From 3c5e73369ae52712b68d82d0f4660e87b85a9f52 Mon Sep 17 00:00:00 2001
From: Luca Di Maio <luca.dimaio1@gmail.com>
Date: Thu, 31 Aug 2023 12:33:50 +0000
Subject: [PATCH 1/2] feat: add multiple SG declaration support

Signed-off-by: Luca Di Maio <luca.dimaio1@gmail.com>
---
 README.md                   |  2 +-
 hack/provider/provider.yaml |  2 +-
 pkg/aws/aws.go              | 30 +++++++++++++++++++-----------
 3 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 35772f3..daa3ffe 100644
--- a/README.md
+++ b/README.md
@@ -40,7 +40,7 @@ This provider has the following options
 | AWS_INSTANCE_TYPE | false    | The machine type to use.              | c5.xlarge               |
 | AWS_REGION        | true     | The aws cloud region to create the VM |                         |
 | AWS_VPC_ID        | false    | The vpc id to use.                    |                         |
-| AWS_SECURITY_GROUP_ID | false | The security group ID for the VM     |  created if not specified |
+| AWS_SECURITY_GROUP_ID | false | The security group ID is a comma separated list of IDs for the VM     |  created if not specified |
 | AWS_SUBNET_ID         | false | The subnet ID for the VM | created if not specified |
 | AWS_INSTANCE_TAGS     | false | Additional flags for the VM in the form of "Name=XXX,Value=YYY " | |
 | AWS_INSTANCE_PROFILE_ARN  | false | The ARN of the instance profile to use for the VM | created if not specified |
diff --git a/hack/provider/provider.yaml b/hack/provider/provider.yaml
index 237176f..5e24767 100644
--- a/hack/provider/provider.yaml
+++ b/hack/provider/provider.yaml
@@ -71,7 +71,7 @@ options:
     description: The subnet id to use.
     default: ""
   AWS_SECURITY_GROUP_ID:
-    description: The security group id to use.
+    description: The security group id to use. Multiple can be specified by separating with a comma.
     default: ""
   AWS_AMI:
     description: The disk image to use.
diff --git a/pkg/aws/aws.go b/pkg/aws/aws.go
index 384fb39..6c41e62 100644
--- a/pkg/aws/aws.go
+++ b/pkg/aws/aws.go
@@ -328,9 +328,9 @@ func CreateDevpodInstanceProfile(ctx context.Context, provider *AwsProvider) (st
 	return *response.InstanceProfile.Arn, nil
 }
 
-func GetDevpodSecurityGroup(ctx context.Context, provider *AwsProvider) (string, error) {
+func GetDevpodSecurityGroup(ctx context.Context, provider *AwsProvider) ([]string, error) {
 	if provider.Config.SecurityGroupID != "" {
-		return provider.Config.SecurityGroupID, nil
+		return strings.Split(provider.Config.SecurityGroupID, ","), nil
 	}
 
 	svc := ec2.NewFromConfig(provider.AwsConfig)
@@ -357,10 +357,20 @@ func GetDevpodSecurityGroup(ctx context.Context, provider *AwsProvider) (string,
 	result, err := svc.DescribeSecurityGroups(ctx, input)
 	// It it is not created, do it
 	if len(result.SecurityGroups) == 0 || err != nil {
-		return CreateDevpodSecurityGroup(ctx, provider)
+		sg, err := CreateDevpodSecurityGroup(ctx, provider)
+		if err != nil {
+			return nil, err
+		}
+
+		return []string{sg}, nil
 	}
 
-	return *result.SecurityGroups[0].GroupId, nil
+	sgs := []string{}
+	for res := range result.SecurityGroups {
+		sgs = append(sgs, *result.SecurityGroups[res].GroupId)
+	}
+
+	return sgs, nil
 }
 
 func CreateDevpodSecurityGroup(ctx context.Context, provider *AwsProvider) (string, error) {
@@ -608,13 +618,11 @@ func Create(
 	}
 
 	instance := &ec2.RunInstancesInput{
-		ImageId:      aws.String(providerAws.Config.DiskImage),
-		InstanceType: types.InstanceType(providerAws.Config.MachineType),
-		MinCount:     aws.Int32(1),
-		MaxCount:     aws.Int32(1),
-		SecurityGroupIds: []string{
-			devpodSG,
-		},
+		ImageId:          aws.String(providerAws.Config.DiskImage),
+		InstanceType:     types.InstanceType(providerAws.Config.MachineType),
+		MinCount:         aws.Int32(1),
+		MaxCount:         aws.Int32(1),
+		SecurityGroupIds: devpodSG,
 		BlockDeviceMappings: []types.BlockDeviceMapping{
 			{
 				DeviceName: aws.String("/dev/sda1"),

From 670ae9253bc9618a90f0670eaa3ef170482c9826 Mon Sep 17 00:00:00 2001
From: Luca Di Maio <luca.dimaio1@gmail.com>
Date: Fri, 1 Sep 2023 13:31:00 +0000
Subject: [PATCH 2/2] fix: correctly name the function

Signed-off-by: Luca Di Maio <luca.dimaio1@gmail.com>
---
 pkg/aws/aws.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkg/aws/aws.go b/pkg/aws/aws.go
index 6c41e62..29150d8 100644
--- a/pkg/aws/aws.go
+++ b/pkg/aws/aws.go
@@ -328,7 +328,7 @@ func CreateDevpodInstanceProfile(ctx context.Context, provider *AwsProvider) (st
 	return *response.InstanceProfile.Arn, nil
 }
 
-func GetDevpodSecurityGroup(ctx context.Context, provider *AwsProvider) ([]string, error) {
+func GetDevpodSecurityGroups(ctx context.Context, provider *AwsProvider) ([]string, error) {
 	if provider.Config.SecurityGroupID != "" {
 		return strings.Split(provider.Config.SecurityGroupID, ","), nil
 	}
@@ -605,7 +605,7 @@ func Create(
 ) (*ec2.RunInstancesOutput, error) {
 	svc := ec2.NewFromConfig(cfg)
 
-	devpodSG, err := GetDevpodSecurityGroup(ctx, providerAws)
+	devpodSG, err := GetDevpodSecurityGroups(ctx, providerAws)
 	if err != nil {
 		return nil, err
 	}