feat(lb): add redirect acl (#2732)

Co-authored-by: Yacine Fodil <[email protected]>
Co-authored-by: Rémy Léone <[email protected]>

Author: 3 people

cmd/scw/testdata/test-all-usage-lbacl-create-usage.golden

@@ -8,7 +8,10 @@ USAGE:
 ARGS:
   frontend-id                         ID of your frontend
   name=<generated>                    Name of your ACL ressource
-  [action.type]                       The action type (allow | deny)
+  [action.type]                       The action type (allow | deny | redirect)
+  [action.redirect.type]              Redirect type (location | scheme)
+  [action.redirect.target]            Redirect target (target URL for `location`, or target `scheme`)
+  [action.redirect.code]              HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302
   [match.ip-subnet.{index}]           A list of IPs or CIDR v4/v6 addresses of the client of the session to match
   [match.http-filter]                 The HTTP filter to match (acl_http_filter_none | path_begin | path_end | regex | http_header_match)
   [match.http-filter-value.{index}]   A list of possible values to match for the given HTTP filter

cmd/scw/testdata/test-all-usage-lbacl-set-usage.golden

@@ -7,7 +7,10 @@ USAGE:
 
 ARGS:
   acls.{index}.name                                Name of your ACL resource
-  [acls.{index}.action.type]                       The action type (allow | deny)
+  [acls.{index}.action.type]                       The action type (allow | deny | redirect)
+  [acls.{index}.action.redirect.type]              Redirect type (location | scheme)
+  [acls.{index}.action.redirect.target]            Redirect target (target URL for `location`, or target `scheme`)
+  [acls.{index}.action.redirect.code]              HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302
   [acls.{index}.match.ip-subnet.{index}]           A list of IPs or CIDR v4/v6 addresses of the client of the session to match
   [acls.{index}.match.http-filter]                 The HTTP filter to match (acl_http_filter_none | path_begin | path_end | regex | http_header_match)
   [acls.{index}.match.http-filter-value.{index}]   A list of possible values to match for the given HTTP filter

cmd/scw/testdata/test-all-usage-lbacl-update-usage.golden

@@ -8,7 +8,10 @@ USAGE:
 ARGS:
   acl-id                              ID of your ACL ressource
   name                                Name of your ACL ressource
-  [action.type]                       The action type (allow | deny)
+  [action.type]                       The action type (allow | deny | redirect)
+  [action.redirect.type]              Redirect type (location | scheme)
+  [action.redirect.target]            Redirect target (target URL for `location`, or target `scheme`)
+  [action.redirect.code]              HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302
   [match.ip-subnet.{index}]           A list of IPs or CIDR v4/v6 addresses of the client of the session to match
   [match.http-filter]                 The HTTP filter to match (acl_http_filter_none | path_begin | path_end | regex | http_header_match)
   [match.http-filter-value.{index}]   A list of possible values to match for the given HTTP filter

docs/commands/lb.md

@@ -82,7 +82,10 @@ scw lb acl create [arg=value ...]
 |------|---|-------------|
 | frontend-id | Required | ID of your frontend |
 | name | Required<br />Default: `<generated>` | Name of your ACL ressource |
-| action.type | One of: `allow`, `deny` | The action type |
+| action.type | One of: `allow`, `deny`, `redirect` | The action type |
+| action.redirect.type | One of: `location`, `scheme` | Redirect type |
+| action.redirect.target |  | Redirect target (target URL for `location`, or target `scheme`) |
+| action.redirect.code |  | HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302 |
 | match.ip-subnet.{index} |  | A list of IPs or CIDR v4/v6 addresses of the client of the session to match |
 | match.http-filter | One of: `acl_http_filter_none`, `path_begin`, `path_end`, `regex`, `http_header_match` | The HTTP filter to match |
 | match.http-filter-value.{index} |  | A list of possible values to match for the given HTTP filter |
@@ -172,7 +175,10 @@ scw lb acl set [arg=value ...]
 | Name |   | Description |
 |------|---|-------------|
 | acls.{index}.name | Required | Name of your ACL resource |
-| acls.{index}.action.type | One of: `allow`, `deny` | The action type |
+| acls.{index}.action.type | One of: `allow`, `deny`, `redirect` | The action type |
+| acls.{index}.action.redirect.type | One of: `location`, `scheme` | Redirect type |
+| acls.{index}.action.redirect.target |  | Redirect target (target URL for `location`, or target `scheme`) |
+| acls.{index}.action.redirect.code |  | HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302 |
 | acls.{index}.match.ip-subnet.{index} |  | A list of IPs or CIDR v4/v6 addresses of the client of the session to match |
 | acls.{index}.match.http-filter | One of: `acl_http_filter_none`, `path_begin`, `path_end`, `regex`, `http_header_match` | The HTTP filter to match |
 | acls.{index}.match.http-filter-value.{index} |  | A list of possible values to match for the given HTTP filter |
@@ -202,7 +208,10 @@ scw lb acl update <acl-id ...> [arg=value ...]
 |------|---|-------------|
 | acl-id | Required | ID of your ACL ressource |
 | name | Required | Name of your ACL ressource |
-| action.type | One of: `allow`, `deny` | The action type |
+| action.type | One of: `allow`, `deny`, `redirect` | The action type |
+| action.redirect.type | One of: `location`, `scheme` | Redirect type |
+| action.redirect.target |  | Redirect target (target URL for `location`, or target `scheme`) |
+| action.redirect.code |  | HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302 |
 | match.ip-subnet.{index} |  | A list of IPs or CIDR v4/v6 addresses of the client of the session to match |
 | match.http-filter | One of: `acl_http_filter_none`, `path_begin`, `path_end`, `regex`, `http_header_match` | The HTTP filter to match |
 | match.http-filter-value.{index} |  | A list of possible values to match for the given HTTP filter |

internal/namespaces/lb/v1/lb_cli.go

@@ -2030,7 +2030,29 @@ func lbACLCreate() *core.Command {
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
-				EnumValues: []string{"allow", "deny"},
+				EnumValues: []string{"allow", "deny", "redirect"},
+			},
+			{
+				Name:       "action.redirect.type",
+				Short:      `Redirect type`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+				EnumValues: []string{"location", "scheme"},
+			},
+			{
+				Name:       "action.redirect.target",
+				Short:      `Redirect target (target URL for ` + "`" + `location` + "`" + `, or target ` + "`" + `scheme` + "`" + `)`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "action.redirect.code",
+				Short:      `HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
 			},
 			{
 				Name:       "match.ip-subnet.{index}",
@@ -2155,7 +2177,29 @@ func lbACLUpdate() *core.Command {
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
-				EnumValues: []string{"allow", "deny"},
+				EnumValues: []string{"allow", "deny", "redirect"},
+			},
+			{
+				Name:       "action.redirect.type",
+				Short:      `Redirect type`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+				EnumValues: []string{"location", "scheme"},
+			},
+			{
+				Name:       "action.redirect.target",
+				Short:      `Redirect target (target URL for ` + "`" + `location` + "`" + `, or target ` + "`" + `scheme` + "`" + `)`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "action.redirect.code",
+				Short:      `HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
 			},
 			{
 				Name:       "match.ip-subnet.{index}",
@@ -2279,7 +2323,29 @@ func lbACLSet() *core.Command {
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
-				EnumValues: []string{"allow", "deny"},
+				EnumValues: []string{"allow", "deny", "redirect"},
+			},
+			{
+				Name:       "acls.{index}.action.redirect.type",
+				Short:      `Redirect type`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+				EnumValues: []string{"location", "scheme"},
+			},
+			{
+				Name:       "acls.{index}.action.redirect.target",
+				Short:      `Redirect target (target URL for ` + "`" + `location` + "`" + `, or target ` + "`" + `scheme` + "`" + `)`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "acls.{index}.action.redirect.code",
+				Short:      `HTTP redirect code to use. Valid values are 301, 302, 303, 307 and 308. Default value is 302`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
 			},
 			{
 				Name:       "acls.{index}.match.ip-subnet.{index}",