refactoring and bugfix

api/InfrastructureTemplateController.py

@@ -19,7 +19,7 @@ def create_iac_from_intermediate_representation(intermediate_representation: dic
 @api_router.post("/iac/files")
 def create_iac_from_doml(data: str = Body(..., media_type="application/xml")):
     logging.info("Received create_iac_from_doml request")
-    compress_folder_info = Orchestrator.create_iac_from_doml(model=data, metamodel_directory="icgparser/doml",
+    compress_folder_info = Orchestrator.create_iac_from_doml(model=data, metamodel_directory="icgparser/doml/v1",
                                                              is_multiecore_metamodel=False)
     return FileResponse(path=compress_folder_info.file_path, media_type='application/octet-stream',
                         filename=compress_folder_info.filename)

controller/Orchestrator.py

@@ -89,7 +89,7 @@ def compress_file(source_folder, dest_file_name):
 
 def create_temp_model_file(model_xml):
     logging.info("Saving model in temp file")
-    temp_model_file_path = "icgparser/doml/nginx-openstack.domlx"
+    temp_model_file_path = "icgparser/doml/v1/nginx-openstack_v1.domlx"
     save_file(model_xml, temp_model_file_path)
     logging.info(f"Successfully saved model in temp file at {temp_model_file_path}")
     return temp_model_file_path

icgparser/DomlParserUtilities.py

@@ -125,7 +125,7 @@ def load_metamodel(metamodel_directory=METAMODEL_DIRECTORY, is_multiecore=False)
             mm_root = resource.contents[0]  # Get the root of the MetaModel (EPackage)
             rset.metamodel_registry[mm_root.nsURI] = mm_root
     else:
-        logging.info(f"Loading multiecore metamodel from {metamodel_directory}/doml.ecore")
+        logging.info(f"Loading ecore metamodel from {metamodel_directory}/doml.ecore")
         resource = rset.get_resource(URI(f"{metamodel_directory}/doml.ecore"))
         mm_root = resource.contents[0]  # Get the root of the MetaModel (EPackage)
         rset.metamodel_registry[mm_root.nsURI] = mm_root

