feat(commands/ngwaf/workspaces): add support for CRUD operations for NGWAF workspaces

Author: anthony-gomez-fastly

pkg/app/run_test.go

@@ -82,6 +82,7 @@ kv-store
 kv-store-entry
 log-tail
 logging
+ngwaf
 object-storage
 pops
 products

pkg/commands/commands.go

@@ -55,6 +55,8 @@ import (
 	"github.com/fastly/cli/pkg/commands/logging/sumologic"
 	"github.com/fastly/cli/pkg/commands/logging/syslog"
 	"github.com/fastly/cli/pkg/commands/logtail"
+	"github.com/fastly/cli/pkg/commands/ngwaf"
+	"github.com/fastly/cli/pkg/commands/ngwaf/workspaces"
 	"github.com/fastly/cli/pkg/commands/objectstorage"
 	"github.com/fastly/cli/pkg/commands/objectstorage/accesskeys"
 	"github.com/fastly/cli/pkg/commands/pop"
@@ -393,6 +395,12 @@ func Define( // nolint:revive // function-length
 	loggingSyslogDescribe := syslog.NewDescribeCommand(loggingSyslogCmdRoot.CmdClause, data)
 	loggingSyslogList := syslog.NewListCommand(loggingSyslogCmdRoot.CmdClause, data)
 	loggingSyslogUpdate := syslog.NewUpdateCommand(loggingSyslogCmdRoot.CmdClause, data)
+	ngwafRoot := ngwaf.NewRootCommand(app, data)
+	ngwafWorkspacesRoot := workspaces.NewRootCommand(ngwafRoot.CmdClause, data)
+	ngwafWorkspacesCreate := workspaces.NewCreateCommand(ngwafWorkspacesRoot.CmdClause, data)
+	ngwafWorkspacesDelete := workspaces.NewDeleteCommand(ngwafWorkspacesRoot.CmdClause, data)
+	ngwafWorkspacesGet := workspaces.NewGetCommand(ngwafWorkspacesRoot.CmdClause, data)
+	ngwafWorkspacesList := workspaces.NewListCommand(ngwafWorkspacesRoot.CmdClause, data)
 	objectStorageRoot := objectstorage.NewRootCommand(app, data)
 	objectStorageAccesskeysRoot := accesskeys.NewRootCommand(objectStorageRoot.CmdClause, data)
 	objectStorageAccesskeysCreate := accesskeys.NewCreateCommand(objectStorageAccesskeysRoot.CmdClause, data)
@@ -812,6 +820,12 @@ func Define( // nolint:revive // function-length
 		loggingSyslogDescribe,
 		loggingSyslogList,
 		loggingSyslogUpdate,
+		ngwafRoot,
+		ngwafWorkspacesRoot,
+		ngwafWorkspacesCreate,
+		ngwafWorkspacesDelete,
+		ngwafWorkspacesGet,
+		ngwafWorkspacesList,
 		objectStorageRoot,
 		objectStorageAccesskeysRoot,
 		objectStorageAccesskeysCreate,

pkg/commands/ngwaf/doc.go

@@ -0,0 +1,2 @@
+// Package ngwaf contains commands to inspect and manipulate NGWAF objects.
+package ngwaf

pkg/commands/ngwaf/root.go

@@ -0,0 +1,31 @@
+package ngwaf
+
+import (
+	"io"
+
+	"github.com/fastly/cli/pkg/argparser"
+	"github.com/fastly/cli/pkg/global"
+)
+
+// RootCommand is the parent command for all subcommands in this package.
+// It should be installed under the primary root command.
+type RootCommand struct {
+	argparser.Base
+	// no flags
+}
+
+// CommandName is the string to be used to invoke this command.
+const CommandName = "ngwaf"
+
+// NewRootCommand returns a new command registered in the parent.
+func NewRootCommand(parent argparser.Registerer, g *global.Data) *RootCommand {
+	var c RootCommand
+	c.Globals = g
+	c.CmdClause = parent.Command(CommandName, "Manage NGWAF")
+	return &c
+}
+
+// Exec implements the command interface.
+func (c *RootCommand) Exec(_ io.Reader, _ io.Writer) error {
+	panic("unreachable")
+}

