Add output for ACME certificate to lbs show

brightbox · Dec 20, 2024 · 35a042f · 35a042f
1 parent 0dc5531
commit 35a042f
Show file tree

Hide file tree

Showing 4 changed files with 114 additions and 1 deletion.
diff --git a/lib/brightbox-cli/commands/lbs/show.rb b/lib/brightbox-cli/commands/lbs/show.rb
@@ -17,6 +17,10 @@ module Brightbox
             deleted_at
             policy
             acme_domains
+            acme_cert_subjects
+            acme_cert_fingerprint
+            acme_cert_expires_at
+            acme_cert_issued_at
             ssl_minimum_version
             ssl_issuer
             ssl_subject

diff --git a/lib/brightbox-cli/load_balancers.rb b/lib/brightbox-cli/load_balancers.rb
@@ -9,6 +9,24 @@ def self.create(options)
       new(conn.load_balancers.create(options))
     end
 
+    def acme_cert
+      if attributes[:acme] && attributes[:acme][:certificate]
+        OpenStruct.new(
+          :expires_at => attributes[:acme][:certificate][:expires_at],
+          :fingerprint => attributes[:acme][:certificate][:fingerprint],
+          :issued_at => attributes[:acme][:certificate][:issued_at],
+          :subjects => attributes[:acme][:certificate][:domains].join(",")
+        )
+      else
+        OpenStruct.new(
+          :expires_at => "",
+          :fingerprint => "",
+          :issued_at => "",
+          :subjects => ""
+        )
+      end
+    end
+
     def formatted_acme_domains
       return "" unless attributes[:acme]
 
@@ -23,6 +41,10 @@ def to_row
       attributes.merge(
         :locked => locked?,
         :acme_domains => formatted_acme_domains,
+        :acme_cert_expires_at => acme_cert.expires_at,
+        :acme_cert_fingerprint => acme_cert.fingerprint,
+        :acme_cert_issued_at => acme_cert.issued_at,
+        :acme_cert_subjects => acme_cert.subjects,
         :ssl_minimum_version => ssl_minimum_version,
         :ssl_issuer => certificate_issuer,
         :ssl_subject => certificate_subject,

diff --git a/spec/commands/lbs/show_spec.rb b/spec/commands/lbs/show_spec.rb
@@ -68,7 +68,15 @@
                 "identifier": "domain2.test",
                 "status": "verified"
               }
-            ]
+            ],
+            "certificate": {
+              "domains": [
+                "domain.test"
+              ],
+              "expires_at": "2025-12-31T23:59:59Z",
+              "fingerprint": "fingerprint",
+              "issued_at": "2025-01-01T00:00:00Z"
+            }
           },
           "nodes":[
             {
@@ -94,6 +102,10 @@
           expect(stdout).to include("created_at: 2012-03-05T12:00Z")
           expect(stdout).to include("nodes: srv-12345")
           expect(stdout).to include("acme_domains: domain.test:verified,domain2.test:verified")
+          expect(stdout).to include("acme_cert_subjects: domain.test")
+          expect(stdout).to include("acme_cert_expires_at: 2025-12-31T23:59:59Z")
+          expect(stdout).to include("acme_cert_fingerprint: fingerprint")
+          expect(stdout).to include("acme_cert_issued_at: 2025-01-01T00:00:00Z")
         end
       end
     end

diff --git a/spec/unit/brightbox/load_balancer/acme_cert_spec.rb b/spec/unit/brightbox/load_balancer/acme_cert_spec.rb
@@ -0,0 +1,75 @@
+require "spec_helper"
+
+RSpec.describe Brightbox::LoadBalancer, "#acme_cert" do
+  subject(:acme_cert) { load_balancer.acme_cert }
+
+  let(:fog_model) do
+    double(
+      "Fog::Compute::Brightbox::LoadBalancer",
+      id: "lba-12345",
+      attributes: lba_attributes
+    )
+  end
+  let(:load_balancer) { Brightbox::LoadBalancer.new(fog_model) }
+
+  context "when ACME is not setup" do
+    let(:lba_attributes) { { acme: nil } }
+
+    it "returns an empty string" do
+      expect(acme_cert).not_to be_nil
+    end
+  end
+
+  context "when ACME is setup" do
+    context "without certificate" do
+      let(:lba_attributes) do
+        { acme: { certificate: nil }}
+      end
+
+      it "returns an object without keys" do
+        expect(acme_cert).not_to be_nil
+
+        expect(acme_cert).to have_attributes(
+          expires_at: "",
+          fingerprint: "",
+          issued_at: "",
+          subjects: ""
+        )
+      end
+    end
+
+    context "with certificate" do
+      let(:expected_formatting) { "example.com:verified,example.net:pending" }
+      let(:lba_attributes) do
+        {
+          acme: {
+            domains: [
+              { identifier: "domain.one.test", status: "verified" },
+              { identifier: "domain.two.test", status: "verified" }
+            ],
+            certificate: {
+              domains: [
+                "domain.one.test",
+                "domain.two.test"
+              ],
+              expires_at: "2025-12-31T23:59:59Z",
+              fingerprint: "TLS-fingerprint",
+              issued_at: "2025-01-01T00:00:00Z"
+            }
+          }
+        }
+      end
+
+      it "returns an object with the correct keys" do
+        expect(acme_cert).not_to be_nil
+
+        expect(acme_cert).to have_attributes(
+          expires_at: "2025-12-31T23:59:59Z",
+          fingerprint: "TLS-fingerprint",
+          issued_at: "2025-01-01T00:00:00Z",
+          subjects: "domain.one.test,domain.two.test"
+        )
+      end
+    end
+  end
+end