fastlyctl 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +5 -4
- data/lib/fastlyctl/commands/acl.rb +73 -5
- data/lib/fastlyctl/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 47e44218334f858ca38258f7d78f7b06a43c4ad469a3471065e9c73d44b07d4b
|
|
4
|
+
data.tar.gz: 1f49de73048ed5acaadb18306eb3d8567e3740b40617720fb55d3386176ed104
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2db1dffff49f810de07d362bc61c43a2577084f66530b2e48e20913a7187b41818363fcaefa2783df590cbe194aeb457b4d846794cecae5624febc63c8fe58b9
|
|
7
|
+
data.tar.gz: 03fda9af78e06722122abfb1d992574daaafcfe5acfc55de4ebeae3699ee6f281820131c13e8773c6ecd94ca127fedad172e2de921f2673b5454128da62001aa
|
data/README.md
CHANGED
|
@@ -47,16 +47,17 @@ Manipulate ACLs on a service.
|
|
|
47
47
|
Usage:
|
|
48
48
|
|
|
49
49
|
```
|
|
50
|
-
fastlyctl acl [action] [acl_name] [
|
|
50
|
+
fastlyctl acl [action] [acl_name] [ip]
|
|
51
51
|
```
|
|
52
52
|
|
|
53
53
|
Available Actions:
|
|
54
|
-
* create: Creates a new ACL. `
|
|
55
|
-
* delete: Deletes an ACL. `
|
|
56
|
-
* list: Lists all ACLs. `
|
|
54
|
+
* create: Creates a new ACL. `ip` parameter is omitted.
|
|
55
|
+
* delete: Deletes an ACL. `ip` parameter is omitted.
|
|
56
|
+
* list: Lists all ACLs. `ip` parameter is omitted.
|
|
57
57
|
* add: Adds a new IP or Subnet to an ACL.
|
|
58
58
|
* remove: Removes an IP or Subnet from an ACL.
|
|
59
59
|
* list_ips: Lists all IPs/Subnets in an ACL.
|
|
60
|
+
* sync: Synchronizes an ACL with a comma separated list of IPs. Will create or delete ACL entries as needed.
|
|
60
61
|
* bulk_add: Adds multiple items to an ACL. See [this documentation](https://docs.fastly.com/api/config#acl_entry_c352ca5aee49b7898535cce488e3ba82) for information on the format.
|
|
61
62
|
|
|
62
63
|
Flags:
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
module FastlyCTL
|
|
2
2
|
class CLI < Thor
|
|
3
|
-
desc "acl ACTION ACL_NAME
|
|
3
|
+
desc "acl ACTION ACL_NAME IP", "Manipulate ACLS.\n Actions:\n create: Create an ACL\n
|
|
4
4
|
delete: Delete an ACL\n
|
|
5
5
|
list: Provide a list of ACLs on this service\n
|
|
6
6
|
add: Add an IP/subnet to an ACL\n
|
|
7
7
|
remove: Remove an IP/subnet from an ACL\n
|
|
8
8
|
list_ips: List all IPs/subnets in the ACL\n
|
|
9
|
+
sync: Synchronizes an ACL with a comma separated list of IPs. Will create or delete ACL entries as needed.
|
|
9
10
|
bulk_add: Perform operations on the ACL in bulk. A list of operations in JSON format should be specified in the ip field. Documentation on this format can be found here: https://docs.fastly.com/api/config#acl_entry_c352ca5aee49b7898535cce488e3ba82"
|
|
10
11
|
method_option :service, :aliases => ["--s"]
|
|
11
12
|
method_option :version, :aliases => ["--v"]
|
|
@@ -43,10 +44,24 @@ module FastlyCTL
|
|
|
43
44
|
when "add"
|
|
44
45
|
abort "Must specify name for ACL" unless name
|
|
45
46
|
abort "Must specify IP" unless ip
|
|
47
|
+
|
|
48
|
+
subnet = false
|
|
49
|
+
if ip.include?("/")
|
|
50
|
+
ip = ip.sub(/\/(\d{1,2})/,"")
|
|
51
|
+
subnet = $1
|
|
52
|
+
end
|
|
53
|
+
|
|
46
54
|
acl = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/acl/#{encoded_name}")
|
|
47
|
-
FastlyCTL::Fetcher.api_request(:post, "/service/#{id}/acl/#{acl["id"]}/entry", params: { ip: ip, negated: options.key?(:negate) ? "1" : "0" })
|
|
48
55
|
|
|
49
|
-
|
|
56
|
+
params = {
|
|
57
|
+
ip: ip,
|
|
58
|
+
negated: options.key?(:negate) ? "1" : "0"
|
|
59
|
+
}
|
|
60
|
+
params[:subnet] = subnet if subnet
|
|
61
|
+
|
|
62
|
+
FastlyCTL::Fetcher.api_request(:post, "/service/#{id}/acl/#{acl["id"]}/entry", params: params)
|
|
63
|
+
|
|
64
|
+
say("#{ip} added to ACL #{name}.")
|
|
50
65
|
when "remove"
|
|
51
66
|
abort "Must specify name for ACL" unless name
|
|
52
67
|
abort "Must specify IP for ACL entry" unless ip
|
|
@@ -73,13 +88,66 @@ module FastlyCTL
|
|
|
73
88
|
|
|
74
89
|
say("No items in ACL.") unless entries.length > 0
|
|
75
90
|
entries.each do |i|
|
|
76
|
-
puts "#{i["ip"]} - Negated: #{i["negated"] == "0" ? "false" : "true"}"
|
|
91
|
+
puts "#{i["ip"]}#{i["subnet"].nil? ? "" : "/"+i["subnet"].to_s} - Negated: #{i["negated"] == "0" ? "false" : "true"}"
|
|
77
92
|
end
|
|
93
|
+
when "sync"
|
|
94
|
+
abort "Must specify name for ACL" unless name
|
|
95
|
+
abort "Must supply comma separated list of IPs as the \"ip\" parameter" unless ip
|
|
96
|
+
|
|
97
|
+
ips = ip.split(',').to_set.to_a
|
|
98
|
+
entry_ids = Hash.new
|
|
99
|
+
current_ips = []
|
|
100
|
+
|
|
101
|
+
acl = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/acl/#{encoded_name}")
|
|
102
|
+
entries = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/acl/#{acl["id"]}/entries")
|
|
103
|
+
entries.each do |entry|
|
|
104
|
+
ip_with_subnet = entry["ip"]
|
|
105
|
+
ip_with_subnet += "/" + entry["subnet"].to_s if (entry.key?("subnet") && !entry["subnet"].nil?)
|
|
106
|
+
|
|
107
|
+
entry_ids[ip_with_subnet] = entry["id"]
|
|
108
|
+
current_ips.push(ip_with_subnet)
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
to_add = ips - current_ips
|
|
112
|
+
to_remove = current_ips - ips
|
|
113
|
+
|
|
114
|
+
bulk = []
|
|
115
|
+
|
|
116
|
+
to_add.each do |add|
|
|
117
|
+
subnet = false
|
|
118
|
+
if add.include?("/")
|
|
119
|
+
add = add.sub(/\/(\d{1,2})/,"")
|
|
120
|
+
subnet = $1
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
params = {
|
|
124
|
+
"op" => "create",
|
|
125
|
+
"ip" => add
|
|
126
|
+
}
|
|
127
|
+
params["subnet"] = subnet if subnet
|
|
128
|
+
|
|
129
|
+
bulk.push(params)
|
|
130
|
+
end
|
|
131
|
+
|
|
132
|
+
to_remove.each do |remove|
|
|
133
|
+
entry_id = entry_ids[remove]
|
|
134
|
+
remove = remove.sub(/\/(\d{1,2})/,"") if remove.include?("/")
|
|
135
|
+
|
|
136
|
+
bulk.push({
|
|
137
|
+
"op" => "delete",
|
|
138
|
+
"id" => entry_id
|
|
139
|
+
})
|
|
140
|
+
end
|
|
141
|
+
|
|
142
|
+
FastlyCTL::Fetcher.api_request(:patch, "/service/#{id}/acl/#{acl["id"]}/entries", {body: {entries: bulk}.to_json, headers: {"Content-Type" => "application/json"}})
|
|
143
|
+
|
|
144
|
+
say("Sync operation completed successfully with #{bulk.length} operations.")
|
|
145
|
+
|
|
78
146
|
when "bulk_add"
|
|
79
147
|
abort "Must specify name for ACL" unless name
|
|
80
148
|
abort "Must specify JSON blob of operations in ip field. Documentation on this can be found here: https://docs.fastly.com/api/config#acl_entry_c352ca5aee49b7898535cce488e3ba82" unless ip
|
|
81
149
|
acl = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/acl/#{encoded_name}")
|
|
82
|
-
FastlyCTL::Fetcher.api_request(:patch, "/service/#{id}/acl/#{acl["id"]}/
|
|
150
|
+
FastlyCTL::Fetcher.api_request(:patch, "/service/#{id}/acl/#{acl["id"]}/entries", {body: ip, headers: {"Content-Type" => "application/json"}})
|
|
83
151
|
|
|
84
152
|
say("Bulk add operation completed successfully.")
|
|
85
153
|
else
|
data/lib/fastlyctl/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fastlyctl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen Basile
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-04-
|
|
11
|
+
date: 2019-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|