pkg/commands/ngwaf/workspaces/create.go

@@ -0,0 +1,131 @@
+package workspaces
+
+import (
+	"context"
+	"errors"
+	"io"
+	"strconv"
+	"strings"
+
+	"github.com/fastly/go-fastly/v12/fastly"
+	"github.com/fastly/go-fastly/v12/fastly/ngwaf/v1/workspaces"
+
+	"github.com/fastly/cli/pkg/argparser"
+	"github.com/fastly/cli/pkg/global"
+	"github.com/fastly/cli/pkg/text"
+)
+
+// CreateCommand calls the Fastly API to create domains.
+type CreateCommand struct {
+	argparser.Base
+	argparser.JSONOutput
+
+	// Required.
+	description  string
+	blockingMode string
+	name         string
+
+	// Optional.
+	attackThresholds    argparser.OptionalString
+	defaultBlockingCode argparser.OptionalInt
+	defaultRedirectURL  argparser.OptionalString
+	clientIPHeaders     argparser.OptionalString
+	ipAnonimization     argparser.OptionalString
+}
+
+// NewCreateCommand returns a usable command registered under the parent.
+func NewCreateCommand(parent argparser.Registerer, g *global.Data) *CreateCommand {
+	c := CreateCommand{
+		Base: argparser.Base{
+			Globals: g,
+		},
+	}
+	c.CmdClause = parent.Command("create", "Create a workspace").Alias("add")
+
+	// Required.
+	c.CmdClause.Flag("description", "User submitted description of a workspace.").Required().StringVar(&c.description)
+	c.CmdClause.Flag("blockingMode", "User configured mode blocking mode.").Required().StringVar(&c.blockingMode)
+	c.CmdClause.Flag("name", "User submitted display name of a workspace.").Required().StringVar(&c.name)
+
+	// Optional.
+	c.CmdClause.Flag("attackThresholds", "Attack threshold parameters for system site alerts. Each threshold value is the number of attack signals per IP address that must be detected during the interval before the related IP address is flagged. Input accepted as colon separated string: Immediate:OneMinute:TenMinutes:OneHour").Action(c.attackThresholds.Set).StringVar(&c.attackThresholds.Value)
+	c.CmdClause.Flag("clientIPHeaders", "Specify the request header containing the client IP address. Input accepted as comma separated string.").Action(c.clientIPHeaders.Set).StringVar(&c.clientIPHeaders.Value)
+	c.CmdClause.Flag("defaultBlockingCode", "Default status code that is returned when a request to your web application is blocked.").Action(c.defaultBlockingCode.Set).IntVar(&c.defaultBlockingCode.Value)
+	c.CmdClause.Flag("defaultRedirectURL", "Redirect url to be used if code 301 or 302 is used.").Action(c.defaultRedirectURL.Set).StringVar(&c.defaultRedirectURL.Value)
+	c.CmdClause.Flag("ipAnonimization", "Agents will anonymize IP addresses according to the option selected.").Action(c.ipAnonimization.Set).StringVar(&c.ipAnonimization.Value)
+	c.RegisterFlagBool(c.JSONFlag())
+
+	return &c
+}
+
+// Exec invokes the application logic for the command.
+func (c *CreateCommand) Exec(_ io.Reader, out io.Writer) error {
+	var err error
+	input := &workspaces.CreateInput{
+		Description: &c.description,
+		Mode:        &c.blockingMode,
+		Name:        &c.name,
+	}
+	if c.attackThresholds.WasSet {
+		input.AttackSignalThresholds, err = parseAttackSignalThresholds(c.attackThresholds.Value)
+		if err != nil {
+			return err
+		}
+	}
+	if c.clientIPHeaders.WasSet {
+		input.ClientIPHeaders = strings.Split(c.clientIPHeaders.Value, ",")
+	}
+	if c.defaultBlockingCode.WasSet {
+		input.DefaultBlockingResponseCode = &c.defaultBlockingCode.Value
+	}
+	if c.defaultRedirectURL.WasSet {
+		input.DefaultRedirectURL = &c.defaultRedirectURL.Value
+	}
+	if c.ipAnonimization.WasSet {
+		input.IPAnonymization = &c.ipAnonimization.Value
+	}
+
+	fc, ok := c.Globals.APIClient.(*fastly.Client)
+	if !ok {
+		return errors.New("failed to convert interface to a fastly client")
+	}
+
+	data, err := workspaces.Create(context.TODO(), fc, input)
+	if err != nil {
+		return err
+	}
+
+	if ok, err := c.WriteJSON(out, data); ok {
+		return err
+	}
+
+	text.Success(out, "Created workspace '%s' (workspace-id: %s)", data.Name, data.WorkspaceID)
+	return nil
+}
+
+func parseAttackSignalThresholds(thresholds string) (*workspaces.AttackSignalThresholdsCreateInput, error) {
+	thresholdsArray := strings.Split(thresholds, ":")
+	immediate, err := strconv.ParseBool(thresholdsArray[0])
+	if err != nil {
+		return nil, err
+	}
+	oneMinute, err := strconv.Atoi(thresholdsArray[1])
+	if err != nil {
+		return nil, err
+	}
+	tenMinutes, err := strconv.Atoi(thresholdsArray[2])
+	if err != nil {
+		return nil, err
+	}
+	oneHour, err := strconv.Atoi(thresholdsArray[3])
+	if err != nil {
+		return nil, err
+	}
+
+	return &workspaces.AttackSignalThresholdsCreateInput{
+		OneMinute:  &oneMinute,
+		TenMinutes: &tenMinutes,
+		OneHour:    &oneHour,
+		Immediate:  &immediate,
+	}, nil
+}

