[3/n] [reconfigurator-cli] drop dependency on reconfigurator-execution (#6783)

The only functions from reconfigurator-execution currently pulled in are these
helper methods. Move them into nexus-types so that reconfigurator-cli no longer
has to pull in the execution crate and all of its dependencies (particularly
nexus-db-model and nexus-db-queries).

There is one downside, which is that `Overridables`'s `#[cfg(test)]` methods
are no longer marked that way. However, it does make the overrides available to
places such as the reconfigurator-cli. (It would be interesting to have a
test-related overlay feature in omicron, i.e. a `testing` feature in many of
our crates, but we don't have that yet.)

I had to move some of the silo fixed data into nexus-types as well -- as part
of that I took the opportunity to switch to const methods for a couple of
UUIDs.

Author: sunshowers

Cargo.lock

@@ -21,7 +21,6 @@ humantime.workspace = true
 indexmap.workspace = true
 nexus-inventory.workspace = true
 nexus-reconfigurator-planning.workspace = true
-nexus-reconfigurator-execution.workspace = true
 nexus-sled-agent-shared.workspace = true
 nexus-types.workspace = true
 omicron-common.workspace = true

dev-tools/reconfigurator-cli/Cargo.toml

@@ -13,17 +13,17 @@ use clap::{Args, Parser, Subcommand};
 use dns_service_client::DnsDiff;
 use indexmap::IndexMap;
 use nexus_inventory::CollectionBuilder;
-use nexus_reconfigurator_execution::blueprint_external_dns_config;
-use nexus_reconfigurator_execution::blueprint_internal_dns_config;
 use nexus_reconfigurator_planning::blueprint_builder::BlueprintBuilder;
 use nexus_reconfigurator_planning::blueprint_builder::EnsureMultiple;
 use nexus_reconfigurator_planning::planner::Planner;
 use nexus_reconfigurator_planning::system::{
     SledBuilder, SledHwInventory, SystemDescription,
 };
 use nexus_sled_agent_shared::inventory::OmicronZonesConfig;
-use nexus_sled_agent_shared::inventory::SledRole;
 use nexus_sled_agent_shared::inventory::ZoneKind;
+use nexus_types::deployment::execution;
+use nexus_types::deployment::execution::blueprint_external_dns_config;
+use nexus_types::deployment::execution::blueprint_internal_dns_config;
 use nexus_types::deployment::BlueprintZoneFilter;
 use nexus_types::deployment::OmicronZoneNic;
 use nexus_types::deployment::PlanningInput;
@@ -882,10 +882,7 @@ fn cmd_blueprint_diff(
 
 fn make_sleds_by_id(
     sim: &ReconfiguratorSim,
-) -> Result<
-    BTreeMap<SledUuid, nexus_reconfigurator_execution::Sled>,
-    anyhow::Error,
-> {
+) -> Result<BTreeMap<SledUuid, execution::Sled>, anyhow::Error> {
     let collection = sim
         .system
         .to_collection_builder()
@@ -897,10 +894,10 @@ fn make_sleds_by_id(
         .sled_agents
         .iter()
         .map(|(sled_id, sled_agent_info)| {
-            let sled = nexus_reconfigurator_execution::Sled::new(
+            let sled = execution::Sled::new(
                 *sled_id,
                 sled_agent_info.sled_agent_address,
-                sled_agent_info.sled_role == SledRole::Scrimlet,
+                sled_agent_info.sled_role,
             );
             (*sled_id, sled)
         })

dev-tools/reconfigurator-cli/src/main.rs

@@ -3,7 +3,7 @@
 // file, You can obtain one at https://mozilla.org/MPL/2.0/.
 
 use nexus_db_model as model;
-use nexus_types::external_api::params;
+use nexus_types::{external_api::params, silo::INTERNAL_SILO_ID};
 use omicron_common::api::external::IdentityMetadataCreateParams;
 use once_cell::sync::Lazy;
 
@@ -21,7 +21,7 @@ pub static SERVICES_PROJECT_ID: Lazy<uuid::Uuid> = Lazy::new(|| {
 pub static SERVICES_PROJECT: Lazy<model::Project> = Lazy::new(|| {
     model::Project::new_with_id(
         *SERVICES_PROJECT_ID,
-        *super::silo::INTERNAL_SILO_ID,
+        INTERNAL_SILO_ID,
         params::ProjectCreate {
             identity: IdentityMetadataCreateParams {
                 name: SERVICES_DB_NAME.parse().unwrap(),

nexus/db-fixed-data/src/project.rs

@@ -3,26 +3,26 @@
 // file, You can obtain one at https://mozilla.org/MPL/2.0/.
 
