Skip to content
Permalink
Browse files

feat(cmd): add `deis tls`

  • Loading branch information...
Matthew Fisher
Matthew Fisher committed Aug 22, 2016
1 parent c46ca05 commit 84de6687e797b0fb54e4838d42255f19abbabe5f
Showing with 290 additions and 14 deletions.
  1. +3 −0 cmd/cmd.go
  2. +66 −0 cmd/tls.go
  3. +102 −0 cmd/tls_test.go
  4. +3 −0 deis.go
  5. +15 −13 glide.lock
  6. +1 −1 glide.yaml
  7. +100 −0 parser/tls.go
@@ -77,6 +77,9 @@ type Commander interface {
TagsList(string) error
TagsSet(string, []string) error
TagsUnset(string, []string) error
TLSInfo(string) error
TLSEnable(string) error
TLSDisable(string) error
UsersList(results int) error
WhitelistAdd(string, string) error
WhitelistList(string) error
@@ -0,0 +1,66 @@
package cmd

import "github.com/deis/controller-sdk-go/tls"

// TLSInfo prints info about the TLS settings for the given app.
func (d DeisCmd) TLSInfo(appID string) error {
s, appID, err := load(d.ConfigFile, appID)

if err != nil {
return err
}

tls, err := tls.Info(s.Client, appID)
if checkAPICompatibility(s.Client, err, d.WErr) != nil {
return err
}

d.Printf("=== %s TLS\n", appID)
d.Println(tls)

return nil
}

// TLSEnable enables the router to enforce https-only requests to the application.
func (d DeisCmd) TLSEnable(appID string) error {
s, appID, err := load(d.ConfigFile, appID)

if err != nil {
return err
}

d.Printf("Enabling https-only requests for %s... ", appID)

quit := progress(d.WOut)
_, err = tls.Enable(s.Client, appID)
quit <- true
<-quit
if checkAPICompatibility(s.Client, err, d.WErr) != nil {
return err
}

d.Println("done")
return nil
}

// TLSDisable disables the router to enforce https-only requests to the application.
func (d DeisCmd) TLSDisable(appID string) error {
s, appID, err := load(d.ConfigFile, appID)

if err != nil {
return err
}

d.Printf("Disabling https-only requests for %s... ", appID)

quit := progress(d.WOut)
_, err = tls.Disable(s.Client, appID)
quit <- true
<-quit
if checkAPICompatibility(s.Client, err, d.WErr) != nil {
return err
}

d.Println("done")
return nil
}
@@ -0,0 +1,102 @@
package cmd

import (
"bytes"
"fmt"
"net/http"
"testing"

"github.com/arschles/assert"
"github.com/deis/controller-sdk-go/api"
"github.com/deis/workflow-cli/pkg/testutil"
)

func TestTLSInfo(t *testing.T) {
t.Parallel()
cf, server, err := testutil.NewTestServerAndClient()
if err != nil {
t.Fatal(err)
}
defer server.Close()
var b bytes.Buffer
cmdr := DeisCmd{WOut: &b, ConfigFile: cf}

server.Mux.HandleFunc("/v2/apps/numenor/tls/", func(w http.ResponseWriter, r *http.Request) {
testutil.SetHeaders(w)
fmt.Fprintf(w, `{
"uuid": "c4aed81c-d1ca-4ff1-ab89-d2151264e1a3",
"app": "numenor",
"owner": "nazgul",
"created": "2016-08-22T17:40:16Z",
"updated": "2016-08-22T17:40:16Z",
"https_enforced": true
}`)
})

err = cmdr.TLSInfo("numenor")
assert.NoErr(t, err)
assert.Equal(t, b.String(), `=== numenor TLS
HTTPS Enforced: true
`, "output")
}

func TestTLSEnable(t *testing.T) {
t.Parallel()
cf, server, err := testutil.NewTestServerAndClient()
if err != nil {
t.Fatal(err)
}
defer server.Close()
var b bytes.Buffer
cmdr := DeisCmd{WOut: &b, ConfigFile: cf}

server.Mux.HandleFunc("/v2/apps/numenor/tls/", func(w http.ResponseWriter, r *http.Request) {
testutil.SetHeaders(w)
b := true
a := api.NewTLS()
a.HTTPSEnforced = &b
testutil.AssertBody(t, a, r)
w.WriteHeader(http.StatusCreated)
fmt.Fprintf(w, `{
"uuid": "c4aed81c-d1ca-4ff1-ab89-d2151264e1a3",
"app": "numenor",
"owner": "nazgul",
"created": "2016-08-22T17:40:16Z",
"updated": "2016-08-22T17:40:16Z",
"https_enforced": true
}`)
})