icgparser/doml/v1/nginx-aws_v1.domlx

+<?xml version="1.0" encoding="ASCII"?>
+<commons:DOMLModel xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:app="http://www.piacere-project.eu/doml/application" xmlns:commons="http://www.piacere-project.eu/doml/commons" xmlns:infra="http://www.piacere-project.eu/doml/infrastructure" xmlns:optimization="http://www.piacere-project.eu/doml/optimization" name="nginx_openstack" activeConfiguration="//@configurations.0" activeInfrastructure="//@concretizations.0">
+  <application name="app">
+    <components xsi:type="app:SoftwareComponent" name="nginx">
+      <annotations xsi:type="commons:SProperty" key="source_code" value="/usr/share/nginx/html/index.html"/>
+    </components>
+  </application>
+  <infrastructure name="infra">
+    <nodes xsi:type="infra:AutoScalingGroup" name="ag" deploymentNetwork="//@infrastructure/@networks.0">
+      <machineDefinition name="vm1" credentials="//@infrastructure/@credentials.0" group="//@infrastructure/@groups.0" generatedFrom="//@infrastructure/@generators.0">
+        <ifaces name="i1" endPoint="10.0.0.1" belongsTo="//@infrastructure/@networks.0" associated="//@infrastructure/@groups.0"/>
+        <location region="eu-central-1"/>
+      </machineDefinition>
+    </nodes>
+    <networks name="vpc" protocol="tcp/ip" addressRange="10.0.0.0/24" connectedIfaces="//@infrastructure/@nodes.0/@machineDefinition/@ifaces.0">
+      <subnets name="vpc_subnet" protocol="tcp/ip" addressRange="10.0.0.0/24"/>
+    </networks>
+    <generators xsi:type="infra:VMImage" name="vm_img" uri="ami-xxxxxxxxxxxxxxxxx" kind="IMAGE" generatedVMs="//@infrastructure/@nodes.0/@machineDefinition"/>
+    <credentials xsi:type="infra:KeyPair" name="ssh_key" user="ec2-user" keyfile="/tmp/ssh_key_file" algorithm="RSA" bits="4096"/>
+    <groups xsi:type="infra:SecurityGroup" name="sg" groupedNodes="//@infrastructure/@nodes.0/@machineDefinition" ifaces="//@infrastructure/@nodes.0/@machineDefinition/@ifaces.0">
+      <rules name="icmp" protocol="icmp" fromPort="-1" toPort="-1">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+      <rules name="http" kind="INGRESS" protocol="tcp" fromPort="80" toPort="80">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+      <rules name="https" kind="INGRESS" protocol="tcp" fromPort="443" toPort="443">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+      <rules name="ssh" kind="INGRESS" protocol="tcp" fromPort="22" toPort="22">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+    </groups>
+  </infrastructure>
+  <concretizations name="con_infra">
+    <providers name="aws">
+      <vms name="ec2_vm" maps="//@infrastructure/@nodes.0/@machineDefinition">
+        <annotations xsi:type="commons:SProperty" key="instance_type" value="t2.micro"/>
+        <annotations xsi:type="commons:SProperty" key="ssh_key_name" value="demo-key"/>
+        <annotations xsi:type="commons:SProperty" key="ec2_role_name" value="demo-ec2-role"/>
+      </vms>
+      <vmImages name="concrete_vm_image" maps="//@infrastructure/@generators.0"/>
+      <networks name="concrete_net" maps="//@infrastructure/@networks.0"/>
+    </providers>
+  </concretizations>
+  <optimization name="opt">
+    <objectives xsi:type="optimization:MeasurableObjective" kind="min" property="cost"/>
+    <objectives xsi:type="optimization:MeasurableObjective" kind="max" property="availability"/>
+    <objectives xsi:type="optimization:MeasurableObjective" kind="max" property="performance"/>
+    <nonfunctionalRequirements xsi:type="commons:RangedRequirement" name="req1" description="Cost &lt;= 200" property="cost" max="200.0"/>
+    <nonfunctionalRequirements xsi:type="commons:RangedRequirement" name="req2" description="Availability >= 98%" property="availability" min="98.0"/>
+    <nonfunctionalRequirements xsi:type="commons:EnumeratedRequirement" name="req3" description="Region" property="region">
+      <values>00EU</values>
+    </nonfunctionalRequirements>
+    <nonfunctionalRequirements xsi:type="commons:EnumeratedRequirement" name="req4" description="Provider" property="provider">
+      <values>AMAZ</values>
+    </nonfunctionalRequirements>
+  </optimization>
+  <configurations name="config">
+    <deployments component="//@application/@components.0" node="//@infrastructure/@nodes.0/@machineDefinition"/>
+  </configurations>
+</commons:DOMLModel>

icgparser/doml/v1/nginx-openstack_v1.domlx

+<?xml version="1.0" encoding="ASCII"?>
+<commons:DOMLModel xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:app="http://www.piacere-project.eu/doml/application" xmlns:commons="http://www.piacere-project.eu/doml/commons" xmlns:infra="http://www.piacere-project.eu/doml/infrastructure" xmlns:optimization="http://www.piacere-project.eu/doml/optimization" name="nginx_openstack" activeConfiguration="//@configurations.0" activeInfrastructure="//@concretizations.0">
+  <application name="app">
+    <components xsi:type="app:SoftwareComponent" name="nginx">
+      <annotations xsi:type="commons:SProperty" key="source_code" value="/usr/share/nginx/html/index.html"/>
+    </components>
+  </application>
+  <infrastructure name="infra">
+    <nodes xsi:type="infra:AutoScalingGroup" name="ag" deploymentNetwork="//@infrastructure/@networks.0">
+      <machineDefinition name="vm1" os="ubuntu-20.04.3" credentials="//@infrastructure/@credentials.0" group="//@infrastructure/@groups.0" generatedFrom="//@infrastructure/@generators.0">
+        <ifaces name="i1" endPoint="16.0.0.1" belongsTo="//@infrastructure/@networks.0" associated="//@infrastructure/@groups.0"/>
+      </machineDefinition>
+    </nodes>
+    <networks name="net1" protocol="tcp/ip" addressRange="16.0.0.0/24" connectedIfaces="//@infrastructure/@nodes.0/@machineDefinition/@ifaces.0"/>
+    <generators xsi:type="infra:VMImage" name="v_img" generatedVMs="//@infrastructure/@nodes.0/@machineDefinition"/>
+    <credentials xsi:type="infra:KeyPair" name="ssh_key" user="ubuntu" keyfile="/home/user1/.ssh/openstack.key" algorithm="RSA" bits="4096"/>
+    <groups xsi:type="infra:SecurityGroup" name="sg" groupedNodes="//@infrastructure/@nodes.0/@machineDefinition" ifaces="//@infrastructure/@nodes.0/@machineDefinition/@ifaces.0">
+      <rules name="icmp" protocol="icmp" fromPort="-1" toPort="-1">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+      <rules name="http" kind="INGRESS" protocol="tcp" fromPort="80" toPort="80">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+      <rules name="https" kind="INGRESS" protocol="tcp" fromPort="443" toPort="443">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+      <rules name="ssh" kind="INGRESS" protocol="tcp" fromPort="22" toPort="22">
+        <cidr>0.0.0.0/0</cidr>
+      </rules>
+    </groups>
+  </infrastructure>
+  <concretizations name="con_infra">
+    <providers name="openstack">
+      <vms name="concrete_vm" maps="//@infrastructure/@nodes.0/@machineDefinition">
+        <annotations xsi:type="commons:SProperty" key="vm_name" value="nginx-host"/>
+        <annotations xsi:type="commons:SProperty" key="vm_flavor" value="small"/>
+        <annotations xsi:type="commons:SProperty" key="vm_key_name" value="user1"/>
+      </vms>
+      <vmImages name="concrete_vm_image" maps="//@infrastructure/@generators.0">
+        <annotations xsi:type="commons:SProperty" key="name" value="ubuntu-20.04.3"/>
+      </vmImages>
+      <networks name="concrete_net" maps="//@infrastructure/@networks.0">
+        <annotations xsi:type="commons:SProperty" key="name" value="ostack2"/>
+      </networks>
+    </providers>
+  </concretizations>
+  <optimization name="opt">
+    <objectives xsi:type="optimization:MeasurableObjective" kind="min" property="cost"/>
+    <nonfunctionalRequirements xsi:type="commons:RangedRequirement" name="req1" description="Cost &lt;= 200" property="cost" max="200.0"/>
+    <nonfunctionalRequirements xsi:type="commons:EnumeratedRequirement" name="req2" description="Provider" property="provider">
+      <values>OPEN</values>
+    </nonfunctionalRequirements>
+  </optimization>
+  <configurations name="config">
+    <deployments component="//@application/@components.0" node="//@infrastructure/@nodes.0/@machineDefinition"/>
+  </configurations>
+</commons:DOMLModel>

input_file_generated/ir.json

@@ -3,12 +3,57 @@
   "steps": [
     {
       "data": {
+        "computingGroup": [
+          {
+            "http": {
+              "cidr": [
+                "0.0.0.0/0"
+              ],
+              "fromPort": 80,
+              "kind": "INGRESS",
+              "name": "http",
+              "protocol": "tcp",
+              "toPort": 80
+            },
+            "https": {
+              "cidr": [
+                "0.0.0.0/0"
+              ],
+              "fromPort": 443,
+              "kind": "INGRESS",
+              "name": "https",
+              "protocol": "tcp",
+              "toPort": 443
+            },
+            "icmp": {
+              "cidr": [
+                "0.0.0.0/0"
+              ],
+              "fromPort": -1,
+              "kind": "EGRESS",
+              "name": "icmp",
+              "protocol": "icmp",
+              "toPort": -1
+            },
+            "infra_element_name": "sg",
+            "ssh": {
+              "cidr": [
+                "0.0.0.0/0"
+              ],
+              "fromPort": 22,
+              "kind": "INGRESS",
+              "name": "ssh",
+              "protocol": "tcp",
+              "toPort": 22
+            }
+          }
+        ],
         "credentials": [
           {
             "algorithm": "RSA",
             "bits": 4096,
+            "infra_element_name": "ssh_key",
             "keyfile": "/home/user1/.ssh/openstack.key",
-            "name": "ssh_key",
             "user": "ubuntu"
           }
         ],

main.py

@@ -14,9 +14,9 @@ logging.getLogger().setLevel(logging.INFO)
 # Parse parameters
 # -------------------------------------------------------------------------
 skip_next = False
-doml_directory = "./doml"
-model_filename = "./nginx-openstack_v2_multiecores.domlx"
-load_split_model = True
+doml_directory = "./icgparser/doml"
+model_filename = "icgparser/doml/v1/nginx-aws_v1.domlx"
+load_split_model = False
 output_file_name = "iac_files.tar.gz"
 
 

output_files_generated/nginx_openstack/terraform/main.tf

@@ -10,10 +10,10 @@ required_version = ">= 0.14.0"
 