 use nexus_db_model as model;
-use nexus_types::external_api::{params, shared};
+use nexus_types::{
+    external_api::{params, shared},
+    silo::{
+        default_silo_name, internal_silo_name, DEFAULT_SILO_ID,
+        INTERNAL_SILO_ID,
+    },
+};
 use omicron_common::api::external::IdentityMetadataCreateParams;
 use once_cell::sync::Lazy;
 
-pub static DEFAULT_SILO_ID: Lazy<uuid::Uuid> = Lazy::new(|| {
-    "001de000-5110-4000-8000-000000000000"
-        .parse()
-        .expect("invalid uuid for builtin silo id")
-});
-
 /// "Default" Silo
 ///
 /// This was historically used for demos and the unit tests.  The plan is to
 /// remove it per omicron#2305.
 pub static DEFAULT_SILO: Lazy<model::Silo> = Lazy::new(|| {
     model::Silo::new_with_id(
-        *DEFAULT_SILO_ID,
+        DEFAULT_SILO_ID,
         params::SiloCreate {
             identity: IdentityMetadataCreateParams {
-                name: "default-silo".parse().unwrap(),
+                name: default_silo_name().clone(),
                 description: "default silo".to_string(),
             },
             // This quota is actually _unused_ because the default silo
@@ -38,21 +38,14 @@ pub static DEFAULT_SILO: Lazy<model::Silo> = Lazy::new(|| {
     .unwrap()
 });
 
-/// UUID of built-in internal silo.
-pub static INTERNAL_SILO_ID: Lazy<uuid::Uuid> = Lazy::new(|| {
-    "001de000-5110-4000-8000-000000000001"
-        .parse()
-        .expect("invalid uuid for builtin silo id")
-});
-
 /// Built-in Silo to house internal resources. It contains no users and
 /// can't be logged into.
 pub static INTERNAL_SILO: Lazy<model::Silo> = Lazy::new(|| {
     model::Silo::new_with_id(
-        *INTERNAL_SILO_ID,
+        INTERNAL_SILO_ID,
         params::SiloCreate {
             identity: IdentityMetadataCreateParams {
-                name: "oxide-internal".parse().unwrap(),
+                name: internal_silo_name().clone(),
                 description: "Built-in internal Silo.".to_string(),
             },
             // The internal silo contains no virtual resources, so it has no allotted capacity.

nexus/db-fixed-data/src/silo.rs

@@ -5,7 +5,7 @@
 
 use super::role_builtin;
 use nexus_db_model as model;
-use nexus_types::identity::Asset;
+use nexus_types::{identity::Asset, silo::DEFAULT_SILO_ID};
 use once_cell::sync::Lazy;
 
 /// Test user that's granted all privileges, used for automated testing and
@@ -15,7 +15,7 @@ use once_cell::sync::Lazy;
 // not automatically at Nexus startup.  See omicron#2305.
 pub static USER_TEST_PRIVILEGED: Lazy<model::SiloUser> = Lazy::new(|| {
     model::SiloUser::new(
-        *crate::silo::DEFAULT_SILO_ID,
+        DEFAULT_SILO_ID,
         // "4007" looks a bit like "root".
         "001de000-05e4-4000-8000-000000004007".parse().unwrap(),
         "privileged".into(),
@@ -39,7 +39,7 @@ pub static ROLE_ASSIGNMENTS_PRIVILEGED: Lazy<Vec<model::RoleAssignment>> =
                 model::IdentityType::SiloUser,
                 USER_TEST_PRIVILEGED.id(),
                 role_builtin::SILO_ADMIN.resource_type,
-                *crate::silo::DEFAULT_SILO_ID,
+                DEFAULT_SILO_ID,
                 role_builtin::SILO_ADMIN.role_name,
             ),
         ]
@@ -51,7 +51,7 @@ pub static ROLE_ASSIGNMENTS_PRIVILEGED: Lazy<Vec<model::RoleAssignment>> =
 // not automatically at Nexus startup.  See omicron#2305.
 pub static USER_TEST_UNPRIVILEGED: Lazy<model::SiloUser> = Lazy::new(|| {
     model::SiloUser::new(
-        *crate::silo::DEFAULT_SILO_ID,
+        DEFAULT_SILO_ID,
         // 60001 is the decimal uid for "nobody" on Helios.
         "001de000-05e4-4000-8000-000000060001".parse().unwrap(),
         "unprivileged".into(),

nexus/db-fixed-data/src/silo_user.rs

@@ -11,11 +11,13 @@ use crate::sled_policy::DbSledPolicy;
 use chrono::{DateTime, Utc};
 use db_macros::Asset;
 use nexus_sled_agent_shared::inventory::SledRole;
+use nexus_types::deployment::execution;
 use nexus_types::{
     external_api::{shared, views},
     identity::Asset,
     internal_api::params,
 };
+use omicron_uuid_kinds::{GenericUuid, SledUuid};
 use std::net::Ipv6Addr;
 use std::net::SocketAddrV6;
 use uuid::Uuid;
@@ -140,6 +142,20 @@ impl From<Sled> for views::Sled {
     }
 }
 
+impl From<Sled> for execution::Sled {
+    fn from(sled: Sled) -> Self {
+        Self::new(
+            SledUuid::from_untyped_uuid(sled.id()),
+            sled.address(),
+            if sled.is_scrimlet {
+                SledRole::Scrimlet
+            } else {
+                SledRole::Gimlet
+            },
+        )
+    }
+}
+
 impl From<Sled> for params::SledAgentInfo {
     fn from(sled: Sled) -> Self {
         let role = if sled.is_scrimlet {

nexus/db-model/src/sled.rs

@@ -1954,6 +1954,7 @@ mod tests {
     use nexus_test_utils::db::test_setup_database;
     use nexus_types::external_api::params;
     use nexus_types::identity::Asset;
+    use nexus_types::silo::DEFAULT_SILO_ID;
     use omicron_common::api::external;
     use omicron_common::api::external::ByteCount;
     use omicron_common::api::external::IdentityMetadataCreateParams;
@@ -1963,7 +1964,7 @@ mod tests {
         datastore: &DataStore,
         opctx: &OpContext,
     ) -> (authz::Project, Project) {
-        let silo_id = *nexus_db_fixed_data::silo::DEFAULT_SILO_ID;
+        let silo_id = DEFAULT_SILO_ID;
         let project_id = Uuid::new_v4();
         datastore
             .project_create(

nexus/db-queries/src/db/datastore/instance.rs

@@ -184,6 +184,7 @@ mod tests {
     use nexus_db_model::Project;
     use nexus_test_utils::db::test_setup_database;
     use nexus_types::external_api::params;
+    use nexus_types::silo::DEFAULT_SILO_ID;
     use omicron_common::api::external::ByteCount;
     use omicron_common::api::external::IdentityMetadataCreateParams;
     use omicron_test_utils::dev;
@@ -194,7 +195,7 @@ mod tests {
         datastore: &DataStore,
         opctx: &OpContext,
     ) -> authz::Instance {
-        let silo_id = *nexus_db_fixed_data::silo::DEFAULT_SILO_ID;
+        let silo_id = DEFAULT_SILO_ID;
         let project_id = Uuid::new_v4();
         let instance_id = InstanceUuid::new_v4();
 

nexus/db-queries/src/db/datastore/migration.rs

@@ -444,11 +444,11 @@ mod test {
     use futures::StreamExt;
     use nexus_config::RegionAllocationStrategy;
     use nexus_db_fixed_data::silo::DEFAULT_SILO;
-    use nexus_db_fixed_data::silo::DEFAULT_SILO_ID;
     use nexus_db_model::IpAttachState;
     use nexus_db_model::{to_db_typed_uuid, Generation};
     use nexus_test_utils::db::test_setup_database;
     use nexus_types::external_api::params;
+    use nexus_types::silo::DEFAULT_SILO_ID;
     use omicron_common::api::external::{
         ByteCount, Error, IdentityMetadataCreateParams, LookupType, Name,
     };
@@ -552,8 +552,8 @@ mod test {
         // Associate silo with user
         let authz_silo = authz::Silo::new(
             authz::FLEET,
-            *DEFAULT_SILO_ID,
-            LookupType::ById(*DEFAULT_SILO_ID),
+            DEFAULT_SILO_ID,
+            LookupType::ById(DEFAULT_SILO_ID),
         );
         datastore
             .silo_user_create(
@@ -572,7 +572,7 @@ mod test {
             .fetch()
             .await
             .unwrap();
-        assert_eq!(*DEFAULT_SILO_ID, db_silo_user.silo_id);
+        assert_eq!(DEFAULT_SILO_ID, db_silo_user.silo_id);
 
         // fetch the one we just created
         let (.., fetched) = LookupPath::new(&opctx, &datastore)
@@ -630,7 +630,7 @@ mod test {
             Arc::new(authz::Authz::new(&logctx.log)),
             authn::Context::for_test_user(
                 silo_user_id,
-                *DEFAULT_SILO_ID,
+                DEFAULT_SILO_ID,
                 SiloAuthnPolicy::try_from(&*DEFAULT_SILO).unwrap(),
             ),
             Arc::clone(&datastore) as Arc<dyn nexus_auth::storage::Storage>,
@@ -1726,8 +1726,8 @@ mod test {
         // Create a new Silo user so that we can lookup their keys.
         let authz_silo = authz::Silo::new(
             authz::FLEET,
-            *DEFAULT_SILO_ID,
-            LookupType::ById(*DEFAULT_SILO_ID),
+            DEFAULT_SILO_ID,
+            LookupType::ById(DEFAULT_SILO_ID),
         );
         let silo_user_id = Uuid::new_v4();
         datastore
@@ -1777,7 +1777,7 @@ mod test {
                 .fetch()
                 .await
                 .unwrap();
-        assert_eq!(authz_silo.id(), *DEFAULT_SILO_ID);
+        assert_eq!(authz_silo.id(), DEFAULT_SILO_ID);
         assert_eq!(authz_silo_user.id(), silo_user_id);
         assert_eq!(found.silo_user_id, ssh_key.silo_user_id);
         assert_eq!(found.public_key, ssh_key.public_key);

