From 9cb1fa41e77e1612847f73a0b45d90409f4c7166 Mon Sep 17 00:00:00 2001
From: Sankalp Sanand <sankalp@agnostiq.ai>
Date: Fri, 3 Nov 2023 12:53:33 -0400
Subject: [PATCH] Fixing docker image and adding tf files (#75)

* added terraform files

* changed name variable

* removed unneeded pip installations in the docker image

* fixed docker image pip installation

* updated changelog
---
 .gitignore                                    | 10 ++++
 CHANGELOG.md                                  |  8 +++
 Dockerfile                                    |  2 +-
 MANIFEST.in                                   |  1 +
 covalent_braket_plugin/assets/infra/main.tf   | 59 +++++++++++++++++++
 .../assets/infra/outputs.tf                   | 30 ++++++++++
 .../assets/infra/variables.tf                 | 31 ++++++++++
 .../assets/infra/versions.tf                  | 24 ++++++++
 8 files changed, 164 insertions(+), 1 deletion(-)
 create mode 100644 covalent_braket_plugin/assets/infra/main.tf
 create mode 100644 covalent_braket_plugin/assets/infra/outputs.tf
 create mode 100644 covalent_braket_plugin/assets/infra/variables.tf
 create mode 100644 covalent_braket_plugin/assets/infra/versions.tf

diff --git a/.gitignore b/.gitignore
index 8596cc9..029bf83 100644
--- a/.gitignore
+++ b/.gitignore
@@ -113,3 +113,13 @@ ipython_config.py
 
 # Coverage
 .coverage
+
+# Terraform
+**/.terraform/**
+**/*.tfstate*
+**/.terraform.lock.hcl
+**/*.tfvars
+**/*.plan
+
+# Scratch
+*.ipynb
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9e9559f..6ab584b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [UNRELEASED]
 
+### Added
+
+- Added terraform files to the repo for deploying necessary resources
+
+### Changed
+
+- Removed the `--use-feature=in-tree-build` flag from the `pip install` command in the Dockerfile as it was causing the build to fail
+
 ## [0.27.0] - 2023-09-20
 
 ### Changed
diff --git a/Dockerfile b/Dockerfile
index eeb8407..ba24f44 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,7 +9,7 @@ RUN apt-get update && apt-get install -y \
   gcc \
   && rm -rf /var/lib/apt/lists/*
 
-RUN pip install --no-cache-dir --use-feature=in-tree-build --upgrade \
+RUN pip install --no-cache-dir --upgrade \
   amazon-braket-pennylane-plugin==1.6.9 \
   boto3==1.20.48 \
   pennylane==0.24.0 \
diff --git a/MANIFEST.in b/MANIFEST.in
index 510b4af..7ca813d 100644
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -1,2 +1,3 @@
 include VERSION
 include requirements.txt
+recursive-include covalent_braket_plugin/assets/infra/ *
diff --git a/covalent_braket_plugin/assets/infra/main.tf b/covalent_braket_plugin/assets/infra/main.tf
new file mode 100644
index 0000000..650c461
--- /dev/null
+++ b/covalent_braket_plugin/assets/infra/main.tf
@@ -0,0 +1,59 @@
+# Copyright 2023 Agnostiq Inc.
+#
+# This file is part of Covalent.
+#
+# Licensed under the Apache License 2.0 (the "License"). A copy of the
+# License may be obtained with this software package or at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Use of this file is prohibited except in compliance with the License.
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+provider "aws" {
+  region = var.aws_region
+}
+
+data "aws_caller_identity" "current" {}
+
+# The bucket name needs amazon-braket prefix to be able to use the braket service.
+resource "aws_s3_bucket" "braket_bucket" {
+  bucket        = "amazon-braket-${var.name}-bucket"
+  force_destroy = true
+}
+
+resource "aws_ecr_repository" "braket_ecr_repo" {
+  name                 = "${var.name}-base-executor-repo"
+  image_tag_mutability = "MUTABLE"
+
+  force_delete = true
+  image_scanning_configuration {
+    scan_on_push = false
+  }
+
+  provisioner "local-exec" {
+    command = "docker pull public.ecr.aws/covalent/covalent-braket-executor:${var.executor_base_image_tag_name} && aws ecr get-login-password --region ${var.aws_region} | docker login --username AWS --password-stdin ${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.aws_region}.amazonaws.com && docker tag public.ecr.aws/covalent/covalent-braket-executor:${var.executor_base_image_tag_name} ${aws_ecr_repository.braket_ecr_repo.repository_url}:${var.executor_base_image_tag_name} && docker push ${aws_ecr_repository.braket_ecr_repo.repository_url}:${var.executor_base_image_tag_name}"
+  }
+}
+
+resource "aws_iam_role" "braket_iam_role" {
+  name = "${var.name}-role"
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = "sts:AssumeRole"
+        Effect = "Allow"
+        Sid    = ""
+        Principal = {
+          Service = "braket.amazonaws.com"
+        }
+      },
+    ]
+  })
+  managed_policy_arns = ["arn:aws:iam::aws:policy/AmazonBraketFullAccess"]
+}
diff --git a/covalent_braket_plugin/assets/infra/outputs.tf b/covalent_braket_plugin/assets/infra/outputs.tf
new file mode 100644
index 0000000..f38e644
--- /dev/null
+++ b/covalent_braket_plugin/assets/infra/outputs.tf
@@ -0,0 +1,30 @@
+# Copyright 2023 Agnostiq Inc.
+#
+# This file is part of Covalent.
+#
+# Licensed under the Apache License 2.0 (the "License"). A copy of the
+# License may be obtained with this software package or at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Use of this file is prohibited except in compliance with the License.
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+output "braket_job_execution_role_name" {
+  value       = aws_iam_role.braket_iam_role.id
+  description = "Allocated IAM role name"
+}
+
+output "s3_bucket_name" {
+  value       = aws_s3_bucket.braket_bucket.id
+  description = "Allocated AWS S3 bucket name for storing lambda files"
+}
+
+output "ecr_image_uri" {
+  value       = "${aws_ecr_repository.braket_ecr_repo.repository_url}:${var.executor_base_image_tag_name}"
+  description = "Allocated ECR repo name"
+}
diff --git a/covalent_braket_plugin/assets/infra/variables.tf b/covalent_braket_plugin/assets/infra/variables.tf
new file mode 100644
index 0000000..d837335
--- /dev/null
+++ b/covalent_braket_plugin/assets/infra/variables.tf
@@ -0,0 +1,31 @@
+# Copyright 2023 Agnostiq Inc.
+#
+# This file is part of Covalent.
+#
+# Licensed under the Apache License 2.0 (the "License"). A copy of the
+# License may be obtained with this software package or at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Use of this file is prohibited except in compliance with the License.
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Prefix this "name" with something unique for your deployment
+variable "name" {
+  default     = "covalent-braket"
+  description = "Name to be used in the new provisioned resources"
+}
+
+variable "aws_region" {
+  default     = "us-east-1"
+  description = "AWS region in which to run Braket"
+}
+
+variable "executor_base_image_tag_name" {
+  default = "latest"
+  description = "The tag name associate base executor image that is pushed to the provisioned private ecr repo"
+}
diff --git a/covalent_braket_plugin/assets/infra/versions.tf b/covalent_braket_plugin/assets/infra/versions.tf
new file mode 100644
index 0000000..618e285
--- /dev/null
+++ b/covalent_braket_plugin/assets/infra/versions.tf
@@ -0,0 +1,24 @@
+# Copyright 2023 Agnostiq Inc.
+#
+# This file is part of Covalent.
+#
+# Licensed under the Apache License 2.0 (the "License"). A copy of the
+# License may be obtained with this software package or at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Use of this file is prohibited except in compliance with the License.
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.17"
+    }
+  }
+}