diff --git a/.gitignore b/.gitignore index 6a5e675f8d..15ab19162a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ /dist/ /docs/ /legal/ +/mock-test/ /prebuilt/ /test/bin/ /test/coverage/ diff --git a/go.mod b/go.mod index 478b6fc4d1..93fd918970 100644 --- a/go.mod +++ b/go.mod @@ -40,7 +40,7 @@ require ( github.com/confluentinc/ccloud-sdk-go-v2/mds v0.4.0 github.com/confluentinc/ccloud-sdk-go-v2/metrics v0.2.0 github.com/confluentinc/ccloud-sdk-go-v2/networking v0.14.0 - github.com/confluentinc/ccloud-sdk-go-v2/networking-access-point v0.9.0 + github.com/confluentinc/ccloud-sdk-go-v2/networking-access-point v0.8.0 github.com/confluentinc/ccloud-sdk-go-v2/networking-dnsforwarder v0.4.0 github.com/confluentinc/ccloud-sdk-go-v2/networking-gateway v0.5.0 github.com/confluentinc/ccloud-sdk-go-v2/networking-ip v0.2.0 @@ -288,3 +288,8 @@ require ( sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) + +replace ( + github.com/confluentinc/ccloud-sdk-go-v2/networking-access-point => github.com/confluentinc/ccloud-sdk-go-v2-internal/networking-access-point v0.13.0 + github.com/confluentinc/ccloud-sdk-go-v2/networking-gateway => github.com/confluentinc/ccloud-sdk-go-v2-internal/networking-gateway v0.13.0 +) diff --git a/go.sum b/go.sum index c51ef6983b..720b0e5e64 100644 --- a/go.sum +++ b/go.sum @@ -188,6 +188,10 @@ github.com/compose-spec/compose-go/v2 v2.1.3 h1:bD67uqLuL/XgkAK6ir3xZvNLFPxPScEi github.com/compose-spec/compose-go/v2 v2.1.3/go.mod h1:lFN0DrMxIncJGYAXTfWuajfwj5haBJqrBkarHcnjJKc= github.com/confluentinc/ccloud-sdk-go-v1-public v0.0.0-20250521223017-0e8f6f971b52 h1:19qEGhkbZa5fopKCe0VPIV+Sasby4Pv10z9ZaktwWso= github.com/confluentinc/ccloud-sdk-go-v1-public v0.0.0-20250521223017-0e8f6f971b52/go.mod h1:62EMf+5uFEt1BJ2q8WMrUoI9VUSxAbDnmZCGRt/MbA0= +github.com/confluentinc/ccloud-sdk-go-v2-internal/networking-access-point v0.13.0 h1:crG9ZKL8WlY7fX1ooSsODyNKSLhWuOpvThQ/GYlDjK0= +github.com/confluentinc/ccloud-sdk-go-v2-internal/networking-access-point v0.13.0/go.mod h1:94S6dsLwNBa6zumSRQi81/aM750kLu+HJFXd4jcJz7A= +github.com/confluentinc/ccloud-sdk-go-v2-internal/networking-gateway v0.13.0 h1:RDHQh6GcaL6JrZock9jsPQCUiwHNNZBiJOrXt7/v2lw= +github.com/confluentinc/ccloud-sdk-go-v2-internal/networking-gateway v0.13.0/go.mod h1:xr1v1dpdLoFSozNL4Qiv4gNjVlaTgr7mBMVnfjtzdas= github.com/confluentinc/ccloud-sdk-go-v2/ai v0.1.0 h1:zSF4OQUJXWH2JeAo9rsq13ibk+JFdzITGR8S7cFMpzw= github.com/confluentinc/ccloud-sdk-go-v2/ai v0.1.0/go.mod h1:DoxqzzF3JzvJr3fWkvCiOHFlE0GoYpozWxFZ1Ud9ntA= github.com/confluentinc/ccloud-sdk-go-v2/apikeys v0.4.0 h1:8fWyLwMuy8ec0MVF5Avd54UvbIxhDFhZzanHBVwgxdw= @@ -238,12 +242,8 @@ github.com/confluentinc/ccloud-sdk-go-v2/metrics v0.2.0 h1:TWwZHdfo2XNKrnGOuxXx4 github.com/confluentinc/ccloud-sdk-go-v2/metrics v0.2.0/go.mod h1:odGsHChrn2l+jaOvx4Gib5//U4a3Id79wstQVkNh8v0= github.com/confluentinc/ccloud-sdk-go-v2/networking v0.14.0 h1:btDFGijvzpWaKLKztc7S9YenbtGTsHgjs4+fNuyYceI= github.com/confluentinc/ccloud-sdk-go-v2/networking v0.14.0/go.mod h1:6BDrwG6OfSnT++Yr3mXStvmy4Jb8uMtdfKK7sZO/X+M= -github.com/confluentinc/ccloud-sdk-go-v2/networking-access-point v0.9.0 h1:TxnANYua8aJaMakIa3yLO71SXXL91IZwzGsmCVC7bsw= -github.com/confluentinc/ccloud-sdk-go-v2/networking-access-point v0.9.0/go.mod h1:rjSoyola5PiBfQAx/u10VxFiLoatJ55fI/3bysXx9cw= github.com/confluentinc/ccloud-sdk-go-v2/networking-dnsforwarder v0.4.0 h1:LT8trYIkMZ7EFM7nZZOkmH12B7AgOEvZYZjw86nazD0= github.com/confluentinc/ccloud-sdk-go-v2/networking-dnsforwarder v0.4.0/go.mod h1:HPu3Cd7HQ2NdTeL6f3nvrsFB69N9yugB/W4qV8wqE/c= -github.com/confluentinc/ccloud-sdk-go-v2/networking-gateway v0.5.0 h1:POF4Kj6AZYNLlZtIhJVmVj078brMjVuZM7KwQuuG5ig= -github.com/confluentinc/ccloud-sdk-go-v2/networking-gateway v0.5.0/go.mod h1:tI3vZOd3u35cQQ/oO4+97ejQaohU+Y2Tq0GfIcjfmVQ= github.com/confluentinc/ccloud-sdk-go-v2/networking-ip v0.2.0 h1:ZHNF2DeqVlNPuKGZ41SBMLGj8GBlvvcwOPnfZLZXA/4= github.com/confluentinc/ccloud-sdk-go-v2/networking-ip v0.2.0/go.mod h1:KTShFBZA7WG8LcxlWjJpoZFdWkJ+uOw3dDuwAHs5eKU= github.com/confluentinc/ccloud-sdk-go-v2/networking-privatelink v0.3.0 h1:mC0E1nKUt57AxMM4Lpdfd+KA/YZwJVwro9ER+dCUFi8= diff --git a/internal/network/command_access_point_private_link_ingress_endpoint.go b/internal/network/command_access_point_private_link_ingress_endpoint.go index b675de2524..1f327377db 100644 --- a/internal/network/command_access_point_private_link_ingress_endpoint.go +++ b/internal/network/command_access_point_private_link_ingress_endpoint.go @@ -15,14 +15,19 @@ import ( ) type ingressEndpointOut struct { - Id string `human:"ID" serialized:"id"` - Name string `human:"Name,omitempty" serialized:"name,omitempty"` - Environment string `human:"Environment" serialized:"environment"` - Gateway string `human:"Gateway" serialized:"gateway"` - Phase string `human:"Phase" serialized:"phase"` - AwsVpcEndpointId string `human:"AWS VPC Endpoint ID,omitempty" serialized:"aws_vpc_endpoint_id,omitempty"` - AwsVpcEndpointServiceName string `human:"AWS VPC Endpoint Service Name,omitempty" serialized:"aws_vpc_endpoint_service_name,omitempty"` - DnsDomain string `human:"DNS Domain,omitempty" serialized:"dns_domain,omitempty"` + Id string `human:"ID" serialized:"id"` + Name string `human:"Name,omitempty" serialized:"name,omitempty"` + Environment string `human:"Environment" serialized:"environment"` + Gateway string `human:"Gateway" serialized:"gateway"` + Phase string `human:"Phase" serialized:"phase"` + AwsVpcEndpointId string `human:"AWS VPC Endpoint ID,omitempty" serialized:"aws_vpc_endpoint_id,omitempty"` + AwsVpcEndpointServiceName string `human:"AWS VPC Endpoint Service Name,omitempty" serialized:"aws_vpc_endpoint_service_name,omitempty"` + AzurePrivateLinkServiceAlias string `human:"Azure Private Link Service Alias,omitempty" serialized:"azure_private_link_service_alias,omitempty"` + AzurePrivateLinkServiceResourceId string `human:"Azure Private Link Service Resource ID,omitempty" serialized:"azure_private_link_service_resource_id,omitempty"` + AzurePrivateEndpointResourceId string `human:"Azure Private Endpoint Resource ID,omitempty" serialized:"azure_private_endpoint_resource_id,omitempty"` + GcpPrivateServiceConnectServiceAttachment string `human:"GCP PSC Service Attachment,omitempty" serialized:"gcp_private_service_connect_service_attachment,omitempty"` + GcpPrivateServiceConnectConnectionId string `human:"GCP PSC Connection ID,omitempty" serialized:"gcp_private_service_connect_connection_id,omitempty"` + DnsDomain string `human:"DNS Domain,omitempty" serialized:"dns_domain,omitempty"` } func (c *accessPointCommand) newIngressEndpointCommand(cfg *config.Config) *cobra.Command { @@ -68,7 +73,9 @@ func (c *accessPointCommand) autocompleteIngressEndpoints() []string { return nil } ingressEndpoints := slices.DeleteFunc(accessPoints, func(accessPoint networkingaccesspointv1.NetworkingV1AccessPoint) bool { - return accessPoint.Spec.GetConfig().NetworkingV1AwsIngressPrivateLinkEndpoint == nil + return accessPoint.Spec.GetConfig().NetworkingV1AwsIngressPrivateLinkEndpoint == nil && + accessPoint.Spec.GetConfig().NetworkingV1AzureIngressPrivateLinkEndpoint == nil && + accessPoint.Spec.GetConfig().NetworkingV1GcpIngressPrivateServiceConnectEndpoint == nil }) suggestions := make([]string, len(ingressEndpoints)) @@ -97,9 +104,20 @@ func printPrivateLinkIngressEndpointTable(cmd *cobra.Command, ingressEndpoint ne if ingressEndpoint.Status.Config != nil && ingressEndpoint.Status.Config.NetworkingV1AwsIngressPrivateLinkEndpointStatus != nil { out.AwsVpcEndpointId = ingressEndpoint.Status.Config.NetworkingV1AwsIngressPrivateLinkEndpointStatus.GetVpcEndpointId() out.AwsVpcEndpointServiceName = ingressEndpoint.Status.Config.NetworkingV1AwsIngressPrivateLinkEndpointStatus.GetVpcEndpointServiceName() - if ingressEndpoint.Status.Config.NetworkingV1AwsIngressPrivateLinkEndpointStatus.HasDnsDomain() { - out.DnsDomain = ingressEndpoint.Status.Config.NetworkingV1AwsIngressPrivateLinkEndpointStatus.GetDnsDomain() - } + out.DnsDomain = ingressEndpoint.Status.Config.NetworkingV1AwsIngressPrivateLinkEndpointStatus.GetDnsDomain() + } + + if ingressEndpoint.Status.Config != nil && ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus != nil { + out.AzurePrivateLinkServiceAlias = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetPrivateLinkServiceAlias() + out.AzurePrivateLinkServiceResourceId = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetPrivateLinkServiceResourceId() + out.AzurePrivateEndpointResourceId = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetPrivateEndpointResourceId() + out.DnsDomain = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetDnsDomain() + } + + if ingressEndpoint.Status.Config != nil && ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus != nil { + out.GcpPrivateServiceConnectServiceAttachment = ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus.GetPrivateServiceConnectServiceAttachment() + out.GcpPrivateServiceConnectConnectionId = ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus.GetPrivateServiceConnectConnectionId() + out.DnsDomain = ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus.GetDnsDomain() } table := output.NewTable(cmd) diff --git a/internal/network/command_access_point_private_link_ingress_endpoint_create.go b/internal/network/command_access_point_private_link_ingress_endpoint_create.go index 360ec464a7..70ea3dceb2 100644 --- a/internal/network/command_access_point_private_link_ingress_endpoint_create.go +++ b/internal/network/command_access_point_private_link_ingress_endpoint_create.go @@ -24,11 +24,21 @@ func (c *accessPointCommand) newIngressEndpointCreateCommand() *cobra.Command { Text: "Create an AWS PrivateLink ingress endpoint.", Code: "confluent network access-point private-link ingress-endpoint create --cloud aws --gateway gw-123456 --vpc-endpoint-id vpce-00000000000000000", }, + examples.Example{ + Text: "Create an Azure Private Link ingress endpoint.", + Code: "confluent network access-point private-link ingress-endpoint create --cloud azure --gateway gw-123456 --private-endpoint-resource-id /subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName", + }, + examples.Example{ + Text: "Create a GCP Private Service Connect ingress endpoint.", + Code: "confluent network access-point private-link ingress-endpoint create --cloud gcp --gateway gw-123456 --private-service-connect-connection-id 111111111111111111", + }, ), } - pcmd.AddCloudAwsFlag(cmd) + pcmd.AddCloudFlag(cmd) cmd.Flags().String("vpc-endpoint-id", "", "ID of an AWS VPC endpoint.") + cmd.Flags().String("private-endpoint-resource-id", "", "Resource ID of an Azure Private Endpoint.") + cmd.Flags().String("private-service-connect-connection-id", "", "ID of a GCP Private Service Connect connection.") addGatewayFlag(cmd, c.AuthenticatedCLICommand) pcmd.AddContextFlag(cmd, c.CLICommand) pcmd.AddEnvironmentFlag(cmd, c.AuthenticatedCLICommand) @@ -36,7 +46,7 @@ func (c *accessPointCommand) newIngressEndpointCreateCommand() *cobra.Command { cobra.CheckErr(cmd.MarkFlagRequired("cloud")) cobra.CheckErr(cmd.MarkFlagRequired("gateway")) - cobra.CheckErr(cmd.MarkFlagRequired("vpc-endpoint-id")) + cmd.MarkFlagsMutuallyExclusive("vpc-endpoint-id", "private-endpoint-resource-id", "private-service-connect-connection-id") return cmd } @@ -63,6 +73,16 @@ func (c *accessPointCommand) createIngressEndpoint(cmd *cobra.Command, args []st return err } + privateEndpointResourceId, err := cmd.Flags().GetString("private-endpoint-resource-id") + if err != nil { + return err + } + + privateServiceConnectConnectionId, err := cmd.Flags().GetString("private-service-connect-connection-id") + if err != nil { + return err + } + environmentId, err := c.Context.EnvironmentId() if err != nil { return err @@ -81,14 +101,46 @@ func (c *accessPointCommand) createIngressEndpoint(cmd *cobra.Command, args []st switch cloud { case pcloud.Aws: + if vpcEndpointId == "" { + return fmt.Errorf("flag \"vpc-endpoint-id\" is required for --cloud aws") + } + if privateEndpointResourceId != "" || privateServiceConnectConnectionId != "" { + return fmt.Errorf("\"--private-endpoint-resource-id\" and \"--private-service-connect-connection-id\" are not valid for --cloud aws; use \"--vpc-endpoint-id\"") + } createIngressEndpoint.Spec.Config = &networkingaccesspointv1.NetworkingV1AccessPointSpecConfigOneOf{ NetworkingV1AwsIngressPrivateLinkEndpoint: &networkingaccesspointv1.NetworkingV1AwsIngressPrivateLinkEndpoint{ Kind: "AwsIngressPrivateLinkEndpoint", VpcEndpointId: vpcEndpointId, }, } + case pcloud.Azure: + if privateEndpointResourceId == "" { + return fmt.Errorf("flag \"private-endpoint-resource-id\" is required for --cloud azure") + } + if vpcEndpointId != "" || privateServiceConnectConnectionId != "" { + return fmt.Errorf("\"--vpc-endpoint-id\" and \"--private-service-connect-connection-id\" are not valid for --cloud azure; use \"--private-endpoint-resource-id\"") + } + createIngressEndpoint.Spec.Config = &networkingaccesspointv1.NetworkingV1AccessPointSpecConfigOneOf{ + NetworkingV1AzureIngressPrivateLinkEndpoint: &networkingaccesspointv1.NetworkingV1AzureIngressPrivateLinkEndpoint{ + Kind: "AzureIngressPrivateLinkEndpoint", + PrivateEndpointResourceId: privateEndpointResourceId, + }, + } + case pcloud.Gcp: + if privateServiceConnectConnectionId == "" { + return fmt.Errorf("flag \"private-service-connect-connection-id\" is required for --cloud gcp") + } + if vpcEndpointId != "" || privateEndpointResourceId != "" { + return fmt.Errorf("\"--vpc-endpoint-id\" and \"--private-endpoint-resource-id\" are not valid for --cloud gcp; use \"--private-service-connect-connection-id\"") + } + createIngressEndpoint.Spec.Config = &networkingaccesspointv1.NetworkingV1AccessPointSpecConfigOneOf{ + NetworkingV1GcpIngressPrivateServiceConnectEndpoint: &networkingaccesspointv1.NetworkingV1GcpIngressPrivateServiceConnectEndpoint{ + Kind: "GcpIngressPrivateServiceConnectEndpoint", + PrivateServiceConnectConnectionId: privateServiceConnectConnectionId, + }, + } default: - return fmt.Errorf("ingress endpoints are only supported for AWS") + return fmt.Errorf("ingress endpoints are only supported for AWS, Azure, and GCP") } ingressEndpoint, err := c.V2Client.CreateNetworkAccessPoint(createIngressEndpoint) diff --git a/internal/network/command_access_point_private_link_ingress_endpoint_list.go b/internal/network/command_access_point_private_link_ingress_endpoint_list.go index e2b1cb3eb2..005d93aaba 100644 --- a/internal/network/command_access_point_private_link_ingress_endpoint_list.go +++ b/internal/network/command_access_point_private_link_ingress_endpoint_list.go @@ -47,7 +47,9 @@ func (c *accessPointCommand) listIngressEndpoint(cmd *cobra.Command, _ []string) if ingressEndpoint.Spec == nil { return fmt.Errorf(errors.CorruptedNetworkResponseErrorMsg, "spec") } - if ingressEndpoint.Spec.GetConfig().NetworkingV1AwsIngressPrivateLinkEndpoint == nil { + if ingressEndpoint.Spec.GetConfig().NetworkingV1AwsIngressPrivateLinkEndpoint == nil && + ingressEndpoint.Spec.GetConfig().NetworkingV1AzureIngressPrivateLinkEndpoint == nil && + ingressEndpoint.Spec.GetConfig().NetworkingV1GcpIngressPrivateServiceConnectEndpoint == nil { continue } if ingressEndpoint.Status == nil { @@ -70,6 +72,23 @@ func (c *accessPointCommand) listIngressEndpoint(cmd *cobra.Command, _ []string) } } + if ingressEndpoint.Status.Config != nil && ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus != nil { + out.AzurePrivateLinkServiceAlias = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetPrivateLinkServiceAlias() + out.AzurePrivateLinkServiceResourceId = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetPrivateLinkServiceResourceId() + out.AzurePrivateEndpointResourceId = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetPrivateEndpointResourceId() + if ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.HasDnsDomain() { + out.DnsDomain = ingressEndpoint.Status.Config.NetworkingV1AzureIngressPrivateLinkEndpointStatus.GetDnsDomain() + } + } + + if ingressEndpoint.Status.Config != nil && ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus != nil { + out.GcpPrivateServiceConnectServiceAttachment = ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus.GetPrivateServiceConnectServiceAttachment() + out.GcpPrivateServiceConnectConnectionId = ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus.GetPrivateServiceConnectConnectionId() + if ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus.HasDnsDomain() { + out.DnsDomain = ingressEndpoint.Status.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus.GetDnsDomain() + } + } + list.Add(out) } diff --git a/internal/network/command_gateway.go b/internal/network/command_gateway.go index 8b2f8477b6..0206540285 100644 --- a/internal/network/command_gateway.go +++ b/internal/network/command_gateway.go @@ -17,42 +17,51 @@ import ( ) const ( - awsEgressPrivateLink = "AwsEgressPrivateLink" - awsIngressPrivateLink = "AwsIngressPrivateLink" - awsPeering = "AwsPeering" - azureEgressPrivateLink = "AzureEgressPrivateLink" - azurePeering = "AzurePeering" - awsPrivateNetworkInterface = "AwsPrivateNetworkInterface" - gcpPeering = "GcpPeering" - gcpEgressPrivateServiceConnect = "GcpEgressPrivateServiceConnect" + awsEgressPrivateLink = "AwsEgressPrivateLink" + awsIngressPrivateLink = "AwsIngressPrivateLink" + awsPeering = "AwsPeering" + azureEgressPrivateLink = "AzureEgressPrivateLink" + azurePeering = "AzurePeering" + awsPrivateNetworkInterface = "AwsPrivateNetworkInterface" + gcpPeering = "GcpPeering" + gcpEgressPrivateServiceConnect = "GcpEgressPrivateServiceConnect" + gcpIngressPrivateServiceConnect = "GcpIngressPrivateServiceConnect" + azureIngressPrivateLink = "AzureIngressPrivateLink" ) var ( - createGatewayTypes = []string{"egress-privatelink", "ingress-privatelink", "private-network-interface"} - listGatewayTypes = []string{"aws-egress-privatelink", "aws-ingress-privatelink", "azure-egress-privatelink", "gcp-egress-private-service-connect"} // TODO: check if we accept private-network-interface here + createGatewayTypes = []string{"egress-privatelink", "ingress-privatelink", "private-network-interface", "ingress-private-service-connect"} + listGatewayTypes = []string{"aws-egress-privatelink", "aws-ingress-privatelink", "azure-egress-privatelink", "azure-ingress-privatelink", "gcp-egress-privatelink", "gcp-ingress-privatelink", "gcp-egress-private-service-connect", "gcp-ingress-private-service-connect"} gatewayTypeMap = map[string]string{ - "aws-egress-privatelink": awsEgressPrivateLink, - "aws-ingress-privatelink": awsIngressPrivateLink, - "azure-egress-privatelink": azureEgressPrivateLink, - "gcp-egress-private-service-connect": gcpEgressPrivateServiceConnect, + "aws-egress-privatelink": awsEgressPrivateLink, + "aws-ingress-privatelink": awsIngressPrivateLink, + "azure-egress-privatelink": azureEgressPrivateLink, + "azure-ingress-privatelink": azureIngressPrivateLink, + "gcp-egress-privatelink": "GcpEgressPrivateLink", + "gcp-ingress-privatelink": "GcpIngressPrivateLink", + "gcp-egress-private-service-connect": gcpEgressPrivateServiceConnect, + "gcp-ingress-private-service-connect": gcpIngressPrivateServiceConnect, } ) type gatewayOut struct { - Id string `human:"ID" serialized:"id"` - Name string `human:"Name,omitempty" serialized:"name,omitempty"` - Environment string `human:"Environment" serialized:"environment"` - Region string `human:"Region,omitempty" serialized:"region,omitempty"` - Type string `human:"Type,omitempty" serialized:"type,omitempty"` - AwsPrincipalArn string `human:"AWS Principal ARN,omitempty" serialized:"aws_principal_arn,omitempty"` - VpcEndpointServiceName string `human:"VPC Endpoint Service Name,omitempty" serialized:"vpc_endpoint_service_name,omitempty"` - AzureSubscription string `human:"Azure Subscription,omitempty" serialized:"azure_subscription,omitempty"` - GcpIamPrincipal string `human:"GCP IAM Principal,omitempty" serialized:"gcp_iam_principal,omitempty"` - GcpProject string `human:"GCP Project,omitempty" serialized:"gcp_project,omitempty"` - Phase string `human:"Phase" serialized:"phase"` - Zones []string `human:"Zones,omitempty" serialized:"zones,omitempty"` - Account string `human:"Account,omitempty" serialized:"account,omitempty"` - ErrorMessage string `human:"Error Message,omitempty" serialized:"error_message,omitempty"` + Id string `human:"ID" serialized:"id"` + Name string `human:"Name,omitempty" serialized:"name,omitempty"` + Environment string `human:"Environment" serialized:"environment"` + Region string `human:"Region,omitempty" serialized:"region,omitempty"` + Type string `human:"Type,omitempty" serialized:"type,omitempty"` + AwsPrincipalArn string `human:"AWS Principal ARN,omitempty" serialized:"aws_principal_arn,omitempty"` + VpcEndpointServiceName string `human:"VPC Endpoint Service Name,omitempty" serialized:"vpc_endpoint_service_name,omitempty"` + AzureSubscription string `human:"Azure Subscription,omitempty" serialized:"azure_subscription,omitempty"` + AzurePrivateLinkServiceAlias string `human:"Azure Private Link Service Alias,omitempty" serialized:"azure_private_link_service_alias,omitempty"` + AzurePrivateLinkServiceResourceId string `human:"Azure Private Link Resource ID,omitempty" serialized:"azure_private_link_service_resource_id,omitempty"` + GcpIamPrincipal string `human:"GCP IAM Principal,omitempty" serialized:"gcp_iam_principal,omitempty"` + GcpProject string `human:"GCP Project,omitempty" serialized:"gcp_project,omitempty"` + GcpPrivateServiceConnectServiceAttachment string `human:"GCP PSC Service Attachment,omitempty" serialized:"gcp_private_service_connect_service_attachment,omitempty"` + Phase string `human:"Phase" serialized:"phase"` + Zones []string `human:"Zones,omitempty" serialized:"zones,omitempty"` + Account string `human:"Account,omitempty" serialized:"account,omitempty"` + ErrorMessage string `human:"Error Message,omitempty" serialized:"error_message,omitempty"` } func (c *command) newGatewayCommand() *cobra.Command { @@ -77,7 +86,7 @@ func addGatewayTypeFlag(cmd *cobra.Command) { } func (c *command) addRegionFlagGateway(cmd *cobra.Command, command *pcmd.AuthenticatedCLICommand) { - cmd.Flags().String("region", "", "AWS or Azure region of the gateway.") + cmd.Flags().String("region", "", "AWS, Azure, or GCP region of the gateway.") pcmd.RegisterFlagCompletionFunc(cmd, "region", func(cmd *cobra.Command, args []string) []string { if err := c.PersistentPreRunE(cmd, args); err != nil { return nil @@ -137,7 +146,7 @@ func getGatewayCloud(gateway networkinggatewayv1.NetworkingV1Gateway) string { return pcloud.Aws } - if cloud.NetworkingV1AzureEgressPrivateLinkGatewayStatus != nil { + if cloud.NetworkingV1AzureEgressPrivateLinkGatewayStatus != nil || cloud.NetworkingV1AzureIngressPrivateLinkGatewayStatus != nil { return pcloud.Azure } @@ -145,6 +154,10 @@ func getGatewayCloud(gateway networkinggatewayv1.NetworkingV1Gateway) string { return pcloud.Gcp } + if cloud.NetworkingV1GcpIngressPrivateServiceConnectGatewayStatus != nil { + return pcloud.Gcp + } + if cloud.NetworkingV1GcpPeeringGatewayStatus != nil { return pcloud.Gcp } @@ -171,6 +184,10 @@ func getGatewayType(gateway networkinggatewayv1.NetworkingV1Gateway) (string, er return azureEgressPrivateLink, nil } + if config.NetworkingV1AzureIngressPrivateLinkGatewaySpec != nil { + return azureIngressPrivateLink, nil + } + if config.NetworkingV1AwsPeeringGatewaySpec != nil { return awsPeering, nil } @@ -187,6 +204,10 @@ func getGatewayType(gateway networkinggatewayv1.NetworkingV1Gateway) (string, er return gcpEgressPrivateServiceConnect, nil } + if config.