feat(rust): adjustments for public eks

Author: adrianbenavides

implementations/rust/ockam/ockam_api/src/orchestrator/ai_platform/controller_client.rs

@@ -48,7 +48,23 @@ impl AiPlatformApi for ControllerClient {
             .tell(ctx, "zones", req)
             .await
             .into_diagnostic()?
-            .miette_success("delete zone")
+            .miette_success("delete zone")?;
+
+        // Check if the zone was deleted successfully by attempting to list zones
+        let max_timeout = std::time::Duration::from_secs(20);
+        let start_time = std::time::Instant::now();
+        loop {
+            let zones = self.list_zones(ctx, cluster).await?;
+            if zones.iter().all(|zone| zone.zone != zone_name) {
+                break;
+            }
+            if start_time.elapsed() > max_timeout {
+                return Err(miette::miette!("Timeout while waiting for zone deletion"));
+            }
+            tokio::time::sleep(std::time::Duration::from_secs(1)).await;
+        }
+
+        Ok(())
     }
 
     async fn deploy_zone(

implementations/rust/ockam/ockam_api/src/orchestrator/ai_platform/node_service_client.rs

@@ -212,10 +212,14 @@ impl AiPlatformApi for InMemoryNode {
         is_public: Option<bool>,
     ) -> miette::Result<EcrCredentials> {
         let url = format!("{}/api/{}/ecr", *AI_API_BASE_URL, cluster);
+        let is_public = is_public.unwrap_or(false);
+        // TODO: remove once latest provisioner gets deployed
+        let region = if is_public { "us-east-1" } else { "us-west-2" };
 
         let body = serde_json::json!({
             "image_name": image_name,
-            "is_public": is_public.unwrap_or(false),
+            "is_public": is_public,
+            "region": region,
         });
 
         let client = reqwest::Client::new();

implementations/rust/ockam/ockam_api/src/orchestrator/ai_platform/requests.rs

@@ -149,6 +149,7 @@ impl DeleteSecret {
 pub struct ProvisionEcr {
     #[n(1)] pub image_name: String,
     #[n(2)] pub is_public: bool,
+    #[n(3)] pub region: String,
 }
 
 impl Encodable for ProvisionEcr {
@@ -165,9 +166,16 @@ impl Decodable for ProvisionEcr {
 
 impl ProvisionEcr {
     pub fn new(image_name: &str, is_public: bool) -> Self {
+        // TODO: remove once latest provisioner gets deployed
+        let region = if is_public {
+            "us-east-1".to_string()
+        } else {
+            "us-west-2".to_string()
+        };
         Self {
             image_name: image_name.to_string(),
             is_public,
+            region,
         }
     }
 }

implementations/rust/ockam/ockam_api/src/orchestrator/ai_platform/responses.rs

@@ -44,6 +44,7 @@ impl Display for Cluster {
 #[cbor(map)]
 pub struct Zone {
     #[n(1)] pub zone: String,
+    #[serde(alias="customer")]
     #[n(2)] pub cluster: String,
 }
 
@@ -113,7 +114,8 @@ impl Decodable for SecretList {
 #[rustfmt::skip]
 #[cbor(map)]
 pub struct EcrCredentials {
-    #[n(1)] pub customer: String,
+    #[serde(alias="customer")]
+    #[n(1)] pub cluster: String,
     #[n(2)] pub image_name: String,
     #[n(3)] pub repository_uri: String,
     #[n(4)] pub auth_token: String,

implementations/rust/ockam/ockam_command/src/cluster/create.rs

@@ -43,16 +43,16 @@ pub struct CreateCommand {
     pub use_public_ecr: bool,
 
     // === Specific args for the HTTP API endpoint
-    /// Force the command to use the HTTP API.
-    /// By default, the command will use the Orchestrator API.
-    #[arg(long)]
-    pub use_http_api: bool,
-
     /// The Cluster that will be used to set up the Zone.
     /// If not set, it will be retrieved from the enrolled user data.
     #[arg(long)]
     pub cluster: Option<String>,
 
