+  region: string
+}): TencentNetworkAcl => {
+  const {
+    id,
+    NetworkAclName: name,
+    VpcId: vpcId,
+    CreatedTime: createdTime,
+    IngressEntries,
+    EgressEntries,
+  } = service
+
+  return {
+    id,
+    region,
+    name,
+    vpcId,
+    createdTime,
+    ingressEntries: IngressEntries?.map(naclEntry => ({
+      id: cuid(),
+      ...naclEntry,
+    })),
+    egressEntries: EgressEntries?.map(naclEntry => ({
+      id: cuid(),
+      ...naclEntry,
+    })),
+  }
+}

src/services/networkAcl/index.ts

@@ -0,0 +1,13 @@
+import {Service} from '@cloudgraph/sdk'
+import BaseService from '../base'
+import format from './format'
+import getData, { serviceName } from './data'
+import { getMutation } from '../../utils'
+
+export default class TencentNetworkAcl extends BaseService implements Service {
+  format = format.bind(this)
+
+  getData = getData.bind(this)
+
+  mutation = getMutation(serviceName)
+}

src/services/networkAcl/schema.graphql

@@ -0,0 +1,26 @@
+type tencentNetworkAcl implements tencentBaseService @key(fields: "id") {
+  vpcId: String @search(by: [hash, regexp])
+  name: String @search(by: [hash, regexp])
+  createdTime: String @search(by: [hash, regexp])
+  ingressEntries: [tencentNetworkAclEntry]
+  egressEntries: [tencentNetworkAclEntry]
+  subnets: [tencentSubnet] @hasInverse(field: networkAcl)
+  vpcInstance: [tencentVpc] @hasInverse(field: networkAcl)
+}
+
+type tencentNetworkAclEntry
+  @generate(
+    query: { get: false, query: true, aggregate: false }
+    mutation: { add: false, delete: false }
+    subscription: false
+  )
+  @key(fields: "id") {
+  id: String! @id @search(by: [hash, regexp])
+  modifyTime: String @search(by: [hash, regexp])
+  protocol: String @search(by: [hash, regexp])
+  port: String @search(by: [hash, regexp])
+  cidrBlock: String @search(by: [hash, regexp])
+  ipv6CidrBlock: String @search(by: [hash, regexp])
+  action: String @search(by: [hash, regexp])
+  description: String @search(by: [hash, regexp])
+}

src/services/subnet/connections.ts

@@ -0,0 +1,58 @@
+import { ServiceConnection } from '@cloudgraph/sdk'
+import { rawDataInterface } from '../../types'
+import { RawTencentSubnet } from './data'
+import { GLOBAL_REGION } from '../../config/constants'
+import services from '../../enums/services'
+import aliases from '../../enums/serviceAliases'
+
+export default ({
+  account,
+  service,
+  data,
+  region,
+}: {
+  account: string
+  service: RawTencentSubnet
+  data: { name: string; data: { [property: string]: any[] } }[]
+  region: string
+}): {
+  [property: string]: ServiceConnection[]
+} => {
+  const { id } = service
+  const connections: ServiceConnection[] = []
+  const connectTo = Object.values(services).filter(service => service !== services.subnet)
+
+  for (const serviceName of connectTo) {
+    const instances: {
+      name: string
+      data: { [property: string]: any[] }
+    } = data.find(({ name }) => name === serviceName)
+
+    const regions = [region, GLOBAL_REGION]
+    for (const region of regions) {
+      if (instances?.data?.[region]) {
+        const filtered = instances.data[region].filter(
+          ({ subnets }: rawDataInterface) => subnets
+        )
+
+        for (const { id, subnet } of filtered) {
+          for (const name of subnet) {
+            if (name === service.SubnetId) {
+              connections.push({
+                id,
+                resourceType: serviceName,
+                relation: 'child',
+                field: aliases[serviceName] ? aliases[serviceName] : serviceName,
+              })
+            }
+          }
+        }
+      }
+    }
+  }
+
+  const result = {
+    [id]: connections,
+  }
+  return result
+}

src/services/subnet/index.ts

@@ -2,12 +2,15 @@ import {Service} from '@cloudgraph/sdk'
 import BaseService from '../base'
 import format from './format'
 import getData, { serviceName } from './data'
+import getConnections from './connections'
 import { getMutation } from '../../utils'
 
 export default class TencentSubnet extends BaseService implements Service {
   format = format.bind(this)
 
   getData = getData.bind(this)
 
+  getConnections = getConnections.bind(this)
+
   mutation = getMutation(serviceName)
 }