MEDIUM: Add acme section support

Author: oliwer

config-parser/init.go

@@ -47,6 +47,7 @@ type ConfiguredParsers struct {
 	CrtStore              *Parsers
 	Traces                *Parsers
 	LogProfile            *Parsers
+	Acme                  *Parsers
 	// spoe parsers
 	SPOEAgent   *Parsers
 	SPOEGroup   *Parsers
@@ -99,4 +100,5 @@ func (p *configParser) initParserMaps() {
 	p.Parsers[CrtStore] = map[string]*Parsers{}
 	p.Parsers[Traces] = map[string]*Parsers{}
 	p.Parsers[LogProfile] = map[string]*Parsers{}
+	p.Parsers[Acme] = map[string]*Parsers{}
 }

config-parser/parser.go

@@ -49,6 +49,7 @@ const (
 	CrtStore   Section = "crt-store"
 	Traces     Section = "traces"
 	LogProfile Section = "log-profile"
+	Acme       Section = "acme"
 	// spoe sections
 	SPOEAgent   Section = "spoe-agent"
 	SPOEGroup   Section = "spoe-group"

config-parser/reader.go

@@ -391,6 +391,17 @@ func (p *configParser) ProcessLine(line string, parts []string, comment string,
 					if p.Options.Log {
 						p.Options.Logger.Tracef("%slog-profile section %s active", p.Options.LogPrefix, data.Name)
 					}
+				case "acme":
+					parserSectionName := parser.(*extra.Section) //nolint:forcetypeassert
+					rawData, _ := parserSectionName.Get(false)
+					data := rawData.(*types.Section) //nolint:forcetypeassert
+					config.Acme = p.getAcmeParser()
+					config.Acme.Section = *data
+					p.Parsers[Acme][data.Name] = config.Acme
+					config.Active = config.Acme
+					if p.Options.Log {
+						p.Options.Logger.Tracef("%sacme section %s active", p.Options.LogPrefix, data.Name)
+					}
 				case "snippet_beg":
 					config.Previous = config.Active
 					config.Active = &Parsers{

config-parser/section-parsers.go

@@ -52,6 +52,7 @@ func (p *configParser) createParsers(parser map[string]ParserInterface, sequence
 	addParser(parser, &sequence, &extra.Section{Name: "crt-store"})
 	addParser(parser, &sequence, &extra.Section{Name: "traces"})
 	addParser(parser, &sequence, &extra.Section{Name: "log-profile"})
+	addParser(parser, &sequence, &extra.Section{Name: "acme"})
 	if !p.Options.DisableUnProcessed {
 		addParser(parser, &sequence, &extra.UnProcessed{})
 	}
@@ -1004,3 +1005,17 @@ func (p *configParser) getLogProfileParser() *Parsers {
 	addParser(parser, &sequence, &parsers.OnLogStep{})
 	return p.createParsers(parser, sequence)
 }
+
+func (p *configParser) getAcmeParser() *Parsers {
+	parser := map[string]ParserInterface{}
+	sequence := []Section{}
+	addParser(parser, &sequence, &simple.Word{Name: "account-key"})
+	addParser(parser, &sequence, &simple.Number{Name: "bits"})
+	addParser(parser, &sequence, &simple.Word{Name: "challenge"})
+	addParser(parser, &sequence, &simple.Word{Name: "contact"})
+	addParser(parser, &sequence, &simple.Word{Name: "curves"})
+	addParser(parser, &sequence, &simple.Word{Name: "directory"})
+	addParser(parser, &sequence, &simple.Word{Name: "keytype"})
+	addParser(parser, &sequence, &simple.Word{Name: "map"})
+	return p.createParsers(parser, sequence)
+}

config-parser/writer.go

@@ -41,7 +41,26 @@ func (p *configParser) String() string {
 	p.writeParsers("", p.Parsers[Comments][CommentsSectionName], &result, false)
 	p.writeParsers("global", p.Parsers[Global][GlobalSectionName], &result, true)
 
