feat(cmd): add deis tls

Author: Matthew Fisher

cmd/cmd.go

@@ -77,6 +77,9 @@ type Commander interface {
 	TagsList(string) error
 	TagsSet(string, []string) error
 	TagsUnset(string, []string) error
+	TLSInfo(string) error
+	TLSEnable(string) error
+	TLSDisable(string) error
 	UsersList(results int) error
 	WhitelistAdd(string, string) error
 	WhitelistList(string) error

cmd/tls.go

@@ -0,0 +1,66 @@
+package cmd
+
+import "github.com/deis/controller-sdk-go/tls"
+
+// TLSInfo prints info about the TLS settings for the given app.
+func (d DeisCmd) TLSInfo(appID string) error {
+	s, appID, err := load(d.ConfigFile, appID)
+
+	if err != nil {
+		return err
+	}
+
+	tls, err := tls.Info(s.Client, appID)
+	if checkAPICompatibility(s.Client, err, d.WErr) != nil {
+		return err
+	}
+
+	d.Printf("=== %s TLS\n", appID)
+	d.Println(tls)
+
+	return nil
+}
+
+// TLSEnable enables the router to enforce https-only requests to the application.
+func (d DeisCmd) TLSEnable(appID string) error {
+	s, appID, err := load(d.ConfigFile, appID)
+
+	if err != nil {
+		return err
+	}
+
+	d.Printf("Enabling https-only requests for %s... ", appID)
+
+	quit := progress(d.WOut)
+	_, err = tls.Enable(s.Client, appID)
+	quit <- true
+	<-quit
+	if checkAPICompatibility(s.Client, err, d.WErr) != nil {
+		return err
+	}
+
+	d.Println("done")
+	return nil
+}
+
+// TLSDisable disables the router to enforce https-only requests to the application.
+func (d DeisCmd) TLSDisable(appID string) error {
+	s, appID, err := load(d.ConfigFile, appID)
+
+	if err != nil {
+		return err
+	}
+
+	d.Printf("Disabling https-only requests for %s... ", appID)
+
+	quit := progress(d.WOut)
+	_, err = tls.Disable(s.Client, appID)
+	quit <- true
+	<-quit
+	if checkAPICompatibility(s.Client, err, d.WErr) != nil {
+		return err
+	}
+
+	d.Println("done")
+	return nil
+}

cmd/tls_test.go

@@ -0,0 +1,102 @@
+package cmd
+
+import (
+	"bytes"
+	"fmt"
+	"net/http"
+	"testing"
+
+	"github.com/arschles/assert"
+	"github.com/deis/controller-sdk-go/api"
+	"github.com/deis/workflow-cli/pkg/testutil"
+)
+
+func TestTLSInfo(t *testing.T) {
+	t.Parallel()
+	cf, server, err := testutil.NewTestServerAndClient()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer server.Close()
+	var b bytes.Buffer
+	cmdr := DeisCmd{WOut: &b, ConfigFile: cf}
+
+	server.Mux.HandleFunc("/v2/apps/numenor/tls/", func(w http.ResponseWriter, r *http.Request) {
+		testutil.SetHeaders(w)
+		fmt.Fprintf(w, `{
+	"uuid": "c4aed81c-d1ca-4ff1-ab89-d2151264e1a3",
+	"app": "numenor",
+	"owner": "nazgul",
+	"created": "2016-08-22T17:40:16Z",
+	"updated": "2016-08-22T17:40:16Z",
+	"https_enforced": true
+}`)
+	})
+
+	err = cmdr.TLSInfo("numenor")
+	assert.NoErr(t, err)
+	assert.Equal(t, b.String(), `=== numenor TLS
+HTTPS Enforced: true
+`, "output")
+}
+
+func TestTLSEnable(t *testing.T) {
+	t.Parallel()
+	cf, server, err := testutil.NewTestServerAndClient()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer server.Close()
+	var b bytes.Buffer
+	cmdr := DeisCmd{WOut: &b, ConfigFile: cf}
+
+	server.Mux.HandleFunc("/v2/apps/numenor/tls/", func(w http.ResponseWriter, r *http.Request) {
+		testutil.SetHeaders(w)
+		b := true
+		a := api.NewTLS()
+		a.HTTPSEnforced = &b
+		testutil.AssertBody(t, a, r)
+		w.WriteHeader(http.StatusCreated)
+		fmt.Fprintf(w, `{
+	"uuid": "c4aed81c-d1ca-4ff1-ab89-d2151264e1a3",
+	"app": "numenor",
+	"owner": "nazgul",
+	"created": "2016-08-22T17:40:16Z",
+	"updated": "2016-08-22T17:40:16Z",
+	"https_enforced": true
+}`)
+	})
+
+	err = cmdr.TLSEnable("numenor")
+	assert.NoErr(t, err)
+	assert.Equal(t, testutil.StripProgress(b.String()), "Enabling https-only requests for numenor... done\n", "output")
+}
+
+func TestTLSDisable(t *testing.T) {
+	t.Parallel()
+	cf, server, err := testutil.NewTestServerAndClient()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer server.Close()
+	var b bytes.Buffer
+	cmdr := DeisCmd{WOut: &b, ConfigFile: cf}
+
+	server.Mux.HandleFunc("/v2/apps/numenor/tls/", func(w http.ResponseWriter, r *http.Request) {
+		testutil.SetHeaders(w)
+		testutil.AssertBody(t, api.NewTLS(), r)
+		w.WriteHeader(http.StatusCreated)
+		fmt.Fprintf(w, `{
+	"uuid": "c4aed81c-d1ca-4ff1-ab89-d2151264e1a3",
+	"app": "numenor",
+	"owner": "nazgul",
+	"created": "2016-08-22T17:40:16Z",
+	"updated": "2016-08-22T17:40:16Z",
+	"https_enforced": false
+}`)
+	})
+
+	err = cmdr.TLSDisable("numenor")
+	assert.NoErr(t, err)
+	assert.Equal(t, testutil.StripProgress(b.String()), "Disabling https-only requests for numenor... done\n", "output")
+}

