from googlecloudsdk.calliope import arg_parsers
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import exceptions
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.external_vpn_gateways import (
flags as external_vpn_gateway_flags)
from googlecloudsdk.command_lib.compute.routers import flags as router_flags
from googlecloudsdk.command_lib.compute.target_vpn_gateways import (
flags as target_vpn_gateway_flags)
from googlecloudsdk.command_lib.compute.vpn_gateways import (flags as
vpn_gateway_flags)
from googlecloudsdk.command_lib.compute.vpn_tunnels import flags
_PRINTABLE_CHARS_PATTERN = r'[ -~]+'
_ROUTER_ARG = router_flags.RouterArgumentForVpnTunnel(required=False)
_VPN_TUNNEL_ARG = flags.VpnTunnelArgument()
class DeprecatedArgumentException(exceptions.ToolException):
def __init__(self, arg, msg):
super(DeprecatedArgumentException,
self).__init__('{0} is deprecated. {1}'.format(arg, msg))
def ValidateSimpleSharedSecret(possible_secret):
"""ValidateSimpleSharedSecret checks its argument is a vpn shared secret.
ValidateSimpleSharedSecret(v) returns v iff v matches [ -~]+.
Args:
def Args(cls, parser):
"""Adds arguments to the supplied parser."""
cls.ROUTER_ARG = router_flags.RouterArgumentForVpnTunnel(
required=False)
cls.TARGET_VPN_GATEWAY_ARG = (
target_vpn_gateway_flags.TargetVpnGatewayArgumentForVpnTunnel())
cls.TARGET_VPN_GATEWAY_ARG.AddArgument(parser)
cls.VPN_TUNNEL_ARG = flags.VpnTunnelArgument()
cls.VPN_TUNNEL_ARG.AddArgument(parser, operation_type='create')
parser.add_argument(
'--description',
help='An optional, textual description for the target VPN tunnel.')
parser.add_argument(
'--ike-version',
choices=[1, 2],
type=int,
help='Internet Key Exchange protocol version number. Default is 2.'
)
parser.add_argument(
'--peer-address',
required=True,
help='A valid IP-v4 address representing the remote tunnel endpoint'
)
# TODO(b/36053573) Add other group members
parser.add_argument('--shared-secret',
type=ValidateSimpleSharedSecret,
required=True,
help="""\
A shared secret consisting of printable characters. Valid
arguments match the regular expression """ + _PRINTABLE_CHARS_PATTERN)
parser.add_argument('--ike-networks',
type=arg_parsers.ArgList(min_length=1),
help=argparse.SUPPRESS)
parser.add_argument(
'--local-traffic-selector',
type=arg_parsers.ArgList(min_length=1),
metavar='CIDR',
help=
('Traffic selector is an agreement between IKE peers to permit '
'traffic through a tunnel if the traffic matches a specified pair'
' of local and remote addresses.\n\n'
'local_traffic_selector allows to configure the local addresses '
'that are permitted. The value should be a comma separated list '
'of CIDR formatted strings. '
'Example: 192.168.0.0/16,10.0.0.0/24.'))
parser.add_argument(
'--remote-traffic-selector',
type=arg_parsers.ArgList(min_length=1),
metavar='CIDR',
help=
('Traffic selector is an agreement between IKE peers to permit '
'traffic through a tunnel if the traffic matches a specified pair'
' of local and remote addresses.\n\n'
'remote_traffic_selector allows to configure the remote addresses'
' that are permitted. The value should be a comma separated list '
'of CIDR formatted strings. '
'Example: 192.168.0.0/16,10.0.0.0/24.'))
# TODO(b/29072646): autocomplete --router argument
parser.add_argument('--router',
help='The Router to use for dynamic routing.')