+    /// Force the command to use the HTTP API.
+    /// By default, the command will use the Orchestrator API.
+    #[arg(long)]
+    pub use_http_api: bool,
+
     /// The API endpoint of the Ockam AI Platform.
     /// Defaults to `http://localhost:30080`.
     #[arg(long)]
@@ -76,8 +76,12 @@ impl InMemoryNodeCommand for CreateNodeCommand {
 
     async fn run(&self, node: Arc<InMemoryNode>) -> miette::Result<()> {
         let ctx = node.ctx();
-        let api_client = get_api_client(&node, self.command.use_http_api).await?;
-        let cluster = api_client.get_cluster(ctx).await?.into_inner();
+        let use_http_api = self.command.use_http_api || self.command.api_endpoint.is_some();
+        let api_client = get_api_client(&node, use_http_api).await?;
+        let cluster = match &self.command.cluster {
+            None => api_client.get_cluster(ctx).await?.into_inner(),
+            Some(cluster) => cluster.to_string(),
+        };
         let zone_config = self
             .command
             .process_images(ctx, &self.opts, &*api_client, &cluster)
@@ -281,7 +285,7 @@ impl CreateCommand {
         api_client
             .create_zone(ctx, cluster, &self.zone_name)
             .await?;
-        // TODO: how do we pass the secrets to the command? maybe as a json/yaml file?
+        // TODO: how do we pass the secrets to the command?
         // api_client.create_secret(ctx, cluster, &self.zone_name, secret_name, secret_fields).await?;
 
         let zone_config_json = serde_json::to_value(&zone_config).into_diagnostic()?;

implementations/rust/ockam/ockam_command/src/cluster/delete.rs

@@ -27,16 +27,16 @@ pub struct DeleteCommand {
     pub zone_name: String,
 
     // === Specific args for the HTTP API endpoint
-    /// Force the command to use the HTTP API.
-    /// By default, the command will use the Orchestrator API.
-    #[arg(long)]
-    pub use_http_api: bool,
-
     /// The Cluster that will be used to set up the Zone.
     /// If not set, it will be retrieved from the enrolled user data.
     #[arg(long)]
     pub cluster: Option<String>,
 
+    /// Force the command to use the HTTP API.
+    /// By default, the command will use the Orchestrator API.
+    #[arg(long)]
+    pub use_http_api: bool,
+
     /// The API endpoint of the Ockam AI Platform.
     /// Defaults to `http://localhost:30080`.
     #[arg(long)]
@@ -60,8 +60,12 @@ impl InMemoryNodeCommand for DeployNodeCommand {
 
     async fn run(&self, node: Arc<InMemoryNode>) -> miette::Result<()> {
         let ctx = node.ctx();
-        let api_client = get_api_client(&node, self.command.use_http_api).await?;
-        let cluster = api_client.get_cluster(ctx).await?.into_inner();
+        let use_http_api = self.command.use_http_api || self.command.api_endpoint.is_some();
+        let api_client = get_api_client(&node, use_http_api).await?;
+        let cluster = match &self.command.cluster {
+            None => api_client.get_cluster(ctx).await?.into_inner(),
+            Some(cluster) => cluster.to_string(),
+        };
         api_client
             .delete_zone(ctx, &cluster, &self.command.zone_name)
             .await?;

implementations/rust/ockam/ockam_command/src/cluster/inlet.rs

@@ -14,6 +14,7 @@ use ockam::transport::SchemeHostnamePort;
 use ockam_abac::PolicyExpression;
 use ockam_api::cli_state::OCKAM_HOME;
 use ockam_api::nodes::InMemoryNode;
+use ockam_api::orchestrator::ai_platform::node_service_client::AI_API_BASE_URL_ENV;
 use ockam_api::CliState;
 use ockam_node::Context;
 
