updates

klothoplatform · Dec 5, 2023 · 848277a · 848277a
1 parent 9018b8f
commit 848277a
Show file tree

Hide file tree

Showing 14 changed files with 108 additions and 125 deletions.
diff --git a/pkg/engine2/operational_eval/vertex_property.go b/pkg/engine2/operational_eval/vertex_property.go
@@ -161,9 +161,12 @@ func (v *propertyVertex) evaluateConstraints(sol solution_context.SolutionContex
 	}
 
 	ctx := solution_context.DynamicCtx(sol)
-	defaultVal, err := v.Template.GetDefaultValue(ctx, dynData)
-	if err != nil {
-		return fmt.Errorf("could not get default value for %s: %w", v.Ref, err)
+	var defaultVal any
+	if currentValue == nil {
+		defaultVal, err = v.Template.GetDefaultValue(ctx, dynData)
+		if err != nil {
+			return fmt.Errorf("could not get default value for %s: %w", v.Ref, err)
+		}
 	}
 	if currentValue == nil && setConstraint.Operator == "" && v.Template != nil && defaultVal != nil {
 		err = solution_context.ConfigureResource(
@@ -298,7 +301,7 @@ func (v *propertyVertex) Ready(eval *Evaluator) (ReadyPriority, error) {
 	// properties that have values set via edge rules dont' have default values
 	defaultVal, err := v.Template.GetDefaultValue(solution_context.DynamicCtx(eval.Solution), knowledgebase.DynamicValueData{Resource: v.Ref.Resource})
 	if err != nil {
-		return NotReadyMid, fmt.Errorf("could not get default value for %s: %w", v.Ref, err)
+		return NotReadyMid, nil
 	}
 	if defaultVal != nil {
 		return ReadyNow, nil

diff --git a/pkg/engine2/operational_rule/operational_action.go b/pkg/engine2/operational_rule/operational_action.go
@@ -230,22 +230,23 @@ func (action *operationalResourceAction) useAvailableResources(resource *constru
 				if edgeTmpl == nil {
 					continue
 				}
-				if edgeTmpl.Unique == (knowledgebase.Unique{}) {
+
+				if !edgeTmpl.Unique.Target || !edgeTmpl.Unique.Source {
 					// many-to-many is okay
 					availableResources.Add(res)
 					continue
 				}
 				switch action.Step.Direction {
 				case knowledgebase.DirectionDownstream:
-					if !edgeTmpl.Unique.Target {
-						// one-to-many is okay
+					if !edgeTmpl.Unique.Source {
+						// many-to-one is okay
 						availableResources.Add(res)
 						continue
 					}
 
 				case knowledgebase.DirectionUpstream:
-					if !edgeTmpl.Unique.Source {
-						// many-to-one are okay
+					if !edgeTmpl.Unique.Target {
+						// one-to-many are okay
 						availableResources.Add(res)
 						continue
 					}

diff --git a/pkg/engine2/path_selection/edge_validity.go b/pkg/engine2/path_selection/edge_validity.go
@@ -87,7 +87,7 @@ func checkProperties(ctx solution_context.SolutionContext, resource, toCheck *co
 			match, err := selector.CanUse(solution_context.DynamicCtx(ctx), knowledgebase.DynamicValueData{Resource: resource.ID},
 				toCheck)
 			if err != nil {
-				return fmt.Errorf("error checking if resource %s matches selector %s: %w", toCheck, selector, err)
+				return fmt.Errorf("error checking if resource %s matches selector %s: %w", toCheck, selector.Selector, err)
 			}
 			// if its a match for the selectors, lets ensure that it has a dependency and exists in the properties of the rul
 			if !match {
@@ -261,7 +261,7 @@ func checkIfCreatedAsUniqueValidity(ctx solution_context.SolutionContext, resour
 				match, err := selector.CanUse(solution_context.DynamicCtx(ctx), knowledgebase.DynamicValueData{Resource: currRes.ID},
 					resource)
 				if err != nil {
-					return fmt.Errorf("error checking if resource %s matches selector %s: %w", other, selector, err)
+					return fmt.Errorf("error checking if resource %s matches selector %s: %w", other, selector.Selector, err)
 				}
 				// if its a match for the selectors, lets ensure that it has a dependency and exists in the properties of the rul
 				if !match {