 # Configure the OpenStack Provider
 provider "openstack" {
-  user_name   = var.openstack_username
-  tenant_name = "admin"
-  password    = var.openstack_password
-  auth_url    = var.openstack_auth_url
+  #user_name   = var.openstack_username
+  #tenant_name = "admin"
+  #password    = var.openstack_password
+  #auth_url    = var.openstack_auth_url
   insecure    = true
 }
 
@@ -39,6 +39,23 @@ resource "openstack_compute_instance_v2" "vm1" {
   network {
     port = openstack_networking_port_v2.net1.id
   }
+
+  ## AGENTS TO ADD
+  # this is subject to be moved to IEM as part of its baseline
+    provisioner "local-exec" {
+    command = "ansible-galaxy collection install community.general"
+  }
+
+  # this is subject to be moved to IEM as part of its baseline
+  provisioner "local-exec" {
+    command = "ansible-playbook ansible/playbooks/pma/site_requirements.yaml"
+  }
+
+  # secrets can be taken from environment variables at IEM but these security issues I will leave them to y2, the user can also be problematic ubuntu/root/centos/...
+  provisioner "local-exec" {
+    command = "ansible-playbook -u root -i '${openstack_networking_floatingip_v2.vm1_floating_ip_association.address},' ansible/playbooks/pma/site.yaml --extra-vars '{\"pma_deployment_id\": \"123e4567-e89b-12d3-a456-426614174002\", \"pma_influxdb_bucket\": \"bucket\", \"pma_influxdb_token\": \"piacerePassword\", \"pma_influxdb_org\": \"piacere\", \"pma_influxdb_addr\": \"https://influxdb.pm.ci.piacere.digital.tecnalia.dev\" }'"
+  }
+
 }
 
 # Create ssh keys
@@ -98,3 +115,50 @@ resource "openstack_networking_router_interface_v2" "net1_router_interface" {
   subnet_id = openstack_networking_subnet_v2.net1_subnet.id
 }
 
+# CREATING SECURITY_GROUP
+  
+resource "openstack_compute_secgroup_v2" "icmp" {
+  name        = "icmp"
+  description  = "Security group rule for port -1"
+  rule {
+    from_port   = -1
+    to_port     = -1
+    ip_protocol = "icmp"
+    cidr        = "0.0.0.0/0"
+  }
+}
+ 
+resource "openstack_compute_secgroup_v2" "http" {
+  name        = "http"
+  description  = "Security group rule for port 80"
+  rule {
+    from_port   = 80
+    to_port     = 80
+    ip_protocol = "tcp"
+    cidr        = "0.0.0.0/0"
+  }
+}
+ 
+resource "openstack_compute_secgroup_v2" "https" {
+  name        = "https"
+  description  = "Security group rule for port 443"
+  rule {
+    from_port   = 443
+    to_port     = 443
+    ip_protocol = "tcp"
+    cidr        = "0.0.0.0/0"
+  }
+}
+ 
+resource "openstack_compute_secgroup_v2" "ssh" {
+  name        = "ssh"
+  description  = "Security group rule for port 22"
+  rule {
+    from_port   = 22
+    to_port     = 22
+    ip_protocol = "tcp"
+    cidr        = "0.0.0.0/0"
+  }
+}
+
+

templates/terraform/open_stack/port_rule.tpl

-resource "openstack_compute_secgroup_v2" "{{ name }}" {
-  name        = "{{ name }}"
-  description  = "Security group rule for port {{ fromPort }}"
+# CREATING SECURITY_GROUP
+{% for key, value in context().items() %}{% if not callable(value)%} {%if value.kind and value.kind is defined %}
+resource "openstack_compute_secgroup_v2" "{{ key }}" {
+  name        = "{{ key }}"
+  description  = "Security group rule for port {{ value.fromPort }}"
   rule {
-    from_port   = {{ fromPort }}
-    to_port     = {{ toPort }}
-    ip_protocol = "{{ protocol }}"
-    cidr        = {% for range in cidr %}"{{ range }}"{% endfor %}
+    from_port   = {{ value.fromPort }}
+    to_port     = {{ value.toPort }}
+    ip_protocol = "{{ value.protocol }}"
+    cidr        = {% for range in value.cidr %}"{{ range }}"{% endfor %}
   }
 }
+{% endif %}{% endif %}{% endfor %}
\ No newline at end of file