new: [BREAKING] Add support for LKE Control Plane ACL (#495)

* Initial implementation; needs testing * Fix control plane omit empty * Add integration tests * Update IPv6 address * Add event actions * Account for fixture sanitization * make tidy * oops * oops again * Make enabled a *bool * [PROPOSED] breaking change * fix test * Use pointers for addresses * Reorder for readability * Address comment feedback
linode · May 8, 2024 · 7c73ad6 · 7c73ad6
1 parent bb0ff3f
commit 7c73ad6
Show file tree

Hide file tree

Showing 8 changed files with 857 additions and 22 deletions.
diff --git a/account_events.go b/account_events.go
@@ -127,6 +127,9 @@ const (
 	ActionLinodeConfigUpdate                      EventAction = "linode_config_update"
 	ActionLishBoot                                EventAction = "lish_boot"
 	ActionLKENodeCreate                           EventAction = "lke_node_create"
+	ActionLKEControlPlaneACLCreate                EventAction = "lke_control_plane_acl_create"
+	ActionLKEControlPlaneACLUpdate                EventAction = "lke_control_plane_acl_update"
+	ActionLKEControlPlaneACLDelete                EventAction = "lke_control_plane_acl_delete"
 	ActionLongviewClientCreate                    EventAction = "longviewclient_create"
 	ActionLongviewClientDelete                    EventAction = "longviewclient_delete"
 	ActionLongviewClientUpdate                    EventAction = "longviewclient_update"

diff --git a/go.work.sum b/go.work.sum
@@ -8,6 +8,7 @@ cloud.google.com/go/compute/metadata v0.2.0 h1:nBbNSZyDpkNlo3DepaaLKVuO7ClyifSAm
 cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k=
 cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY=
 cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA=
+cloud.google.com/go/compute/metadata v0.3.0 h1:Tz+eQXMEqDIKRsmY3cHTL6FVaynIjX2QxYC4trgAKZc=
 cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k=
 cloud.google.com/go/datastore v1.1.0 h1:/May9ojXjRkPBNVrq+oWLqmWCkr4OU5uRY29bu0mRyQ=
 cloud.google.com/go/pubsub v1.3.1 h1:ukjixP1wl0LpnZ6LWtZJ0mX5tBmjp1f8Sqer8Z2OMUU=
@@ -201,6 +202,7 @@ golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1m
 golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
 golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
+golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6 h1:QE6XYQK6naiK1EPAe1g/ILLxN5RBoH5xkJk3CqlMI/Y=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b h1:+qEpEAPhDZ1o0x3tHzZTQDArnOixOzGD9HUJfcg0mb4=
@@ -235,8 +237,6 @@ golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=

diff --git a/lke_clusters.go b/lke_clusters.go
@@ -35,20 +35,20 @@ type LKECluster struct {
 
 // LKEClusterCreateOptions fields are those accepted by CreateLKECluster
 type LKEClusterCreateOptions struct {
-	NodePools    []LKENodePoolCreateOptions `json:"node_pools"`
-	Label        string                     `json:"label"`
-	Region       string                     `json:"region"`
-	K8sVersion   string                     `json:"k8s_version"`
-	Tags         []string                   `json:"tags,omitempty"`
-	ControlPlane *LKEClusterControlPlane    `json:"control_plane,omitempty"`
+	NodePools    []LKENodePoolCreateOptions     `json:"node_pools"`
+	Label        string                         `json:"label"`
+	Region       string                         `json:"region"`
+	K8sVersion   string                         `json:"k8s_version"`
+	Tags         []string                       `json:"tags,omitempty"`
+	ControlPlane *LKEClusterControlPlaneOptions `json:"control_plane,omitempty"`
 }
 
 // LKEClusterUpdateOptions fields are those accepted by UpdateLKECluster
 type LKEClusterUpdateOptions struct {
-	K8sVersion   string                  `json:"k8s_version,omitempty"`
-	Label        string                  `json:"label,omitempty"`
-	Tags         *[]string               `json:"tags,omitempty"`
-	ControlPlane *LKEClusterControlPlane `json:"control_plane,omitempty"`
+	K8sVersion   string                         `json:"k8s_version,omitempty"`
+	Label        string                         `json:"label,omitempty"`
+	Tags         *[]string                      `json:"tags,omitempty"`
+	ControlPlane *LKEClusterControlPlaneOptions `json:"control_plane,omitempty"`
 }
 
 // LKEClusterAPIEndpoint fields are those returned by ListLKEClusterAPIEndpoints
@@ -66,11 +66,6 @@ type LKEClusterDashboard struct {
 	URL string `json:"url"`
 }
 
