#714 added SSL certificate option for protocol-add

allmightyspiff · allmightyspiff · commit 653979dab6a2 · 2024-09-16T17:09:55.000-05:00
diff --git a/plugin/commands/loadbal/protocols_add.go b/plugin/commands/loadbal/protocols_add.go
@@ -26,6 +26,7 @@ type ProtocolAddCommand struct {
 	Sticky              string
 	ClientTimeout       int
 	ServerTimeout       int
+	SslId				int
 }
 
 func NewProtocolAddCommand(sl *metadata.SoftlayerCommand) *ProtocolAddCommand {
@@ -36,22 +37,30 @@ func NewProtocolAddCommand(sl *metadata.SoftlayerCommand) *ProtocolAddCommand {
 	cobraCmd := &cobra.Command{
 		Use:   "protocol-add",
 		Short: T("Add a new load balancer protocol"),
-		Long:  T("${COMMAND_NAME} sl loadbal protocol-add (--id LOADBAL_ID) [--front-protocol PROTOCOL] [back-protocol PROTOCOL] [--front-port PORT] [--back-port PORT] [-m, --method METHOD] [-c, --connections CONNECTIONS] [--sticky cookie | source-ip] [--client-timeout SECONDS] [--server-timeout SECONDS]"),
+		Long:  T(`Creates a new mapping between incoming traffic to the loadbalancer and the backend servers.
+Use '{COMMAND_NAME}  sl security cert-list' to get IDs for the --ssl-id option.
+See: https://cloud.ibm.com/docs/loadbalancer-service?topic=loadbalancer-service-about-ibm-cloud-load-balancer for more details
+
+Example:
+	${COMMAND_NAME} sl loadbal protocol-add --id 1115129 --front-port 443 --front-protocol HTTPS --back-port 80 --back-protocol HTTP --ssl-id 335659 --client-timeout 60 --connections 100
+	Creates a new protocol on Load Balancer 1115129 that terminates SSL on port 443, mapping to a backend port 80 HTTP. Using SSL cert 335659
+`),
 		Args:  metadata.NoArgs,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			return thisCmd.Run(args)
 		},
 	}
 	cobraCmd.Flags().IntVar(&thisCmd.Id, "id", 0, T("ID for the load balancer [required]"))
 	cobraCmd.Flags().StringVar(&thisCmd.FrontProtocol, "front-protocol", "HTTP", T("Protocol type to use for incoming connections: [HTTP|HTTPS|TCP]. Default: HTTP"))
-	cobraCmd.Flags().StringVar(&thisCmd.BackProtocol, "back-protocol", "", T("Protocol type to use when connecting to backend servers: [HTTP|HTTPS|TCP]. Defaults to whatever --front-protocol is"))
+	cobraCmd.Flags().StringVar(&thisCmd.BackProtocol, "back-protocol", "HTTP", T("Protocol type to use when connecting to backend servers: [HTTP|HTTPS|TCP]. Defaults to whatever --front-protocol is"))
 	cobraCmd.Flags().IntVar(&thisCmd.FrontPort, "front-port", 80, T("Internet side port"))
 	cobraCmd.Flags().IntVar(&thisCmd.BackPort, "back-port", 80, T("Private side port"))
 	cobraCmd.Flags().StringVarP(&thisCmd.Method, "method", "m", "ROUNDROBIN", T("Balancing Method: [ROUNDROBIN|LEASTCONNECTION|WEIGHTED_RR]"))
 	cobraCmd.Flags().IntVarP(&thisCmd.Connections, "connections", "c", 0, T("Maximum number of connections to allow"))
 	cobraCmd.Flags().StringVar(&thisCmd.Sticky, "sticky", "", T("Use 'cookie' or 'source-ip' to stick"))
 	cobraCmd.Flags().IntVar(&thisCmd.ClientTimeout, "client-timeout", 0, T("Client side timeout setting, in seconds"))
 	cobraCmd.Flags().IntVar(&thisCmd.ServerTimeout, "server-timeout", 0, T("Server side timeout setting, in seconds"))
+	cobraCmd.Flags().IntVar(&thisCmd.SslId, "ssl-id", 0, T("Identifier of the SSL certificate to attach to this protocol. Only valid for HTTPS."))
 	thisCmd.Command = cobraCmd
 	return thisCmd
 }
@@ -62,42 +71,19 @@ func (cmd *ProtocolAddCommand) Run(args []string) error {
 		return errors.NewMissingInputError("--id")
 	}
 
