feat: Add Rancher edit iam-auth-enabled option and remove iprestrictions

thcdrt · thcdrt · commit d981c56e9040 · 2025-10-14T15:40:23.000+02:00
Signed-off-by: Thomas Coudert &lt;thomas.coudert@ovhcloud.com&gt;
diff --git a/doc/ovhcloud_cloud_rancher_edit.md b/doc/ovhcloud_cloud_rancher_edit.md
@@ -9,12 +9,11 @@ ovhcloud cloud rancher edit <rancher_id> [flags]
 ### Options
 
 ```
-      --editor                        Use a text editor to define parameters
-  -h, --help                          help for edit
-      --ip-restrictions stringArray   List of IP restrictions (expected format: '<cidrBlock>,<description>')
-      --name string                   Name of the managed Rancher service
-      --plan string                   Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)
-      --version string                Version of the managed Rancher service
+  -h, --help               help for edit
+      --iam-auth-enabled   Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access
+      --name string        Name of the managed Rancher service
+      --plan string        Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)
+      --version string     Version of the managed Rancher service
 ```
 
 ### Options inherited from parent commands
diff --git a/internal/cmd/cloud_rancher.go b/internal/cmd/cloud_rancher.go
@@ -32,18 +32,7 @@ func initCloudRancherCommand(cloudCmd *cobra.Command) {
 		Args:  cobra.ExactArgs(1),
 	})
 
-	editRancherCmd := &cobra.Command{
-		Use:   "edit <rancher_id>",
-		Short: "Edit the given Rancher service",
-		Run:   cloud.EditRancher,
-		Args:  cobra.ExactArgs(1),
-	}
-	editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Name, "name", "", "Name of the managed Rancher service")
-	editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Plan, "plan", "", "Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)")
-	editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Version, "version", "", "Version of the managed Rancher service")
-	editRancherCmd.Flags().StringArrayVar(&cloud.RancherSpec.TargetSpec.CLIIPRestrictions, "ip-restrictions", nil, "List of IP restrictions (expected format: '<cidrBlock>,<description>')")
-	addInteractiveEditorFlag(editRancherCmd)
-	rancherCmd.AddCommand(editRancherCmd)
+	rancherCmd.AddCommand(getRancherEditCmd())
 
 	rancherCmd.AddCommand(getRancherCreateCmd())
 
@@ -64,6 +53,38 @@ func initCloudRancherCommand(cloudCmd *cobra.Command) {
 	cloudCmd.AddCommand(rancherCmd)
 }
 
+func getRancherEditCmd() *cobra.Command {
+	editRancherCmd := &cobra.Command{
+		Use:   "edit <rancher_id>",
+		Short: "Edit the given Rancher service",
+		Run:   cloud.EditRancher,
+		Args:  cobra.ExactArgs(1),
+	}
+
+	editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Name, "name", "", "Name of the managed Rancher service")
+	editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Plan, "plan", "", "Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)")
+	editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Version, "version", "", "Version of the managed Rancher service")
+
+	var iamAuthEnabled bool
+	editRancherCmd.Flags().BoolVar(&iamAuthEnabled, "iam-auth-enabled", false, "Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access")
+	cloud.RancherSpec.TargetSpec.IAMAuthEnabled = &iamAuthEnabled
+
+	// Handle optional iam-auth-enabled boolean
+	editRancherCmd.PreRunE = func(cmd *cobra.Command, args []string) error {
+		if cmd.Flags().Changed("iam-auth-enabled") {
+			cloud.RancherSpec.TargetSpec.IAMAuthEnabled = &iamAuthEnabled
+		} else {
+			cloud.RancherSpec.TargetSpec.IAMAuthEnabled = nil
+		}
+
+		return nil
+	}
+
+	addInteractiveEditorFlag(editRancherCmd)
+
+	return editRancherCmd
+}
+
 func getRancherCreateCmd() *cobra.Command {
 	rancherCreateCmd := &cobra.Command{
 		Use:   "create",
@@ -112,7 +133,7 @@ There are three ways to define the creation parameters:
 	rancherCreateCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Name, "name", "", "Name of the managed Rancher service")
 	rancherCreateCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Plan, "plan", "", "Plan of the managed Rancher service (available plans can be listed using 'cloud reference rancher list-plans' command)")
 	rancherCreateCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Version, "version", "", "Version of the managed Rancher service (available versions can be listed using 'cloud reference rancher list-versions' command)")
-	rancherCreateCmd.Flags().BoolVar(&cloud.RancherSpec.TargetSpec.IAMAuthEnabled, "iam-auth-enabled", false, "Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access")
+	rancherCreateCmd.Flags().BoolVar(cloud.RancherSpec.TargetSpec.IAMAuthEnabled, "iam-auth-enabled", false, "Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access")
 