@@ -74,6 +75,11 @@ pub struct InletCommand {
     /// By default, the command will use the Orchestrator API.
     #[arg(long)]
     pub use_http_api: bool,
+
+    /// The API endpoint of the Ockam AI Platform.
+    /// Defaults to `http://localhost:30080`.
+    #[arg(long)]
+    pub api_endpoint: Option<String>,
 }
 
 #[derive(Clone)]
@@ -84,8 +90,16 @@ struct InletNodeCommand {
 
 #[async_trait]
 impl InMemoryNodeCommand for InletNodeCommand {
+    async fn init(&self) -> miette::Result<()> {
+        if let Some(api_endpoint) = &self.command.api_endpoint {
+            std::env::set_var(AI_API_BASE_URL_ENV, api_endpoint);
+        }
+        Ok(())
+    }
+
     async fn run(&self, node: Arc<InMemoryNode>) -> miette::Result<()> {
-        let api_client = get_api_client(&node, self.command.use_http_api).await?;
+        let use_http_api = self.command.use_http_api || self.command.api_endpoint.is_some();
+        let api_client = get_api_client(&node, use_http_api).await?;
         let cluster = match &self.command.cluster {
             None => api_client.get_cluster(node.ctx()).await?.into_inner(),
             Some(cluster) => cluster.to_string(),

implementations/rust/ockam/ockam_command/src/cluster/outlet.rs

@@ -28,14 +28,6 @@ before_help = docs::before_help(PREVIEW_TAG),
 after_long_help = docs::after_help(AFTER_LONG_HELP)
 )]
 pub struct OutletCommand {
-    /// The Cluster that hosts the Zone.
-    #[arg(long)]
-    pub cluster: Option<String>,
-
-    /// The name of the Zone to connect to
-    #[arg(long)]
-    pub zone_name: String,
-
     // == Node Options ==
     #[arg(long, env = "ENROLLMENT_TICKET", value_name = "ENROLLMENT TICKET")]
     #[arg(help = docs::about("\
@@ -70,12 +62,6 @@ pub struct OutletCommand {
         id = "POLICY_EXPRESSION"
     )]
     pub allow: Option<PolicyExpression>,
-
-    // === Specific args for the HTTP API endpoint
-    /// Force the command to use the HTTP API.
-    /// By default, the command will use the Orchestrator API.
-    #[arg(long)]
-    pub use_http_api: bool,
 }
 
 #[derive(Clone)]

implementations/rust/ockam/ockam_command/src/enroll/handler.rs

@@ -26,7 +26,6 @@ use ockam_api::colors::{color_primary, color_uri, color_warn, OckamColor};
 use ockam_api::enroll::enrollment::{EnrollStatus, Enrollment};
 use ockam_api::enroll::oidc_service::OidcService;
 use ockam_api::nodes::InMemoryNode;
-use ockam_api::orchestrator::ai_platform::api::AiPlatformApi;
 use ockam_api::orchestrator::enroll::auth0::*;
 use ockam_api::orchestrator::project::Project;
 use ockam_api::orchestrator::project::ProjectsOrchestratorApi;
@@ -349,13 +348,13 @@ impl EnrollHandler {
         controller: &ControllerClient,
         token: OidcToken,
     ) -> miette::Result<Option<String>> {
-        let mut cluster: Option<String> = None;
+        let cluster: Option<String> = None;
         let reply = if self.is_ai_cloud_account {
             let reply = controller.enroll_ai_with_oidc_token(ctx, token).await?;
             // if let AiEnrollStatus::EnrolledSuccessfully(c) = &reply {
             //     cluster = Some(c.to_string());
             // }
-            cluster = Some(controller.get_cluster(ctx).await?.into_inner()); // TODO: remove once enroll_ai_with_oidc_token is fixed
+            // cluster = Some(controller.get_cluster(ctx).await?.into_inner()); // TODO: remove once enroll_ai_with_oidc_token is fixed
             reply.into()
         } else {
             controller.enroll_with_oidc_token(ctx, token).await?