err = cmdr.TLSEnable("numenor")
assert.NoErr(t, err)
assert.Equal(t, testutil.StripProgress(b.String()), "Enabling https-only requests for numenor... done\n", "output")
}

func TestTLSDisable(t *testing.T) {
t.Parallel()
cf, server, err := testutil.NewTestServerAndClient()
if err != nil {
t.Fatal(err)
}
defer server.Close()
var b bytes.Buffer
cmdr := DeisCmd{WOut: &b, ConfigFile: cf}

server.Mux.HandleFunc("/v2/apps/numenor/tls/", func(w http.ResponseWriter, r *http.Request) {
testutil.SetHeaders(w)
testutil.AssertBody(t, api.NewTLS(), r)
w.WriteHeader(http.StatusCreated)
fmt.Fprintf(w, `{
"uuid": "c4aed81c-d1ca-4ff1-ab89-d2151264e1a3",
"app": "numenor",
"owner": "nazgul",
"created": "2016-08-22T17:40:16Z",
"updated": "2016-08-22T17:40:16Z",
"https_enforced": false
}`)
})

err = cmdr.TLSDisable("numenor")
assert.NoErr(t, err)
assert.Equal(t, testutil.StripProgress(b.String()), "Disabling https-only requests for numenor... done\n", "output")
}
@@ -62,6 +62,7 @@ Subcommands, use 'deis help [subcommand]' to learn more::
routing manage routability of an application
maintenance manage maintenance mode of an application
tags manage tags for application containers
tls manage TLS settings for applications
users manage users
version display client version
whitelist manage whitelisted addresses of an application
@@ -143,6 +144,8 @@ Use 'git push deis master' to deploy to an application.
err = parser.Shortcuts(argv, &cmdr)
case "tags":
err = parser.Tags(argv, &cmdr)
case "tls":
err = parser.TLS(argv, &cmdr)
case "users":
err = parser.Users(argv, &cmdr)
case "version":

Some generated files are not rendered by default. Learn more.

@@ -16,4 +16,4 @@ import:
- package: github.com/olekukonko/tablewriter
- package: github.com/arschles/assert
- package: github.com/deis/controller-sdk-go
version: 383a9c0cdf4591127f3dad8b7b9fa48462b1f8d0
version: 5b47353db02ef0b616e895087d42da433a4c36df
@@ -0,0 +1,100 @@
package parser

import (
"github.com/deis/workflow-cli/cmd"
docopt "github.com/docopt/docopt-go"
)

// TLS routes tls commands to their specific function.
func TLS(argv []string, cmdr cmd.Commander) error {
usage := `
Valid commands for tls:
tls:info view info about an application's TLS settings
tls:enable enables the router to enforce https-only requests to an application
tls:disable disables the router to enforce https-only requests to an application
Use 'deis help [command]' to learn more.
`

switch argv[0] {
case "tls:info":
return tlsInfo(argv, cmdr)
case "tls:enable":
return tlsEnable(argv, cmdr)
case "tls:disable":
return tlsDisable(argv, cmdr)
default:
if printHelp(argv, usage) {
return nil
}

if argv[0] == "tls" {
argv[0] = "tls:info"
return tlsInfo(argv, cmdr)
}

PrintUsage(cmdr)
return nil
}
}

func tlsInfo(argv []string, cmdr cmd.Commander) error {
usage := `
Prints info about the current application's TLS settings.
Usage: deis tls:info [options]
Options:
-a --app=<app>
the uniquely identifiable name for the application.
`

args, err := docopt.Parse(usage, argv, true, "", false, true)

if err != nil {
return err
}

return cmdr.TLSInfo(safeGetValue(args, "--app"))
}

func tlsEnable(argv []string, cmdr cmd.Commander) error {
usage := `
Enable the router to enforce https-only requests to the current application.
Usage: deis tls:enable [options]
Options:
-a --app=<app>
the uniquely identifiable name for the application.
`

args, err := docopt.Parse(usage, argv, true, "", false, true)

if err != nil {
return err
}

return cmdr.TLSEnable(safeGetValue(args, "--app"))
}

func tlsDisable(argv []string, cmdr cmd.Commander) error {
usage := `
Disable the router from enforcing https-only requests to the current application.
Usage: deis tls:disable [options]
Options:
-a --app=<app>
the uniquely identifiable name for the application.
`

args, err := docopt.Parse(usage, argv, true, "", false, true)

if err != nil {
return err
}

return cmdr.TLSDisable(safeGetValue(args, "--app"))
}

0 comments on commit 84de668

Please sign in to comment.
You can’t perform that action at this time.