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec != nil { + return gcpIngressPrivateServiceConnect, nil + } + return "", fmt.Errorf(errors.CorruptedNetworkResponseErrorMsg, "config") } @@ -224,6 +245,9 @@ func printGatewayTable(cmd *cobra.Command, gateway networkinggatewayv1.Networkin if gatewayType == azureEgressPrivateLink { out.Region = gateway.Spec.Config.NetworkingV1AzureEgressPrivateLinkGatewaySpec.GetRegion() } + if gatewayType == azureIngressPrivateLink { + out.Region = gateway.Spec.Config.NetworkingV1AzureIngressPrivateLinkGatewaySpec.GetRegion() + } if gatewayType == azurePeering { out.Region = gateway.Spec.Config.NetworkingV1AzurePeeringGatewaySpec.GetRegion() } @@ -234,6 +258,9 @@ func printGatewayTable(cmd *cobra.Command, gateway networkinggatewayv1.Networkin if gatewayType == gcpEgressPrivateServiceConnect { out.Region = gateway.Spec.Config.NetworkingV1GcpEgressPrivateServiceConnectGatewaySpec.GetRegion() } + if gatewayType == gcpIngressPrivateServiceConnect { + out.Region = gateway.Spec.Config.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec.GetRegion() + } if gatewayType == gcpPeering { out.Region = gateway.Spec.Config.NetworkingV1GcpPeeringGatewaySpec.GetRegion() } @@ -248,10 +275,20 @@ func printGatewayTable(cmd *cobra.Command, gateway networkinggatewayv1.Networkin out.Account = gateway.Status.CloudGateway.NetworkingV1AwsPrivateNetworkInterfaceGatewayStatus.GetAccount() } case pcloud.Azure: - out.AzureSubscription = gateway.Status.CloudGateway.NetworkingV1AzureEgressPrivateLinkGatewayStatus.GetSubscription() + if gatewayType == azureEgressPrivateLink { + out.AzureSubscription = gateway.Status.CloudGateway.NetworkingV1AzureEgressPrivateLinkGatewayStatus.GetSubscription() + } else if gatewayType == azureIngressPrivateLink { + out.AzurePrivateLinkServiceAlias = gateway.Status.CloudGateway.NetworkingV1AzureIngressPrivateLinkGatewayStatus.GetPrivateLinkServiceAlias() + out.AzurePrivateLinkServiceResourceId = gateway.Status.CloudGateway.NetworkingV1AzureIngressPrivateLinkGatewayStatus.GetPrivateLinkServiceResourceId() + } case pcloud.Gcp: - out.GcpProject = gateway.Status.CloudGateway.NetworkingV1GcpEgressPrivateServiceConnectGatewayStatus.GetProject() - out.GcpIamPrincipal = gateway.Status.CloudGateway.NetworkingV1GcpPeeringGatewayStatus.GetIamPrincipal() + if gatewayType == gcpEgressPrivateServiceConnect { + out.GcpProject = gateway.Status.CloudGateway.NetworkingV1GcpEgressPrivateServiceConnectGatewayStatus.GetProject() + } else if gatewayType == gcpIngressPrivateServiceConnect { + out.GcpPrivateServiceConnectServiceAttachment = gateway.Status.CloudGateway.NetworkingV1GcpIngressPrivateServiceConnectGatewayStatus.GetPrivateServiceConnectServiceAttachment() + } else if gatewayType == gcpPeering { + out.GcpIamPrincipal = gateway.Status.CloudGateway.NetworkingV1GcpPeeringGatewayStatus.GetIamPrincipal() + } } table := output.NewTable(cmd) diff --git a/internal/network/command_gateway_create.go b/internal/network/command_gateway_create.go index 800582f492..d6e9242d59 100644 --- a/internal/network/command_gateway_create.go +++ b/internal/network/command_gateway_create.go @@ -31,10 +31,18 @@ func (c *command) newGatewayCreateCommand() *cobra.Command { Text: `Create AWS private network interface gateway "my-pni-gateway".`, Code: "confluent network gateway create my-pni-gateway --cloud aws --region us-east-1 --type private-network-interface", }, + examples.Example{ + Text: `Create Azure ingress private link gateway "my-azure-ingress-gateway".`, + Code: "confluent network gateway create my-azure-ingress-gateway --cloud azure --region eastus2 --type ingress-privatelink", + }, + examples.Example{ + Text: `Create GCP ingress private service connect gateway "my-gcp-ingress-gateway".`, + Code: "confluent network gateway create my-gcp-ingress-gateway --cloud gcp --region us-central1 --type ingress-private-service-connect", + }, ), } - pcmd.AddCloudAwsAzureFlag(cmd) + pcmd.AddCloudFlag(cmd) addGatewayTypeFlag(cmd) c.addRegionFlagGateway(cmd, c.AuthenticatedCLICommand) cmd.Flags().StringSlice("zones", nil, "A comma-separated list of availability zones for this gateway.") @@ -115,6 +123,22 @@ func (c *command) gatewayCreate(cmd *cobra.Command, args []string) error { Region: region, }, } + } else if gatewayType == "ingress-privatelink" { + createGateway.Spec.Config = &networkinggatewayv1.NetworkingV1GatewaySpecConfigOneOf{ + NetworkingV1AzureIngressPrivateLinkGatewaySpec: &networkinggatewayv1.NetworkingV1AzureIngressPrivateLinkGatewaySpec{ + Kind: "AzureIngressPrivateLinkGatewaySpec", + Region: region, + }, + } + } + case pcloud.Gcp: + if gatewayType == "ingress-private-service-connect" { + createGateway.Spec.Config = &networkinggatewayv1.NetworkingV1GatewaySpecConfigOneOf{ + NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec: &networkinggatewayv1.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec{ + Kind: "GcpIngressPrivateServiceConnectGatewaySpec", + Region: region, + }, + } } } diff --git a/internal/network/command_gateway_list.go b/internal/network/command_gateway_list.go index 1e122a8854..92b31efaf4 100644 --- a/internal/network/command_gateway_list.go +++ b/internal/network/command_gateway_list.go @@ -118,6 +118,9 @@ func (c *command) gatewayList(cmd *cobra.Command, _ []string) error { if gatewayType == azureEgressPrivateLink { out.Region = gateway.Spec.Config.NetworkingV1AzureEgressPrivateLinkGatewaySpec.GetRegion() } + if gatewayType == azureIngressPrivateLink { + out.Region = gateway.Spec.Config.NetworkingV1AzureIngressPrivateLinkGatewaySpec.GetRegion() + } if gatewayType == azurePeering { out.Region = gateway.Spec.Config.NetworkingV1AzurePeeringGatewaySpec.GetRegion() } @@ -131,6 +134,9 @@ func (c *command) gatewayList(cmd *cobra.Command, _ []string) error { if gatewayType == gcpEgressPrivateServiceConnect { out.Region = gateway.Spec.Config.NetworkingV1GcpEgressPrivateServiceConnectGatewaySpec.GetRegion() } + if gatewayType == gcpIngressPrivateServiceConnect { + out.Region = gateway.Spec.Config.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec.GetRegion() + } switch getGatewayCloud(gateway) { case pcloud.Aws: @@ -142,10 +148,20 @@ func (c *command) gatewayList(cmd *cobra.Command, _ []string) error { out.Account = gateway.Status.CloudGateway.NetworkingV1AwsPrivateNetworkInterfaceGatewayStatus.GetAccount() } case pcloud.Azure: - out.AzureSubscription = gateway.Status.CloudGateway.NetworkingV1AzureEgressPrivateLinkGatewayStatus.GetSubscription() + if gatewayType == azureEgressPrivateLink { + out.AzureSubscription = gateway.Status.CloudGateway.NetworkingV1AzureEgressPrivateLinkGatewayStatus.GetSubscription() + } else if gatewayType == azureIngressPrivateLink { + out.AzurePrivateLinkServiceAlias = gateway.Status.CloudGateway.NetworkingV1AzureIngressPrivateLinkGatewayStatus.GetPrivateLinkServiceAlias() + out.AzurePrivateLinkServiceResourceId = gateway.Status.CloudGateway.NetworkingV1AzureIngressPrivateLinkGatewayStatus.GetPrivateLinkServiceResourceId() + } case pcloud.Gcp: - out.GcpIamPrincipal = gateway.Status.CloudGateway.NetworkingV1GcpPeeringGatewayStatus.GetIamPrincipal() - out.GcpProject = gateway.Status.CloudGateway.NetworkingV1GcpEgressPrivateServiceConnectGatewayStatus.GetProject() + if gatewayType == gcpEgressPrivateServiceConnect { + out.GcpProject = gateway.Status.CloudGateway.NetworkingV1GcpEgressPrivateServiceConnectGatewayStatus.GetProject() + } else if gatewayType == gcpIngressPrivateServiceConnect { + out.GcpPrivateServiceConnectServiceAttachment = gateway.Status.CloudGateway.NetworkingV1GcpIngressPrivateServiceConnectGatewayStatus.GetPrivateServiceConnectServiceAttachment() + } else if gatewayType == gcpPeering { + out.GcpIamPrincipal = gateway.Status.CloudGateway.NetworkingV1GcpPeeringGatewayStatus.GetIamPrincipal() + } } list.Add(out) diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/create-azure.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/create-azure.golden new file mode 100644 index 0000000000..af064c720f --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/create-azure.golden @@ -0,0 +1,10 @@ ++----------------------------------------+--------------------------------------------------------------------------------------------------------------------------+ +| ID | ap-11111 | +| Environment | env-596 | +| Gateway | gw-11111 | +| Phase | READY | +| Azure Private Link Service Alias | azure-pls-alias.eastus.azure.privatelinkservice | +| Azure Private Link Service Resource ID | /subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName | +| Azure Private Endpoint Resource ID | /subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName | +| DNS Domain | ap11111.eastus.azure.accesspoint.confluent.cloud | ++----------------------------------------+--------------------------------------------------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/create-gcp.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/create-gcp.golden new file mode 100644 index 0000000000..8756fa5649 --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/create-gcp.golden @@ -0,0 +1,9 @@ ++----------------------------+-----------------------------------------------------------------------------------+ +| ID | ap-22222 | +| Environment | env-596 | +| Gateway | gw-99999 | +| Phase | READY | +| GCP PSC Service Attachment | projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName | +| GCP PSC Connection ID | 111111111111111111 | +| DNS Domain | ap22222.us-central1.gcp.accesspoint.confluent.cloud | ++----------------------------+-----------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/delete-autocomplete.