 	// Common flags for other means to define parameters
 	addInitParameterFileFlag(rancherCreateCmd, assets.CloudV2OpenapiSchema, "/cloud/project/{serviceName}/rancher", "post", cloud.CloudRancherCreationExample, nil)
diff --git a/internal/cmd/cloud_rancher_test.go b/internal/cmd/cloud_rancher_test.go
@@ -20,6 +20,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmd(assert, require *td.T) {
 		tdhttpmock.JSONBody(td.JSON(`
 			{
 				"targetSpec": {
+					"iamAuthEnabled": false,
 					"name": "test-rancher",
 					"plan": "OVHCLOUD_EDITION",
 					"version": "2.11.3"
@@ -40,6 +41,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmdJSONFormat(assert, require *td.T)
 		tdhttpmock.JSONBody(td.JSON(`
 			{
 				"targetSpec": {
+					"iamAuthEnabled": false,
 					"name": "test-rancher",
 					"plan": "OVHCLOUD_EDITION",
 					"version": "2.11.3"
@@ -60,6 +62,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmdYAMLFormat(assert, require *td.T)
 		tdhttpmock.JSONBody(td.JSON(`
 			{
 				"targetSpec": {
+					"iamAuthEnabled": false,
 					"name": "test-rancher",
 					"plan": "OVHCLOUD_EDITION",
 					"version": "2.11.3"
@@ -83,6 +86,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmdCustomFormat(assert, require *td.T
 		tdhttpmock.JSONBody(td.JSON(`
 			{
 				"targetSpec": {
+					"iamAuthEnabled": false,
 					"name": "test-rancher",
 					"plan": "OVHCLOUD_EDITION",
 					"version": "2.11.3"
@@ -108,3 +112,45 @@ func (ms *MockSuite) TestCloudRancherResetAdminCredentialsCmd(assert, require *t
 
 	assert.String(out, `✅ New Rancher service password for user admin: new-secret`)
 }
+
+func (ms *MockSuite) TestCloudRancherCreateCmdWithIamAuthEnabledTrue(assert, require *td.T) {
+	httpmock.RegisterMatcherResponder(http.MethodPost,
+		"https://eu.api.ovh.com/v2/publicCloud/project/fakeProjectID/rancher",
+		tdhttpmock.JSONBody(td.JSON(`
+			{
+				"targetSpec": {
+					"iamAuthEnabled": true,
+					"name": "test-rancher",
+					"plan": "OVHCLOUD_EDITION",
+					"version": "2.11.3"
+				}
+			}`),
+		),
+		httpmock.NewStringResponder(200, `{"id": "rancher-12345"}`),
+	)
+
+	out, err := cmd.Execute("cloud", "rancher", "create", "--cloud-project", "fakeProjectID", "--name", "test-rancher", "--plan", "OVHCLOUD_EDITION", "--version", "2.11.3", "--iam-auth-enabled=true")
+	require.CmpNoError(err)
+	assert.String(out, `✅ Rancher test-rancher created successfully (id: rancher-12345)`)
+}
+
+func (ms *MockSuite) TestCloudRancherCreateCmdWithIamAuthEnabledFalse(assert, require *td.T) {
+	httpmock.RegisterMatcherResponder(http.MethodPost,
+		"https://eu.api.ovh.com/v2/publicCloud/project/fakeProjectID/rancher",
+		tdhttpmock.JSONBody(td.JSON(`
+			{
+				"targetSpec": {
+					"iamAuthEnabled": false,
+					"name": "test-rancher",
+					"plan": "OVHCLOUD_EDITION",
+					"version": "2.11.3"
+				}
+			}`),
+		),
+		httpmock.NewStringResponder(200, `{"id": "rancher-12345"}`),
+	)
+
+	out, err := cmd.Execute("cloud", "rancher", "create", "--cloud-project", "fakeProjectID", "--name", "test-rancher", "--plan", "OVHCLOUD_EDITION", "--version", "2.11.3", "--iam-auth-enabled=false")
+	require.CmpNoError(err)
+	assert.String(out, `✅ Rancher test-rancher created successfully (id: rancher-12345)`)
+}
diff --git a/internal/services/cloud/cloud_rancher.go b/internal/services/cloud/cloud_rancher.go
@@ -8,7 +8,6 @@ import (
 	_ "embed"
 	"fmt"
 	"net/url"
-	"strings"
 
 	"github.com/ovh/ovhcloud-cli/internal/assets"
 	"github.com/ovh/ovhcloud-cli/internal/display"
@@ -29,21 +28,21 @@ var (
 
 	RancherSpec struct {
 		TargetSpec struct {
-			IAMAuthEnabled    bool                   `json:"iamAuthEnabled,omitempty"`
-			Name              string                 `json:"name,omitempty"`
-			Plan              string                 `json:"plan,omitempty"`
-			Version           string                 `json:"version,omitempty"`
-			IPRestrictions    []rancherIPRestriction `json:"ipRestrictions,omitempty"`
-			CLIIPRestrictions []string               `json:"-"`
+			IAMAuthEnabled *bool  `json:"iamAuthEnabled,omitempty"`
+			Name           string `json:"name,omitempty"`
+			Plan           string `json:"plan,omitempty"`
+			Version        string `json:"version,omitempty"`
+			// IPRestrictions    []rancherIPRestriction `json:"ipRestrictions,omitempty"`
+			// CLIIPRestrictions []string               `json:"-"`
 		} `json:"targetSpec"`
 	}
 )
 
 type (
-	rancherIPRestriction struct {
-		CIDRBlock   string `json:"cidrBlock"`
-		Description string `json:"description"`
-	}
+	//type rancherIPRestriction struct {
+	//	CIDRBlock   string `json:"cidrBlock"`
+	//	Description string `json:"description"`
+	//}
 
 	rancherUser struct {
 		Username string `json:"username"`
@@ -72,17 +71,17 @@ func GetRancher(_ *cobra.Command, args []string) {
 }
 
 func EditRancher(cmd *cobra.Command, args []string) {
-	for _, ipRestriction := range RancherSpec.TargetSpec.CLIIPRestrictions {
-		parts := strings.Split(ipRestriction, ",")
-		if len(parts) != 2 {
-			display.OutputError(&flags.OutputFormatConfig, "Invalid IP restriction format: %s. Expected format: '<cidrBlock>,<description>'", ipRestriction)
-			return
-		}
-		RancherSpec.TargetSpec.IPRestrictions = append(RancherSpec.TargetSpec.IPRestrictions, rancherIPRestriction{
-			CIDRBlock:   parts[0],
-			Description: parts[1],
-		})
-	}
+	//for _, ipRestriction := range RancherSpec.TargetSpec.CLIIPRestrictions {
+	//	parts := strings.Split(ipRestriction, ",")
+	//	if len(parts) != 2 {
+	//		display.OutputError(&flags.OutputFormatConfig, "Invalid IP restriction format: %s. Expected format: '<cidrBlock>,<description>'", ipRestriction)
+	//		return
+	//	}
+	//	RancherSpec.TargetSpec.IPRestrictions = append(RancherSpec.TargetSpec.IPRestrictions, rancherIPRestriction{
+	//		CIDRBlock:   parts[0],
+	//		Description: parts[1],
+	//	})
+	//}
 
 	projectID, err := getConfiguredCloudProject()
 	if err != nil {
