From eb2c8706b767977e76c3485f97750cb77585d265 Mon Sep 17 00:00:00 2001 From: Praveen005 Date: Fri, 6 Sep 2024 20:07:53 +0530 Subject: [PATCH] feat: Introduce --no-default-rules flag, deprecate --create-rules - Add new --no-default-rules flag to control default firewall rule creation. - Mark --create-rules as deprecated but keep for backward compatibility. - Add deprecation warning for --create-rules usage. - Update documentation to reflect new flag. --- README.md | 11 +++++++++-- cmd/firewall/firewall.go | 6 +++++- cmd/firewall/firewall_create.go | 13 +++++++++++++ 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 8cf7125..ac2d6d3 100644 --- a/README.md +++ b/README.md @@ -1290,11 +1290,18 @@ $ civo firewall create civocli_demo Created a firewall called civocli_demo with ID ab2a25d7-edd4-4ecd-95c4-58cb6bc402de ``` -You can also create a firewall without any default rules by using the flag `-r` or `--create-rules` set to `false`. In both cases, the usage is like: +By default, this newly created firewall will come with the default rules applied. + +To create a firewall without any default rules, use the `--no-default-rules` flag: ```bash -civo firewall create new_firewall_name --create-rules=false +civo firewall create new_firewall_name --no-default-rules +``` +You can also use the `-r` or `--create-rules` flag set to `false` to create a firewall without default rules, but it is deprecated and will be removed in future versions. In both cases, the usage is like: + +```bash +civo firewall create new_firewall_name --create-rules=false ``` You will then be able to **configure rules** that allow connections to and from your instance by adding a new rule using `civo firewall rule create firewall_id` with the required and your choice of optional parameters, listed here and used in an example below: diff --git a/cmd/firewall/firewall.go b/cmd/firewall/firewall.go index c348405..6e95154 100644 --- a/cmd/firewall/firewall.go +++ b/cmd/firewall/firewall.go @@ -40,7 +40,8 @@ func init() { FirewallCmd.AddCommand(firewallRemoveCmd) firewallCreateCmd.Flags().StringVarP(&firewallnetwork, "network", "n", "default", "the network to create the firewall") - firewallCreateCmd.Flags().BoolVarP(&createRules, "create-rules", "r", true, "the create rules flag is used to create the default firewall rules, if is not defined will be set to true") + firewallCreateCmd.Flags().BoolVarP(&createRules, "create-rules", "r", true, "the create rules flag is used to create the default firewall rules, if is not defined will be set to true (deprecated)") + firewallCreateCmd.Flags().BoolVarP(&noDefaultRules, "no-default-rules", "", false, "the no-default-rules flag will ensure no default rules are created for the firewall, if not defined it will be set to false") // Firewalls rule cmd FirewallCmd.AddCommand(firewallRuleCmd) @@ -57,4 +58,7 @@ func init() { firewallRuleCreateCmd.Flags().StringVarP(&action, "action", "a", "allow", "the action of the rule can be allow or deny (default is allow)") firewallRuleCreateCmd.Flags().StringVarP(&label, "label", "l", "", "a string that will be the displayed as the name/reference for this rule") firewallRuleCreateCmd.MarkFlagRequired("startport") + + // Mark the create-rules flag as deprecated + firewallCreateCmd.Flags().MarkDeprecated("create-rules", "it will be removed in future versions. Default firewall rules are created by default. Use --no-default-rules flag to create firewalls without them.\n") } diff --git a/cmd/firewall/firewall_create.go b/cmd/firewall/firewall_create.go index c541ba2..7e0aa10 100644 --- a/cmd/firewall/firewall_create.go +++ b/cmd/firewall/firewall_create.go @@ -13,6 +13,7 @@ import ( var firewallnetwork string var createRules bool +var noDefaultRules bool var defaultNetwork *civogo.Network var firewallCreateCmd = &cobra.Command{ @@ -21,6 +22,18 @@ var firewallCreateCmd = &cobra.Command{ Short: "Create a new firewall", Example: "civo firewall create NAME", Args: cobra.MinimumNArgs(1), + PreRun: func(cmd *cobra.Command, args []string) { + createRulesFlag := cmd.Flags().Lookup("create-rules") + noDefaultRulesFlag := cmd.Flags().Lookup("no-default-rules") + + if createRulesFlag.Changed && noDefaultRulesFlag.Changed { + utility.Error("conflicting flags: --create-rules and --no-default-rules cannot be used together") + os.Exit(1) + } + if noDefaultRules { + createRules = false + } + }, Run: func(cmd *cobra.Command, args []string) { utility.EnsureCurrentRegion()