From 60e44f9090cfd93e6691f4b7337bab52bb171863 Mon Sep 17 00:00:00 2001 From: Josh Vasilevsky <95491250+jvasilevsky@users.noreply.github.com> Date: Wed, 4 Dec 2024 09:27:22 -0500 Subject: [PATCH] LBAAS: display LBs firewall rules (#1621) --- commands/displayers/load_balancer.go | 5 +++++ integration/glb_create_test.go | 4 ++-- integration/glb_update_test.go | 4 ++-- integration/lb_create_test.go | 20 ++++++++++++++------ integration/lb_get_test.go | 10 +++++++--- integration/lb_list_test.go | 6 +++--- integration/projects_resources_get_test.go | 4 ++-- 7 files changed, 35 insertions(+), 18 deletions(-) diff --git a/commands/displayers/load_balancer.go b/commands/displayers/load_balancer.go index ccaf2b440..5da6ceb2a 100644 --- a/commands/displayers/load_balancer.go +++ b/commands/displayers/load_balancer.go @@ -50,6 +50,7 @@ func (lb *LoadBalancer) Cols() []string { "StickySessions", "HealthCheck", "ForwardingRules", + "Firewall", "DisableLetsEncryptDNSRecords", } } @@ -72,6 +73,7 @@ func (lb *LoadBalancer) ColMap() map[string]string { "StickySessions": "Sticky Sessions", "HealthCheck": "Health Check", "ForwardingRules": "Forwarding Rules", + "Firewall": "Firewall Rules", "DisableLetsEncryptDNSRecords": "Disable Lets Encrypt DNS Records", } } @@ -110,6 +112,9 @@ func (lb *LoadBalancer) KV() []map[string]any { if l.SizeUnit > 0 { o["SizeUnit"] = l.SizeUnit } + if l.Firewall != nil { + o["Firewall"] = prettyPrintStruct(l.Firewall) + } out = append(out, o) } diff --git a/integration/glb_create_test.go b/integration/glb_create_test.go index fc5e4994b..5573fd2f2 100644 --- a/integration/glb_create_test.go +++ b/integration/glb_create_test.go @@ -178,7 +178,7 @@ const ( }` glbCreateOutput = ` Notice: Load balancer created -ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Disable Lets Encrypt DNS Records -cf9f1aa1-e1f8-4f3a-ad71-124c45e204b8 my-glb-name new 2024-04-09T16:10:11Z lb-small 1 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: false +ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Firewall Rules Disable Lets Encrypt DNS Records +cf9f1aa1-e1f8-4f3a-ad71-124c45e204b8 my-glb-name new 2024-04-09T16:10:11Z lb-small 1 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: false ` ) diff --git a/integration/glb_update_test.go b/integration/glb_update_test.go index 21b048527..5ef0172c6 100644 --- a/integration/glb_update_test.go +++ b/integration/glb_update_test.go @@ -174,6 +174,6 @@ const ( } }` glbUpdateOutput = ` -ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Disable Lets Encrypt DNS Records -updated-lb-id my-glb-name new 2024-04-09T16:10:11Z lb-small 1 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: false` +ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Firewall Rules Disable Lets Encrypt DNS Records +updated-lb-id my-glb-name new 2024-04-09T16:10:11Z lb-small 1 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: false` ) diff --git a/integration/lb_create_test.go b/integration/lb_create_test.go index ddacf820d..8036960af 100644 --- a/integration/lb_create_test.go +++ b/integration/lb_create_test.go @@ -127,15 +127,15 @@ var _ = suite("compute/load-balancer/create", func(t *testing.T, when spec.G, it const ( lbCreateOutput = ` Notice: Load balancer created -ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Disable Lets Encrypt DNS Records -4de7ac8b-495b-4884-9a69-1050c6793cd6 example-lb-01 new 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164444,3164445 true type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: true +ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Firewall Rules Disable Lets Encrypt DNS Records +4de7ac8b-495b-4884-9a69-1050c6793cd6 example-lb-01 new 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164444,3164445 true type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: allow:[ip:1.2.3.4 cidr:10.0.0.1/10],deny:[ip:2.3.4.5 cidr:10.0.0.2/32] true ` lbWaitCreateOutput = ` Notice: Load balancer creation is in progress, waiting for load balancer to become active Notice: Load balancer created -ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Disable Lets Encrypt DNS Records -4de7ac8b-495b-4884-9a69-1050c6793cd6 example-lb-01 active 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164444,3164445 true type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: true +ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Firewall Rules Disable Lets Encrypt DNS Records +4de7ac8b-495b-4884-9a69-1050c6793cd6 example-lb-01 active 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164444,3164445 true type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: allow:[ip:1.2.3.4 cidr:10.0.0.1/10],deny:[ip:2.3.4.5 cidr:10.0.0.2/32] true ` lbCreateResponse = ` @@ -174,7 +174,11 @@ ID IP IPv6 Name Status "redirect_http_to_https": true, "enable_proxy_protocol": true, "disable_lets_encrypt_dns_records": true, - "enable_backend_keepalive": true + "enable_backend_keepalive": true, + "firewall": { + "allow": [ "ip:1.2.3.4", "cidr:10.0.0.1/10" ], + "deny": [ "ip:2.3.4.5", "cidr:10.0.0.2/32" ] + } } }` lbCreateRequest = ` @@ -229,7 +233,11 @@ ID IP IPv6 Name Status "redirect_http_to_https": true, "enable_proxy_protocol": true, "disable_lets_encrypt_dns_records": true, - "enable_backend_keepalive": true + "enable_backend_keepalive": true, + "firewall": { + "allow": [ "ip:1.2.3.4", "cidr:10.0.0.1/10" ], + "deny": [ "ip:2.3.4.5", "cidr:10.0.0.2/32" ] + } } }` ) diff --git a/integration/lb_get_test.go b/integration/lb_get_test.go index 73c00115a..c160ee043 100644 --- a/integration/lb_get_test.go +++ b/integration/lb_get_test.go @@ -86,8 +86,8 @@ var _ = suite("compute/load-balancer/get", func(t *testing.T, when spec.G, it sp const ( lbGetOutput = ` -ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Disable Lets Encrypt DNS Records -find-lb-id 104.131.186.241 2001:db8::1234:5678 example-lb-01 new 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164445 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: false +ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Firewall Rules Disable Lets Encrypt DNS Records +find-lb-id 104.131.186.241 2001:db8::1234:5678 example-lb-01 new 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164445 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: allow:[ip:1.2.3.4 cidr:10.0.0.1/10],deny:[ip:2.3.4.5 cidr:10.0.0.2/32] false ` lbGetResponse = ` { @@ -123,7 +123,11 @@ find-lb-id 104.131.186.241 2001:db8::1234:5678 example-lb-01 new "droplet_ids": [ 3164445 ], "redirect_http_to_https": false, "enable_proxy_protocol": false, - "vpc_uuid": "00000000-0000-4000-8000-000000000000" + "vpc_uuid": "00000000-0000-4000-8000-000000000000", + "firewall": { + "allow": [ "ip:1.2.3.4", "cidr:10.0.0.1/10" ], + "deny": [ "ip:2.3.4.5", "cidr:10.0.0.2/32" ] + } } }` ) diff --git a/integration/lb_list_test.go b/integration/lb_list_test.go index c02391625..6d15bf9ec 100644 --- a/integration/lb_list_test.go +++ b/integration/lb_list_test.go @@ -80,9 +80,9 @@ var _ = suite("compute/load-balancer/list", func(t *testing.T, when spec.G, it s const ( lbListOutput = ` -ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Disable Lets Encrypt DNS Records -lb-one 104.131.186.241 2001:db8::1234:5678 example-lb-01 new 2017-02-01T22:22:58Z venus3 lb-small 00000000-0000-4000-8000-000000000000 3164444 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: entry_protocol:http,entry_port:80,target_protocol:http,target_port:80,certificate_id:,tls_passthrough:false true -lb-two 104.131.188.204 2001:db8::1234:5679 example-lb-02 new 2017-02-01T20:44:58Z mars1 lb-medium 00000000-0000-4000-8000-000000000000 3164445 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: entry_protocol:http,entry_port:80,target_protocol:http,target_port:80,certificate_id:,tls_passthrough:false false +ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Firewall Rules Disable Lets Encrypt DNS Records +lb-one 104.131.186.241 2001:db8::1234:5678 example-lb-01 new 2017-02-01T22:22:58Z venus3 lb-small 00000000-0000-4000-8000-000000000000 3164444 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: entry_protocol:http,entry_port:80,target_protocol:http,target_port:80,certificate_id:,tls_passthrough:false true +lb-two 104.131.188.204 2001:db8::1234:5679 example-lb-02 new 2017-02-01T20:44:58Z mars1 lb-medium 00000000-0000-4000-8000-000000000000 3164445 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:http,port:80,path:/,check_interval_seconds:10,response_timeout_seconds:5,healthy_threshold:5,unhealthy_threshold:3,proxy_protocol: entry_protocol:http,entry_port:80,target_protocol:http,target_port:80,certificate_id:,tls_passthrough:false false ` lbListResponse = ` { diff --git a/integration/projects_resources_get_test.go b/integration/projects_resources_get_test.go index f8e221fe3..67e2c08bd 100644 --- a/integration/projects_resources_get_test.go +++ b/integration/projects_resources_get_test.go @@ -261,8 +261,8 @@ IP Region Droplet ID Droplet Name Project ID } ` projectsResourcesGetLoadbalancerOutput = ` -ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Disable Lets Encrypt DNS Records -4de7ac8b-495b-4884-9a69-1050c6793cd6 104.131.186.241 example-lb-01 new 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164445 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: entry_protocol:https,entry_port:444,target_protocol:https,target_port:443,certificate_id:,tls_passthrough:true false +ID IP IPv6 Name Status Created At Region Size Size Unit VPC UUID Tag Droplet IDs SSL Sticky Sessions Health Check Forwarding Rules Firewall Rules Disable Lets Encrypt DNS Records +4de7ac8b-495b-4884-9a69-1050c6793cd6 104.131.186.241 example-lb-01 new 2017-02-01T22:22:58Z nyc3 lb-small 00000000-0000-4000-8000-000000000000 3164445 false type:none,cookie_name:,cookie_ttl_seconds:0 protocol:,port:0,path:,check_interval_seconds:0,response_timeout_seconds:0,healthy_threshold:0,unhealthy_threshold:0,proxy_protocol: entry_protocol:https,entry_port:444,target_protocol:https,target_port:443,certificate_id:,tls_passthrough:true false ` projectsResourcesGetLoadbalancerResponse = ` {