Merge pull request #265 from digitalocean/database_inbound_sources
add support for getting/setting firewall rules
This commit is contained in:
commit
6e1df21412
72
databases.go
72
databases.go
|
@ -8,21 +8,22 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
databaseBasePath = "/v2/databases"
|
databaseBasePath = "/v2/databases"
|
||||||
databaseSinglePath = databaseBasePath + "/%s"
|
databaseSinglePath = databaseBasePath + "/%s"
|
||||||
databaseResizePath = databaseBasePath + "/%s/resize"
|
databaseResizePath = databaseBasePath + "/%s/resize"
|
||||||
databaseMigratePath = databaseBasePath + "/%s/migrate"
|
databaseMigratePath = databaseBasePath + "/%s/migrate"
|
||||||
databaseMaintenancePath = databaseBasePath + "/%s/maintenance"
|
databaseMaintenancePath = databaseBasePath + "/%s/maintenance"
|
||||||
databaseBackupsPath = databaseBasePath + "/%s/backups"
|
databaseBackupsPath = databaseBasePath + "/%s/backups"
|
||||||
databaseUsersPath = databaseBasePath + "/%s/users"
|
databaseUsersPath = databaseBasePath + "/%s/users"
|
||||||
databaseUserPath = databaseBasePath + "/%s/users/%s"
|
databaseUserPath = databaseBasePath + "/%s/users/%s"
|
||||||
databaseDBPath = databaseBasePath + "/%s/dbs/%s"
|
databaseDBPath = databaseBasePath + "/%s/dbs/%s"
|
||||||
databaseDBsPath = databaseBasePath + "/%s/dbs"
|
databaseDBsPath = databaseBasePath + "/%s/dbs"
|
||||||
databasePoolPath = databaseBasePath + "/%s/pools/%s"
|
databasePoolPath = databaseBasePath + "/%s/pools/%s"
|
||||||
databasePoolsPath = databaseBasePath + "/%s/pools"
|
databasePoolsPath = databaseBasePath + "/%s/pools"
|
||||||
databaseReplicaPath = databaseBasePath + "/%s/replicas/%s"
|
databaseReplicaPath = databaseBasePath + "/%s/replicas/%s"
|
||||||
databaseReplicasPath = databaseBasePath + "/%s/replicas"
|
databaseReplicasPath = databaseBasePath + "/%s/replicas"
|
||||||
evictionPolicyPath = databaseBasePath + "/%s/eviction_policy"
|
evictionPolicyPath = databaseBasePath + "/%s/eviction_policy"
|
||||||
|
databaseFirewallRulesPath = databaseBasePath + "/%s/firewall"
|
||||||
)
|
)
|
||||||
|
|
||||||
// DatabasesService is an interface for interfacing with the databases endpoints
|
// DatabasesService is an interface for interfacing with the databases endpoints
|
||||||
|
@ -55,6 +56,8 @@ type DatabasesService interface {
|
||||||
DeleteReplica(context.Context, string, string) (*Response, error)
|
DeleteReplica(context.Context, string, string) (*Response, error)
|
||||||
GetEvictionPolicy(context.Context, string) (string, *Response, error)
|
GetEvictionPolicy(context.Context, string) (string, *Response, error)
|
||||||
SetEvictionPolicy(context.Context, string, string) (*Response, error)
|
SetEvictionPolicy(context.Context, string, string) (*Response, error)
|
||||||
|
GetFirewallRules(context.Context, string) (*Response, error)
|
||||||
|
UpdateFirewallRules(context.Context, string, *DatabaseUpdateFirewallRulesRequest) (*Response, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
// DatabasesServiceOp handles communication with the Databases related methods
|
// DatabasesServiceOp handles communication with the Databases related methods
|
||||||
|
@ -211,6 +214,20 @@ type DatabaseCreateReplicaRequest struct {
|
||||||
Tags []string `json:"tags,omitempty"`
|
Tags []string `json:"tags,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DatabaseUpdateFirewallRulesRequest is used to set the firewall rules for a database
|
||||||
|
type DatabaseUpdateFirewallRulesRequest struct {
|
||||||
|
Rules []*DatabaseFirewallRule `json:"rules"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// DatabaseFirewallRule is a rule describing an inbound source to a database
|
||||||
|
type DatabaseFirewallRule struct {
|
||||||
|
UUID string `json:"uuid"`
|
||||||
|
ClusterUUID string `json:"cluster_uuid"`
|
||||||
|
Type string `json:"type"`
|
||||||
|
Value string `json:"value"`
|
||||||
|
CreatedAt time.Time `json:"created_at"`
|
||||||
|
}
|
||||||
|
|
||||||
type databaseUserRoot struct {
|
type databaseUserRoot struct {
|
||||||
User *DatabaseUser `json:"user"`
|
User *DatabaseUser `json:"user"`
|
||||||
}
|
}
|
||||||
|
@ -259,6 +276,10 @@ type evictionPolicyRoot struct {
|
||||||
EvictionPolicy string `json:"eviction_policy"`
|
EvictionPolicy string `json:"eviction_policy"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type databaseFirewallRuleRoot struct {
|
||||||
|
Rules []*DatabaseFirewallRule `json:"rules"`
|
||||||
|
}
|
||||||
|
|
||||||
func (d Database) URN() string {
|
func (d Database) URN() string {
|
||||||
return ToURN("dbaas", d.ID)
|
return ToURN("dbaas", d.ID)
|
||||||
}
|
}
|
||||||
|
@ -669,3 +690,24 @@ func (svc *DatabasesServiceOp) SetEvictionPolicy(ctx context.Context, databaseID
|
||||||
}
|
}
|
||||||
return resp, nil
|
return resp, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// GetFirewallRules loads the inbound sources for a given cluster.