diff --git a/pkg/engine2/testdata/2_routes.expect.yaml b/pkg/engine2/testdata/2_routes.expect.yaml
@@ -50,6 +50,7 @@ resources:
         IntegrationHttpMethod: POST
         Method: aws:api_method:rest_api_1:api_method-0
         Resource: aws:api_resource:rest_api_1:api_resource-0
+        RequestParameters: {}
         RestApi: aws:rest_api:rest_api_1
         Route: /lambda0/api
         Target: aws:lambda_function:lambda_function_0
@@ -58,6 +59,7 @@ resources:
     aws:api_integration:rest_api_1:integ1:
         IntegrationHttpMethod: POST
         Method: aws:api_method:rest_api_1:api_method-1
+        RequestParameters: {}
         Resource: aws:api_resource:rest_api_1:api_resource-1
         RestApi: aws:rest_api:rest_api_1
         Route: /lambda1/api

diff --git a/pkg/engine2/testdata/ecs_rds.dataflow-viz.yaml b/pkg/engine2/testdata/ecs_rds.dataflow-viz.yaml
@@ -12,6 +12,6 @@ resources:
     parent: vpc/vpc-0
 
   ecs_service/ecs_service_0 -> rds_instance/rds-instance-2:
-    path: aws:ecs_task_definition:ecs_service_0,aws:iam_role:ecs_service_0-execution-role
+    path: aws:ecs_task_definition:ecs_service_0,aws:iam_role:ecs_service_0-rds-instance-2
 
