upcoming: [UIE-9514] - Update Firewall Rule Drawer to support referencing Rule Set (#13094)

* Save progress

* Update tests

* Few more changes

* Add more changes

* Clean up tests

* Few changes

* Layout updates

* Update tests

* Add ruleset loading state

* Clean up mocks

* Fix mocks

* Add comments to the type

* Added changeset: Update FirewallRuleType to support ruleset

* Added changeset: Update FirewallRuleTypeSchema to support ruleset

* Added changeset: Add new Firewall RuleSet row layout

* Update ruleset action text - Delete to Remove

* Save progress...

* Update comment

* Exclude 'addresses' from rulesets reference payloads

* Some fixes

* Add more details to the drawer for rulset

* More changes...

* Move Action column and improve table responsiveness for long labels

* Update Cypress component test

* Add more changes to the drawer for rulesets

* Update gap & fontsize of firwall add rules selection card

* Fix Chip shrink issue

* Revert Action column movement since its not yet confirmed

* More Refactoring + better formstate typesaftey

* Add renderOptions for Add ruleset Autocomplete

* Fix typos

* Few updates

* Few fixes

* Update cypress component tests

* More changes

* Update Add rulesets button copy

* More Updates

* Feature flag create entity selection for ruleset

* More refactoring - separating form states

* Some clean up...

* Show only rulsets in dropdown applicable to the given catergory

* Update date format

* Update badge color tokens

* Capitalize action label in chip

* Update Chip width

* Added changeset: Update Firewall Rule Drawer to support referencing Rule Set

* Update placeholder for Select Rule Set

* Few updates and clean up

* Make cy test work

* Clean up: remove duplicate validation

* Add cancel btn for rules form + some design tokens for dropdown options

* Add unit tests for Add Rule Set Drawer

* Update test title

* Mock useIsFirewallRulesetsPrefixlistsEnabled instead of feature flag

* Fix styling and a bit of clean up

Author: pmakode-akamai

packages/manager/.changeset/pr-13094-upcoming-features-1763558731421.md

@@ -0,0 +1,5 @@
+---
+"@linode/manager": Upcoming Features
+---
+
+Update Firewall Rule Drawer to support referencing Rule Set ([#13094](https://github.com/linode/manager/pull/13094))

packages/manager/src/features/Firewalls/FirewallDetail/Rules/FirewallRuleDrawer.test.tsx

@@ -5,6 +5,7 @@ import { allIPs } from 'src/features/Firewalls/shared';
 import { stringToExtendedIP } from 'src/utilities/ipUtils';
 import { renderWithTheme } from 'src/utilities/testHelpers';
 
+import * as shared from '../../shared';
 import { FirewallRuleDrawer } from './FirewallRuleDrawer';
 import {
   classifyIPs,
@@ -37,8 +38,12 @@ const props: FirewallRuleDrawerProps = {
   onSubmit: mockOnSubmit,
 };
 
+const spy = vi.spyOn(shared, 'useIsFirewallRulesetsPrefixlistsEnabled');
+
 describe('AddRuleDrawer', () => {
   it('renders the title', () => {
+    spy.mockReturnValue({ isFirewallRulesetsPrefixlistsEnabled: false });
+
     const { getByText } = renderWithTheme(
       <FirewallRuleDrawer {...props} category="inbound" mode="create" />
     );
@@ -66,6 +71,79 @@ describe('AddRuleDrawer', () => {
   });
 });
 
+describe('AddRuleSetDrawer', () => {
+  beforeEach(() => {
+    spy.mockReturnValue({ isFirewallRulesetsPrefixlistsEnabled: true });
+  });
+
+  it('renders the drawer title', () => {
+    const { getByText } = renderWithTheme(
+      <FirewallRuleDrawer {...props} category="inbound" mode="create" />
+    );
+
+    expect(getByText('Add an Inbound Rule or Rule Set')).toBeVisible();
+  });
+
+  it('renders the selection cards', () => {
+    const { getByText } = renderWithTheme(
+      <FirewallRuleDrawer {...props} category="inbound" mode="create" />
+    );
+
+    expect(getByText(/Create a Rule/i)).toBeVisible();
+    expect(getByText(/Reference Rule Set/i)).toBeVisible();
+  });
+
+  it('renders the Rule Set form and its elements when selection card is clicked', async () => {
+    const { getByText, getByPlaceholderText, getByRole } = renderWithTheme(
+      <FirewallRuleDrawer {...props} category="inbound" mode="create" />
+    );
+
+    const ruleSetCard = getByText(/Reference Rule Set/i);
+    await userEvent.click(ruleSetCard);
+
+    // Description
+    expect(
+      getByText(
+        'RuleSets are reusable collections of Cloud Firewall rules that use the same fields as individual rules. They let you manage and update multiple rules as a group. You can then apply them across different firewalls by reference.'
+      )
+    ).toBeVisible();
+
+    // Autocomplete field
+    expect(getByText('Rule Set')).toBeVisible();
+    expect(
+      getByPlaceholderText('Type to search or select a Rule Set')
+    ).toBeVisible();
+
+    // Action buttons
+    expect(getByRole('button', { name: 'Add Rule' })).toBeVisible();
+    expect(getByRole('button', { name: 'Cancel' })).toBeVisible();
+
+    // Footer text
+    expect(
+      getByText(
+        'Rule changes don’t take effect immediately. You can add or delete rules before saving all your changes to this Firewall.'
+      )
+    ).toBeVisible();
+  });
+
+  it('shows validation message when Rule Set form is submitted without selecting a value', async () => {
+    const { getByText, getByRole } = renderWithTheme(
+      <FirewallRuleDrawer {...props} category="inbound" mode="create" />
+    );
+
+    // Click the Rule Set Selection card to open the Rule Set form
+    const ruleSetCard = getByText(/Reference Rule Set/i);
+    await userEvent.click(ruleSetCard);
+
+    // Click the "Add Rule" button without selecting the Autocomplete field
+    const addRuleButton = getByRole('button', { name: 'Add Rule' });
+    await userEvent.click(addRuleButton);
+
+    // Expect the validation message to appear
+    getByText('Rule Set is required.');
+  });
+});
+
 describe('utilities', () => {
   describe('formValueToIPs', () => {
     it('returns a complete set of IPs given a string form value', () => {

packages/manager/src/features/Firewalls/FirewallDetail/Rules/FirewallRuleDrawer.tsx

@@ -1,8 +1,15 @@
-import { Drawer, Typography } from '@linode/ui';
+import { Drawer, Notice, Radio, Typography } from '@linode/ui';
 import { capitalize } from '@linode/utilities';
+import { Grid } from '@mui/material';
 import { Formik } from 'formik';
 import * as React from 'react';
 
+import { SelectionCard } from 'src/components/SelectionCard/SelectionCard';
+
+import {
+  type FirewallOptionItem,
+  useIsFirewallRulesetsPrefixlistsEnabled,
+} from '../../shared';
 import {
   formValueToIPs,
   getInitialFormValues,
@@ -13,10 +20,13 @@ import {
   validateIPs,
 } from './FirewallRuleDrawer.utils';
 import { FirewallRuleForm } from './FirewallRuleForm';
+import { FirewallRuleSetForm } from './FirewallRuleSetForm';
+import { firewallRuleCreateOptions } from './shared';
 
-import type { FirewallOptionItem } from '../../shared';
 import type {
+  FirewallCreateEntityType,
   FirewallRuleDrawerProps,
+  FormRuleSetState,
   FormState,
 } from './FirewallRuleDrawer.types';
 import type {
@@ -32,6 +42,17 @@ export const FirewallRuleDrawer = React.memo(
   (props: FirewallRuleDrawerProps) => {
     const { category, isOpen, mode, onClose, ruleToModify } = props;
 
+    const { isFirewallRulesetsPrefixlistsEnabled } =
+      useIsFirewallRulesetsPrefixlistsEnabled();
+
+    /**
+     * State for the type of entity being created: either a firewall 'rule' or
+     * referencing an existing 'ruleset' in the firewall.
+     * Only relevant when `mode === 'create'`.
+     */
+    const [createEntityType, setCreateEntityType] =
+      React.useState<FirewallCreateEntityType>('rule');
+
     // Custom IPs are tracked separately from the form. The <MultipleIPs />
     // component consumes this state. We use this on form submission if the
     // `addresses` form value is "ip/netmask", which indicates the user has
@@ -45,9 +66,9 @@ export const FirewallRuleDrawer = React.memo(
       FirewallOptionItem<string>[]
     >([]);
 
-    // Reset state. If we're in EDIT mode, set IPs to the addresses of the rule we're modifying
-    // (along with any errors we may have).
     React.useEffect(() => {
+      // Reset state. If we're in EDIT mode, set IPs to the addresses of the rule we're modifying
+      // (along with any errors we may have).
       if (mode === 'edit' && ruleToModify) {
         setIPs(getInitialIPs(ruleToModify));
         setPresetPorts(portStringToItems(ruleToModify.ports)[0]);
@@ -56,20 +77,30 @@ export const FirewallRuleDrawer = React.memo(
       } else {
         setIPs([{ address: '' }]);
       }
-    }, [mode, isOpen, ruleToModify]);
+
+      // Reset the Create entity selection to 'rule' in two cases:
+      // 1. The ruleset feature flag is disabled - 'ruleset' is not allowed.
+      // 2. The drawer is closed - ensures the next time it opens, it starts with the default 'rule' selection.
+      if (
+        mode === 'create' &&
+        (!isFirewallRulesetsPrefixlistsEnabled || !isOpen)
+      ) {
+        setCreateEntityType('rule');
+      }
+    }, [mode, isOpen, ruleToModify, isFirewallRulesetsPrefixlistsEnabled]);
 
     const title =
-      mode === 'create' ? `Add an ${capitalize(category)} Rule` : 'Edit Rule';
+      mode === 'create'
+        ? `Add an ${capitalize(category)} Rule${
+            isFirewallRulesetsPrefixlistsEnabled ? ' or Rule Set' : ''
+          }`
+        : 'Edit Rule';
 
     const addressesLabel = category === 'inbound' ? 'source' : 'destination';
 
-    const onValidate = ({
-      addresses,
-      description,
-      label,
-      ports,
-      protocol,
-    }: FormState) => {
+    const onValidateRule = (values: FormState) => {
+      const { addresses, description, label, ports, protocol } = values;
+
       // The validated IPs may have errors, so set them to state so we see the errors.
       const validatedIPs = validateIPs(ips, {
         allowEmptyAddress: addresses !== 'ip/netmask',
@@ -93,7 +124,7 @@ export const FirewallRuleDrawer = React.memo(
       };
     };
 
-    const onSubmit = (values: FormState) => {
+    const onSubmitRule = (values: FormState) => {
       const ports = itemsToPortString(presetPorts, values.ports!);
       const protocol = values.protocol as FirewallRuleProtocol;
       const addresses = formValueToIPs(values.addresses!, ips);
@@ -103,41 +134,125 @@ export const FirewallRuleDrawer = React.memo(
         addresses,
         ports,
         protocol,
+        label: values.label || null,
+        description: values.description || null,
       };
-
-      payload.label = values.label === '' ? null : values.label;
-      payload.description =
-        values.description === '' ? null : values.description;
-
       props.onSubmit(category, payload);
       onClose();
     };
 
+    const onValidateRuleSet = (values: FormRuleSetState) => {
+      const errors: Record<string, string> = {};
+      if (!values.ruleset || values.ruleset === -1) {
+        errors.ruleset = 'Rule Set is required.';
+      }
+      if (typeof values.ruleset !== 'number') {
+        errors.ruleset = 'Rule Set should be a number.';
+      }
+      return errors;
+    };
+
     return (
       <Drawer onClose={onClose} open={isOpen} title={title}>
-        <Formik
-          initialValues={getInitialFormValues(ruleToModify)}
-          onSubmit={onSubmit}
-          validate={onValidate}
-          validateOnBlur={false}
-          validateOnChange={false}
-        >
-          {(formikProps) => {
-            return (
-              <FirewallRuleForm
-                addressesLabel={addressesLabel}
-                category={category}
-                ips={ips}
-                mode={mode}
-                presetPorts={presetPorts}
-                ruleErrors={ruleToModify?.errors}
-                setIPs={setIPs}
-                setPresetPorts={setPresetPorts}
-                {...formikProps}
+        {mode === 'create' && isFirewallRulesetsPrefixlistsEnabled && (
+          <Grid container spacing={2}>
+            {firewallRuleCreateOptions.map((option) => (
+              <SelectionCard
+                checked={createEntityType === option.value}
+                gridSize={{
+                  md: 6,
+                  sm: 12,
+                  xs: 12,
+                }}
+                heading={option.label}
+                key={option.value}
+                onClick={() => setCreateEntityType(option.value)}
+                renderIcon={() => (
+                  <Radio checked={createEntityType === option.value} />
+                )}
+                subheadings={[]}
+                sxCardBase={(theme) => ({
+                  gap: 0,
+                  '& .cardSubheadingTitle': {
+                    fontSize: theme.tokens.font.FontSize.Xs,
+                  },
+                })}
+                sxCardBaseIcon={(theme) => ({
+                  svg: { fontSize: theme.tokens.font.FontSize.L },
+                })}
               />
-            );
-          }}
-        </Formik>
+            ))}
+          </Grid>
+        )}
+
+        {(mode === 'edit' || createEntityType === 'rule') && (
+          <Formik<FormState>
+            initialValues={getInitialFormValues(ruleToModify)}
+            onSubmit={onSubmitRule}
+            validate={onValidateRule}
+            validateOnBlur={false}
+            validateOnChange={false}
+          >
+            {(formikProps) => (
+              <>
+                {formikProps.status && (
+                  <Notice
+                    data-qa-error
+                    key={formikProps.status}
+                    text={formikProps.status.generalError}
+                    variant="error"
+                  />
+                )}
+                <FirewallRuleForm
+                  addressesLabel={addressesLabel}
+                  category={category}
+                  closeDrawer={onClose}
+                  ips={ips}
+                  mode={mode}
+                  presetPorts={presetPorts}
+                  ruleErrors={ruleToModify?.errors}
+                  setIPs={setIPs}
+                  setPresetPorts={setPresetPorts}
+                  {...formikProps}
+                />
+              </>
+            )}
+          </Formik>
+        )}
+
+        {mode === 'create' &&
+          createEntityType === 'ruleset' &&
+          isFirewallRulesetsPrefixlistsEnabled && (
+            <Formik<FormRuleSetState>
+              initialValues={{ ruleset: -1 }}
+              onSubmit={(values) => {
+                props.onSubmit(category, values);
+                onClose();
+              }}
+              validate={onValidateRuleSet}
+              validateOnBlur={true}
+              validateOnChange={true}
+            >
+              {(formikProps) => (
+                <>
+                  {formikProps.status && (
+                    <Notice
+                      data-qa-error
+                      key={formikProps.status}
+                      text={formikProps.status.generalError}
+                      variant="error"
+                    />
+                  )}
+                  <FirewallRuleSetForm
+                    category={category}
+                    closeDrawer={onClose}
+                    ruleErrors={ruleToModify?.errors}
+                    {...formikProps}
+                  />
+                </>
+              )}
+            </Formik>
+          )}
         <Typography variant="body1">
           Rule changes don&rsquo;t take effect immediately. You can add or
           delete rules before saving all your changes to this Firewall.

packages/manager/src/features/Firewalls/FirewallDetail/Rules/FirewallRuleDrawer.types.ts

@@ -29,13 +29,27 @@ export interface FormState {
   type: string;
 }
 
+export interface FormRuleSetState {
+  ruleset: number;
+}
+
+export type FirewallCreateEntityType = 'rule' | 'ruleset';
+
 export interface FirewallRuleFormProps extends FormikProps<FormState> {
   addressesLabel: string;
   category: Category;
+  closeDrawer: () => void;
   ips: ExtendedIP[];
   mode: FirewallRuleDrawerMode;
   presetPorts: FirewallOptionItem<string>[];
   ruleErrors?: FirewallRuleError[];
   setIPs: (ips: ExtendedIP[]) => void;
   setPresetPorts: (selected: FirewallOptionItem<string>[]) => void;
 }
+
+export interface FirewallRuleSetFormProps
+  extends FormikProps<FormRuleSetState> {
+  category: Category;
+  closeDrawer: () => void;
+  ruleErrors?: FirewallRuleError[];
+}