-	sections := []Section{Defaults, UserList, Peers, Mailers, Resolvers, Cache, Ring, Traces, LogForward, LogProfile, HTTPErrors, CrtStore, Frontends, Backends, Listen, Program, FCGIApp}
+	sections := []Section{
+		Defaults,
+		UserList,
+		Peers,
+		Mailers,
+		Resolvers,
+		Cache,
+		Ring,
+		Traces,
+		LogForward,
+		LogProfile,
+		HTTPErrors,
+		Acme,
+		CrtStore,
+		Frontends,
+		Backends,
+		Listen,
+		Program,
+		FCGIApp,
+	}
 
 	for _, section := range sections {
 		var sortedSections []string

configuration/acme_provider.go

@@ -0,0 +1,248 @@
+// Copyright 2025 HAProxy Technologies
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package configuration
+
+import (
+	"errors"
+	"fmt"
+
+	strfmt "github.com/go-openapi/strfmt"
+	parser "github.com/haproxytech/client-native/v6/config-parser"
+	parser_errors "github.com/haproxytech/client-native/v6/config-parser/errors"
+	"github.com/haproxytech/client-native/v6/config-parser/types"
+	"github.com/haproxytech/client-native/v6/misc"
+	"github.com/haproxytech/client-native/v6/models"
+)
+
+type Acme interface {
+	GetAcmeProviders(transactionID string) (int64, models.AcmeProviders, error)
+	GetAcmeProvider(name, transactionID string) (int64, *models.AcmeProvider, error)
+	CreateAcmeProvider(data *models.AcmeProvider, transactionID string, version int64) error
+	EditAcmeProvider(name string, data *models.AcmeProvider, transactionID string, version int64) error
+	DeleteAcmeProvider(name, transactionID string, version int64) error
+}
+
+func (c *client) GetAcmeProviders(transactionID string) (int64, models.AcmeProviders, error) {
+	p, err := c.GetParser(transactionID)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	v, err := c.GetVersion(transactionID)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	names, err := p.SectionsGet(parser.Acme)
+	if err != nil {
+		return v, nil, err
+	}
+
+	acmes := make(models.AcmeProviders, 0, len(names))
+
+	for _, name := range names {
+		a, err := ParseAcmeProvider(p, name)
+		if err == nil {
+			acmes = append(acmes, a)
+		}
+	}
+
+	return v, acmes, nil
+}
+
+func (c *client) GetAcmeProvider(name, transactionID string) (int64, *models.AcmeProvider, error) {
+	p, err := c.GetParser(transactionID)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	v, err := c.GetVersion(transactionID)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	if !p.SectionExists(parser.Acme, name) {
+		return v, nil, NewConfError(ErrObjectDoesNotExist,
+			fmt.Sprintf("%s section '%s' does not exist", AcmeParentName, name))
+	}
+
+	acme, err := ParseAcmeProvider(p, name)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	return v, acme, nil
+}
+
+func (c *client) DeleteAcmeProvider(name, transactionID string, version int64) error {
+	return c.deleteSection(parser.Acme, name, transactionID, version)
+}
+
+func (c *client) CreateAcmeProvider(data *models.AcmeProvider, transactionID string, version int64) error {
+	if c.UseModelsValidation {
+		validationErr := data.Validate(strfmt.Default)
+		if validationErr != nil {
+			return NewConfError(ErrValidationError, validationErr.Error())
+		}
+	}
+
+	p, t, err := c.loadDataForChange(transactionID, version)
+	if err != nil {
+		return c.HandleError(data.Name, "", "", t, transactionID == "", err)
+	}
+
+	if p.SectionExists(parser.Acme, data.Name) {
+		e := NewConfError(ErrObjectAlreadyExists, fmt.Sprintf("%s %s already exists", parser.Acme, data.Name))
+		return c.HandleError(data.Name, "", "", t, transactionID == "", e)
+	}
+
+	if err = p.SectionsCreate(parser.Acme, data.Name); err != nil {
+		return c.HandleError(data.Name, "", "", t, transactionID == "", err)
+	}
+
+	if err = SerializeAcmeProvider(p, data); err != nil {
+		return c.HandleError(data.Name, "", "", t, transactionID == "", err)
+	}
+