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/delete-autocomplete.golden index ef273e8c24..90a0a467af 100644 --- a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/delete-autocomplete.golden +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/delete-autocomplete.golden @@ -1,3 +1,5 @@ ap-99999 my-aws-ingress-access-point +ap-11111 my-azure-ingress-access-point +ap-22222 my-gcp-ingress-access-point :4 Completion ended with directive: ShellCompDirectiveNoFileComp diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-autocomplete.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-autocomplete.golden index ef273e8c24..90a0a467af 100644 --- a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-autocomplete.golden +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-autocomplete.golden @@ -1,3 +1,5 @@ ap-99999 my-aws-ingress-access-point +ap-11111 my-azure-ingress-access-point +ap-22222 my-gcp-ingress-access-point :4 Completion ended with directive: ShellCompDirectiveNoFileComp diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-azure-json.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-azure-json.golden new file mode 100644 index 0000000000..0a3e2bf224 --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-azure-json.golden @@ -0,0 +1,11 @@ +{ + "id": "ap-11111", + "name": "my-azure-ingress-access-point", + "environment": "env-596", + "gateway": "gw-11111", + "phase": "READY", + "azure_private_link_service_alias": "azure-pls-alias.eastus.azure.privatelinkservice", + "azure_private_link_service_resource_id": "/subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName", + "azure_private_endpoint_resource_id": "/subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName", + "dns_domain": "ap11111.eastus.azure.accesspoint.confluent.cloud" +} diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-azure.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-azure.golden new file mode 100644 index 0000000000..ba57cc6702 --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-azure.golden @@ -0,0 +1,11 @@ ++----------------------------------------+--------------------------------------------------------------------------------------------------------------------------+ +| ID | ap-11111 | +| Name | my-azure-ingress-access-point | +| Environment | env-596 | +| Gateway | gw-11111 | +| Phase | READY | +| Azure Private Link Service Alias | azure-pls-alias.eastus.azure.privatelinkservice | +| Azure Private Link Service Resource ID | /subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName | +| Azure Private Endpoint Resource ID | /subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName | +| DNS Domain | ap11111.eastus.azure.accesspoint.confluent.cloud | ++----------------------------------------+--------------------------------------------------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-gcp-json.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-gcp-json.golden new file mode 100644 index 0000000000..694084713d --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-gcp-json.golden @@ -0,0 +1,10 @@ +{ + "id": "ap-22222", + "name": "my-gcp-ingress-access-point", + "environment": "env-596", + "gateway": "gw-99999", + "phase": "READY", + "gcp_private_service_connect_service_attachment": "projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName", + "gcp_private_service_connect_connection_id": "111111111111111111", + "dns_domain": "ap22222.us-central1.gcp.accesspoint.confluent.cloud" +} diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-gcp.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-gcp.golden new file mode 100644 index 0000000000..a60be4a7e5 --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/describe-gcp.golden @@ -0,0 +1,10 @@ ++----------------------------+-----------------------------------------------------------------------------------+ +| ID | ap-22222 | +| Name | my-gcp-ingress-access-point | +| Environment | env-596 | +| Gateway | gw-99999 | +| Phase | READY | +| GCP PSC Service Attachment | projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName | +| GCP PSC Connection ID | 111111111111111111 | +| DNS Domain | ap22222.us-central1.gcp.accesspoint.confluent.cloud | ++----------------------------+-----------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list-json.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list-json.golden index d22b6d3237..dcbe54bb35 100644 --- a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list-json.golden +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list-json.golden @@ -1,4 +1,25 @@ [ + { + "id": "ap-11111", + "name": "my-azure-ingress-access-point", + "environment": "env-596", + "gateway": "gw-11111", + "phase": "READY", + "azure_private_link_service_alias": "azure-pls-alias.eastus.azure.privatelinkservice", + "azure_private_link_service_resource_id": "/subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName", + "azure_private_endpoint_resource_id": "/subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName", + "dns_domain": "ap11111.eastus.azure.accesspoint.confluent.cloud" + }, + { + "id": "ap-22222", + "name": "my-gcp-ingress-access-point", + "environment": "env-596", + "gateway": "gw-99999", + "phase": "READY", + "gcp_private_service_connect_service_attachment": "projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName", + "gcp_private_service_connect_connection_id": "111111111111111111", + "dns_domain": "ap22222.us-central1.gcp.accesspoint.confluent.cloud" + }, { "id": "ap-99999", "name": "my-aws-ingress-access-point", diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list.golden index 8c96cff753..00e1110364 100644 --- a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list.golden +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/list.golden @@ -1,3 +1,6 @@ - ID | Name | Environment | Gateway | Phase | AWS VPC Endpoint ID | AWS VPC Endpoint Service Name | DNS Domain ------------+-----------------------------+-------------+----------+-------+------------------------+---------------------------------------------------------+----------------------------------------------------- - ap-99999 | my-aws-ingress-access-point | env-596 | gw-88888 | READY | vpce-1234567890abcdef0 | com.amazonaws.vpce.us-west-2.vpce-svc-00000000000000000 | ap123abc.us-west-2.aws.accesspoint.confluent.cloud + ID | Name | Environment | Gateway | Phase | AWS VPC Endpoint ID | AWS VPC Endpoint Service Name | Azure Private Link Service | Azure Private Link Service | Azure Private Endpoint | GCP PSC Service Attachment | GCP PSC Connection ID | DNS Domain + | | | | | | | Alias | Resource ID | Resource ID | | | +-----------+-------------------------------+-------------+----------+-------+------------------------+---------------------------------------------------------+-------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------+-----------------------+------------------------------------------------------ + ap-11111 | my-azure-ingress-access-point | env-596 | gw-11111 | READY | | | azure-pls-alias.eastus.azure.privatelinkservice | /subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName | /subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName | | | ap11111.eastus.azure.accesspoint.confluent.cloud + ap-22222 | my-gcp-ingress-access-point | env-596 | gw-99999 | READY | | | | | | projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName | 111111111111111111 | ap22222.us-central1.gcp.accesspoint.confluent.cloud + ap-99999 | my-aws-ingress-access-point | env-596 | gw-88888 | READY | vpce-1234567890abcdef0 | com.amazonaws.vpce.us-west-2.vpce-svc-00000000000000000 | | | | | | ap123abc.us-west-2.aws.accesspoint.confluent.cloud diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-autocomplete.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-autocomplete.golden index 8840fd58b6..0c9b04f382 100644 --- a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-autocomplete.golden +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-autocomplete.golden @@ -1,4 +1,6 @@ --name Name of the ingress endpoint. ap-99999 my-aws-ingress-access-point +ap-11111 my-azure-ingress-access-point +ap-22222 my-gcp-ingress-access-point :4 Completion ended with directive: ShellCompDirectiveNoFileComp diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-azure.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-azure.golden new file mode 100644 index 0000000000..8414d4ebe2 --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-azure.golden @@ -0,0 +1,11 @@ ++----------------------------------------+--------------------------------------------------------------------------------------------------------------------------+ +| ID | ap-11111 | +| Name | my-new-azure-ingress-access-point | +| Environment | env-596 | +| Gateway | gw-11111 | +| Phase | READY | +| Azure Private Link Service Alias | azure-pls-alias.eastus.azure.privatelinkservice | +| Azure Private Link Service Resource ID | /subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName | +| Azure Private Endpoint Resource ID | /subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName | +| DNS Domain | ap11111.eastus.azure.accesspoint.confluent.cloud | ++----------------------------------------+--------------------------------------------------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-gcp.golden b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-gcp.golden new file mode 100644 index 0000000000..ccdf1e1542 --- /dev/null +++ b/test/fixtures/output/network/access-point/private-link/ingress-endpoint/update-gcp.golden @@ -0,0 +1,10 @@ ++----------------------------+-----------------------------------------------------------------------------------+ +| ID | ap-22222 | +| Name | my-new-gcp-ingress-access-point | +| Environment | env-596 | +| Gateway | gw-99999 | +| Phase | READY | +| GCP PSC Service Attachment | projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName | +| GCP PSC Connection ID | 111111111111111111 | +| DNS Domain | ap22222.us-central1.gcp.accesspoint.confluent.cloud | ++----------------------------+-----------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/gateway/create-azure-ingress.golden b/test/fixtures/output/network/gateway/create-azure-ingress.golden new file mode 100644 index 0000000000..4d1f31346b --- /dev/null +++ b/test/fixtures/output/network/gateway/create-azure-ingress.golden @@ -0,0 +1,11 @@ ++--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+ +| ID | gw-abc123 | +| Name | my-azure-ingress-gateway | +| Environment | env-596 | +| Region | eastus2 | +| Type | AzureIngressPrivateLink | +| Azure Private Link Service | azure-ingress-pl.eastus2.azure.privatelinkservice | +| Alias | | +| Azure Private Link Resource ID | /subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl | +| Phase | READY | ++--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/gateway/create-gcp-ingress.golden b/test/fixtures/output/network/gateway/create-gcp-ingress.golden new file mode 100644 index 0000000000..51c91c6483 --- /dev/null +++ b/test/fixtures/output/network/gateway/create-gcp-ingress.golden @@ -0,0 +1,9 @@ ++----------------------------+-----------------------------------------------------------------------------------------------+ +| ID | gw-abc123 | +| Name | my-gcp-ingress-gateway | +| Environment | env-596 | +| Region | us-central1 | +| Type | GcpIngressPrivateServiceConnect | +| GCP PSC Service Attachment | projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment | +| Phase | READY | ++----------------------------+-----------------------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/gateway/create-type-autocomplete.golden b/test/fixtures/output/network/gateway/create-type-autocomplete.golden index e05cbe8707..2abd4cc770 100644 --- a/test/fixtures/output/network/gateway/create-type-autocomplete.golden +++ b/test/fixtures/output/network/gateway/create-type-autocomplete.golden @@ -1,5 +1,6 @@ egress-privatelink ingress-privatelink private-network-interface +ingress-private-service-connect :4 Completion ended with directive: ShellCompDirectiveNoFileComp diff --git a/test/fixtures/output/network/gateway/delete-azure-ingress-multiple.golden b/test/fixtures/output/network/gateway/delete-azure-ingress-multiple.golden new file mode 100644 index 0000000000..48b9e4b87f --- /dev/null +++ b/test/fixtures/output/network/gateway/delete-azure-ingress-multiple.golden @@ -0,0 +1 @@ +Are you sure you want to delete gateways "gw-11111" and "gw-67890"? (y/n): Requested to delete gateways "gw-11111" and "gw-67890". diff --git a/test/fixtures/output/network/gateway/delete-azure-ingress.golden b/test/fixtures/output/network/gateway/delete-azure-ingress.golden new file mode 100644 index 0000000000..1ded158ff1 --- /dev/null +++ b/test/fixtures/output/network/gateway/delete-azure-ingress.golden @@ -0,0 +1 @@ +Are you sure you want to delete gateway "gw-11111"? (y/n): Requested to delete gateway "gw-11111". diff --git a/test/fixtures/output/network/gateway/describe-autocomplete.golden b/test/fixtures/output/network/gateway/describe-autocomplete.golden index 3bae66e233..11b078da02 100644 --- a/test/fixtures/output/network/gateway/describe-autocomplete.golden +++ b/test/fixtures/output/network/gateway/describe-autocomplete.golden @@ -6,5 +6,7 @@ gw-09876 my-azure-peering-gateway gw-13570 my-gcp-peering-gateway gw-07531 my-gcp-gateway gw-88888 my-aws-ingress-gateway +gw-99999 my-gcp-ingress-gateway +gw-11111 my-azure-ingress-gateway :4 Completion ended with directive: ShellCompDirectiveNoFileComp diff --git a/test/fixtures/output/network/gateway/describe-azure-ingress.golden b/test/fixtures/output/network/gateway/describe-azure-ingress.golden new file mode 100644 index 0000000000..f54fdb0961 --- /dev/null +++ b/test/fixtures/output/network/gateway/describe-azure-ingress.golden @@ -0,0 +1,11 @@ ++--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+ +| ID | gw-11111 | +| Name | my-azure-ingress-gateway | +| Environment | env-596 | +| Region | eastus2 | +| Type | AzureIngressPrivateLink | +| Azure Private Link Service | azure-ingress-pl.eastus2.azure.privatelinkservice | +| Alias | | +| Azure Private Link Resource ID | /subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl | +| Phase | READY | ++--------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/gateway/describe-gcp-ingress.golden b/test/fixtures/output/network/gateway/describe-gcp-ingress.golden new file mode 100644 index 0000000000..a721afd01f --- /dev/null +++ b/test/fixtures/output/network/gateway/describe-gcp-ingress.golden @@ -0,0 +1,9 @@ ++----------------------------+-----------------------------------------------------------------------------------------------+ +| ID | gw-99999 | +| Name | my-gcp-ingress-gateway | +| Environment | env-596 | +| Region | us-central1 | +| Type | GcpIngressPrivateServiceConnect | +| GCP PSC Service Attachment | projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment | +| Phase | READY | ++----------------------------+-----------------------------------------------------------------------------------------------+ diff --git a/test/fixtures/output/network/gateway/list-filter-azure-ingress-type.golden b/test/fixtures/output/network/gateway/list-filter-azure-ingress-type.golden new file mode 100644 index 0000000000..0708330c82 --- /dev/null +++ b/test/fixtures/output/network/gateway/list-filter-azure-ingress-type.golden @@ -0,0 +1,4 @@ + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+--------------------------+-------------+---------+-------------------------+-------------------+---------------------------+--------------------+---------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+-------------------+-------------+----------------------------+-------+-------+---------+---------------- + gw-11111 | my-azure-ingress-gateway | env-596 | eastus2 | AzureIngressPrivateLink | | | | azure-ingress-pl.eastus2.azure.privatelinkservice | /subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl | | | | READY | | | diff --git a/test/fixtures/output/network/gateway/list-filter-gcp-ingress-type.golden b/test/fixtures/output/network/gateway/list-filter-gcp-ingress-type.golden new file mode 100644 index 0000000000..d3c04b5ab2 --- /dev/null +++ b/test/fixtures/output/network/gateway/list-filter-gcp-ingress-type.golden @@ -0,0 +1,4 @@ + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+------------------------+-------------+-------------+---------------------------------+-------------------+---------------------------+--------------------+--------------------------------+--------------------------------+-------------------+-------------+-----------------------------------------------------------------------------------------------+-------+-------+---------+---------------- + gw-99999 | my-gcp-ingress-gateway | env-596 | us-central1 | GcpIngressPrivateServiceConnect | | | | | | | | projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment | READY | | | diff --git a/test/fixtures/output/network/gateway/list-filter-id.golden b/test/fixtures/output/network/gateway/list-filter-id.golden index 904c3933a6..fdf3ed3dda 100644 --- a/test/fixtures/output/network/gateway/list-filter-id.golden +++ b/test/fixtures/output/network/gateway/list-filter-id.golden @@ -1,3 +1,4 @@ - ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | GCP IAM Principal | GCP Project | Phase | Zones | Account | Error Message ------------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+-------------------+-------------+-------+-------+---------+---------------- - gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | READY | | | + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+--------------------------------+--------------------------------+-------------------+-------------+----------------------------+-------+-------+---------+---------------- + gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | | | | READY | | | diff --git a/test/fixtures/output/network/gateway/list-filter-multiple.golden b/test/fixtures/output/network/gateway/list-filter-multiple.golden index 904c3933a6..fdf3ed3dda 100644 --- a/test/fixtures/output/network/gateway/list-filter-multiple.golden +++ b/test/fixtures/output/network/gateway/list-filter-multiple.golden @@ -1,3 +1,4 @@ - ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | GCP IAM Principal | GCP Project | Phase | Zones | Account | Error Message ------------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+-------------------+-------------+-------+-------+---------+---------------- - gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | READY | | | + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+--------------------------------+--------------------------------+-------------------+-------------+----------------------------+-------+-------+---------+---------------- + gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | | | | READY | | | diff --git a/test/fixtures/output/network/gateway/list-filter-name.golden b/test/fixtures/output/network/gateway/list-filter-name.golden index dd80c86a9f..811020907b 100644 --- a/test/fixtures/output/network/gateway/list-filter-name.golden +++ b/test/fixtures/output/network/gateway/list-filter-name.golden @@ -1,4 +1,5 @@ - ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | GCP IAM Principal | GCP Project | Phase | Zones | Account | Error Message ------------+----------------+-------------+-----------+----------------------------+--------------------------------+---------------------------+--------------------+-------------------+-------------+-------+------------------------+--------------+---------------- - gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | READY | | | - gw-23456 | my-aws-gateway | env-596 | us-east-2 | AwsPrivateNetworkInterface | | | | | | READY | us-east-2a, us-east-2b | 000000000000 | + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+----------------+-------------+-----------+----------------------------+--------------------------------+---------------------------+--------------------+--------------------------------+--------------------------------+-------------------+-------------+----------------------------+-------+------------------------+--------------+---------------- + gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | | | | READY | | | + gw-23456 | my-aws-gateway | env-596 | us-east-2 | AwsPrivateNetworkInterface | | | | | | | | | READY | us-east-2a, us-east-2b | 000000000000 | diff --git a/test/fixtures/output/network/gateway/list-filter-phase.golden b/test/fixtures/output/network/gateway/list-filter-phase.golden index 1f164638dc..121ebf0f93 100644 --- a/test/fixtures/output/network/gateway/list-filter-phase.golden +++ b/test/fixtures/output/network/gateway/list-filter-phase.golden @@ -1,10 +1,13 @@ - ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | GCP IAM Principal | GCP Project | Phase | Zones | Account | Error Message ------------+--------------------------+-------------+-----------+--------------------------------+--------------------------------+---------------------------------------------------------+--------------------------------------+-------------------------------------+---------------+-------+------------------------+--------------+---------------- - gw-07531 | my-gcp-gateway | env-596 | eastus | GcpEgressPrivateServiceConnect | | | | | project-12345 | READY | | | - gw-09876 | my-azure-peering-gateway | env-596 | eastus2 | AzurePeering | | | | | | READY | | | - gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | READY | | | - gw-13570 | my-gcp-peering-gateway | env-596 | eastus2 | GcpPeering | | | | g000000-a000-0a00-00aa-0000aaa0a0a0 | | READY | | | - gw-23456 | my-aws-gateway | env-596 | us-east-2 | AwsPrivateNetworkInterface | | | | | | READY | us-east-2a, us-east-2b | 000000000000 | - gw-54321 | my-aws-peering-gateway | env-596 | us-east-2 | AwsPeering | | | | | | READY | | | - gw-67890 | my-azure-gateway | env-596 | eastus | AzureEgressPrivateLink | | | aa000000-a000-0a00-00aa-0000aaa0a0a0 | | | READY | | | - gw-88888 | my-aws-ingress-gateway | env-596 | us-west-2 | AwsIngressPrivateLink | | com.amazonaws.vpce.us-west-2.vpce-svc-00000000000000000 | | | | READY | | | + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+--------------------------+-------------+-------------+---------------------------------+--------------------------------+---------------------------------------------------------+--------------------------------------+---------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------+---------------+-----------------------------------------------------------------------------------------------+-------+------------------------+--------------+---------------- + gw-07531 | my-gcp-gateway | env-596 | eastus | GcpEgressPrivateServiceConnect | | | | | | | project-12345 | | READY | | | + gw-09876 | my-azure-peering-gateway | env-596 | eastus2 | AzurePeering | | | | | | | | | READY | | | + gw-11111 | my-azure-ingress-gateway | env-596 | eastus2 | AzureIngressPrivateLink | | | | azure-ingress-pl.eastus2.azure.privatelinkservice | /subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl | | | | READY | | | + gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | | | | READY | | | + gw-13570 | my-gcp-peering-gateway | env-596 | eastus2 | GcpPeering | | | | | | g000000-a000-0a00-00aa-0000aaa0a0a0 | | | READY | | | + gw-23456 | my-aws-gateway | env-596 | us-east-2 | AwsPrivateNetworkInterface | | | | | | | | | READY | us-east-2a, us-east-2b | 000000000000 | + gw-54321 | my-aws-peering-gateway | env-596 | us-east-2 | AwsPeering | | | | | | | | | READY | | | + gw-67890 | my-azure-gateway | env-596 | eastus | AzureEgressPrivateLink | | | aa000000-a000-0a00-00aa-0000aaa0a0a0 | | | | | | READY | | | + gw-88888 | my-aws-ingress-gateway | env-596 | us-west-2 | AwsIngressPrivateLink | | com.amazonaws.vpce.us-west-2.vpce-svc-00000000000000000 | | | | | | | READY | | | + gw-99999 | my-gcp-ingress-gateway | env-596 | us-central1 | GcpIngressPrivateServiceConnect | | | | | | | | projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment | READY | | | diff --git a/test/fixtures/output/network/gateway/list-filter-region.golden b/test/fixtures/output/network/gateway/list-filter-region.golden index 904c3933a6..fdf3ed3dda 100644 --- a/test/fixtures/output/network/gateway/list-filter-region.golden +++ b/test/fixtures/output/network/gateway/list-filter-region.golden @@ -1,3 +1,4 @@ - ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | GCP IAM Principal | GCP Project | Phase | Zones | Account | Error Message ------------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+-------------------+-------------+-------+-------+---------+---------------- - gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | READY | | | + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+--------------------------------+--------------------------------+-------------------+-------------+----------------------------+-------+-------+---------+---------------- + gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | | | | READY | | | diff --git a/test/fixtures/output/network/gateway/list-filter-type.golden b/test/fixtures/output/network/gateway/list-filter-type.golden index 904c3933a6..fdf3ed3dda 100644 --- a/test/fixtures/output/network/gateway/list-filter-type.golden +++ b/test/fixtures/output/network/gateway/list-filter-type.golden @@ -1,3 +1,4 @@ - ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | GCP IAM Principal | GCP Project | Phase | Zones | Account | Error Message ------------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+-------------------+-------------+-------+-------+---------+---------------- - gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | READY | | | + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+----------------+-------------+-----------+----------------------+--------------------------------+---------------------------+--------------------+--------------------------------+--------------------------------+-------------------+-------------+----------------------------+-------+-------+---------+---------------- + gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | | | | READY | | | diff --git a/test/fixtures/output/network/gateway/list-json.golden b/test/fixtures/output/network/gateway/list-json.golden index 67348d8d88..29aaeb8b2e 100644 --- a/test/fixtures/output/network/gateway/list-json.golden +++ b/test/fixtures/output/network/gateway/list-json.golden @@ -16,6 +16,16 @@ "type": "AzurePeering", "phase": "READY" }, + { + "id": "gw-11111", + "name": "my-azure-ingress-gateway", + "environment": "env-596", + "region": "eastus2", + "type": "AzureIngressPrivateLink", + "azure_private_link_service_alias": "azure-ingress-pl.eastus2.azure.privatelinkservice", + "azure_private_link_service_resource_id": "/subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl", + "phase": "READY" + }, { "id": "gw-12345", "name": "my-aws-gateway", @@ -69,5 +79,14 @@ "type": "AwsIngressPrivateLink", "vpc_endpoint_service_name": "com.amazonaws.vpce.us-west-2.vpce-svc-00000000000000000", "phase": "READY" + }, + { + "id": "gw-99999", + "name": "my-gcp-ingress-gateway", + "environment": "env-596", + "region": "us-central1", + "type": "GcpIngressPrivateServiceConnect", + "gcp_private_service_connect_service_attachment": "projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment", + "phase": "READY" } ] diff --git a/test/fixtures/output/network/gateway/list.golden b/test/fixtures/output/network/gateway/list.golden index 1f164638dc..121ebf0f93 100644 --- a/test/fixtures/output/network/gateway/list.golden +++ b/test/fixtures/output/network/gateway/list.golden @@ -1,10 +1,13 @@ - ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | GCP IAM Principal | GCP Project | Phase | Zones | Account | Error Message ------------+--------------------------+-------------+-----------+--------------------------------+--------------------------------+---------------------------------------------------------+--------------------------------------+-------------------------------------+---------------+-------+------------------------+--------------+---------------- - gw-07531 | my-gcp-gateway | env-596 | eastus | GcpEgressPrivateServiceConnect | | | | | project-12345 | READY | | | - gw-09876 | my-azure-peering-gateway | env-596 | eastus2 | AzurePeering | | | | | | READY | | | - gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | READY | | | - gw-13570 | my-gcp-peering-gateway | env-596 | eastus2 | GcpPeering | | | | g000000-a000-0a00-00aa-0000aaa0a0a0 | | READY | | | - gw-23456 | my-aws-gateway | env-596 | us-east-2 | AwsPrivateNetworkInterface | | | | | | READY | us-east-2a, us-east-2b | 000000000000 | - gw-54321 | my-aws-peering-gateway | env-596 | us-east-2 | AwsPeering | | | | | | READY | | | - gw-67890 | my-azure-gateway | env-596 | eastus | AzureEgressPrivateLink | | | aa000000-a000-0a00-00aa-0000aaa0a0a0 | | | READY | | | - gw-88888 | my-aws-ingress-gateway | env-596 | us-west-2 | AwsIngressPrivateLink | | com.amazonaws.vpce.us-west-2.vpce-svc-00000000000000000 | | | | READY | | | + ID | Name | Environment | Region | Type | AWS Principal ARN | VPC Endpoint Service Name | Azure Subscription | Azure Private Link Service | Azure Private Link Resource ID | GCP IAM Principal | GCP Project | GCP PSC Service Attachment | Phase | Zones | Account | Error Message + | | | | | | | | Alias | | | | | | | | +-----------+--------------------------+-------------+-------------+---------------------------------+--------------------------------+---------------------------------------------------------+--------------------------------------+---------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------+---------------+-----------------------------------------------------------------------------------------------+-------+------------------------+--------------+---------------- + gw-07531 | my-gcp-gateway | env-596 | eastus | GcpEgressPrivateServiceConnect | | | | | | | project-12345 | | READY | | | + gw-09876 | my-azure-peering-gateway | env-596 | eastus2 | AzurePeering | | | | | | | | | READY | | | + gw-11111 | my-azure-ingress-gateway | env-596 | eastus2 | AzureIngressPrivateLink | | | | azure-ingress-pl.eastus2.azure.privatelinkservice | /subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl | | | | READY | | | + gw-12345 | my-aws-gateway | env-596 | us-east-1 | AwsEgressPrivateLink | arn:aws:iam::123456789012:role | | | | | | | | READY | | | + gw-13570 | my-gcp-peering-gateway | env-596 | eastus2 | GcpPeering | | | | | | g000000-a000-0a00-00aa-0000aaa0a0a0 | | | READY | | | + gw-23456 | my-aws-gateway | env-596 | us-east-2 | AwsPrivateNetworkInterface | | | | | | | | | READY | us-east-2a, us-east-2b | 000000000000 | + gw-54321 | my-aws-peering-gateway | env-596 | us-east-2 | AwsPeering | | | | | | | | | READY | | | + gw-67890 | my-azure-gateway | env-596 | eastus | AzureEgressPrivateLink | | | aa000000-a000-0a00-00aa-0000aaa0a0a0 | | | | | | READY | | | + gw-88888 | my-aws-ingress-gateway | env-596 | us-west-2 | AwsIngressPrivateLink | | com.amazonaws.vpce.us-west-2.vpce-svc-00000000000000000 | | | | | | | READY | | | + gw-99999 | my-gcp-ingress-gateway | env-596 | us-central1 | GcpIngressPrivateServiceConnect | | | | | | | | projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment | READY | | | diff --git a/test/network_test.go b/test/network_test.go index 7335003708..9b022a998a 100644 --- a/test/network_test.go +++ b/test/network_test.go @@ -125,9 +125,13 @@ func (s *CLITestSuite) TestNetworkGateway() { {args: "network gateway create my-gateway --cloud aws --type egress-privatelink --region us-west-2", fixture: "network/gateway/create-aws.golden"}, {args: "network gateway create my-gateway --cloud aws --type ingress-privatelink --region us-west-2", fixture: "network/gateway/create-aws-ingress.golden"}, {args: "network gateway create my-gateway --cloud aws --type private-network-interface --region us-west-2 --zones us-west-2a,us-west-2b", fixture: "network/gateway/create-aws-private-network-interface.golden"}, + {args: "network gateway create my-gcp-ingress-gateway --cloud gcp --type ingress-private-service-connect --region us-central1", fixture: "network/gateway/create-gcp-ingress.golden"}, + {args: "network gateway create my-azure-ingress-gateway --cloud azure --type ingress-privatelink --region eastus2", fixture: "network/gateway/create-azure-ingress.golden"}, {args: "network gateway update gw-111111 --name new-name", fixture: "network/gateway/update.golden"}, {args: "network gateway delete gw-12345", input: "y\n", fixture: "network/gateway/delete.golden"}, {args: "network gateway delete gw-12345 gw-54321", input: "y\n", fixture: "network/gateway/delete-multiple.golden"}, + {args: "network gateway delete gw-11111", input: "y\n", fixture: "network/gateway/delete-azure-ingress.golden"}, + {args: "network gateway delete gw-11111 gw-67890", input: "y\n", fixture: "network/gateway/delete-azure-ingress-multiple.golden"}, {args: "network gateway delete gw-invalid", input: "y\n", fixture: "network/gateway/delete-fail.golden", exitCode: 1}, } @@ -144,7 +148,9 @@ func (s *CLITestSuite) TestNetworkGatewayDescribe() { {args: "network gateway describe gw-88888", fixture: "network/gateway/describe-aws-ingress.golden"}, {args: "network gateway describe gw-13570", fixture: "network/gateway/describe-gcp-dns-peering.golden"}, {args: "network gateway describe gw-07531", fixture: "network/gateway/describe-gcp.golden"}, + {args: "network gateway describe gw-99999", fixture: "network/gateway/describe-gcp-ingress.golden"}, {args: "network gateway describe gw-67890", fixture: "network/gateway/describe-azure.golden"}, + {args: "network gateway describe gw-11111", fixture: "network/gateway/describe-azure-ingress.golden"}, {args: "network gateway describe gw-12345 --output json", fixture: "network/gateway/describe-aws-json.golden"}, {args: "network gateway describe gw-88888 --output json", fixture: "network/gateway/describe-aws-ingress-json.golden"}, } @@ -160,6 +166,8 @@ func (s *CLITestSuite) TestNetworkGatewayList() { {args: "network gateway list", fixture: "network/gateway/list.golden"}, {args: "network gateway list --output json", fixture: "network/gateway/list-json.golden"}, {args: "network gateway list --types aws-egress-privatelink", fixture: "network/gateway/list-filter-type.golden"}, + {args: "network gateway list --types azure-ingress-privatelink", fixture: "network/gateway/list-filter-azure-ingress-type.golden"}, + {args: "network gateway list --types gcp-ingress-private-service-connect", fixture: "network/gateway/list-filter-gcp-ingress-type.golden"}, {args: "network gateway list --id gw-12345", fixture: "network/gateway/list-filter-id.golden"}, {args: "network gateway list --region us-east-1", fixture: "network/gateway/list-filter-region.golden"}, {args: "network gateway list --display-name my-aws-gateway", fixture: "network/gateway/list-filter-name.golden"}, @@ -1169,7 +1177,11 @@ func (s *CLITestSuite) TestNetworkAccessPointPrivateLinkIngressEndpoint() { tests := []CLITest{ {args: "network access-point private-link ingress-endpoint create --cloud aws --gateway gw-88888 --vpc-endpoint-id vpce-1234567890abcdef0", fixture: "network/access-point/private-link/ingress-endpoint/create-aws.golden"}, {args: "network access-point private-link ingress-endpoint create my-ingress-endpoint --cloud aws --gateway gw-88888 --vpc-endpoint-id vpce-1234567890abcdef0", fixture: "network/access-point/private-link/ingress-endpoint/create-aws-name.golden"}, + {args: "network access-point private-link ingress-endpoint create --cloud azure --gateway gw-11111 --private-endpoint-resource-id /subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName", fixture: "network/access-point/private-link/ingress-endpoint/create-azure.golden"}, + {args: "network access-point private-link ingress-endpoint create --cloud gcp --gateway gw-99999 --private-service-connect-connection-id 111111111111111111", fixture: "network/access-point/private-link/ingress-endpoint/create-gcp.golden"}, {args: "network access-point private-link ingress-endpoint update ap-88888 --name my-new-aws-ingress-access-point", fixture: "network/access-point/private-link/ingress-endpoint/update-aws.golden"}, + {args: "network access-point private-link ingress-endpoint update ap-11111 --name my-new-azure-ingress-access-point", fixture: "network/access-point/private-link/ingress-endpoint/update-azure.golden"}, + {args: "network access-point private-link ingress-endpoint update ap-22222 --name my-new-gcp-ingress-access-point", fixture: "network/access-point/private-link/ingress-endpoint/update-gcp.golden"}, {args: "network access-point private-link ingress-endpoint delete ap-88888", input: "y\n", fixture: "network/access-point/private-link/ingress-endpoint/delete.golden"}, {args: "network access-point private-link ingress-endpoint delete ap-99999 ap-88888", input: "y\n", fixture: "network/access-point/private-link/ingress-endpoint/delete-multiple.golden"}, {args: "network access-point private-link ingress-endpoint delete ap-invalid", fixture: "network/access-point/private-link/ingress-endpoint/delete-fail.golden", exitCode: 1}, @@ -1185,6 +1197,10 @@ func (s *CLITestSuite) TestNetworkAccessPointPrivateLinkIngressEndpointDescribe( tests := []CLITest{ {args: "network access-point private-link ingress-endpoint describe ap-99999", fixture: "network/access-point/private-link/ingress-endpoint/describe-aws.golden"}, {args: "network access-point private-link ingress-endpoint describe ap-99999 --output json", fixture: "network/access-point/private-link/ingress-endpoint/describe-aws-json.golden"}, + {args: "network access-point private-link ingress-endpoint describe ap-11111", fixture: "network/access-point/private-link/ingress-endpoint/describe-azure.golden"}, + {args: "network access-point private-link ingress-endpoint describe ap-11111 --output json", fixture: "network/access-point/private-link/ingress-endpoint/describe-azure-json.golden"}, + {args: "network access-point private-link ingress-endpoint describe ap-22222", fixture: "network/access-point/private-link/ingress-endpoint/describe-gcp.golden"}, + {args: "network access-point private-link ingress-endpoint describe ap-22222 --output json", fixture: "network/access-point/private-link/ingress-endpoint/describe-gcp-json.golden"}, } for _, test := range tests { diff --git a/test/test-server/networking_handlers.go b/test/test-server/networking_handlers.go index 00e1629d47..c8310ec98c 100644 --- a/test/test-server/networking_handlers.go +++ b/test/test-server/networking_handlers.go @@ -2386,6 +2386,16 @@ func getGateway(id, environment, name, specConfigKind, statusCloudGatewayKind st Kind: specConfigKind, Region: "eastus", })) + case "AzureIngressPrivateLinkGatewaySpec": + gateway.Spec.SetConfig(networkinggatewayv1.NetworkingV1AzureIngressPrivateLinkGatewaySpecAsNetworkingV1GatewaySpecConfigOneOf(&networkinggatewayv1.NetworkingV1AzureIngressPrivateLinkGatewaySpec{ + Kind: specConfigKind, + Region: "eastus2", + })) + case "GcpIngressPrivateServiceConnectGatewaySpec": + gateway.Spec.SetConfig(networkinggatewayv1.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpecAsNetworkingV1GatewaySpecConfigOneOf(&networkinggatewayv1.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec{ + Kind: specConfigKind, + Region: "us-central1", + })) case "GcpPeeringGatewaySpec": gateway.Spec.SetConfig(networkinggatewayv1.NetworkingV1GcpPeeringGatewaySpecAsNetworkingV1GatewaySpecConfigOneOf(&networkinggatewayv1.NetworkingV1GcpPeeringGatewaySpec{ Kind: specConfigKind, @@ -2419,6 +2429,17 @@ func getGateway(id, environment, name, specConfigKind, statusCloudGatewayKind st Kind: statusCloudGatewayKind, Project: networkinggatewayv1.PtrString("project-12345"), })) + case "AzureIngressPrivateLinkGatewayStatus": + gateway.Status.SetCloudGateway(networkinggatewayv1.NetworkingV1AzureIngressPrivateLinkGatewayStatusAsNetworkingV1GatewayStatusCloudGatewayOneOf(&networkinggatewayv1.NetworkingV1AzureIngressPrivateLinkGatewayStatus{ + Kind: statusCloudGatewayKind, + PrivateLinkServiceAlias: networkinggatewayv1.PtrString("azure-ingress-pl.eastus2.azure.privatelinkservice"), + PrivateLinkServiceResourceId: networkinggatewayv1.PtrString("/subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl"), + })) + case "GcpIngressPrivateServiceConnectGatewayStatus": + gateway.Status.SetCloudGateway(networkinggatewayv1.NetworkingV1GcpIngressPrivateServiceConnectGatewayStatusAsNetworkingV1GatewayStatusCloudGatewayOneOf(&networkinggatewayv1.NetworkingV1GcpIngressPrivateServiceConnectGatewayStatus{ + Kind: statusCloudGatewayKind, + PrivateServiceConnectServiceAttachment: networkinggatewayv1.PtrString("projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment"), + })) case "GcpPeeringGatewayStatus": gateway.Status.SetCloudGateway(networkinggatewayv1.NetworkingV1GcpPeeringGatewayStatusAsNetworkingV1GatewayStatusCloudGatewayOneOf(&networkinggatewayv1.NetworkingV1GcpPeeringGatewayStatus{ Kind: statusCloudGatewayKind, @@ -2460,6 +2481,14 @@ func handleNetworkingGatewayGet(t *testing.T, id, environment string) http.Handl record := getGateway(id, environment, "my-aws-ingress-gateway", "AwsIngressPrivateLinkGatewaySpec", "AwsIngressPrivateLinkGatewayStatus") err := json.NewEncoder(w).Encode(record) require.NoError(t, err) + case "gw-99999": + record := getGateway(id, environment, "my-gcp-ingress-gateway", "GcpIngressPrivateServiceConnectGatewaySpec", "GcpIngressPrivateServiceConnectGatewayStatus") + err := json.NewEncoder(w).Encode(record) + require.NoError(t, err) + case "gw-11111": + record := getGateway(id, environment, "my-azure-ingress-gateway", "AzureIngressPrivateLinkGatewaySpec", "AzureIngressPrivateLinkGatewayStatus") + err := json.NewEncoder(w).Encode(record) + require.NoError(t, err) } } } @@ -2508,11 +2537,22 @@ func handleNetworkingGatewayPost(t *testing.T) http.HandlerFunc { Kind: "AzureEgressPrivateLinkGatewayStatus", Subscription: networkingv1.PtrString("aa000000-a000-0a00-00aa-0000aaa0a0a0"), })) + } else if body.Spec.Config.NetworkingV1AzureIngressPrivateLinkGatewaySpec != nil { + gateway.Status.SetCloudGateway(networkinggatewayv1.NetworkingV1AzureIngressPrivateLinkGatewayStatusAsNetworkingV1GatewayStatusCloudGatewayOneOf(&networkinggatewayv1.NetworkingV1AzureIngressPrivateLinkGatewayStatus{ + Kind: "AzureIngressPrivateLinkGatewayStatus", + PrivateLinkServiceAlias: networkingv1.PtrString("azure-ingress-pl.eastus2.azure.privatelinkservice"), + PrivateLinkServiceResourceId: networkingv1.PtrString("/subscriptions/aa000000-a000-0a00-00aa-0000aaa0a0a0/resourceGroups/rg-1/providers/Microsoft.Network/privateLinkServices/azure-ingress-pl"), + })) } else if body.Spec.Config.NetworkingV1GcpEgressPrivateServiceConnectGatewaySpec != nil { gateway.Status.SetCloudGateway(networkinggatewayv1.NetworkingV1GcpEgressPrivateServiceConnectGatewayStatusAsNetworkingV1GatewayStatusCloudGatewayOneOf(&networkinggatewayv1.NetworkingV1GcpEgressPrivateServiceConnectGatewayStatus{ Kind: "GcpEgressPrivateServiceConnectGatewayStatus", Project: networkingv1.PtrString("project-12345"), })) + } else if body.Spec.Config.