-	frontProtocol := cmd.FrontProtocol
-	if frontProtocol == "" {
-		frontProtocol = "HTTP"
-	}
-
-	backProtocol := cmd.BackProtocol
-	if backProtocol == "" {
-		backProtocol = frontProtocol
-	}
-
-	frontPort := cmd.FrontPort
-	if frontPort == 0 {
-		frontPort = 80
-	}
-
-	backPort := cmd.BackPort
-	if backPort == 0 {
-		backPort = 80
-	}
-
-	method := cmd.Method
-	if method == "" {
-		method = "ROUNDROBIN"
-	}
 
 	loadbalancerUUID, err := cmd.LoadBalancerManager.GetLoadBalancerUUID(loadbalID)
 	if err != nil {
 		return errors.New(T("Failed to get load balancer: {{.ERR}}.", map[string]interface{}{"ERR": err.Error()}))
 	}
 
+	// Sets up all the required parameters
 	protocolConfigurations := datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{
-		BackendPort:         &backPort,
-		BackendProtocol:     &backProtocol,
-		FrontendPort:        &frontPort,
-		FrontendProtocol:    &frontProtocol,
-		LoadBalancingMethod: &method,
+		BackendPort:         &cmd.BackPort,
+		BackendProtocol:     &cmd.BackProtocol,
+		FrontendPort:        &cmd.FrontPort,
+		FrontendProtocol:    &cmd.FrontProtocol,
+		LoadBalancingMethod: &cmd.Method,
 	}
 
 	var sessionType string
@@ -112,21 +98,23 @@ func (cmd *ProtocolAddCommand) Run(args []string) error {
 	}
 
 	if cmd.Connections != 0 {
-		connections := cmd.Connections
-		protocolConfigurations.MaxConn = &connections
+		protocolConfigurations.MaxConn = &cmd.Connections
 	}
 
 	if cmd.ClientTimeout != 0 {
-		cTimeout := cmd.ClientTimeout
-		protocolConfigurations.ClientTimeout = &cTimeout
+		protocolConfigurations.ClientTimeout = &cmd.ClientTimeout
 	}
 
 	if cmd.ServerTimeout != 0 {
-		sTimeout := cmd.ServerTimeout
-		protocolConfigurations.ServerTimeout = &sTimeout
+		protocolConfigurations.ServerTimeout = &cmd.ServerTimeout
 	}
 