deis.go

@@ -62,6 +62,7 @@ Subcommands, use 'deis help [subcommand]' to learn more::
   routing       manage routability of an application
   maintenance   manage maintenance mode of an application
   tags          manage tags for application containers
+  tls           manage TLS settings for applications
   users         manage users
   version       display client version
   whitelist     manage whitelisted addresses of an application
@@ -143,6 +144,8 @@ Use 'git push deis master' to deploy to an application.
 		err = parser.Shortcuts(argv, &cmdr)
 	case "tags":
 		err = parser.Tags(argv, &cmdr)
+	case "tls":
+		err = parser.TLS(argv, &cmdr)
 	case "users":
 		err = parser.Users(argv, &cmdr)
 	case "version":

glide.lock

@@ -16,4 +16,4 @@ import:
 - package: github.com/olekukonko/tablewriter
 - package: github.com/arschles/assert
 - package: github.com/deis/controller-sdk-go
-  version: 383a9c0cdf4591127f3dad8b7b9fa48462b1f8d0
+  version: 5b47353db02ef0b616e895087d42da433a4c36df

glide.yaml

@@ -0,0 +1,100 @@
+package parser
+
+import (
+	"github.com/deis/workflow-cli/cmd"
+	docopt "github.com/docopt/docopt-go"
+)
+
+// TLS routes tls commands to their specific function.
+func TLS(argv []string, cmdr cmd.Commander) error {
+	usage := `
+Valid commands for tls:
+
+tls:info              view info about an application's TLS settings
+tls:enable            enables the router to enforce https-only requests to an application
+tls:disable           disables the router to enforce https-only requests to an application
+
+Use 'deis help [command]' to learn more.
+`
+
+	switch argv[0] {
+	case "tls:info":
+		return tlsInfo(argv, cmdr)
+	case "tls:enable":
+		return tlsEnable(argv, cmdr)
+	case "tls:disable":
+		return tlsDisable(argv, cmdr)
+	default:
+		if printHelp(argv, usage) {
+			return nil
+		}
+
+		if argv[0] == "tls" {
+			argv[0] = "tls:info"
+			return tlsInfo(argv, cmdr)
+		}
+
+		PrintUsage(cmdr)
+		return nil
+	}
+}
+
+func tlsInfo(argv []string, cmdr cmd.Commander) error {
+	usage := `
+Prints info about the current application's TLS settings.
+
+Usage: deis tls:info [options]
+
+Options:
+  -a --app=<app>
+    the uniquely identifiable name for the application.
+`
+
+	args, err := docopt.Parse(usage, argv, true, "", false, true)
+
+	if err != nil {
+		return err
+	}
+
+	return cmdr.TLSInfo(safeGetValue(args, "--app"))
+}
+
+func tlsEnable(argv []string, cmdr cmd.Commander) error {
+	usage := `
+Enable the router to enforce https-only requests to the current application.
+
+Usage: deis tls:enable [options]
+
+Options:
+  -a --app=<app>
+    the uniquely identifiable name for the application.
+`
+
+	args, err := docopt.Parse(usage, argv, true, "", false, true)
+
+	if err != nil {
+		return err
+	}
+
+	return cmdr.TLSEnable(safeGetValue(args, "--app"))
+}
+
+func tlsDisable(argv []string, cmdr cmd.Commander) error {
+	usage := `
+Disable the router from enforcing https-only requests to the current application.
+
+Usage: deis tls:disable [options]
+
+Options:
+  -a --app=<app>
+    the uniquely identifiable name for the application.
+`
+
+	args, err := docopt.Parse(usage, argv, true, "", false, true)
+
+	if err != nil {
+		return err
+	}
+
+	return cmdr.TLSDisable(safeGetValue(args, "--app"))
+}