feat(vpcpeering): Introduce validation for VpcTable

In previous commits, we introduced validation for VpcExpose and
VpcManifest objects; now we do the same for a VpcTable.

Here, we simply need to ensure, after building the table, that for any
two given Vpcs, we have at most a single Peering object between the two:
having more than one is not currently supported.

Signed-off-by: Quentin Monnet <[email protected]>

Author: qmonnet

mgmt/src/models/external/mod.rs

@@ -22,6 +22,8 @@ pub enum ConfigError {
     DuplicateVpcVni(u32),
     #[error("A VPC peering with id '{0}' already exists")]
     DuplicateVpcPeeringId(String),
+    #[error("Peerings '{0}' and '{1}' refer to the same two VPCs")]
+    DuplicateVpcPeerings(String, String),
     #[error("A VPC peering object refers to non-existent VPC '{0}'")]
     NoSuchVpc(String),
     #[error("'{0}' is not a valid VNI")]

mgmt/src/models/external/overlay/mod.rs

@@ -57,6 +57,7 @@ impl Overlay {
         /* collect peerings of every VPC */
         self.vpc_table
             .collect_peerings(&self.peering_table, &id_map);
+        self.vpc_table.validate()?;
 
         debug!(
             "Overlay configuration is VALID and looks as:\n{}\n{}",

mgmt/src/models/external/overlay/tests.rs

@@ -263,6 +263,41 @@ pub mod test {
         );
     }
 
+    #[test]
+    fn test_overlay_duplicate_peering() {
+        /* build VPCs */
+        let vpc1 = Vpc::new("VPC-1", "AAAAA", 3000).expect("Should succeed");
+        let vpc2 = Vpc::new("VPC-2", "BBBBB", 4000).expect("Should succeed");
+
+        /* build VPC table */
+        let mut vpc_table = VpcTable::new();
+        vpc_table.add(vpc1).expect("Should succeed");
+        vpc_table.add(vpc2).expect("Should succeed");
+
+        /* build peerings */
+        let peering1 = build_vpc_peering();
+        let mut peering2 = build_vpc_peering();
+        peering2.name = "Peering-2".to_owned();
+
+        let name1 = peering1.name.clone();
+        let name2 = peering2.name.clone();
+
+        assert_eq!(peering1.validate(), Ok(()));
+        assert_eq!(peering2.validate(), Ok(()));
+
+        /* build peering table */
+        let mut peering_table = VpcPeeringTable::new();
+        peering_table.add(peering1).expect("Should succeed");
+        peering_table.add(peering2).expect("Should succeed");
+
+        /* build overlay object and validate it */
+        let mut overlay = Overlay::new(vpc_table, peering_table);
+        assert_eq!(
+            overlay.validate(),
+            Err(ConfigError::DuplicateVpcPeerings(name2, name1))
+        );
+    }
+
     #[test]
     fn test_overlay() {
         /* build VPCs */

mgmt/src/models/external/overlay/vpc.rs

@@ -162,4 +162,24 @@ impl VpcTable {
         self.values_mut()
             .for_each(|vpc| vpc.collect_peerings(peering_table, idmap));
     }
+    /// Validate the [`VpcTable`]
+    pub fn validate(&self) -> ConfigResult {
+        for vpc in self.values() {
+            // For each VPC, loop over all peerings
+            for (index, peering) in vpc.peerings.iter().enumerate() {
+                // For each peering, compare with all remaining peerings for the same (local) VPC
+                for other_peering in vpc.peerings.iter().skip(index + 1) {
+                    // If several peerings, for the given local VPC, refer to the same remote VPC as
+                    // well, this is a configuration error
+                    if peering.remote_id == other_peering.remote_id {
+                        return Err(ConfigError::DuplicateVpcPeerings(
+                            peering.name.clone(),
+                            other_peering.name.clone(),
+                        ));
+                    }
+                }
+            }
+        }
+        Ok(())
+    }
 }