nexus/db-queries/src/db/datastore/mod.rs

@@ -26,7 +26,7 @@ use async_bb8_diesel::AsyncRunQueryDsl;
 use chrono::Utc;
 use diesel::prelude::*;
 use nexus_db_fixed_data::project::SERVICES_PROJECT;
-use nexus_db_fixed_data::silo::INTERNAL_SILO_ID;
+use nexus_types::silo::INTERNAL_SILO_ID;
 use omicron_common::api::external::http_pagination::PaginatedBy;
 use omicron_common::api::external::CreateResult;
 use omicron_common::api::external::DeleteResult;
@@ -103,7 +103,7 @@ impl DataStore {
         debug!(opctx.log, "attempting to create built-in projects");
 
         let (authz_silo,) = db::lookup::LookupPath::new(&opctx, self)
-            .silo_id(*INTERNAL_SILO_ID)
+            .silo_id(INTERNAL_SILO_ID)
             .lookup_for(authz::Action::CreateChild)
             .await?;
 

nexus/db-queries/src/db/datastore/project.rs

@@ -33,7 +33,6 @@ use diesel::prelude::*;
 use diesel::result::Error as DieselError;
 use diesel::upsert::excluded;
 use ipnetwork::IpNetwork;
-use nexus_db_fixed_data::silo::INTERNAL_SILO_ID;
 use nexus_db_fixed_data::vpc_subnet::DNS_VPC_SUBNET;
 use nexus_db_fixed_data::vpc_subnet::NEXUS_VPC_SUBNET;
 use nexus_db_fixed_data::vpc_subnet::NTP_VPC_SUBNET;
@@ -57,6 +56,7 @@ use nexus_types::external_api::shared::IdentityType;
 use nexus_types::external_api::shared::IpRange;
 use nexus_types::external_api::shared::SiloRole;
 use nexus_types::identity::Resource;
+use nexus_types::silo::INTERNAL_SILO_ID;
 use omicron_common::api::external::AllowedSourceIps;
 use omicron_common::api::external::DataPageParams;
 use omicron_common::api::external::Error;
@@ -983,7 +983,7 @@ impl DataStore {
                 db::model::IpPoolResource {
                     ip_pool_id: internal_pool_id,
                     resource_type: db::model::IpPoolResourceType::Silo,
-                    resource_id: *INTERNAL_SILO_ID,
+                    resource_id: INTERNAL_SILO_ID,
                     is_default: true,
                 },
             )

nexus/db-queries/src/db/datastore/rack.rs

@@ -333,6 +333,7 @@ mod test {
     use nexus_db_model::SiloQuotasUpdate;
     use nexus_test_utils::db::test_setup_database;
     use nexus_types::external_api::params;
+    use nexus_types::silo::DEFAULT_SILO_ID;
     use omicron_common::api::external::IdentityMetadataCreateParams;
     use omicron_test_utils::dev;
     use uuid::Uuid;
@@ -380,7 +381,7 @@ mod test {
         opctx: &OpContext,
     ) -> TestData {
         let fleet_id = *nexus_db_fixed_data::FLEET_ID;
-        let silo_id = *nexus_db_fixed_data::silo::DEFAULT_SILO_ID;
+        let silo_id = DEFAULT_SILO_ID;
         let project_id = Uuid::new_v4();
 
         let (authz_project, _project) = datastore

nexus/db-queries/src/db/datastore/virtual_provisioning_collection.rs

@@ -33,7 +33,7 @@ pub(crate) async fn ensure_settings(
 #[cfg(test)]
 mod test {
     use super::*;
-    use crate::overridables::Overridables;
+    use crate::test_utils::overridables_for_test;
     use crate::test_utils::realize_blueprint_and_expect;
     use nexus_db_queries::authn;
     use nexus_db_queries::authz;
@@ -98,7 +98,7 @@ mod test {
         )
         .await;
         // Execute the initial blueprint.
-        let overrides = Overridables::for_test(cptestctx);
+        let overrides = overridables_for_test(cptestctx);
         _ = realize_blueprint_and_expect(
             &opctx, datastore, resolver, &blueprint, &overrides,
         )