 
diff --git a/pkg/engine2/testdata/ecs_rds.expect.yaml b/pkg/engine2/testdata/ecs_rds.expect.yaml
@@ -34,7 +34,7 @@ resources:
             rds-instance-2_RDS_ENDPOINT: aws:rds_instance:rds-instance-2#Endpoint
             rds-instance-2_RDS_PASSWORD: aws:rds_instance:rds-instance-2#Password
             rds-instance-2_RDS_USERNAME: aws:rds_instance:rds-instance-2#Username
-        ExecutionRole: aws:iam_role:ecs_service_0-execution-role
+        ExecutionRole: aws:iam_role:ecs_service_0-rds-instance-2
         Image: aws:ecr_image:ecs_service_0-image
         LogGroup: aws:log_group:ecs_service_0-log-group
         Memory: "512"
@@ -46,12 +46,12 @@ resources:
         Region: aws:region:region-0
         RequiresCompatibilities:
             - FARGATE
-        TaskRole: aws:iam_role:ecs_service_0-execution-role
+        TaskRole: aws:iam_role:ecs_service_0-rds-instance-2
     aws:ecr_image:ecs_service_0-image:
         Context: .
         Dockerfile: ecs_service_0-image.Dockerfile
         Repo: aws:ecr_repo:ecr_repo-0
-    aws:iam_role:ecs_service_0-execution-role:
+    aws:iam_role:ecs_service_0-rds-instance-2:
         AssumeRolePolicyDoc:
             Statement:
                 - Action:
@@ -78,27 +78,14 @@ resources:
         RetentionInDays: 5
     aws:ecr_repo:ecr_repo-0:
         ForceDelete: true
-    aws:availability_zone:region-0:availability_zone-0:
-        Index: 0
-        Region: aws:region:region-0
-    aws:availability_zone:region-0:availability_zone-1:
-        Index: 1
-        Region: aws:region:region-0
-    aws:availability_zone:region-0:availability_zone-2:
-        Index: 2
-        Region: aws:region:region-0
-    aws:availability_zone:region-0:availability_zone-3:
-        Index: 3
-        Region: aws:region:region-0
-    aws:region:region-0:
     aws:elastic_ip:elastic_ip-nat_gateway-route_table-subnet-0-0-0-0:
     aws:elastic_ip:elastic_ip-nat_gateway-route_table-subnet-1-1-1-1:
     aws:nat_gateway:subnet-2:nat_gateway-route_table-subnet-0-0-0:
         ElasticIp: aws:elastic_ip:elastic_ip-nat_gateway-route_table-subnet-0-0-0-0
         Subnet: aws:subnet:vpc-0:subnet-2
     aws:subnet:vpc-0:subnet-2:
-        AvailabilityZone: aws:availability_zone:region-0:availability_zone-2
-        CidrBlock: ""
+        AvailabilityZone: aws:availability_zone:region-0:availability_zone-0
+        CidrBlock: 10.0.0.0/18
         MapPublicIpOnLaunch: false
         RouteTable: aws:route_table:route_table-subnet-2-2
         Type: public
@@ -111,14 +98,17 @@ resources:
             - CidrBlock: 0.0.0.0/0
               Gateway: aws:internet_gateway:vpc-0:internet_gateway-0
         Vpc: aws:vpc:vpc-0
+    aws:availability_zone:region-0:availability_zone-0:
+        Index: 0
+        Region: aws:region:region-0
     aws:internet_gateway:vpc-0:internet_gateway-0:
         Vpc: aws:vpc:vpc-0
     aws:nat_gateway:subnet-3:nat_gateway-route_table-subnet-1-1-1:
         ElasticIp: aws:elastic_ip:elastic_ip-nat_gateway-route_table-subnet-1-1-1-1
         Subnet: aws:subnet:vpc-0:subnet-3
     aws:subnet:vpc-0:subnet-3:
-        AvailabilityZone: aws:availability_zone:region-0:availability_zone-3
-        CidrBlock: ""
+        AvailabilityZone: aws:availability_zone:region-0:availability_zone-1
+        CidrBlock: 10.0.64.0/18
         MapPublicIpOnLaunch: false
         RouteTable: aws:route_table:route_table-subnet-3-3
         Type: public
@@ -131,6 +121,10 @@ resources:
             - CidrBlock: 0.0.0.0/0
               Gateway: aws:internet_gateway:vpc-0:internet_gateway-0
         Vpc: aws:vpc:vpc-0
+    aws:availability_zone:region-0:availability_zone-1:
+        Index: 1
+        Region: aws:region:region-0
+    aws:region:region-0:
     aws:rds_instance:rds-instance-2:
         AllocatedStorage: 20
         DatabaseName: main
@@ -175,11 +169,6 @@ resources:
               Protocol: "-1"
               ToPort: 0
         IngressRules:
