Added support for providing TLS certificates (#169)

* Added TLS certificates capability for flexible/pro databases and AA databases

* Upped a go dependency (tools) and a github actions step (checkout)

* Upped Go version from 1.19 to 1.22.4

.github/workflows/ci.yml

@@ -9,7 +9,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v4.1.7
 
       - name: Install Go
         uses: actions/setup-go@v5.0.1

.github/workflows/codeql-analysis.yml

@@ -35,7 +35,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4.1.6
+      uses: actions/checkout@v4.1.7
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

active_active_database_test.go

@@ -188,6 +188,7 @@ func TestAADatabase_List(t *testing.T) {
 					Security: &databases.Security{
 						EnableDefaultUser:       redis.Bool(true),
 						SSLClientAuthentication: redis.Bool(false),
+						TLSClientAuthentication: redis.Bool(false),
 						SourceIPs:               redis.StringSlice("0.0.0.0/0"),
 						EnableTls:               redis.Bool(false),
 					},
@@ -217,6 +218,7 @@ func TestAADatabase_List(t *testing.T) {
 					Security: &databases.Security{
 						EnableDefaultUser:       redis.Bool(true),
 						SSLClientAuthentication: redis.Bool(false),
+						TLSClientAuthentication: redis.Bool(false),
 						SourceIPs:               redis.StringSlice("0.0.0.0/0"),
 						EnableTls:               redis.Bool(false),
 					},

database_test.go

@@ -37,7 +37,9 @@ func TestDatabase_Create(t *testing.T) {
   "sourceIp": [
     "10.0.0.1"
   ],
+  "enableTls": true,
   "clientSslCertificate": "something",
+  "clientTlsCertificates": ["something", "else"],
   "password": "fooBar",
   "alerts": [
     {
@@ -101,6 +103,8 @@ func TestDatabase_Create(t *testing.T) {
 		ReplicaOf:              redis.StringSlice("another"),
 		SourceIP:               redis.StringSlice("10.0.0.1"),
 		ClientSSLCertificate:   redis.String("something"),
+		ClientTLSCertificates:  &[]*string{redis.String("something"), redis.String("else")},
+		EnableTls:              redis.Bool(true),
 		Password:               redis.String("fooBar"),
 		Alerts: []*databases.Alert{
 			{
@@ -229,6 +233,8 @@ func TestDatabase_Get(t *testing.T) {
 	"enableDefaultUser": false,
     "password": "test",
     "sslClientAuthentication": false,
+	"tlsClientAuthentication": true,
+    "enableTls": true,
     "sourceIps": [
       "0.0.0.0/0"
     ]
@@ -292,6 +298,8 @@ func TestDatabase_Get(t *testing.T) {
 		Security: &databases.Security{
 			EnableDefaultUser:       redis.Bool(false),
 			SSLClientAuthentication: redis.Bool(false),
+			TLSClientAuthentication: redis.Bool(true),
+			EnableTls:               redis.Bool(true),
 			SourceIPs:               redis.StringSlice("0.0.0.0/0"),
 			Password:                redis.String("test"),
 		},
@@ -336,6 +344,8 @@ func TestDatabase_Update(t *testing.T) {
     "10.0.0.1"
   ],
   "clientSslCertificate": "something",
+  "clientTlsCertificates": ["something", "new"],
+  "enableTls": false,
   "password": "fooBar",
   "alerts": [
     {
@@ -389,12 +399,14 @@ func TestDatabase_Update(t *testing.T) {
 			By:    redis.String("operations-per-second"),
 			Value: redis.Int(1000),
 		},
-		RegexRules:           redis.StringSlice(".*"),
-		ReplicaOf:            redis.StringSlice("another"),
-		PeriodicBackupPath:   redis.String("s3://bucket-name"),
-		SourceIP:             redis.StringSlice("10.0.0.1"),
-		ClientSSLCertificate: redis.String("something"),
-		Password:             redis.String("fooBar"),
+		RegexRules:            redis.StringSlice(".*"),
+		ReplicaOf:             redis.StringSlice("another"),
+		PeriodicBackupPath:    redis.String("s3://bucket-name"),
+		SourceIP:              redis.StringSlice("10.0.0.1"),
+		ClientSSLCertificate:  redis.String("something"),
+		ClientTLSCertificates: &[]*string{redis.String("something"), redis.String("new")},
+		EnableTls:             redis.Bool(false),
+		Password:              redis.String("fooBar"),
 		Alerts: &[]*databases.Alert{
 			{
 				Name:  redis.String("dataset-size"),

go.mod

@@ -1,17 +1,17 @@
 module github.com/RedisLabs/rediscloud-go-api
 
-go 1.19
+go 1.22.4
 
 require (
 	github.com/avast/retry-go/v4 v4.6.0
 	github.com/stretchr/testify v1.9.0
-	golang.org/x/tools v0.21.0
+	golang.org/x/tools v0.22.0
 )
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
-	golang.org/x/mod v0.17.0 // indirect
+	golang.org/x/mod v0.18.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -8,11 +8,12 @@ github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
-golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0=
+golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw=
-golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
+golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA=
+golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

