[ECS] Modify ELB listener rules other than defaults without adding config

[t-kikuc]

What this PR does / why we need it:

Modifying listener rules which is not the default rule without specifying in app.pipecd.config, unlike #4726.

Which issue(s) this PR fixes:

Fixes #4725

Does this PR introduce a user-facing change?: no

• How are users affected by this change: no
• Is this breaking change: no
• How to migrate (if breaking change): no

** A short explanation **

If the ELB and app.pipecd.yaml are as below, the rules that will be modified are rule-A1,rule-B1 and rule-B2
since they have the same target groups as app.pipecd.yaml.

ELB-X
|-- Listener-A
|    |-- rule-A1 (default)
|        |-- targetGroup-p
|        |-- targetGroup-c
|-- Listener-B
    |-- rule-B1 (default)
    |    |-- targetGroup-p
    |    |-- targetGroup-c
    |-- rule-B2   [path-pattern: /xxx/*]
    |    |-- targetGroup-p
    |    |-- targetGroup-c
    |-- rule-B3   [path-pattern: /yyy/*]
        |-- targetGroup-x
        |-- targetGroup-y

app.pipecd.yaml:

apiVersion: pipecd.dev/v1beta1
kind: ECSApp
spec:
  input:
    targetGroups:
      primary:
        targetGroupArn: arn:aws:elasticloadbalancing:ap-northeast-1:<account-id>:targetgroup/xxx/yyy1 # targetGroup-p
      canary:
        targetGroupArn: arn:aws:elasticloadbalancing:ap-northeast-1:<account-id>:targetgroup/xxx/yyy2 # targetGroup-c

[codecov]

Codecov Report

Attention: 41 lines in your changes are missing coverage. Please review.

Comparison is base (847b578) 30.84% compared to head (fd13dff) 30.84%.
Report is 10 commits behind head on master.

Files	Patch %	Lines
pkg/app/piped/platformprovider/ecs/client.go	0.00%	41 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4733      +/-   ##
==========================================
- Coverage   30.84%   30.84%   -0.01%     
==========================================
  Files         221      222       +1     
  Lines       25993    26037      +44     
==========================================
+ Hits         8018     8030      +12     
- Misses      17325    17357      +32     
  Partials      650      650              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[t-kikuc]

/review

[github-actions]

PR Analysis

Main theme

ECS Load Balancer Rule Modification

PR summary

The PR changes the approach for modifying ECS load balancer rules by describing ECS rules and subsequently modifying them based on certain conditions. It introduces a check to only modify rules that have the same target groups as defined in the new `RoutingTrafficConfig`.

Type of PR

Enhancement

PR Feedback:

General suggestions

The PR enhances the rule modification logic of ECS load balancers by being more selective in the rules it updates, which seems like a good improvement for accuracy and potentially efficiency. To further improve the code, consider handling possible edge cases and addressing any minor code quality concerns, such as variable declaration placement.

Code feedback

- relevant file: `pkg/app/piped/platformprovider/ecs/client.go`
  suggestion: |
    Consider moving the declaration of `var modifiedActions []elbtypes.Action` outside of the for-loop to avoid re-declaration every loop iteration. Although it is scoped within the for-loop, it's not dependent on the loop iteration and could be reused which may aid in readability.
  relevant line: |
    `+			var modifiedActions []elbtypes.Action`

- relevant file: `pkg/app/piped/platformprovider/ecs/routing_traffic.go`
  suggestion: |
    Ensure that you handle potential null pointer dereferences when working with AWS SDK objects. In the `hasSameTargets` method, add null checks for `forwardActionTargets[i].TargetGroupArn` before dereferencing it to prevent runtime panics. (important)
  relevant line: |
    `+		return *forwardActionTargets[i].TargetGroupArn < *forwardActionTargets[j].TargetGroupArn`

- relevant file: `pkg/app/piped/platformprovider/ecs/routing_traffic.go`
  suggestion: |
    Implement a guard clause in the `hasSameTargets` method for early return if `c` or `forwardActionTargets` are nil to prevent unnecessary sorting or comparison and enhance code clarity. (medium)
  relevant line: |
    `+	if len(c) != len(forwardActionTargets) {`

Security concerns:

no

The PR does not introduce changes that are directly related to common security issues. It primarily deals with load balancer rule modifications and does not involve user input handling, database operations, or other areas typically associated with security vulnerabilities like SQL injection, XSS, or CSRF.

[t-kikuc]

@moko-poi @nnnkkk7
Does this PR satisfy your usecases?

[khanhtc1202]

Instead of sorting both, then iterating through, using an extra map with TargetGroupArn as key could provide a better performance. It's a more straightforward approach.

[t-kikuc]

@khanhtc1202 Thanks! I'll try

[t-kikuc]

@khanhtc1202
I fixed on 727e13c

[khanhtc1202]

Suggested change

	return fmt.Errorf("failed to describe rules %s: %w", listenerArn, err)
	return fmt.Errorf("failed to describe rules of listener %s: %w", listenerArn, err)

[khanhtc1202]

Suggested change

	var modifiedActions []elbtypes.Action
	modifiedActions := make([]elbtypes.Action, 0, len(rule.Actions))

[khanhtc1202]

LGTM with some nits 👍

[t-kikuc]

@khanhtc1202
Thank you for reviewing, I fixed two

[khanhtc1202]

Great improvement 👍

[khanhtc1202]

@ffjlabo plz check 👀👀

[ffjlabo]

tc := tc is needed 👀
ref: https://www.tddfellow.com/blog/2016/01/08/why-do-you-need-to-be-careful-with-loop-variable-in-go/

[t-kikuc]

@ffjlabo Thank you so much! I fixed

[ffjlabo]

[nit] It would be nice to use struct{} empty struct :)
This is more efficient because it does not allocate memory.

Suggested change

	cMap := make(map[string]bool)
	for _, item := range c {
	cMap[item.TargetGroupArn] = true
	}
	for _, target := range forwardActionTargets {
	if !cMap[*target.TargetGroupArn] {
	return false
	}
	}
	cMap := make(map[string]struct{})
	for _, item := range c {
	cMap[item.TargetGroupArn] = struct{}{}
	}
	for _, target := range forwardActionTargets {
	if _, ok := cMap[*target.TargetGroupArn]; !ok {
	return false
	}
	}

[t-kikuc]

@ffjlabo Thank you so much! I fixed

[t-kikuc]

@ffjlabo
I fixed again to use tc:=tc as you suggested instead of tc:=testcase
because I found an article that recommends to use the same name.

https://go.dev/wiki/CommonMistakes

[ffjlabo]

LGTM 🚀

[khanhtc1202]

🚀

[t-kikuc]

I'll add the below diagrams to the doc later.

1. Previously, only the default rule was controlled during deployments:

   

2. Now piped can also control the rules other than the default:

   

3. Besides, piped controls all rules that have the common target groups: