Skip to content

Improve Rancher create and edit #64

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
amstuta merged 2 commits into from
Oct 14, 2025
Merged

Improve Rancher create and edit #64

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
05f4f5e
feat: Update cloud_v2.json api-schema file
thcdrt Oct 10, 2025
d981c56
feat: Add Rancher edit iam-auth-enabled option and remove iprestrictions
thcdrt Oct 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions doc/ovhcloud_cloud_rancher_edit.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,11 @@ ovhcloud cloud rancher edit <rancher_id> [flags]
### Options

```
--editor Use a text editor to define parameters
-h, --help help for edit
--ip-restrictions stringArray List of IP restrictions (expected format: '<cidrBlock>,<description>')
--name string Name of the managed Rancher service
--plan string Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)
--version string Version of the managed Rancher service
-h, --help help for edit
--iam-auth-enabled Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access
--name string Name of the managed Rancher service
--plan string Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)
--version string Version of the managed Rancher service
```

### Options inherited from parent commands
Expand Down
54 changes: 52 additions & 2 deletions internal/assets/api-schemas/cloud_v2.json
View file
Open in desktop
Comment thread
thcdrt marked this conversation as resolved.
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,8 @@
"ERROR",
"PENDING",
"RUNNING",
"SCHEDULED"
"SCHEDULED",
"WAITING_USER_INPUT"
]
},
"common.Event": {
Expand Down Expand Up @@ -239,7 +240,8 @@
"ERROR",
"PENDING",
"RUNNING",
"SCHEDULED"
"SCHEDULED",
"WAITING_USER_INPUT"
]
},
"duration": {
Expand Down Expand Up @@ -831,6 +833,10 @@
"type": "object",
"description": "Target specification of the managed Rancher service",
"properties": {
"iamAuthEnabled": {
"type": "boolean",
"description": "Allows Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access"
},
"name": {
"type": "string",
"description": "Name of the managed Rancher service"
Expand Down Expand Up @@ -864,6 +870,12 @@
"format": "password",
"readOnly": true
},
"iamAuthEnabled": {
"type": "boolean",
"description": "Allows Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access",
"nullable": true,
"readOnly": true
},
"ipRestrictions": {
"type": "array",
"description": "List of allowed CIDR blocks for a managed Rancher service's IP restrictions. When empty, any IP is allowed",
Expand Down Expand Up @@ -933,6 +945,10 @@
"type": "object",
"description": "Target specification of the managed Rancher service",
"properties": {
"iamAuthEnabled": {
"type": "boolean",
"description": "Allows Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access"
},
"ipRestrictions": {
"type": "array",
"description": "List of allowed CIDR blocks for a managed Rancher service's IP restrictions. When empty, any IP is allowed",
Expand Down Expand Up @@ -1122,6 +1138,25 @@
"format": "time",
"example": "15:04:05"
}
},
"securitySchemes": {
"oAuth2AuthCode": {
"type": "oauth2",
"description": "Oauth2",
"x-client-id": "1bb9c7df371741c0",
"x-client-secret": "a5b4de870aca620d10fbf63cd18d205b",
"flows": {
"authorizationCode": {
"authorizationUrl": "https://www.ovh.com/auth/oauth2/authorize",
"tokenUrl": "https://www.ovh.com/auth/oauth2/token",
"scopes": {
"account/all": "Manage your account",
"all": "Manage your whole account and all your services",
"services/all": "Manage your services lifecycle and billing"
}
}
}
}
}
},
"paths": {
Expand Down Expand Up @@ -1391,6 +1426,7 @@
{
"createdAt": "2020-12-31T07:39:19Z",
"currentState": {
"iamAuthEnabled": false,
"ipRestrictions": [
{
"cidrBlock": "198.51.100.1/32",
Expand All @@ -1416,6 +1452,7 @@
"id": "d6b6579e-8d60-4487-bf08-8b4ddf98f7d3",
"resourceStatus": "READY",
"targetSpec": {
"iamAuthEnabled": false,
"ipRestrictions": [
{
"cidrBlock": "198.51.100.1/32",
Expand All @@ -1431,6 +1468,7 @@
{
"createdAt": "2020-12-31T13:37:46Z",
"currentState": {
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "rancher2",
"plan": "STANDARD",
Expand All @@ -1448,6 +1486,7 @@
"id": "222ce105-a3f7-44c4-a7d3-dbb5983c045d",
"resourceStatus": "UPDATING",
"targetSpec": {
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "rancher2",
"plan": "STANDARD",
Expand Down Expand Up @@ -1539,6 +1578,7 @@
"Create a STANDARD managed Rancher on the latest version": {
"value": {
"targetSpec": {
"iamAuthEnabled": false,
"name": "my_rancher",
"plan": "STANDARD"
}
Expand All @@ -1548,6 +1588,7 @@
"Create an OVHCLOUD_EDITION managed Rancher on a specific version": {
"value": {
"targetSpec": {
"iamAuthEnabled": false,
"name": "my_rancher",
"plan": "OVHCLOUD_EDITION",
"version": "1.0.0"
Expand All @@ -1573,6 +1614,7 @@
"createdAt": "2020-12-31T07:39:19Z",
"currentState": {
"bootstrapPassword": "jL%IctBOu)-$D@wa",
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "my_rancher",
"plan": "OVHCLOUD_EDITION",
Expand All @@ -1589,6 +1631,7 @@
"id": "d6b6579e-8d60-4487-bf08-8b4ddf98f7d3",
"resourceStatus": "CREATING",
"targetSpec": {
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "my_rancher",
"plan": "OVHCLOUD_EDITION",
Expand Down Expand Up @@ -1691,6 +1734,7 @@
"value": {
"createdAt": "2020-12-31T07:39:19Z",
"currentState": {
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "my_rancher",
"networking": {
Expand All @@ -1717,6 +1761,7 @@
"id": "d6b6579e-8d60-4487-bf08-8b4ddf98f7d3",
"resourceStatus": "DELETING",
"targetSpec": {
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "my_rancher",
"plan": "OVHCLOUD_EDITION",
Expand Down Expand Up @@ -1817,6 +1862,7 @@
"value": {
"createdAt": "2020-12-31T07:39:19Z",
"currentState": {
"iamAuthEnabled": false,
"ipRestrictions": [
{
"cidrBlock": "198.51.100.1/32",
Expand All @@ -1841,6 +1887,7 @@
"id": "d6b6579e-8d60-4487-bf08-8b4ddf98f7d3",
"resourceStatus": "READY",
"targetSpec": {
"iamAuthEnabled": false,
"ipRestrictions": [
{
"cidrBlock": "198.51.100.1/32",
Expand Down Expand Up @@ -1945,6 +1992,7 @@
"Update rancher to plan STANDARD": {
"value": {
"targetSpec": {
"iamAuthEnabled": false,
"name": "my_rancher",
"plan": "STANDARD",
"version": "1.0.0"
Expand All @@ -1969,6 +2017,7 @@
"value": {
"createdAt": "2020-12-31T07:39:19Z",
"currentState": {
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "my_rancher",
"networking": {
Expand All @@ -1995,6 +2044,7 @@
"id": "d6b6579e-8d60-4487-bf08-8b4ddf98f7d3",
"resourceStatus": "UPDATING",
"targetSpec": {
"iamAuthEnabled": false,
"ipRestrictions": [],
"name": "my_rancher",
"plan": "OVHCLOUD_EDITION",
Expand Down
47 changes: 34 additions & 13 deletions internal/cmd/cloud_rancher.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,18 +32,7 @@ func initCloudRancherCommand(cloudCmd *cobra.Command) {
Args: cobra.ExactArgs(1),
})

editRancherCmd := &cobra.Command{
Use: "edit <rancher_id>",
Short: "Edit the given Rancher service",
Run: cloud.EditRancher,
Args: cobra.ExactArgs(1),
}
editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Name, "name", "", "Name of the managed Rancher service")
editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Plan, "plan", "", "Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)")
editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Version, "version", "", "Version of the managed Rancher service")
editRancherCmd.Flags().StringArrayVar(&cloud.RancherSpec.TargetSpec.CLIIPRestrictions, "ip-restrictions", nil, "List of IP restrictions (expected format: '<cidrBlock>,<description>')")
addInteractiveEditorFlag(editRancherCmd)
rancherCmd.AddCommand(editRancherCmd)
rancherCmd.AddCommand(getRancherEditCmd())

rancherCmd.AddCommand(getRancherCreateCmd())

Expand All @@ -64,6 +53,38 @@ func initCloudRancherCommand(cloudCmd *cobra.Command) {
cloudCmd.AddCommand(rancherCmd)
}

func getRancherEditCmd() *cobra.Command {
editRancherCmd := &cobra.Command{
Use: "edit <rancher_id>",
Short: "Edit the given Rancher service",
Run: cloud.EditRancher,
Args: cobra.ExactArgs(1),
}

editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Name, "name", "", "Name of the managed Rancher service")
editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Plan, "plan", "", "Plan of the managed Rancher service (OVHCLOUD_EDITION, STANDARD)")
editRancherCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Version, "version", "", "Version of the managed Rancher service")

var iamAuthEnabled bool
editRancherCmd.Flags().BoolVar(&iamAuthEnabled, "iam-auth-enabled", false, "Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access")
cloud.RancherSpec.TargetSpec.IAMAuthEnabled = &iamAuthEnabled

// Handle optional iam-auth-enabled boolean
editRancherCmd.PreRunE = func(cmd *cobra.Command, args []string) error {
if cmd.Flags().Changed("iam-auth-enabled") {
cloud.RancherSpec.TargetSpec.IAMAuthEnabled = &iamAuthEnabled
} else {
cloud.RancherSpec.TargetSpec.IAMAuthEnabled = nil
}

return nil
}

addInteractiveEditorFlag(editRancherCmd)

return editRancherCmd
}

func getRancherCreateCmd() *cobra.Command {
rancherCreateCmd := &cobra.Command{
Use: "create",
Expand Down Expand Up @@ -112,7 +133,7 @@ There are three ways to define the creation parameters:
rancherCreateCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Name, "name", "", "Name of the managed Rancher service")
rancherCreateCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Plan, "plan", "", "Plan of the managed Rancher service (available plans can be listed using 'cloud reference rancher list-plans' command)")
rancherCreateCmd.Flags().StringVar(&cloud.RancherSpec.TargetSpec.Version, "version", "", "Version of the managed Rancher service (available versions can be listed using 'cloud reference rancher list-versions' command)")
rancherCreateCmd.Flags().BoolVar(&cloud.RancherSpec.TargetSpec.IAMAuthEnabled, "iam-auth-enabled", false, "Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access")
rancherCreateCmd.Flags().BoolVar(cloud.RancherSpec.TargetSpec.IAMAuthEnabled, "iam-auth-enabled", false, "Allow Rancher to use identities managed by OVHcloud IAM (Identity and Access Management) to control access")

// Common flags for other means to define parameters
addInitParameterFileFlag(rancherCreateCmd, assets.CloudV2OpenapiSchema, "/cloud/project/{serviceName}/rancher", "post", cloud.CloudRancherCreationExample, nil)
Expand Down
46 changes: 46 additions & 0 deletions internal/cmd/cloud_rancher_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmd(assert, require *td.T) {
tdhttpmock.JSONBody(td.JSON(`
{
"targetSpec": {
"iamAuthEnabled": false,
"name": "test-rancher",
"plan": "OVHCLOUD_EDITION",
"version": "2.11.3"
Expand All @@ -40,6 +41,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmdJSONFormat(assert, require *td.T)
tdhttpmock.JSONBody(td.JSON(`
{
"targetSpec": {
"iamAuthEnabled": false,
"name": "test-rancher",
"plan": "OVHCLOUD_EDITION",
"version": "2.11.3"
Expand All @@ -60,6 +62,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmdYAMLFormat(assert, require *td.T)
tdhttpmock.JSONBody(td.JSON(`
{
"targetSpec": {
"iamAuthEnabled": false,
"name": "test-rancher",
"plan": "OVHCLOUD_EDITION",
"version": "2.11.3"
Expand All @@ -83,6 +86,7 @@ func (ms *MockSuite) TestCloudRancherCreateCmdCustomFormat(assert, require *td.T
tdhttpmock.JSONBody(td.JSON(`
{
"targetSpec": {
"iamAuthEnabled": false,
"name": "test-rancher",
"plan": "OVHCLOUD_EDITION",
"version": "2.11.3"
Expand All @@ -108,3 +112,45 @@ func (ms *MockSuite) TestCloudRancherResetAdminCredentialsCmd(assert, require *t

assert.String(out, `✅ New Rancher service password for user admin: new-secret`)
}

func (ms *MockSuite) TestCloudRancherCreateCmdWithIamAuthEnabledTrue(assert, require *td.T) {
httpmock.RegisterMatcherResponder(http.MethodPost,
"https://eu.api.ovh.com/v2/publicCloud/project/fakeProjectID/rancher",
tdhttpmock.JSONBody(td.JSON(`
{
"targetSpec": {
"iamAuthEnabled": true,
"name": "test-rancher",
"plan": "OVHCLOUD_EDITION",
"version": "2.11.3"
}
}`),
),
httpmock.NewStringResponder(200, `{"id": "rancher-12345"}`),
)

out, err := cmd.Execute("cloud", "rancher", "create", "--cloud-project", "fakeProjectID", "--name", "test-rancher", "--plan", "OVHCLOUD_EDITION", "--version", "2.11.3", "--iam-auth-enabled=true")
require.CmpNoError(err)
assert.String(out, `✅ Rancher test-rancher created successfully (id: rancher-12345)`)
}

func (ms *MockSuite) TestCloudRancherCreateCmdWithIamAuthEnabledFalse(assert, require *td.T) {
httpmock.RegisterMatcherResponder(http.MethodPost,
"https://eu.api.ovh.com/v2/publicCloud/project/fakeProjectID/rancher",
tdhttpmock.JSONBody(td.JSON(`
{
"targetSpec": {
"iamAuthEnabled": false,
"name": "test-rancher",
"plan": "OVHCLOUD_EDITION",
"version": "2.11.3"
}
}`),
),
httpmock.NewStringResponder(200, `{"id": "rancher-12345"}`),
)

out, err := cmd.Execute("cloud", "rancher", "create", "--cloud-project", "fakeProjectID", "--name", "test-rancher", "--plan", "OVHCLOUD_EDITION", "--version", "2.11.3", "--iam-auth-enabled=false")
require.CmpNoError(err)
assert.String(out, `✅ Rancher test-rancher created successfully (id: rancher-12345)`)
}
Loading