service/databases/model.go

@@ -22,15 +22,16 @@ type CreateDatabase struct {
 	AverageItemSizeInBytes              *int                         `json:"averageItemSizeInBytes,omitempty"`
 	ReplicaOf                           []*string                    `json:"replicaOf,omitempty"`
 	// Deprecated: Use RemoteBackup instead
-	PeriodicBackupPath   *string               `json:"periodicBackupPath,omitempty"`
-	SourceIP             []*string             `json:"sourceIp,omitempty"`
-	ClientSSLCertificate *string               `json:"clientSslCertificate,omitempty"`
-	Password             *string               `json:"password,omitempty"`
-	Alerts               []*Alert              `json:"alerts,omitempty"`
-	Modules              []*Module             `json:"modules,omitempty"`
-	EnableTls            *bool                 `json:"enableTls,omitempty"`
-	PortNumber           *int                  `json:"port,omitempty"`
-	RemoteBackup         *DatabaseBackupConfig `json:"remoteBackup,omitempty"`
+	PeriodicBackupPath    *string               `json:"periodicBackupPath,omitempty"`
+	SourceIP              []*string             `json:"sourceIp,omitempty"`
+	ClientSSLCertificate  *string               `json:"clientSslCertificate,omitempty"`
+	ClientTLSCertificates *[]*string            `json:"clientTlsCertificates,omitempty"`
+	Password              *string               `json:"password,omitempty"`
+	Alerts                []*Alert              `json:"alerts,omitempty"`
+	Modules               []*Module             `json:"modules,omitempty"`
+	EnableTls             *bool                 `json:"enableTls,omitempty"`
+	PortNumber            *int                  `json:"port,omitempty"`
+	RemoteBackup          *DatabaseBackupConfig `json:"remoteBackup,omitempty"`
 }
 
 func (o CreateDatabase) String() string {
@@ -107,6 +108,7 @@ func (o RegexRule) String() string {
 type Security struct {
 	EnableDefaultUser       *bool     `json:"enableDefaultUser,omitempty"`
 	SSLClientAuthentication *bool     `json:"sslClientAuthentication,omitempty"`
+	TLSClientAuthentication *bool     `json:"tlsClientAuthentication,omitempty"`
 	SourceIPs               []*string `json:"sourceIps,omitempty"`
 	Password                *string   `json:"password,omitempty"`
 	EnableTls               *bool     `json:"enableTls,omitempty"`
@@ -158,7 +160,9 @@ type UpdateDatabase struct {
 	PeriodicBackupPath                  *string                      `json:"periodicBackupPath,omitempty"`
 	SourceIP                            []*string                    `json:"sourceIp,omitempty"`
 	ClientSSLCertificate                *string                      `json:"clientSslCertificate,omitempty"`
-	Password                            *string                      `json:"password,omitempty"`
+	// Using a pointer to allow empty slices to be serialised/sent
+	ClientTLSCertificates *[]*string `json:"clientTlsCertificates,omitempty"`
+	Password              *string    `json:"password,omitempty"`
 	// It's important to use a pointer here, because the terraform user may want to send an empty list.
 	// In that case, the developer must pass a (pointer to a) non-nil, zero-length slice
 	// If the developer really wants to omit this value, passing a nil slice value would work

service/databases/model_active_active.go

@@ -91,15 +91,17 @@ func (o LocalThroughput) String() string {
 }
 
 type UpdateActiveActiveDatabase struct {
-	DryRun                              *bool     `json:"dryRun,omitempty"`
-	MemoryLimitInGB                     *float64  `json:"memoryLimitInGb,omitempty"`
-	SupportOSSClusterAPI                *bool     `json:"supportOSSClusterApi,omitempty"`
-	UseExternalEndpointForOSSClusterAPI *bool     `json:"useExternalEndpointForOSSClusterApi,omitempty"`
-	ClientSSLCertificate                *string   `json:"clientSslCertificate,omitempty"`
-	EnableTls                           *bool     `json:"enableTls,omitempty"`
-	GlobalDataPersistence               *string   `json:"globalDataPersistence,omitempty"`
-	GlobalPassword                      *string   `json:"globalPassword,omitempty"`
-	GlobalSourceIP                      []*string `json:"globalSourceIp,omitempty"`
+	DryRun                              *bool    `json:"dryRun,omitempty"`
+	MemoryLimitInGB                     *float64 `json:"memoryLimitInGb,omitempty"`
+	SupportOSSClusterAPI                *bool    `json:"supportOSSClusterApi,omitempty"`
+	UseExternalEndpointForOSSClusterAPI *bool    `json:"useExternalEndpointForOSSClusterApi,omitempty"`
+	ClientSSLCertificate                *string  `json:"clientSslCertificate,omitempty"`
+	// Using a pointer to allow empty slices to be serialised/sent
+	ClientTLSCertificates *[]*string `json:"clientTlsCertificates,omitempty"`
+	EnableTls             *bool      `json:"enableTls,omitempty"`
+	GlobalDataPersistence *string    `json:"globalDataPersistence,omitempty"`
+	GlobalPassword        *string    `json:"globalPassword,omitempty"`
+	GlobalSourceIP        []*string  `json:"globalSourceIp,omitempty"`
 	// Using a pointer to allow empty slices to be serialised/sent
 	GlobalAlerts       *[]*Alert                `json:"globalAlerts,omitempty"`
 	Regions            []*LocalRegionProperties `json:"regions,omitempty"`