-// LKEClusterControlPlane fields contained within the `control_plane` attribute of an LKE cluster.
-type LKEClusterControlPlane struct {
-	HighAvailability bool `json:"high_availability"`
-}
-
 // LKEVersion fields are those returned by GetLKEVersion
 type LKEVersion struct {
 	ID string `json:"id"`
@@ -110,7 +105,14 @@ func (i LKECluster) GetCreateOptions() (o LKEClusterCreateOptions) {
 	o.Region = i.Region
 	o.K8sVersion = i.K8sVersion
 	o.Tags = i.Tags
-	o.ControlPlane = &i.ControlPlane
+
+	isHA := i.ControlPlane.HighAvailability
+
+	o.ControlPlane = &LKEClusterControlPlaneOptions{
+		HighAvailability: &isHA,
+		// ACL will not be populated in the control plane response
+	}
+
 	// @TODO copy NodePools?
 	return
 }
@@ -120,7 +122,14 @@ func (i LKECluster) GetUpdateOptions() (o LKEClusterUpdateOptions) {
 	o.K8sVersion = i.K8sVersion
 	o.Label = i.Label
 	o.Tags = &i.Tags
-	o.ControlPlane = &i.ControlPlane
+
+	isHA := i.ControlPlane.HighAvailability
+
+	o.ControlPlane = &LKEClusterControlPlaneOptions{
+		HighAvailability: &isHA,
+		// ACL will not be populated in the control plane response
+	}
+
 	return
 }
 

diff --git a/lke_clusters_control_plane.go b/lke_clusters_control_plane.go
@@ -0,0 +1,94 @@
+package linodego
+
+import "context"
+
+// LKEClusterControlPlane fields contained within the `control_plane` attribute of an LKE cluster.
+type LKEClusterControlPlane struct {
+	HighAvailability bool `json:"high_availability"`
+}
+
+// LKEClusterControlPlaneACLAddresses describes the
+// allowed IP ranges for an LKE cluster's control plane.
+type LKEClusterControlPlaneACLAddresses struct {
+	IPv4 []string `json:"ipv4"`
+	IPv6 []string `json:"ipv6"`
+}
+
+// LKEClusterControlPlaneACL describes the ACL configuration
+// for an LKE cluster's control plane.
+type LKEClusterControlPlaneACL struct {
+	Enabled   bool                                `json:"enabled"`
+	Addresses *LKEClusterControlPlaneACLAddresses `json:"addresses"`
+}
+
+// LKEClusterControlPlaneACLAddressesOptions are the options used to
+// specify the allowed IP ranges for an LKE cluster's control plane.
+type LKEClusterControlPlaneACLAddressesOptions struct {
+	IPv4 *[]string `json:"ipv4,omitempty"`
+	IPv6 *[]string `json:"ipv6,omitempty"`
+}
+
+// LKEClusterControlPlaneACLOptions represents the options used when
+// configuring an LKE cluster's control plane ACL policy.
+type LKEClusterControlPlaneACLOptions struct {
+	Enabled   *bool                                      `json:"enabled,omitempty"`
+	Addresses *LKEClusterControlPlaneACLAddressesOptions `json:"addresses,omitempty"`
+}
+
+// LKEClusterControlPlaneOptions represents the options used when
+// configuring an LKE cluster's control plane.
+type LKEClusterControlPlaneOptions struct {
+	HighAvailability *bool                             `json:"high_availability,omitempty"`
+	ACL              *LKEClusterControlPlaneACLOptions `json:"acl,omitempty"`
+}
+
+// LKEClusterControlPlaneACLUpdateOptions represents the options
+// available when updating the ACL configuration of an LKE cluster's
+// control plane.
+type LKEClusterControlPlaneACLUpdateOptions struct {
+	ACL LKEClusterControlPlaneACLOptions `json:"acl"`
+}
+
+// LKEClusterControlPlaneACLResponse represents the response structure
+// for the Client.GetLKEClusterControlPlaneACL(...) method.
+type LKEClusterControlPlaneACLResponse struct {
+	ACL LKEClusterControlPlaneACL `json:"acl"`
+}
+
+// GetLKEClusterControlPlaneACL gets the ACL configuration for the
+// given cluster's control plane.
+func (c *Client) GetLKEClusterControlPlaneACL(ctx context.Context, clusterID int) (*LKEClusterControlPlaneACLResponse, error) {
+	return doGETRequest[LKEClusterControlPlaneACLResponse](
+		ctx,
+		c,
+		formatAPIPath("lke/clusters/%d/control_plane_acl", clusterID),
+	)
+}
+
+// UpdateLKEClusterControlPlaneACL updates the ACL configuration for the
+// given cluster's control plane.
+func (c *Client) UpdateLKEClusterControlPlaneACL(
+	ctx context.Context,
+	clusterID int,
+	opts LKEClusterControlPlaneACLUpdateOptions,
+) (*LKEClusterControlPlaneACLResponse, error) {
+	return doPUTRequest[LKEClusterControlPlaneACLResponse](
+		ctx,
+		c,
+		formatAPIPath("lke/clusters/%d/control_plane_acl", clusterID),
+		opts,
+	)
+}
+
+// DeleteLKEClusterControlPlaneACL deletes the ACL configuration for the
+// given cluster's control plane.
+func (c *Client) DeleteLKEClusterControlPlaneACL(
+	ctx context.Context,
+	clusterID int,
+) error {
+	return doDELETERequest(
+		ctx,
+		c,
+		formatAPIPath("lke/clusters/%d/control_plane_acl", clusterID),
+	)
+}
diff --git a/test/go.mod b/test/go.mod
@@ -6,6 +6,7 @@ require (
 	github.com/jarcoal/httpmock v1.3.1
 	github.com/linode/linodego v1.33.0
 	github.com/linode/linodego/k8s v0.0.0-00010101000000-000000000000
+	github.com/stretchr/testify v1.9.0
 	golang.org/x/net v0.25.0
 	golang.org/x/oauth2 v0.20.0
 	k8s.io/client-go v0.29.4
@@ -31,6 +32,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	golang.org/x/sys v0.20.0 // indirect
 	golang.org/x/term v0.20.0 // indirect