+	return c.SaveData(p, t, transactionID == "")
+}
+
+func (c *client) EditAcmeProvider(name string, data *models.AcmeProvider, transactionID string, version int64) error {
+	if c.UseModelsValidation {
+		validationErr := data.Validate(strfmt.Default)
+		if validationErr != nil {
+			return NewConfError(ErrValidationError, validationErr.Error())
+		}
+	}
+
+	if data.Name == "" {
+		data.Name = name
+	}
+
+	p, t, err := c.loadDataForChange(transactionID, version)
+	if err != nil {
+		return err
+	}
+
+	if !p.SectionExists(parser.Acme, data.Name) {
+		e := NewConfError(ErrObjectAlreadyExists, fmt.Sprintf("%s %s does not exists", parser.Acme, data.Name))
+		return c.HandleError(data.Name, "", "", t, transactionID == "", e)
+	}
+
+	if err = SerializeAcmeProvider(p, data); err != nil {
+		return err
+	}
+
+	return c.SaveData(p, t, transactionID == "")
+}
+
+func ParseAcmeProvider(p parser.Parser, name string) (*models.AcmeProvider, error) {
+	acme := &models.AcmeProvider{Name: name}
+
+	if data, err := p.SectionGet(parser.Acme, name); err == nil {
+		d, ok := data.(types.Section)
+		if ok {
+			acme.Metadata = parseMetadata(d.Comment)
+		}
+	}
+
+	stringAttr := map[string]*string{
+		"account-key": &acme.AccountKey,
+		"challenge":   &acme.Challenge,
+		"contact":     &acme.Contact,
+		"curves":      &acme.Curves,
+		"directory":   &acme.Directory,
+		"keytype":     &acme.Keytype,
+		"map":         &acme.Map,
+	}
+
+	for kw, dest := range stringAttr {
+		val, err := p.Get(parser.Acme, name, kw)
+		if err != nil {
+			if errors.Is(err, parser_errors.ErrFetch) {
+				continue
+			}
+			return nil, err
+		}
+		str, ok := val.(*types.StringC)
+		if !ok {
+			return nil, misc.CreateTypeAssertError(kw)
+		}
+		*dest = str.Value
+	}
+
+	// bits
+	val, err := p.Get(parser.Acme, name, "bits")
+	if err != nil {
+		if !errors.Is(err, parser_errors.ErrFetch) {
+			return nil, err
+		}
+	} else {
+		ic, ok := val.(*types.Int64C)
+		if !ok {
+			return nil, misc.CreateTypeAssertError("bits")
+		}
+		acme.Bits = misc.Ptr(ic.Value)
+	}
+
+	return acme, nil
+}
+
+func SerializeAcmeProvider(p parser.Parser, acme *models.AcmeProvider) error {
+	if acme == nil {
+		return fmt.Errorf("empty %s section", AcmeParentName)
+	}
+
+	if acme.Metadata != nil {
+		comment, err := serializeMetadata(acme.Metadata)
+		if err != nil {
+			return err
+		}
+		if err := p.SectionCommentSet(parser.Acme, acme.Name, comment); err != nil {
+			return err
+		}
+	}
+
+	stringAttr := map[string]string{
+		"account-key": acme.AccountKey,
+		"challenge":   acme.Challenge,
+		"contact":     acme.Contact,
+		"curves":      acme.Curves,
+		"directory":   acme.Directory,
+		"keytype":     acme.Keytype,
+		"map":         acme.Map,
+	}
+
+	for kw, val := range stringAttr {
+		if val != "" {
+			if err := p.Set(parser.Acme, acme.Name, kw, types.StringC{Value: val}); err != nil {
+				return err
+			}
+		} else {
+			_ = p.Delete(parser.Acme, acme.Name, kw)
+		}
+	}
+
+	if acme.Bits != nil && *acme.Bits != 0 {
+		if err := p.Set(parser.Acme, acme.Name, "bits", types.Int64C{Value: *acme.Bits}); err != nil {
+			return err
+		}
+	} else {
+		_ = p.Delete(parser.Acme, acme.Name, "bits")
+	}
+
+	return nil
+}

configuration/configuration.go

@@ -50,6 +50,7 @@ const (
 	CrtStoreParentName   = "crt-store"
 	TracesParentName     = "traces"
 	LogProfileParentName = "log-profile"
+	AcmeParentName       = "acme"
 )
 
 // ClientParams is just a placeholder for all client options

configuration/interface.go

@@ -33,6 +33,7 @@ import (
 type Configuration interface {
 	Parser
 	ACL
+	Acme
 	Backend
 	Bind
 	Cache

configuration/structured.go

@@ -34,6 +34,7 @@ type Structured interface {
 	StructuredFCGIApp
 	StructuredMailersSection
 	StructuredTraces
+	StructuredAcmeProvider
 }
 
 type StructuredToParserArgs struct {