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec != nil { + gateway.Status.SetCloudGateway(networkinggatewayv1.NetworkingV1GcpIngressPrivateServiceConnectGatewayStatusAsNetworkingV1GatewayStatusCloudGatewayOneOf(&networkinggatewayv1.NetworkingV1GcpIngressPrivateServiceConnectGatewayStatus{ + Kind: "GcpIngressPrivateServiceConnectGatewayStatus", + PrivateServiceConnectServiceAttachment: networkingv1.PtrString("projects/traffic-prod/regions/us-central1/serviceAttachments/plattg-abc123-service-attachment"), + })) } else if body.Spec.Config.NetworkingV1GcpPeeringGatewaySpec != nil { gateway.Status.SetCloudGateway(networkinggatewayv1.NetworkingV1GcpPeeringGatewayStatusAsNetworkingV1GatewayStatusCloudGatewayOneOf(&networkinggatewayv1.NetworkingV1GcpPeeringGatewayStatus{ Kind: "GcpPeeringGatewayStatus", @@ -2542,8 +2582,10 @@ func handleNetworkingGatewayList(t *testing.T, environment string) http.HandlerF gatewaySix := getGateway("gw-13570", environment, "my-gcp-peering-gateway", "GcpPeeringGatewaySpec", "GcpPeeringGatewayStatus") gatewaySeven := getGateway("gw-07531", environment, "my-gcp-gateway", "GcpEgressPrivateServiceConnectGatewaySpec", "GcpEgressPrivateServiceConnectGatewayStatus") gatewayEight := getGateway("gw-88888", environment, "my-aws-ingress-gateway", "AwsIngressPrivateLinkGatewaySpec", "AwsIngressPrivateLinkGatewayStatus") + gatewayNine := getGateway("gw-99999", environment, "my-gcp-ingress-gateway", "GcpIngressPrivateServiceConnectGatewaySpec", "GcpIngressPrivateServiceConnectGatewayStatus") + gatewayTen := getGateway("gw-11111", environment, "my-azure-ingress-gateway", "AzureIngressPrivateLinkGatewaySpec", "AzureIngressPrivateLinkGatewayStatus") - gatewayList := networkinggatewayv1.NetworkingV1GatewayList{Data: []networkinggatewayv1.NetworkingV1Gateway{gatewayOne, gatewayTwo, gatewayThree, gatewayFour, gatewayFive, gatewaySix, gatewaySeven, gatewayEight}} + gatewayList := networkinggatewayv1.NetworkingV1GatewayList{Data: []networkinggatewayv1.NetworkingV1Gateway{gatewayOne, gatewayTwo, gatewayThree, gatewayFour, gatewayFive, gatewaySix, gatewaySeven, gatewayEight, gatewayNine, gatewayTen}} gatewayList.Data = filterGatewayList(gatewayList.Data, gatewayTypes, ids, regions, displayNames, phases) setPageToken(&gatewayList, &gatewayList.Metadata, r.URL) err := json.NewEncoder(w).Encode(gatewayList) @@ -2616,6 +2658,9 @@ func getGatewayTypeFromSpec(gateway networkinggatewayv1.NetworkingV1Gateway) str if config.NetworkingV1AzureEgressPrivateLinkGatewaySpec != nil { return "AzureEgressPrivateLink" } + if config.NetworkingV1AzureIngressPrivateLinkGatewaySpec != nil { + return "AzureIngressPrivateLink" + } if config.NetworkingV1AzurePeeringGatewaySpec != nil { return "AzurePeering" } @@ -2625,6 +2670,9 @@ func getGatewayTypeFromSpec(gateway networkinggatewayv1.NetworkingV1Gateway) str if config.NetworkingV1GcpEgressPrivateServiceConnectGatewaySpec != nil { return "GcpEgressPrivateServiceConnect" } + if config.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec != nil { + return "GcpIngressPrivateServiceConnect" + } return "" } @@ -2649,6 +2697,9 @@ func getRegionFromSpec(gateway networkinggatewayv1.NetworkingV1Gateway) string { if config.NetworkingV1AzureEgressPrivateLinkGatewaySpec != nil { return config.NetworkingV1AzureEgressPrivateLinkGatewaySpec.GetRegion() } + if config.NetworkingV1AzureIngressPrivateLinkGatewaySpec != nil { + return config.NetworkingV1AzureIngressPrivateLinkGatewaySpec.GetRegion() + } if config.NetworkingV1AzurePeeringGatewaySpec != nil { return config.NetworkingV1AzurePeeringGatewaySpec.GetRegion() } @@ -2658,6 +2709,9 @@ func getRegionFromSpec(gateway networkinggatewayv1.NetworkingV1Gateway) string { if config.NetworkingV1GcpEgressPrivateServiceConnectGatewaySpec != nil { return config.NetworkingV1GcpEgressPrivateServiceConnectGatewaySpec.GetRegion() } + if config.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec != nil { + return config.NetworkingV1GcpIngressPrivateServiceConnectGatewaySpec.GetRegion() + } return "" } @@ -3099,6 +3153,63 @@ func getAwsIngressAccessPoint(id, environment, name string) networkingaccesspoin } } +func getAzureIngressAccessPoint(id, environment, name string) networkingaccesspointv1.NetworkingV1AccessPoint { + return networkingaccesspointv1.NetworkingV1AccessPoint{ + Id: networkingaccesspointv1.PtrString(id), + Spec: &networkingaccesspointv1.NetworkingV1AccessPointSpec{ + DisplayName: networkingaccesspointv1.PtrString(name), + Config: &networkingaccesspointv1.NetworkingV1AccessPointSpecConfigOneOf{ + NetworkingV1AzureIngressPrivateLinkEndpoint: &networkingaccesspointv1.NetworkingV1AzureIngressPrivateLinkEndpoint{ + Kind: "AzureIngressPrivateLinkEndpoint", + PrivateEndpointResourceId: "/subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName", + }, + }, + Environment: &networkingaccesspointv1.ObjectReference{Id: environment}, + Gateway: &networkingaccesspointv1.ObjectReference{Id: "gw-11111"}, + }, + Status: &networkingaccesspointv1.NetworkingV1AccessPointStatus{ + Phase: "READY", + Config: &networkingaccesspointv1.NetworkingV1AccessPointStatusConfigOneOf{ + NetworkingV1AzureIngressPrivateLinkEndpointStatus: &networkingaccesspointv1.NetworkingV1AzureIngressPrivateLinkEndpointStatus{ + Kind: "AzureIngressPrivateLinkEndpointStatus", + PrivateLinkServiceAlias: "azure-pls-alias.eastus.azure.privatelinkservice", + PrivateLinkServiceResourceId: "/subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName", + PrivateEndpointResourceId: "/subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName", + DnsDomain: networkingaccesspointv1.PtrString("ap11111.eastus.azure.accesspoint.confluent.cloud"), + }, + }, + }, + } +} + +func getGcpIngressAccessPoint(id, environment, name string) networkingaccesspointv1.NetworkingV1AccessPoint { + return networkingaccesspointv1.NetworkingV1AccessPoint{ + Id: networkingaccesspointv1.PtrString(id), + Spec: &networkingaccesspointv1.NetworkingV1AccessPointSpec{ + DisplayName: networkingaccesspointv1.PtrString(name), + Config: &networkingaccesspointv1.NetworkingV1AccessPointSpecConfigOneOf{ + NetworkingV1GcpIngressPrivateServiceConnectEndpoint: &networkingaccesspointv1.NetworkingV1GcpIngressPrivateServiceConnectEndpoint{ + Kind: "GcpIngressPrivateServiceConnectEndpoint", + PrivateServiceConnectConnectionId: "111111111111111111", + }, + }, + Environment: &networkingaccesspointv1.ObjectReference{Id: environment}, + Gateway: &networkingaccesspointv1.ObjectReference{Id: "gw-99999"}, + }, + Status: &networkingaccesspointv1.NetworkingV1AccessPointStatus{ + Phase: "READY", + Config: &networkingaccesspointv1.NetworkingV1AccessPointStatusConfigOneOf{ + NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus: &networkingaccesspointv1.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus{ + Kind: "GcpIngressPrivateServiceConnectEndpointStatus", + PrivateServiceConnectServiceAttachment: "projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName", + PrivateServiceConnectConnectionId: "111111111111111111", + DnsDomain: networkingaccesspointv1.PtrString("ap22222.us-central1.gcp.accesspoint.confluent.cloud"), + }, + }, + }, + } +} + func handleNetworkingAccessPointGet(t *testing.T, id, environment string) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { var accessPoint networkingaccesspointv1.NetworkingV1AccessPoint @@ -3115,6 +3226,10 @@ func handleNetworkingAccessPointGet(t *testing.T, id, environment string) http.H accessPoint = getGcpEgressAccessPoint(id, environment, "my-gcp-egress-access-point") case "ap-99999": accessPoint = getAwsIngressAccessPoint(id, environment, "my-aws-ingress-access-point") + case "ap-11111": + accessPoint = getAzureIngressAccessPoint(id, environment, "my-azure-ingress-access-point") + case "ap-22222": + accessPoint = getGcpIngressAccessPoint(id, environment, "my-gcp-ingress-access-point") } err := json.NewEncoder(w).Encode(accessPoint) require.NoError(t, err) @@ -3151,6 +3266,10 @@ func handleNetworkingAccessPointUpdate(t *testing.T, id string) http.HandlerFunc accessPoint = getGcpEgressAccessPoint(id, body.Spec.Environment.GetId(), "my-gcp-egress-access-point") case "ap-99999": accessPoint = getAwsIngressAccessPoint(id, body.Spec.Environment.GetId(), "my-aws-ingress-access-point") + case "ap-11111": + accessPoint = getAzureIngressAccessPoint(id, body.Spec.Environment.GetId(), "my-azure-ingress-access-point") + case "ap-22222": + accessPoint = getGcpIngressAccessPoint(id, body.Spec.Environment.GetId(), "my-gcp-ingress-access-point") } accessPoint.Spec.SetDisplayName(body.Spec.GetDisplayName()) @@ -3167,8 +3286,10 @@ func handleNetworkingAccessPointList(t *testing.T, environment string) http.Hand accessPointThree := getAwsPrivateNetworkInterfaceAccessPoint("ap-54321", environment, "my-aws-private-network-interface-access-point") accessPointFour := getGcpEgressAccessPoint("ap-88888", environment, "my-gcp-egress-access-point") accessPointFive := getAwsIngressAccessPoint("ap-99999", environment, "my-aws-ingress-access-point") + accessPointSix := getAzureIngressAccessPoint("ap-11111", environment, "my-azure-ingress-access-point") + accessPointSeven := getGcpIngressAccessPoint("ap-22222", environment, "my-gcp-ingress-access-point") - recordList := networkingaccesspointv1.NetworkingV1AccessPointList{Data: []networkingaccesspointv1.NetworkingV1AccessPoint{accessPointOne, accessPointTwo, accessPointThree, accessPointFour, accessPointFive}} + recordList := networkingaccesspointv1.NetworkingV1AccessPointList{Data: []networkingaccesspointv1.NetworkingV1AccessPoint{accessPointOne, accessPointTwo, accessPointThree, accessPointFour, accessPointFive, accessPointSix, accessPointSeven}} setPageToken(&recordList, &recordList.Metadata, r.URL) err := json.NewEncoder(w).Encode(recordList) require.NoError(t, err) @@ -3238,6 +3359,33 @@ func handleNetworkingAccessPointCreate(t *testing.T) http.HandlerFunc { }, }, } + } else if accessPoint.Spec.Config.NetworkingV1AzureIngressPrivateLinkEndpoint != nil { + accessPoint.SetId("ap-11111") + accessPoint.Status = &networkingaccesspointv1.NetworkingV1AccessPointStatus{ + Phase: "READY", + Config: &networkingaccesspointv1.NetworkingV1AccessPointStatusConfigOneOf{ + NetworkingV1AzureIngressPrivateLinkEndpointStatus: &networkingaccesspointv1.NetworkingV1AzureIngressPrivateLinkEndpointStatus{ + Kind: "AzureIngressPrivateLinkEndpointStatus", + PrivateLinkServiceAlias: "azure-pls-alias.eastus.azure.privatelinkservice", + PrivateLinkServiceResourceId: "/subscriptions/0000000/resourceGroups/plsRgName/providers/Microsoft.Network/privateLinkServices/privateLinkServiceName", + PrivateEndpointResourceId: "/subscriptions/0000000/resourceGroups/resourceGroupName/providers/Microsoft.Network/privateEndpoints/privateEndpointName", + DnsDomain: networkingaccesspointv1.PtrString("ap11111.eastus.azure.accesspoint.confluent.cloud"), + }, + }, + } + } else if accessPoint.Spec.Config.NetworkingV1GcpIngressPrivateServiceConnectEndpoint != nil { + accessPoint.SetId("ap-22222") + accessPoint.Status = &networkingaccesspointv1.NetworkingV1AccessPointStatus{ + Phase: "READY", + Config: &networkingaccesspointv1.NetworkingV1AccessPointStatusConfigOneOf{ + NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus: &networkingaccesspointv1.NetworkingV1GcpIngressPrivateServiceConnectEndpointStatus{ + Kind: "GcpIngressPrivateServiceConnectEndpointStatus", + PrivateServiceConnectServiceAttachment: "projects/projectName/regions/us-central1/serviceAttachments/serviceAttachmentName", + PrivateServiceConnectConnectionId: "111111111111111111", + DnsDomain: networkingaccesspointv1.PtrString("ap22222.us-central1.gcp.accesspoint.confluent.cloud"), + }, + }, + } } err = json.NewEncoder(w).Encode(accessPoint)