|
||||||
|
func (svc *DatabasesServiceOp) GetFirewallRules(ctx context.Context, databaseID string) (*Response, error) {
|
||||||
|
path := fmt.Sprintf(databaseFirewallRulesPath, databaseID)
|
||||||
|
root := new(databaseFirewallRuleRoot)
|
||||||
|
req, err := svc.client.NewRequest(ctx, http.MethodGet, path, nil)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return svc.client.Do(ctx, req, root)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UpdateFirewallRules sets the inbound sources for a given cluster.
|
||||||
|
func (svc *DatabasesServiceOp) UpdateFirewallRules(ctx context.Context, databaseID string, firewallRulesReq *DatabaseUpdateFirewallRulesRequest) (*Response, error) {
|
||||||
|
path := fmt.Sprintf(databaseFirewallRulesPath, databaseID)
|
||||||
|
req, err := svc.client.NewRequest(ctx, http.MethodPut, path, firewallRulesReq)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return svc.client.Do(ctx, req, nil)
|
||||||
|
}
|
||||||
|
|
|
@ -1183,3 +1183,51 @@ func TestDatabases_GetEvictionPolicy(t *testing.T) {
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
require.Equal(t, want, got)
|
require.Equal(t, want, got)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestDatabases_GetFirewallRules(t *testing.T) {
|
||||||
|
setup()
|
||||||
|
defer teardown()
|
||||||
|
|
||||||
|
dbID := "deadbeef-dead-4aa5-beef-deadbeef347d"
|
||||||
|
|
||||||
|
path := fmt.Sprintf("/v2/databases/%s/firewall", dbID)
|
||||||
|
|
||||||
|
body := ` {"rules": [{
|
||||||
|
"type": "ip_addr",
|
||||||
|
"value": "192.168.1.1",
|
||||||
|
"uuid": "deadbeef-dead-4aa5-beef-deadbeef347d",
|
||||||
|
"cluster_uuid": "deadbeef-dead-4aa5-beef-deadbeef347d"
|
||||||
|
}]} `
|
||||||
|
|
||||||
|
mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
testMethod(t, r, http.MethodGet)
|
||||||
|
fmt.Fprint(w, body)
|
||||||
|
})
|
||||||
|
|
||||||
|
_, err := client.Databases.GetFirewallRules(ctx, dbID)
|
||||||
|
require.NoError(t, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestDatabases_UpdateFirewallRules(t *testing.T) {
|
||||||
|
setup()
|
||||||
|
defer teardown()
|
||||||
|
|
||||||
|
dbID := "deadbeef-dead-4aa5-beef-deadbeef347d"
|
||||||
|
|
||||||
|
path := fmt.Sprintf("/v2/databases/%s/firewall", dbID)
|
||||||
|
|
||||||
|
mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
testMethod(t, r, http.MethodPut)
|
||||||
|
})
|
||||||
|
|
||||||
|
_, err := client.Databases.UpdateFirewallRules(ctx, dbID, &DatabaseUpdateFirewallRulesRequest{
|
||||||
|
Rules: []*DatabaseFirewallRule{
|
||||||
|
{
|
||||||
|
Type: "ip_addr",
|
||||||
|
Value: "192.168.1.1",
|
||||||
|
UUID: "deadbeef-dead-4aa5-beef-deadbeef347d",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
require.NoError(t, err)
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue