feat(rdb): ipam config for private endpoints (#3521)

Author: Mia-Cross

cmd/scw/testdata/test-all-usage-rdb-instance-create-usage.golden

@@ -20,6 +20,7 @@ ARGS:
   [init-settings.{index}.value]                                 
   [volume-type]                                                 Type of volume where data is stored (lssd, bssd, ...) (lssd | bssd | sbs_5k | sbs_15k)
   [volume-size]                                                 Volume size when volume_type is not lssd
+  [init-endpoints.{index}.private-network.enable-ipam=false]    Will configure your Private Network endpoint with Scaleway IPAM service if true
   [init-endpoints.{index}.private-network.private-network-id]   UUID of the Private Network to be connected to the Database Instance
   [init-endpoints.{index}.private-network.service-ip]           Endpoint IPv4 address with a CIDR notation. Refer to the official Scaleway documentation to learn more about IP and subnet limitations.
   [backup-same-region]                                          Defines whether to or not to store logical backups in the same region as the Database Instance

cmd/scw/testdata/test-all-usage-rdb-instance-delete-usage.golden

@@ -11,6 +11,7 @@ ARGS:
 
 FLAGS:
   -h, --help   help for delete
+  -w, --wait   wait until the instance is ready
 
 GLOBAL FLAGS:
   -c, --config string    The path to the config file

docs/commands/rdb.md

@@ -692,6 +692,7 @@ scw rdb instance create [arg=value ...]
 | init-settings.{index}.value |  |  |
 | volume-type | One of: `lssd`, `bssd`, `sbs_5k`, `sbs_15k` | Type of volume where data is stored (lssd, bssd, ...) |
 | volume-size |  | Volume size when volume_type is not lssd |
+| init-endpoints.{index}.private-network.enable-ipam | Default: `false` | Will configure your Private Network endpoint with Scaleway IPAM service if true |
 | init-endpoints.{index}.private-network.private-network-id |  | UUID of the Private Network to be connected to the Database Instance |
 | init-endpoints.{index}.private-network.service-ip |  | Endpoint IPv4 address with a CIDR notation. Refer to the official Scaleway documentation to learn more about IP and subnet limitations. |
 | backup-same-region |  | Defines whether to or not to store logical backups in the same region as the Database Instance |

internal/namespaces/rdb/v1/custom.go

@@ -39,6 +39,7 @@ func GetCommands() *core.Commands {
 	cmds.MustFind("rdb", "instance", "upgrade").Override(instanceUpgradeBuilder)
 	cmds.MustFind("rdb", "instance", "update").Override(instanceUpdateBuilder)
 	cmds.MustFind("rdb", "instance", "get").Override(instanceGetBuilder)
+	cmds.MustFind("rdb", "instance", "delete").Override(instanceDeleteBuilder)
 
 	cmds.MustFind("rdb", "engine", "list").Override(engineListBuilder)
 

internal/namespaces/rdb/v1/custom_instance.go

@@ -2,7 +2,9 @@ package rdb
 
 import (
 	"context"
+	"errors"
 	"fmt"
+	"net/http"
 	"os"
 	"os/exec"
 	"path"
@@ -190,11 +192,27 @@ func autoCompleteNodeType(ctx context.Context, prefix string) core.AutocompleteS
 }
 
 func instanceCreateBuilder(c *core.Command) *core.Command {
+	type rdbEndpointSpecPrivateNetworkCustom struct {
+		*rdb.EndpointSpecPrivateNetwork
+		EnableIpam bool `json:"enable-ipam"`
+	}
+
+	type rdbEndpointSpecCustom struct {
+		PrivateNetwork *rdbEndpointSpecPrivateNetworkCustom `json:"private-network"`
+	}
+
 	type rdbCreateInstanceRequestCustom struct {
 		*rdb.CreateInstanceRequest
+		InitEndpoints    []*rdbEndpointSpecCustom `json:"init-endpoints"`
 		GeneratePassword bool
 	}
 
+	c.ArgSpecs.AddBefore("init-endpoints.{index}.private-network.private-network-id", &core.ArgSpec{
+		Name:     "init-endpoints.{index}.private-network.enable-ipam",
+		Short:    "Will configure your Private Network endpoint with Scaleway IPAM service if true",
+		Required: false,
+		Default:  core.DefaultValueSetter("false"),
+	})
 	c.ArgSpecs.AddBefore("password", &core.ArgSpec{
 		Name:       "generate-password",
 		Short:      `Will generate a 21 character-length password that contains a mix of upper/lower case letters, numbers and special symbols`,
@@ -247,6 +265,23 @@ func instanceCreateBuilder(c *core.Command) *core.Command {
 			fmt.Printf("\n")
 		}
 
+		for _, customEndpoint := range customRequest.InitEndpoints {
+			if customEndpoint.PrivateNetwork == nil {
+				continue
+			}
+			ipamConfig := &rdb.EndpointSpecPrivateNetworkIpamConfig{}
+			if !customEndpoint.PrivateNetwork.EnableIpam {
+				ipamConfig = nil
+			}
+			createInstanceRequest.InitEndpoints = append(createInstanceRequest.InitEndpoints, &rdb.EndpointSpec{
+				PrivateNetwork: &rdb.EndpointSpecPrivateNetwork{
+					PrivateNetworkID: customEndpoint.PrivateNetwork.PrivateNetworkID,
+					ServiceIP:        customEndpoint.PrivateNetwork.ServiceIP,
+					IpamConfig:       ipamConfig,
+				},
+			})
+		}
+
 		instance, err := api.CreateInstance(createInstanceRequest)
 		if err != nil {
 			return nil, err
@@ -512,6 +547,29 @@ func instanceUpdateBuilder(_ *core.Command) *core.Command {
 	}
 }
 
+func instanceDeleteBuilder(c *core.Command) *core.Command {
+	c.WaitFunc = func(ctx context.Context, argsI, respI interface{}) (interface{}, error) {
+		api := rdb.NewAPI(core.ExtractClient(ctx))
+		instance, err := api.WaitForInstance(&rdb.WaitForInstanceRequest{
+			InstanceID:    respI.(*rdb.Instance).ID,
+			Region:        respI.(*rdb.Instance).Region,
+			Timeout:       scw.TimeDurationPtr(instanceActionTimeout),
+			RetryInterval: core.DefaultRetryInterval,
+		})
+		if err != nil {
+			// if we get a 404 here, it means the resource was successfully deleted
+			notFoundError := &scw.ResourceNotFoundError{}
+			responseError := &scw.ResponseError{}
+			if errors.As(err, &responseError) && responseError.StatusCode == http.StatusNotFound || errors.As(err, &notFoundError) {
+				return instance, nil
+			}
+			return nil, err
+		}
+		return instance, nil
+	}
+	return c
+}
+
 func instanceWaitCommand() *core.Command {
 	return &core.Command{
 		Short:     `Wait for an instance to reach a stable state`,

internal/namespaces/rdb/v1/custom_instance_test.go

@@ -6,7 +6,16 @@ import (
 
 	"github.com/alecthomas/assert"
 	"github.com/scaleway/scaleway-cli/v2/internal/core"
+	"github.com/scaleway/scaleway-cli/v2/internal/namespaces/vpc/v2"
+	"github.com/scaleway/scaleway-sdk-go/api/ipam/v1"
 	"github.com/scaleway/scaleway-sdk-go/api/rdb/v1"
+	"github.com/scaleway/scaleway-sdk-go/scw"
+)
+
+const (
+	publicEndpoint        = "public"
+	privateEndpointIpam   = "private IPAM"
+	privateEndpointStatic = "private static"
 )
 
 func Test_ListInstance(t *testing.T) {
@@ -31,19 +40,72 @@ func Test_CloneInstance(t *testing.T) {
 
 func Test_CreateInstance(t *testing.T) {
 	t.Run("Simple", core.Test(&core.TestConfig{
-		Commands:  GetCommands(),
-		Cmd:       fmt.Sprintf("scw rdb instance create node-type=DB-DEV-S is-ha-cluster=false name=%s engine=%s user-name=%s password=%s --wait", name, engine, user, password),
-		Check:     core.TestCheckGolden(),
+		Commands: GetCommands(),
+		Cmd:      fmt.Sprintf("scw rdb instance create node-type=DB-DEV-S is-ha-cluster=false name=%s engine=%s user-name=%s password=%s --wait", name, engine, user, password),
+		Check: core.TestCheckCombine(
+			core.TestCheckGolden(),
+			func(t *testing.T, ctx *core.CheckFuncCtx) {
+				checkEndpoints(ctx, t, []string{publicEndpoint})
+			},
+		),
 		AfterFunc: core.ExecAfterCmd("scw rdb instance delete {{ .CmdResult.ID }}"),
 	}))
 
 	t.Run("With password generator", core.Test(&core.TestConfig{
 		Commands: GetCommands(),
 		Cmd:      fmt.Sprintf("scw rdb instance create node-type=DB-DEV-S is-ha-cluster=false name=%s engine=%s user-name=%s generate-password=true --wait", name, engine, user),
 		// do not check the golden as the password generated locally and on CI will necessarily be different
-		Check:     core.TestCheckExitCode(0),
+		Check: core.TestCheckCombine(
+			core.TestCheckExitCode(0),
+			func(t *testing.T, ctx *core.CheckFuncCtx) {
+				checkEndpoints(ctx, t, []string{publicEndpoint})
+			},
+		),
 		AfterFunc: core.ExecAfterCmd("scw rdb instance delete {{ .CmdResult.ID }}"),
 	}))
+
+	cmds := GetCommands()
+	cmds.Merge(vpc.GetCommands())
+
+	t.Run("With static private endpoint", core.Test(&core.TestConfig{
+		Commands: cmds,
+		BeforeFunc: core.BeforeFuncCombine(
+			core.ExecStoreBeforeCmd("PrivateNetwork", "scw vpc private-network create"),
+		),
+		Cmd: fmt.Sprintf("scw rdb instance create node-type=DB-DEV-S is-ha-cluster=false name=%s engine=%s "+
+			"user-name=%s password=%s init-endpoints.0.private-network.private-network-id={{ .PrivateNetwork.ID }} "+
+			"init-endpoints.0.private-network.service-ip=172.16.4.1/22 --wait", name, engine, user, password),
+		Check: core.TestCheckCombine(
+			core.TestCheckGolden(),
+			func(t *testing.T, ctx *core.CheckFuncCtx) {
+				checkEndpoints(ctx, t, []string{publicEndpoint, privateEndpointStatic})
+			},
+		),
+		AfterFunc: core.AfterFuncCombine(
+			core.ExecAfterCmd("scw rdb instance delete {{ .CmdResult.ID }} --wait"),
+			deletePrivateNetwork("PrivateNetwork"),
+		),
+	}))
+
+	t.Run("With IPAM private endpoint", core.Test(&core.TestConfig{
+		Commands: cmds,
+		BeforeFunc: core.BeforeFuncCombine(
+			core.ExecStoreBeforeCmd("PrivateNetwork", "scw vpc private-network create"),
+		),
+		Cmd: fmt.Sprintf("scw rdb instance create node-type=DB-DEV-S is-ha-cluster=false name=%s engine=%s "+
+			"user-name=%s password=%s init-endpoints.0.private-network.private-network-id={{ .PrivateNetwork.ID }} "+
+			"init-endpoints.0.private-network.enable-ipam=true --wait", name, engine, user, password),
+		Check: core.TestCheckCombine(
+			core.TestCheckGolden(),
+			func(t *testing.T, ctx *core.CheckFuncCtx) {
+				checkEndpoints(ctx, t, []string{publicEndpoint, privateEndpointIpam})
+			},
+		),
+		AfterFunc: core.AfterFuncCombine(
+			core.ExecAfterCmd("scw rdb instance delete {{ .CmdResult.ID }} --wait"),
+			deletePrivateNetwork("PrivateNetwork"),
+		),
+	}))
 }
 
 func Test_GetInstance(t *testing.T) {
@@ -204,3 +266,53 @@ func Test_Connect(t *testing.T) {
 		AfterFunc:    deleteInstance(),
 	}))
 }
+
+func deletePrivateNetwork(metaName string) core.AfterFunc {
+	return core.ExecAfterCmd(fmt.Sprintf("scw vpc private-network delete {{ .%s.ID }}", metaName))
+}
+
+func checkEndpoints(ctx *core.CheckFuncCtx, t *testing.T, expected []string) {
+	instance := ctx.Result.(createInstanceResult).Instance
+	ipamAPI := ipam.NewAPI(ctx.Client)
+	var foundEndpoints = map[string]bool{}
+
+	for _, endpoint := range instance.Endpoints {
+		if endpoint.LoadBalancer != nil {
+			foundEndpoints[publicEndpoint] = true
+		}
+		if endpoint.PrivateNetwork != nil {
+			ips, err := ipamAPI.ListIPs(&ipam.ListIPsRequest{
+				Region:       instance.Region,
+				ResourceID:   &instance.ID,
+				ResourceType: "rdb_instance",
+				IsIPv6:       scw.BoolPtr(false),
+			}, scw.WithAllPages())
+			if err != nil {
+				t.Errorf("could not list IPs: %v", err)
+			}
+			switch ips.TotalCount {
+			case 1:
+				foundEndpoints[privateEndpointIpam] = true
+			case 0:
+				foundEndpoints[privateEndpointStatic] = true
+			default:
+				t.Errorf("expected no more than 1 IP for instance, got %d", ips.TotalCount)
+			}
+		}
+	}
+
+	// Check that every expected endpoint got found
+	for _, e := range expected {
+		_, ok := foundEndpoints[e]
+		if !ok {
+			t.Errorf("expected a %s endpoint but got none", e)
+		}
+		delete(foundEndpoints, e)
+	}
+	// Check that no unexpected endpoint was found
+	if len(foundEndpoints) > 0 {
+		for e := range foundEndpoints {
+			t.Errorf("found a %s endpoint when none was expected", e)
+		}
+	}
+}