-	_, err = cmd.LoadBalancerManager.AddLoadBalancerListener(&loadbalancerUUID, []datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{protocolConfigurations})
+	if cmd.SslId != 0 {
+		protocolConfigurations.TlsCertificateId = &cmd.SslId
+	}
+	_, err = cmd.LoadBalancerManager.AddLoadBalancerListener(
+		&loadbalancerUUID, []datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{protocolConfigurations},
+	)
 	if err != nil {
 		return errors.New(T("Failed to add protocol: {{.Error}}.\n", map[string]interface{}{"Error": err.Error()}))
 	}
diff --git a/plugin/commands/loadbal/protocols_add_test.go b/plugin/commands/loadbal/protocols_add_test.go
@@ -87,6 +87,17 @@ var _ = Describe("LoadBal_protocol-add_Test", func() {
 			Expect(*argsForCall[0].LoadBalancingMethod).To(Equal("ROUNDROBIN"))
 			Expect(fakeUI.Outputs()).To(ContainSubstring("OK"))
 		})
+		It("--ssl-id option", func() {
+			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345", "--ssl-id=9999", "--front-protocol=HTTPS")
+			Expect(err).NotTo(HaveOccurred())
+			lbUUID, argsForCall := fakeLBManager.AddLoadBalancerListenerArgsForCall(0)
+			Expect(*lbUUID).To(Equal("aaa-bbb-111"))
+			Expect(len(argsForCall)).To(Equal(1))
+			Expect(*argsForCall[0].FrontendProtocol).To(Equal("HTTPS"))
+			Expect(*argsForCall[0].BackendProtocol).To(Equal("HTTP"))
+			Expect(*argsForCall[0].TlsCertificateId).To(Equal(9999))
+			Expect(fakeUI.Outputs()).To(ContainSubstring("OK"))
+		})
 		It("with sticky as cookie", func() {
 			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345", "--sticky", "cookie")
 			Expect(err).NotTo(HaveOccurred())
diff --git a/plugin/i18n/v2Resources/active.en-US.json b/plugin/i18n/v2Resources/active.en-US.json
@@ -185,9 +185,6 @@
   "${COMMAND_NAME} sl loadbal order-options [-d, --datacenter DATACENTER]": {
     "other": "${COMMAND_NAME} sl loadbal order-options [-d, --datacenter DATACENTER]"
   },
-  "${COMMAND_NAME} sl loadbal protocol-add (--id LOADBAL_ID) [--front-protocol PROTOCOL] [back-protocol PROTOCOL] [--front-port PORT] [--back-port PORT] [-m, --method METHOD] [-c, --connections CONNECTIONS] [--sticky cookie | source-ip] [--client-timeout SECONDS] [--server-timeout SECONDS]": {
-    "other": "${COMMAND_NAME} sl loadbal protocol-add (--id LOADBAL_ID) [--front-protocol PROTOCOL] [back-protocol PROTOCOL] [--front-port PORT] [--back-port PORT] [-m, --method METHOD] [-c, --connections CONNECTIONS] [--sticky cookie | source-ip] [--client-timeout SECONDS] [--server-timeout SECONDS]"
-  },
   "${COMMAND_NAME} sl loadbal protocol-delete (--lb-id LOADBAL_ID) (--protocol-uuid PROTOCOL_UUID)": {
     "other": "${COMMAND_NAME} sl loadbal protocol-delete (--lb-id LOADBAL_ID) (--protocol-uuid PROTOCOL_UUID)"
   },
@@ -1568,6 +1565,9 @@
   "Created translation from {{.StaticIP}} to {{.RemoteIP}} #{{.ID}}.": {
     "other": "Created translation from {{.StaticIP}} to {{.RemoteIP}} #{{.ID}}."
   },
+  "Creates a new mapping between incoming traffic to the loadbalancer and the backend servers.\nUse '{COMMAND_NAME}  sl security cert-list' to get IDs for the --ssl-id option.\nSee: https://cloud.ibm.com/docs/loadbalancer-service?topic=loadbalancer-service-about-ibm-cloud-load-balancer for more details\n\nExample:\n\t${COMMAND_NAME} sl loadbal protocol-add --id 1115129 --front-port 443 --front-protocol HTTPS --back-port 80 --back-protocol HTTP --ssl-id 335659 --client-timeout 60 --connections 100\n\tCreates a new protocol on Load Balancer 1115129 that terminates SSL on port 443, mapping to a backend port 80 HTTP. Using SSL cert 335659\n": {
+    "other": "Creates a new mapping between incoming traffic to the loadbalancer and the backend servers.\nUse '{COMMAND_NAME}  sl security cert-list' to get IDs for the --ssl-id option.\nSee: https://cloud.ibm.com/docs/loadbalancer-service?topic=loadbalancer-service-about-ibm-cloud-load-balancer for more details\n\nExample:\n\t${COMMAND_NAME} sl loadbal protocol-add --id 1115129 --front-port 443 --front-protocol HTTPS --back-port 80 --back-protocol HTTP --ssl-id 335659 --client-timeout 60 --connections 100\n\tCreates a new protocol on Load Balancer 1115129 that terminates SSL on port 443, mapping to a backend port 80 HTTP. Using SSL cert 335659\n"
+  },
   "Creates a purge record and also initiates the purge call.": {
     "other": "Creates a purge record and also initiates the purge call."
   },
@@ -3914,6 +3914,9 @@
   "Identifier": {
     "other": "Identifier"
   },
+  "Identifier of the SSL certificate to attach to this protocol. Only valid for HTTPS.": {
+    "other": "Identifier of the SSL certificate to attach to this protocol. Only valid for HTTPS."
+  },
   "If a volume (with replication) becomes inaccessible due to a disaster event, this method can be used to immediately\nfailover to an available replica in another location. This method does not allow for fail back via the API.\nTo fail back to the original volume after using this method, open a support ticket.\nTo test failover, use '${COMMAND_NAME} sl {{.storageType}} replica-failover' instead.\n\nEXAMPLE:\n\t${COMMAND_NAME} sl {{.storageType}} disaster-recovery-failover 12345678 87654321\n\tThis command performs failover operation for volume with ID 12345678 to replica volume with ID 87654321.": {
     "other": "If a volume (with replication) becomes inaccessible due to a disaster event, this method can be used to immediately\nfailover to an available replica in another location. This method does not allow for fail back via the API.\nTo fail back to the original volume after using this method, open a support ticket.\nTo test failover, use '${COMMAND_NAME} sl {{.storageType}} replica-failover' instead.\n\nEXAMPLE:\n\t${COMMAND_NAME} sl {{.storageType}} disaster-recovery-failover 12345678 87654321\n\tThis command performs failover operation for volume with ID 12345678 to replica volume with ID 87654321."
   },
@@ -5009,9 +5012,6 @@
   "POOL_UUID, URL or HTTPS_PROTOCOL_UUID . It's only available in REDIRECT_POOL | REDIRECT_URL | REDIRECT_HTTPS action": {
     "other": "POOL_UUID, URL or HTTPS_PROTOCOL_UUID . It's only available in REDIRECT_POOL | REDIRECT_URL | REDIRECT_HTTPS action"
   },
-  "PPTP VPN": {
-    "other": "PPTP VPN"
-  },
   "Package": {
     "other": "Package"
   },