-            - Description: Allow ingress traffic from within the same security group
-              FromPort: 0
-              Protocol: "-1"
-              Self: true
-              ToPort: 0
             - CidrBlocks:
                 - 10.0.128.0/18
               Description: Allow ingress traffic from ip addresses within the subnet subnet-0
@@ -192,6 +181,11 @@ resources:
               FromPort: 0
               Protocol: "-1"
               ToPort: 0
+            - Description: Allow ingress traffic from within the same security group
+              FromPort: 0
+              Protocol: "-1"
+              Self: true
+              ToPort: 0
         Vpc: aws:vpc:vpc-0
     aws:route_table:route_table-subnet-0-0:
         Routes:
@@ -215,34 +209,32 @@ edges:
     aws:ecs_service:ecs_service_0 -> aws:subnet:vpc-0:subnet-0:
     aws:ecs_service:ecs_service_0 -> aws:subnet:vpc-0:subnet-1:
     aws:ecs_task_definition:ecs_service_0 -> aws:ecr_image:ecs_service_0-image:
-    aws:ecs_task_definition:ecs_service_0 -> aws:iam_role:ecs_service_0-execution-role:
+    aws:ecs_task_definition:ecs_service_0 -> aws:iam_role:ecs_service_0-rds-instance-2:
     aws:ecs_task_definition:ecs_service_0 -> aws:log_group:ecs_service_0-log-group:
     aws:ecs_task_definition:ecs_service_0 -> aws:region:region-0:
     aws:ecr_image:ecs_service_0-image -> aws:ecr_repo:ecr_repo-0:
-    aws:iam_role:ecs_service_0-execution-role -> aws:rds_instance:rds-instance-2:
-    aws:availability_zone:region-0:availability_zone-0 -> aws:region:region-0:
-    aws:availability_zone:region-0:availability_zone-1 -> aws:region:region-0:
-    aws:availability_zone:region-0:availability_zone-2 -> aws:region:region-0:
-    aws:availability_zone:region-0:availability_zone-3 -> aws:region:region-0:
+    aws:iam_role:ecs_service_0-rds-instance-2 -> aws:rds_instance:rds-instance-2:
     ? aws:nat_gateway:subnet-2:nat_gateway-route_table-subnet-0-0-0 -> aws:elastic_ip:elastic_ip-nat_gateway-route_table-subnet-0-0-0-0
     :
     aws:nat_gateway:subnet-2:nat_gateway-route_table-subnet-0-0-0 -> aws:subnet:vpc-0:subnet-2:
-    aws:subnet:vpc-0:subnet-2 -> aws:availability_zone:region-0:availability_zone-2:
+    aws:subnet:vpc-0:subnet-2 -> aws:availability_zone:region-0:availability_zone-0:
     aws:subnet:vpc-0:subnet-2 -> aws:route_table_association:subnet-2-route_table-subnet-2-2:
     aws:subnet:vpc-0:subnet-2 -> aws:vpc:vpc-0:
     aws:route_table_association:subnet-2-route_table-subnet-2-2 -> aws:route_table:route_table-subnet-2-2:
     aws:route_table:route_table-subnet-2-2 -> aws:internet_gateway:vpc-0:internet_gateway-0:
     aws:route_table:route_table-subnet-2-2 -> aws:vpc:vpc-0:
+    aws:availability_zone:region-0:availability_zone-0 -> aws:region:region-0:
     aws:internet_gateway:vpc-0:internet_gateway-0 -> aws:vpc:vpc-0:
     ? aws:nat_gateway:subnet-3:nat_gateway-route_table-subnet-1-1-1 -> aws:elastic_ip:elastic_ip-nat_gateway-route_table-subnet-1-1-1-1
     :
     aws:nat_gateway:subnet-3:nat_gateway-route_table-subnet-1-1-1 -> aws:subnet:vpc-0:subnet-3:
-    aws:subnet:vpc-0:subnet-3 -> aws:availability_zone:region-0:availability_zone-3:
+    aws:subnet:vpc-0:subnet-3 -> aws:availability_zone:region-0:availability_zone-1:
     aws:subnet:vpc-0:subnet-3 -> aws:route_table_association:subnet-3-route_table-subnet-3-3:
     aws:subnet:vpc-0:subnet-3 -> aws:vpc:vpc-0:
     aws:route_table_association:subnet-3-route_table-subnet-3-3 -> aws:route_table:route_table-subnet-3-3:
     aws:route_table:route_table-subnet-3-3 -> aws:internet_gateway:vpc-0:internet_gateway-0:
     aws:route_table:route_table-subnet-3-3 -> aws:vpc:vpc-0:
+    aws:availability_zone:region-0:availability_zone-1 -> aws:region:region-0:
     aws:rds_instance:rds-instance-2 -> aws:rds_subnet_group:rds_subnet_group-0:
     aws:rds_subnet_group:rds_subnet_group-0 -> aws:subnet:vpc-0:subnet-0:
     aws:rds_subnet_group:rds_subnet_group-0 -> aws:subnet:vpc-0:subnet-1:

diff --git a/pkg/engine2/testdata/ecs_rds.iac-viz.yaml b/pkg/engine2/testdata/ecs_rds.iac-viz.yaml
@@ -23,26 +23,20 @@ resources:
   aws:subnet:vpc-0/subnet-1 -> aws:security_group:vpc-0/security_group-rds-instance-2-1:
   aws:subnet:vpc-0/subnet-1 -> vpc/vpc-0:
 
-  aws:availability_zone:region-0/availability_zone-3:
-  aws:availability_zone:region-0/availability_zone-3 -> region/region-0:
-
-  aws:availability_zone:region-0/availability_zone-2:
-  aws:availability_zone:region-0/availability_zone-2 -> region/region-0:
-
   rds_subnet_group/rds_subnet_group-0:
   rds_subnet_group/rds_subnet_group-0 -> aws:subnet:vpc-0/subnet-0:
   rds_subnet_group/rds_subnet_group-0 -> aws:subnet:vpc-0/subnet-1:
 
   elastic_ip/elastic_ip-nat_gateway-route_table-subnet-1-1-1-1:
 
   aws:subnet:vpc-0/subnet-3:
-  aws:subnet:vpc-0/subnet-3 -> aws:availability_zone:region-0/availability_zone-3:
+  aws:subnet:vpc-0/subnet-3 -> aws:availability_zone:region-0/availability_zone-1:
   aws:subnet:vpc-0/subnet-3 -> vpc/vpc-0:
 
   elastic_ip/elastic_ip-nat_gateway-route_table-subnet-0-0-0-0:
 
   aws:subnet:vpc-0/subnet-2:
-  aws:subnet:vpc-0/subnet-2 -> aws:availability_zone:region-0/availability_zone-2:
+  aws:subnet:vpc-0/subnet-2 -> aws:availability_zone:region-0/availability_zone-0:
   aws:subnet:vpc-0/subnet-2 -> vpc/vpc-0:
 
   ecr_repo/ecr_repo-0:
@@ -65,8 +59,8 @@ resources:
   ecr_image/ecs_service_0-image:
   ecr_image/ecs_service_0-image -> ecr_repo/ecr_repo-0:
 
-  iam_role/ecs_service_0-execution-role:
-  iam_role/ecs_service_0-execution-role -> rds_instance/rds-instance-2:
+  iam_role/ecs_service_0-rds-instance-2:
+  iam_role/ecs_service_0-rds-instance-2 -> rds_instance/rds-instance-2:
 
   log_group/ecs_service_0-log-group:
 
@@ -90,7 +84,7 @@ resources:
 
   ecs_task_definition/ecs_service_0:
   ecs_task_definition/ecs_service_0 -> ecr_image/ecs_service_0-image:
-  ecs_task_definition/ecs_service_0 -> iam_role/ecs_service_0-execution-role:
+  ecs_task_definition/ecs_service_0 -> iam_role/ecs_service_0-rds-instance-2:
   ecs_task_definition/ecs_service_0 -> log_group/ecs_service_0-log-group:
   ecs_task_definition/ecs_service_0 -> region/region-0:
 

diff --git a/pkg/engine2/testdata/k8s_api.dataflow-viz.yaml b/pkg/engine2/testdata/k8s_api.dataflow-viz.yaml
@@ -8,7 +8,7 @@ resources:
     parent: vpc/vpc-0
 
   load_balancer/rest-api-4-integbcc77100 -> kubernetes:pod:eks_cluster-0/pod2:
-    path: aws:load_balancer_listener:rest_api_4_integration_0-pod2,aws:target_group:rest-api-4-integbcc77100,kubernetes:target_group_binding:eks_cluster-0:restapi4integration0-pod2,kubernetes:service:restapi4integration0-pod2
+    path: aws:load_balancer_listener:rest_api_4_integration_0-pod2,aws:target_group:rest-api-4-integbcc77100,kubernetes:target_group_binding:restapi4integration0-pod2,kubernetes:service:restapi4integration0-pod2
 
 
   kubernetes:helm_chart:eks_cluster-0/metricsserver: