Merge pull request #869 from SoftLayer/issues714

Adds SSL support for LoadBalancer protocols

Author: allmightyspiff

plugin/commands/loadbal/protocol_edit.go

@@ -27,6 +27,7 @@ type ProtocolEditCommand struct {
 	Sticky              string
 	ClientTimeout       int
 	ServerTimeout       int
+	SslId               int
 }
 
 func NewProtocolEditCommand(sl *metadata.SoftlayerCommand) *ProtocolEditCommand {
@@ -37,23 +38,30 @@ func NewProtocolEditCommand(sl *metadata.SoftlayerCommand) *ProtocolEditCommand
 	cobraCmd := &cobra.Command{
 		Use:   "protocol-edit",
 		Short: T("Edit load balancer protocol"),
-		Long:  T("${COMMAND_NAME} sl loadbal protocol-edit (--id LOADBAL_ID) (--protocol-uuid PROTOCOL_UUID) [--front-protocol PROTOCOL] [back-protocol PROTOCOL] [--front-port PORT] [--back-port PORT] [-m, --method METHOD] [-c, --connections CONNECTIONS] [--sticky cookie | source-ip] [--client-timeout SECONDS] [--server-timeout SECONDS]"),
-		Args:  metadata.NoArgs,
+		Long: T(`Use '${COMMAND_NAME} sl loadbal detail' to find the --protocol-uuid values for a loadbalancer
+Example:
+	${COMMAND_NAME} sl loadbal protocol-add --id 1115129 --protocol-uuid 8ec8911a-c32d-4678-89fe-979f182c822f --ssl-id 123
+	This command changes the SSL certificate
+`),
+		Args: metadata.NoArgs,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			return thisCmd.Run(args)
 		},
 	}
-	cobraCmd.Flags().IntVar(&thisCmd.Id, "id", 0, T("ID for the load balancer [required]"))
+	cobraCmd.Flags().IntVar(&thisCmd.Id, "id", -1, T("ID for the load balancer [required]"))
 	cobraCmd.Flags().StringVar(&thisCmd.ProtocolUuid, "protocol-uuid", "", T("UUID of the protocol you want to edit."))
-	cobraCmd.Flags().StringVar(&thisCmd.FrontProtocol, "front-protocol", "HTTP", T("Protocol type to use for incoming connections: [HTTP|HTTPS|TCP]. Default: HTTP"))
+	cobraCmd.Flags().StringVar(&thisCmd.FrontProtocol, "front-protocol", "", T("Protocol type to use for incoming connections: [HTTP|HTTPS|TCP]. Default: HTTP"))
 	cobraCmd.Flags().StringVar(&thisCmd.BackProtocol, "back-protocol", "", T("Protocol type to use when connecting to backend servers: [HTTP|HTTPS|TCP]. Defaults to whatever --front-protocol is"))
-	cobraCmd.Flags().IntVar(&thisCmd.FrontPort, "front-port", 80, T("Internet side port"))
-	cobraCmd.Flags().IntVar(&thisCmd.BackPort, "back-port", 80, T("Private side port"))
-	cobraCmd.Flags().StringVarP(&thisCmd.Method, "method", "m", "ROUNDROBIN", T("Balancing Method: [ROUNDROBIN|LEASTCONNECTION|WEIGHTED_RR]"))
-	cobraCmd.Flags().IntVarP(&thisCmd.Connections, "connections", "c", 0, T("Maximum number of connections to allow"))
+	cobraCmd.Flags().IntVar(&thisCmd.FrontPort, "front-port", -1, T("Internet side port"))
+	cobraCmd.Flags().IntVar(&thisCmd.BackPort, "back-port", -1, T("Private side port"))
+	cobraCmd.Flags().StringVarP(&thisCmd.Method, "method", "m", "", T("Balancing Method: [ROUNDROBIN|LEASTCONNECTION|WEIGHTED_RR]"))
+	cobraCmd.Flags().IntVarP(&thisCmd.Connections, "connections", "c", -1, T("Maximum number of connections to allow"))
 	cobraCmd.Flags().StringVar(&thisCmd.Sticky, "sticky", "", T("Use 'cookie' or 'source-ip' to stick"))
-	cobraCmd.Flags().IntVar(&thisCmd.ClientTimeout, "client-timeout", 0, T("Client side timeout setting, in seconds"))
-	cobraCmd.Flags().IntVar(&thisCmd.ServerTimeout, "server-timeout", 0, T("Server side timeout setting, in seconds"))
+	cobraCmd.Flags().IntVar(&thisCmd.ClientTimeout, "client-timeout", -1, T("Client side timeout setting, in seconds"))
+	cobraCmd.Flags().IntVar(&thisCmd.ServerTimeout, "server-timeout", -1, T("Server side timeout setting, in seconds"))
+	cobraCmd.Flags().IntVar(&thisCmd.SslId, "ssl-id", -1, T("Identifier of the SSL certificate to attach to this protocol. Only valid for HTTPS."))
+	cobraCmd.MarkFlagRequired("id") //#nosec G104
+	cobraCmd.MarkFlagRequired("protocol-uuid") //#nosec G104
 	thisCmd.Command = cobraCmd
 	return thisCmd
 }
@@ -62,7 +70,7 @@ func (cmd *ProtocolEditCommand) Run(args []string) error {
 	protocolConfiguration := datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{}
 
 	loadbalID := cmd.Id
-	if loadbalID == 0 {
+	if loadbalID == -1 {
 		return errors.NewMissingInputError("--id")
 	}
 
@@ -71,45 +79,37 @@ func (cmd *ProtocolEditCommand) Run(args []string) error {
 		return errors.New(T("Failed to get load balancer: {{.ERR}}.", map[string]interface{}{"ERR": err.Error()}))
 	}
 
-	protoUUID := cmd.ProtocolUuid
-	if protoUUID == "" {
+	if cmd.ProtocolUuid == "" {
 		return errors.NewMissingInputError("--protocol-uuid")
 	}
-	protocolConfiguration.ListenerUuid = &protoUUID
+	protocolConfiguration.ListenerUuid = &cmd.ProtocolUuid
 
 	if cmd.FrontProtocol != "" {
-		frontProtocol := cmd.FrontProtocol
-		protocolConfiguration.FrontendProtocol = &frontProtocol
+		protocolConfiguration.FrontendProtocol = &cmd.FrontProtocol
 	}
 
 	if cmd.BackProtocol != "" {
-		backProtocol := cmd.BackProtocol
-		protocolConfiguration.BackendProtocol = &backProtocol
+		protocolConfiguration.BackendProtocol = &cmd.BackProtocol
 	}
 
-	if cmd.FrontPort != 0 {
-		frontPort := cmd.FrontPort
-		protocolConfiguration.FrontendPort = &frontPort
+	if cmd.FrontPort != -1 {
+		protocolConfiguration.FrontendPort = &cmd.FrontPort
 	}
 
-	if cmd.BackPort != 0 {
-		backPort := cmd.BackPort
-		protocolConfiguration.BackendPort = &backPort
+	if cmd.BackPort != -1 {
+		protocolConfiguration.BackendPort = &cmd.BackPort
 	}
 
 	if cmd.Method != "" {
-		method := cmd.Method
-		protocolConfiguration.LoadBalancingMethod = &method
+		protocolConfiguration.LoadBalancingMethod = &cmd.Method
 	}
 
-	if cmd.ClientTimeout != 0 {
-		cTimeout := cmd.ClientTimeout
-		protocolConfiguration.ClientTimeout = &cTimeout
+	if cmd.ClientTimeout != -1 {
+		protocolConfiguration.ClientTimeout = &cmd.ClientTimeout
 	}
 
-	if cmd.ServerTimeout != 0 {
-		sTimeout := cmd.ServerTimeout
-		protocolConfiguration.ServerTimeout = &sTimeout
+	if cmd.ServerTimeout != -1 {
+		protocolConfiguration.ServerTimeout = &cmd.ServerTimeout
 	}
 
 	var sessionType string
@@ -123,12 +123,17 @@ func (cmd *ProtocolEditCommand) Run(args []string) error {
 		return errors.NewInvalidUsageError(T("Value of option '--sticky' should be cookie or source-ip"))
 	}
 
-	if cmd.Connections != 0 {
-		connections := cmd.Connections
-		protocolConfiguration.MaxConn = &connections
+	if cmd.Connections != -1 {
+		protocolConfiguration.MaxConn = &cmd.Connections
 	}
 
-	_, err = cmd.LoadBalancerManager.AddLoadBalancerListener(&loadbalancerUUID, []datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{protocolConfiguration})
+	if cmd.SslId != 0 {
+		protocolConfiguration.TlsCertificateId = &cmd.SslId
+	}
+
+	_, err = cmd.LoadBalancerManager.AddLoadBalancerListener(
+		&loadbalancerUUID, []datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{protocolConfiguration},
+	)
 	if err != nil {
 		return errors.New(T("Failed to edit protocol: {{.Error}}.\n", map[string]interface{}{"Error": err.Error()}))
 	}

plugin/commands/loadbal/protocol_edit_test.go

@@ -2,7 +2,6 @@ package loadbal_test
 
 import (
 	"errors"
-
 	"github.com/IBM-Cloud/ibm-cloud-cli-sdk/testhelpers/terminal"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -41,11 +40,11 @@ var _ = Describe("LoadBal_protocol-edit_Test", func() {
 		It("Error No Id", func() {
 			err := testhelpers.RunCobraCommand(cliCommand.Command)
 			Expect(err).To(HaveOccurred())
-			Expect(err.Error()).To(ContainSubstring("Incorrect Usage: '--id' is required"))
+			Expect(err.Error()).To(ContainSubstring(`required flag(s) "id", "protocol-uuid" not set`))
 		})
 		It("Error unable to find Id", func() {
 			fakeLBManager.GetLoadBalancerUUIDReturns("-", errors.New("SoftLayer_Exception_ApiError"))
-			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345")
+			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345", "--protocol-uuid=aaaa")
 			Expect(err).To(HaveOccurred())
 			Expect(err.Error()).To(ContainSubstring("Failed to get load balancer: SoftLayer_Exception_ApiError"))
 		})
@@ -55,11 +54,14 @@ var _ = Describe("LoadBal_protocol-edit_Test", func() {
 		It("Error no UUID", func() {
 			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345")
 			Expect(err).To(HaveOccurred())
-			Expect(err.Error()).To(ContainSubstring("'--protocol-uuid' is required"))
+			Expect(err.Error()).To(ContainSubstring(`required flag(s) "protocol-uuid" not set`))
 		})
 	})
 
 	Context("Testing Options", func() {
+		BeforeEach(func() {
+			fakeLBManager.GetLoadBalancerUUIDReturns("aaa-bbb-111", nil)
+		})
 		It("with all arguments", func() {
 			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345", "--protocol-uuid", "abc123", "--front-protocol", "HTTP", "--back-protocol", "HTTP", "--front-port", "80", "--back-port", "80", "--method", "ROUNDROBIN", "--client-timeout", "100", "--server-timeout", "100", "--sticky", "cookie", "--connections", "5")
 			Expect(err).NotTo(HaveOccurred())
@@ -77,6 +79,19 @@ var _ = Describe("LoadBal_protocol-edit_Test", func() {
 			Expect(err).To(HaveOccurred())
 			Expect(err.Error()).To(ContainSubstring("Value of option '--sticky' should be cookie or source-ip"))
 		})
+		It("--ssl-id option", func() {
+			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345", "--protocol-uuid=aaaa", "--ssl-id=9999", "--front-protocol=HTTPS")
+			Expect(err).NotTo(HaveOccurred())
+			lbUUID, argsForCall := fakeLBManager.AddLoadBalancerListenerArgsForCall(0)
+			Expect(*lbUUID).To(Equal("aaa-bbb-111"))
+			Expect(len(argsForCall)).To(Equal(1))
+			// Making sure we are not sending in options we did not specify
+			Expect(argsForCall[0].BackendProtocol).To(BeNil())
+
+			Expect(*argsForCall[0].FrontendProtocol).To(Equal("HTTPS"))
+			Expect(*argsForCall[0].TlsCertificateId).To(Equal(9999))
+			Expect(fakeUI.Outputs()).To(ContainSubstring("OK"))
+		})
 	})
 