pkg/commands/ngwaf/workspaces/delete.go

@@ -0,0 +1,79 @@
+package workspaces
+
+import (
+	"context"
+	"errors"
+	"io"
+
+	"github.com/fastly/go-fastly/v12/fastly"
+
+	"github.com/fastly/go-fastly/v12/fastly/ngwaf/v1/workspaces"
+
+	"github.com/fastly/cli/pkg/argparser"
+	fsterr "github.com/fastly/cli/pkg/errors"
+	"github.com/fastly/cli/pkg/global"
+	"github.com/fastly/cli/pkg/text"
+)
+
+// DeleteCommand calls the Fastly API to delete a workspace.
+type DeleteCommand struct {
+	argparser.Base
+	argparser.JSONOutput
+
+	// Required.
+	workspaceID string
+}
+
+// NewDeleteCommand returns a usable command registered under the parent.
+func NewDeleteCommand(parent argparser.Registerer, g *global.Data) *DeleteCommand {
+	c := DeleteCommand{
+		Base: argparser.Base{
+			Globals: g,
+		},
+	}
+
+	c.CmdClause = parent.Command("delete", "Delete a workspace")
+
+	// Required.
+	c.CmdClause.Flag("workspace-id", "Workspace ID").Required().StringVar(&c.workspaceID)
+
+	// Optional.
+	c.RegisterFlagBool(c.JSONFlag())
+
+	return &c
+}
+
+// Exec invokes the application logic for the command.
+func (c *DeleteCommand) Exec(_ io.Reader, out io.Writer) error {
+	if c.Globals.Verbose() && c.JSONOutput.Enabled {
+		return fsterr.ErrInvalidVerboseJSONCombo
+	}
+
+	fc, ok := c.Globals.APIClient.(*fastly.Client)
+	if !ok {
+		return errors.New("failed to convert interface to a fastly client")
+	}
+
+	err := workspaces.Delete(context.TODO(), fc, &workspaces.DeleteInput{
+		WorkspaceID: &c.workspaceID,
+	})
+	if err != nil {
+		c.Globals.ErrLog.Add(err)
+		return err
+	}
+
+	if c.JSONOutput.Enabled {
+		o := struct {
+			ID      string `json:"id"`
+			Deleted bool   `json:"deleted"`
+		}{
+			c.workspaceID,
+			true,
+		}
+		_, err := c.WriteJSON(out, o)
+		return err
+	}
+
+	text.Success(out, "Deleted workspace (id: %s)", c.workspaceID)
+	return nil
+}

pkg/commands/ngwaf/workspaces/doc.go

@@ -0,0 +1,2 @@
+// Package workspaces contains commands to inspect and manipulate NGWAF workspaces.
+package workspaces

pkg/commands/ngwaf/workspaces/get.go

@@ -0,0 +1,71 @@
+package workspaces
+
+import (
+	"context"
+	"errors"
+	"io"
+
+	"github.com/fastly/go-fastly/v12/fastly"
+
+	"github.com/fastly/go-fastly/v12/fastly/ngwaf/v1/workspaces"
+
+	"github.com/fastly/cli/pkg/argparser"
+	fsterr "github.com/fastly/cli/pkg/errors"
+	"github.com/fastly/cli/pkg/global"
+	"github.com/fastly/cli/pkg/text"
+)
+
+// GetCommand calls the Fastly API to get a workspace
+type GetCommand struct {
+	argparser.Base
+	argparser.JSONOutput
+
+	// Required.
+	workspaceID string
+}
+
+// NewGetCommand returns a usable command registered under the parent.
+func NewGetCommand(parent argparser.Registerer, g *global.Data) *GetCommand {
+	c := GetCommand{
+		Base: argparser.Base{
+			Globals: g,
+		},
+	}
+
+	c.CmdClause = parent.Command("get", "Get a workspace")
+
+	// Required.
+	c.CmdClause.Flag("workspace-id", "Workspace ID").Required().StringVar(&c.workspaceID)
+
+	// Optional.
+	c.RegisterFlagBool(c.JSONFlag())
+
+	return &c
+}
+
+// Exec invokes the application logic for the command.
+func (c *GetCommand) Exec(_ io.Reader, out io.Writer) error {
+	if c.Globals.Verbose() && c.JSONOutput.Enabled {
+		return fsterr.ErrInvalidVerboseJSONCombo
+	}
+
+	fc, ok := c.Globals.APIClient.(*fastly.Client)
+	if !ok {
+		return errors.New("failed to convert interface to a fastly client")
+	}
+
+	data, err := workspaces.Get(context.TODO(), fc, &workspaces.GetInput{
+		WorkspaceID: &c.workspaceID,
+	})
+	if err != nil {
+		c.Globals.ErrLog.Add(err)
+		return err
+	}
+
+	if ok, err := c.WriteJSON(out, data); ok {
+		return err
+	}
+
+	text.PrintWorkspace(out, data)
+	return nil
+}