fastlyctl 1.0.2 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +5 -4
- data/lib/fastlyctl/commands/acl.rb +73 -5
- data/lib/fastlyctl/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 47e44218334f858ca38258f7d78f7b06a43c4ad469a3471065e9c73d44b07d4b
|
|
4
|
+
data.tar.gz: 1f49de73048ed5acaadb18306eb3d8567e3740b40617720fb55d3386176ed104
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2db1dffff49f810de07d362bc61c43a2577084f66530b2e48e20913a7187b41818363fcaefa2783df590cbe194aeb457b4d846794cecae5624febc63c8fe58b9
|
|
7
|
+
data.tar.gz: 03fda9af78e06722122abfb1d992574daaafcfe5acfc55de4ebeae3699ee6f281820131c13e8773c6ecd94ca127fedad172e2de921f2673b5454128da62001aa
|
data/README.md
CHANGED
|
@@ -47,16 +47,17 @@ Manipulate ACLs on a service.
|
|
|
47
47
|
Usage:
|
|
48
48
|
|
|
49
49
|
```
|
|
50
|
-
fastlyctl acl [action] [acl_name] [
|
|
50
|
+
fastlyctl acl [action] [acl_name] [ip]
|
|
51
51
|
```
|
|
52
52
|
|
|
53
53
|
Available Actions:
|
|
54
|
-
* create: Creates a new ACL. `
|
|
55
|
-
* delete: Deletes an ACL. `
|
|
56
|
-
* list: Lists all ACLs. `
|
|
54
|
+
* create: Creates a new ACL. `ip` parameter is omitted.
|
|
55
|
+
* delete: Deletes an ACL. `ip` parameter is omitted.
|
|
56
|
+
* list: Lists all ACLs. `ip` parameter is omitted.
|
|
57
57
|
* add: Adds a new IP or Subnet to an ACL.
|
|
58
58
|
* remove: Removes an IP or Subnet from an ACL.
|
|
59
59
|
* list_ips: Lists all IPs/Subnets in an ACL.
|
|
60
|
+
* sync: Synchronizes an ACL with a comma separated list of IPs. Will create or delete ACL entries as needed.
|
|
60
61
|
* bulk_add: Adds multiple items to an ACL. See [this documentation](https://docs.fastly.com/api/config#acl_entry_c352ca5aee49b7898535cce488e3ba82) for information on the format.
|
|
61
62
|
|
|
62
63
|
Flags:
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
module FastlyCTL
|
|
2
2
|
class CLI < Thor
|
|
3
|
-
desc "acl ACTION ACL_NAME
|
|
3
|
+
desc "acl ACTION ACL_NAME IP", "Manipulate ACLS.\n Actions:\n create: Create an ACL\n
|
|
4
4
|
delete: Delete an ACL\n
|
|
5
5
|
list: Provide a list of ACLs on this service\n
|
|
6
6
|
add: Add an IP/subnet to an ACL\n
|
|
7
7
|
remove: Remove an IP/subnet from an ACL\n
|
|
8
8
|
list_ips: List all IPs/subnets in the ACL\n
|
|
9
|
+
sync: Synchronizes an ACL with a comma separated list of IPs. Will create or delete ACL entries as needed.
|
|
9
10
|
bulk_add: Perform operations on the ACL in bulk. A list of operations in JSON format should be specified in the ip field. Documentation on this format can be found here: https://docs.fastly.com/api/config#acl_entry_c352ca5aee49b7898535cce488e3ba82"
|
|
10
11
|
method_option :service, :aliases => ["--s"]
|
|
11
12
|
method_option :version, :aliases => ["--v"]
|
|
@@ -43,10 +44,24 @@ module FastlyCTL
|
|
|
43
44
|
when "add"
|
|
44
45
|
abort "Must specify name for ACL" unless name
|
|
45
46
|
abort "Must specify IP" unless ip
|
|
47
|
+
|
|
48
|
+
subnet = false
|
|
49
|
+
if ip.include?("/")
|
|
50
|
+
ip = ip.sub(/\/(\d{1,2})/,"")
|
|
51
|
+
subnet = $1
|
|
52
|
+
end
|
|
53
|
+
|
|
46
54
|
acl = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/acl/#{encoded_name}")
|
|
47
|
-
FastlyCTL::Fetcher.api_request(:post, "/service/#{id}/acl/#{acl["id"]}/entry", params: { ip: ip, negated: options.key?(:negate) ? "1" : "0" })
|
|
48
55
|
|
|
49
|
-
|
|
56
|
+
params = {
|
|
57
|
+
ip: ip,
|
|
58
|
+
negated: options.key?(:negate) ? "1" : "0"
|
|
59
|
+
}
|
|
60
|
+
params[:subnet] = subnet if subnet
|
|
61
|
+
|
|
62
|
+
FastlyCTL::Fetcher.api_request(:post, "/service/#{id}/acl/#{acl["id"]}/entry", params: params)
|
|
63
|
+
|
|
64
|
+
say("#{ip} added to ACL #{name}.")
|
|
50
65
|
when "remove"
|
|
51
66
|
abort "Must specify name for ACL" unless name
|
|
52
67
|
abort "Must specify IP for ACL entry" unless ip
|
|
@@ -73,13 +88,66 @@ module FastlyCTL
|
|
|
73
88
|
|
|
74
89
|
say("No items in ACL.") unless entries.length > 0
|
|
75
90
|
entries.each do |i|
|
|
76
|
-
puts "#{i["ip"]} - Negated: #{i["negated"] == "0" ? "false" : "true"}"
|
|
91
|
+
puts "#{i["ip"]}#{i["subnet"].nil? ? "" : "/"+i["subnet"].to_s} - Negated: #{i["negated"] == "0" ? "false" : "true"}"
|
|
77
92
|
end
|
|
93
|
+
when "sync"
|
|
94
|
+
abort "Must specify name for ACL" unless name
|
|
95
|
+
abort "Must supply comma separated list of IPs as the \"ip\" parameter" unless ip
|
|
96
|
+
|
|
97
|
+
ips = ip.split(',').to_set.to_a
|
|
98
|
+
entry_ids = Hash.new
|
|
99
|
+
current_ips = []
|
|
100
|
+
|
|
101
|
+
acl = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/acl/#{encoded_name}")
|
|
102
|
+
entries = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/acl/#{acl["id"]}/entries")
|
|
103
|
+
entries.each do |entry|
|
|
104
|
+
ip_with_subnet = entry["ip"]
|
|
105
|
+
ip_with_subnet += "/" + entry["subnet"].to_s if (entry.key?("subnet") && !entry["subnet"].nil?)
|
|
106
|
+
|
|
107
|
+
entry_ids[ip_with_subnet] = entry["id"]
|
|
108
|
+
current_ips.push(ip_with_subnet)
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
to_add = ips - current_ips
|
|
112
|
+
to_remove = current_ips - ips
|
|
113
|
+
|
|
114
|
+
bulk = []
|
|
115
|
+
|
|
116
|
+
to_add.each do |add|
|
|
117
|
+
subnet = false
|
|
118
|
+
if add.include?("/")
|
|
119
|
+
add = add.sub(/\/(\d{1,2})/,"")
|
|
120
|
+
subnet = $1
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
params = {
|
|
124
|
+
"op" => "create",
|
|
125
|
+
"ip" => add
|
|
126
|
+
}
|
|
127
|
+
params["subnet"] = subnet if subnet
|
|
128
|
+
|
|
129
|
+
bulk.push(params)
|
|
130
|
+
end
|
|
131
|
+
|
|
132
|
+
to_remove.each do |remove|
|
|
133
|
+
entry_id = entry_ids[remove]
|
|
134
|
+
remove = remove.sub(/\/(\d{1,2})/,"") if remove.include?("/")
|
|
135
|
+
|
|
136
|
+
bulk.push({
|
|
137
|
+
"op" => "delete",
|
|
138
|
+
"id" => entry_id
|
|
139
|
+
})
|
|
140
|
+
end
|
|
141
|
+
|
|
142
|
+
FastlyCTL::Fetcher.api_request(:patch, "/service/#{id}/acl/#{acl["id"]}/entries", {body: {entries: bulk}.to_json, headers: {"Content-Type" => "application/json"}})
|
|
143
|
+
|
|
144
|
+
say("Sync operation completed successfully with #{bulk.length} operations.")
|
|
145
|
+
|
|
78
146
|
when "bulk_add"
|
|
79
147
|
abort "Must specify name for ACL" unless name
|
|
80
148
|
abort "Must specify JSON blob of operations in ip field. Documentation on this can be found here: https://docs.fastly.com/api/config#acl_entry_c352ca5aee49b7898535cce488e3ba82" unless ip
|
|
81
149
|
acl = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/acl/#{encoded_name}")
|
|
82
|
-
FastlyCTL::Fetcher.api_request(:patch, "/service/#{id}/acl/#{acl["id"]}/
|
|
150
|
+
FastlyCTL::Fetcher.api_request(:patch, "/service/#{id}/acl/#{acl["id"]}/entries", {body: ip, headers: {"Content-Type" => "application/json"}})
|
|
83
151
|
|
|
84
152
|
say("Bulk add operation completed successfully.")
|
|
85
153
|
else
|
data/lib/fastlyctl/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fastlyctl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen Basile
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-04-
|
|
11
|
+
date: 2019-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|