 	Context("API Error", func() {

plugin/commands/loadbal/protocols_add.go

@@ -26,6 +26,7 @@ type ProtocolAddCommand struct {
 	Sticky              string
 	ClientTimeout       int
 	ServerTimeout       int
+	SslId               int
 }
 
 func NewProtocolAddCommand(sl *metadata.SoftlayerCommand) *ProtocolAddCommand {
@@ -36,22 +37,30 @@ func NewProtocolAddCommand(sl *metadata.SoftlayerCommand) *ProtocolAddCommand {
 	cobraCmd := &cobra.Command{
 		Use:   "protocol-add",
 		Short: T("Add a new load balancer protocol"),
-		Long:  T("${COMMAND_NAME} sl loadbal protocol-add (--id LOADBAL_ID) [--front-protocol PROTOCOL] [back-protocol PROTOCOL] [--front-port PORT] [--back-port PORT] [-m, --method METHOD] [-c, --connections CONNECTIONS] [--sticky cookie | source-ip] [--client-timeout SECONDS] [--server-timeout SECONDS]"),
-		Args:  metadata.NoArgs,
+		Long: T(`Creates a new mapping between incoming traffic to the loadbalancer and the backend servers.
+Use '{COMMAND_NAME}  sl security cert-list' to get IDs for the --ssl-id option.
+See: https://cloud.ibm.com/docs/loadbalancer-service?topic=loadbalancer-service-about-ibm-cloud-load-balancer for more details
+
+Example:
+	${COMMAND_NAME} sl loadbal protocol-add --id 1115129 --front-port 443 --front-protocol HTTPS --back-port 80 --back-protocol HTTP --ssl-id 335659 --client-timeout 60 --connections 100
+	Creates a new protocol on Load Balancer 1115129 that terminates SSL on port 443, mapping to a backend port 80 HTTP. Using SSL cert 335659
+`),
+		Args: metadata.NoArgs,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			return thisCmd.Run(args)
 		},
 	}
 	cobraCmd.Flags().IntVar(&thisCmd.Id, "id", 0, T("ID for the load balancer [required]"))
 	cobraCmd.Flags().StringVar(&thisCmd.FrontProtocol, "front-protocol", "HTTP", T("Protocol type to use for incoming connections: [HTTP|HTTPS|TCP]. Default: HTTP"))
-	cobraCmd.Flags().StringVar(&thisCmd.BackProtocol, "back-protocol", "", T("Protocol type to use when connecting to backend servers: [HTTP|HTTPS|TCP]. Defaults to whatever --front-protocol is"))
+	cobraCmd.Flags().StringVar(&thisCmd.BackProtocol, "back-protocol", "HTTP", T("Protocol type to use when connecting to backend servers: [HTTP|HTTPS|TCP]. Defaults to whatever --front-protocol is"))
 	cobraCmd.Flags().IntVar(&thisCmd.FrontPort, "front-port", 80, T("Internet side port"))
 	cobraCmd.Flags().IntVar(&thisCmd.BackPort, "back-port", 80, T("Private side port"))
 	cobraCmd.Flags().StringVarP(&thisCmd.Method, "method", "m", "ROUNDROBIN", T("Balancing Method: [ROUNDROBIN|LEASTCONNECTION|WEIGHTED_RR]"))
 	cobraCmd.Flags().IntVarP(&thisCmd.Connections, "connections", "c", 0, T("Maximum number of connections to allow"))
 	cobraCmd.Flags().StringVar(&thisCmd.Sticky, "sticky", "", T("Use 'cookie' or 'source-ip' to stick"))
 	cobraCmd.Flags().IntVar(&thisCmd.ClientTimeout, "client-timeout", 0, T("Client side timeout setting, in seconds"))
 	cobraCmd.Flags().IntVar(&thisCmd.ServerTimeout, "server-timeout", 0, T("Server side timeout setting, in seconds"))
+	cobraCmd.Flags().IntVar(&thisCmd.SslId, "ssl-id", 0, T("Identifier of the SSL certificate to attach to this protocol. Only valid for HTTPS."))
 	thisCmd.Command = cobraCmd
 	return thisCmd
 }
@@ -62,42 +71,18 @@ func (cmd *ProtocolAddCommand) Run(args []string) error {
 		return errors.NewMissingInputError("--id")
 	}
 
-	frontProtocol := cmd.FrontProtocol
-	if frontProtocol == "" {
-		frontProtocol = "HTTP"
-	}
-
-	backProtocol := cmd.BackProtocol
-	if backProtocol == "" {
-		backProtocol = frontProtocol
-	}
-
-	frontPort := cmd.FrontPort
-	if frontPort == 0 {
-		frontPort = 80
-	}
-
-	backPort := cmd.BackPort
-	if backPort == 0 {
-		backPort = 80
-	}
-
-	method := cmd.Method
-	if method == "" {
-		method = "ROUNDROBIN"
-	}
-
 	loadbalancerUUID, err := cmd.LoadBalancerManager.GetLoadBalancerUUID(loadbalID)
 	if err != nil {
 		return errors.New(T("Failed to get load balancer: {{.ERR}}.", map[string]interface{}{"ERR": err.Error()}))
 	}
 
+	// Sets up all the required parameters
 	protocolConfigurations := datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{
-		BackendPort:         &backPort,
-		BackendProtocol:     &backProtocol,
-		FrontendPort:        &frontPort,
-		FrontendProtocol:    &frontProtocol,
-		LoadBalancingMethod: &method,
+		BackendPort:         &cmd.BackPort,
+		BackendProtocol:     &cmd.BackProtocol,
+		FrontendPort:        &cmd.FrontPort,
+		FrontendProtocol:    &cmd.FrontProtocol,
+		LoadBalancingMethod: &cmd.Method,
 	}
 
 	var sessionType string
@@ -112,21 +97,23 @@ func (cmd *ProtocolAddCommand) Run(args []string) error {
 	}
 
 	if cmd.Connections != 0 {
-		connections := cmd.Connections
-		protocolConfigurations.MaxConn = &connections
+		protocolConfigurations.MaxConn = &cmd.Connections
 	}
 
 	if cmd.ClientTimeout != 0 {
-		cTimeout := cmd.ClientTimeout
-		protocolConfigurations.ClientTimeout = &cTimeout
+		protocolConfigurations.ClientTimeout = &cmd.ClientTimeout
 	}
 
 	if cmd.ServerTimeout != 0 {
-		sTimeout := cmd.ServerTimeout
-		protocolConfigurations.ServerTimeout = &sTimeout
+		protocolConfigurations.ServerTimeout = &cmd.ServerTimeout
 	}
 
-	_, err = cmd.LoadBalancerManager.AddLoadBalancerListener(&loadbalancerUUID, []datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{protocolConfigurations})
+	if cmd.SslId != 0 {
+		protocolConfigurations.TlsCertificateId = &cmd.SslId
+	}
+	_, err = cmd.LoadBalancerManager.AddLoadBalancerListener(
+		&loadbalancerUUID, []datatypes.Network_LBaaS_LoadBalancerProtocolConfiguration{protocolConfigurations},
+	)
 	if err != nil {
 		return errors.New(T("Failed to add protocol: {{.Error}}.\n", map[string]interface{}{"Error": err.Error()}))
 	}

plugin/commands/loadbal/protocols_add_test.go

@@ -87,6 +87,17 @@ var _ = Describe("LoadBal_protocol-add_Test", func() {
 			Expect(*argsForCall[0].LoadBalancingMethod).To(Equal("ROUNDROBIN"))
 			Expect(fakeUI.Outputs()).To(ContainSubstring("OK"))
 		})
+		It("--ssl-id option", func() {
+			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345", "--ssl-id=9999", "--front-protocol=HTTPS")
+			Expect(err).NotTo(HaveOccurred())
+			lbUUID, argsForCall := fakeLBManager.AddLoadBalancerListenerArgsForCall(0)
+			Expect(*lbUUID).To(Equal("aaa-bbb-111"))
+			Expect(len(argsForCall)).To(Equal(1))
+			Expect(*argsForCall[0].FrontendProtocol).To(Equal("HTTPS"))
+			Expect(*argsForCall[0].BackendProtocol).To(Equal("HTTP"))
+			Expect(*argsForCall[0].TlsCertificateId).To(Equal(9999))
+			Expect(fakeUI.Outputs()).To(ContainSubstring("OK"))
+		})
 		It("with sticky as cookie", func() {
 			err := testhelpers.RunCobraCommand(cliCommand.Command, "--id", "12345", "--sticky", "cookie")
 			Expect(err).NotTo(HaveOccurred())