improve psc cli UX

Signed-off-by: Chaitanya Kandagatla <[email protected]>
openshift-online · Oct 22, 2024 · e4bbf0f · e4bbf0f
1 parent f1d29bc
commit e4bbf0f
Showing 1 changed file with 71 additions and 26 deletions.
diff --git a/cmd/ocm/create/cluster/cmd.go b/cmd/ocm/create/cluster/cmd.go
@@ -52,6 +52,12 @@ const (
 	gcpTermsAgreementNonInteractiveError = "Review and accept Google Terms and Agreements on " +
 		gcpTermsAgreementsHyperlink + ". Set the flag --marketplace-gcp-terms to true " +
 		"once agreed in order to proceed further."
+
+	privateFlag            = "private"
+	vpcNameFlag            = "vpc-name"
+	controlPlaneSubnetFlag = "compute-subnet"
+	computePlaneSubnetFlag = "control-plane-subnet"
+	pscSubnetFlag          = "psc-subnet"
 )
 
 var args struct {
@@ -234,7 +240,7 @@ func init() {
 	fs.MarkHidden("expiration")
 	fs.BoolVar(
 		&args.private,
-		"private",
+		privateFlag,
 		false,
 		"Restrict master API endpoint and application routes to direct, private connectivity.",
 	)
@@ -379,11 +385,11 @@ func init() {
 
 	fs.StringVar(
 		&args.gcpPrivateSvcConnect.SvcAttachmentSubnet,
-		"psc-subnet",
+		pscSubnetFlag,
 		"",
 		"Specifies the ServiceAttachment Subnet for Private Service Connect in GCP",
 	)
-	arguments.SetQuestion(fs, "psc-subnet", "PrivatSericeConnect ServiceAttachment Subnet:")
+	arguments.SetQuestion(fs, pscSubnetFlag, "PrivatServiceConnect ServiceAttachment Subnet:")
 
 	fs.StringVar(
 		&args.gcpAuthentication.Type,
@@ -748,6 +754,11 @@ func preRun(cmd *cobra.Command, argv []string) error {
 		}
 	}
 
+	err = promptClusterPrivacy(fs)
+	if err != nil {
+		return err
+	}
+
 	if args.existingVPC.SubnetIDs != "" {
 		args.existingVPC.Enabled = true
 	}
@@ -757,6 +768,11 @@ func preRun(cmd *cobra.Command, argv []string) error {
 		return err
 	}
 
+	err = promptPrivateServiceConnect(fs)
+	if err != nil {
+		return err
+	}
+
 	err = promptClusterWideProxy()
 	if err != nil {
 		return err
@@ -772,11 +788,6 @@ func preRun(cmd *cobra.Command, argv []string) error {
 		return err
 	}
 
-	err = promptPrivateServiceConnect(fs)
-	if err != nil {
-		return err
-	}
-
 	err = arguments.PromptString(fs, "domain-prefix")
 	if err != nil {
 		return err
@@ -1185,13 +1196,28 @@ func cleanSecurityGroups(securityGroups *[]string) {
 }
 
 func wasGCPNetworkReceived() bool {
+	//"required" network info for considering it byo-vpc
+	// xpn/psc are optional and not required to be set for network info to be considered complete
 	return args.existingVPC.VPCName != "" && args.existingVPC.ControlPlaneSubnet != "" &&
-		args.existingVPC.ComputeSubnet != "" && args.existingVPC.VPCProjectID != ""
+		args.existingVPC.ComputeSubnet != ""
 }
 
 func promptExistingGCPVPC(fs *pflag.FlagSet, connection *sdk.Connection) error {
 	var err error
-	if !args.existingVPC.Enabled && !wasGCPNetworkReceived() && args.interactive {
+
+	if wasGCPNetworkReceived() {
+		args.existingVPC.Enabled = true
+	}
+	//autoenable byo-vpc for wif+private
+	if args.gcpAuthentication.Type == c.AuthenticationWif && args.private {
+		args.existingVPC.Enabled = true
+		if args.interactive {
+			fmt.Printf("Installing into an existing VPC with private service connect is required when the "+
+				"cluster is '%s' and GCP authentication type is '%s' \n", privateFlag, c.AuthenticationWif)
+		}
+	}
+
+	if !args.existingVPC.Enabled && args.interactive {
 		args.existingVPC.Enabled, err = interactive.GetBool(interactive.Input{
 			Question: "Install into an existing VPC",
 			Help: "To install into an existing VPC you need to ensure that your VPC is configured " +
@@ -1203,24 +1229,38 @@ func promptExistingGCPVPC(fs *pflag.FlagSet, connection *sdk.Connection) error {
 		}
 	}
 
-	if !args.existingVPC.Enabled && !wasGCPNetworkReceived() {
+	//return if user did not enable vpc and only some or none of the gcp network is provided
+	//continue if user enabled vpc or all network received
+	if !args.existingVPC.Enabled {
 		return nil
 	}
 
-	err = arguments.PromptString(fs, "vpc-name")
+	err = arguments.PromptString(fs, vpcNameFlag)
 	if err != nil {
 		return err
 	}
+	if args.existingVPC.VPCName == "" {
+		return fmt.Errorf(
+			"flag '%s' is required for existing VPC", vpcNameFlag)
+	}
 
 	err = arguments.PromptString(fs, "control-plane-subnet")
 	if err != nil {
 		return err
 	}
+	if args.existingVPC.ControlPlaneSubnet == "" {
+		return fmt.Errorf(
+			"flag '%s' is required for existing VPC", controlPlaneSubnetFlag)
+	}
 
 	err = arguments.PromptString(fs, "compute-subnet")
 	if err != nil {
 		return err
 	}
+	if args.existingVPC.ComputeSubnet == "" {
+		return fmt.Errorf(
+			"flag '%s' is required for existing VPC", computePlaneSubnetFlag)
+	}
 
 	useSharedVpc := (args.existingVPC.VPCProjectID != "")
 	if !useSharedVpc && args.interactive {
@@ -1262,7 +1302,7 @@ func promptExistingGCPVPC(fs *pflag.FlagSet, connection *sdk.Connection) error {
 			if wasClusterWideProxyReceived() && args.existingVPC.VPCName == "" {
 				return fmt.Errorf("Please provide vpc name")
 			}
-			return fmt.Errorf("Could not find the following vpc name provided: %s", args.existingVPC.VPCName)
+			return fmt.Errorf("Could not find the following vpc name provided: '%s'", args.existingVPC.VPCName)
 		}
 
 		//get subnets from the provider
@@ -1281,7 +1321,7 @@ func promptExistingGCPVPC(fs *pflag.FlagSet, connection *sdk.Connection) error {
 			}
 		}
 		if !verifiedControlPlaneSubnet {
-			return fmt.Errorf("Could not find the following control-plane-subnet provided: %s",
+			return fmt.Errorf("Could not find the following control-plane-subnet provided: '%s'",
 				args.existingVPC.ControlPlaneSubnet)
 		}
 
@@ -1294,15 +1334,11 @@ func promptExistingGCPVPC(fs *pflag.FlagSet, connection *sdk.Connection) error {
 			}
 		}
 		if !verifiedComputeSubnet {
-			return fmt.Errorf("Could not find the following compute-subnet provided: %s",
+			return fmt.Errorf("Could not find the following compute-subnet provided: '%s'",
 				args.existingVPC.ComputeSubnet)
 		}
 	}
 
-	if wasGCPNetworkReceived() {
-		args.existingVPC.Enabled = true
-	}
-
 	fs.Set("use-existing-vpc", "true")
 	flag := fs.Lookup("vpc-name")
 	if !flag.Changed {
@@ -1320,6 +1356,7 @@ func promptExistingGCPVPC(fs *pflag.FlagSet, connection *sdk.Connection) error {
 	if !flag.Changed {
 		fs.Set("vpc-project-id", args.existingVPC.VPCProjectID)
 	}
+
 	return nil
 
 }
@@ -1334,6 +1371,10 @@ func promptExistingVPC(fs *pflag.FlagSet, connection *sdk.Connection) error {
 	return err
 }
 
+func promptClusterPrivacy(fs *pflag.FlagSet) error {
+	return arguments.PromptBool(fs, privateFlag)
+}
+
 func promptCCS(fs *pflag.FlagSet, presetCCS bool) error {
 	var err error
 	if !presetCCS {
@@ -1475,10 +1516,7 @@ func promptNetwork(fs *pflag.FlagSet) error {
 	if err != nil {
 		return err
 	}
-	err = arguments.PromptBool(fs, "private")
-	if err != nil {
-		return err
-	}
+
 	return nil
 }
 
@@ -1500,7 +1538,11 @@ func promptPrivateServiceConnect(fs *pflag.FlagSet) error {
 		!args.existingVPC.Enabled || !args.private {
 		return nil
 	}
-	isPSC := (args.gcpPrivateSvcConnect.SvcAttachmentSubnet != "")
+
+	//if Wif cluster and private is enabled then has to be PSC
+	isWif := (args.gcpAuthentication.Type == c.AuthenticationWif)
+	isPSC := (args.gcpPrivateSvcConnect.SvcAttachmentSubnet != "") || isWif
+
 	if !isPSC && args.interactive {
 		var err error
 		isPSC, err = interactive.GetBool(interactive.Input{
@@ -1514,12 +1556,15 @@ func promptPrivateServiceConnect(fs *pflag.FlagSet) error {
 		}
 	}
 	if isPSC {
-		err := arguments.PromptString(fs, "psc-subnet")
+		err := arguments.PromptString(fs, pscSubnetFlag)
 		if err != nil {
 			return err
 		}
 	}
-
+	if isWif && args.gcpPrivateSvcConnect.SvcAttachmentSubnet == "" {
+		return fmt.Errorf(
+			"flag '%s' is required when cluster is '%s' and GCP authentication type is %s", pscSubnetFlag, privateFlag, c.AuthenticationWif)
+	}
 	return nil
 }