From c58880e4484a036cb03bc59a3acd7effa1468694 Mon Sep 17 00:00:00 2001
From: Carlos Goncalves <cgoncalves@redhat.com>
Date: Thu, 6 Aug 2020 13:18:30 +0200
Subject: [PATCH] Add TLS versions and ciphers unsets

Task: 40617
Task: 40618
Story: 2006627

Task: 40615
Task: 40616
Story: 2006733

Change-Id: Iab8b8339cf096ee1f5c56a828629f0ebf94484a9
---
 octaviaclient/osc/v2/listener.py                     | 12 +++++++++++-
 octaviaclient/osc/v2/pool.py                         | 10 ++++++++++
 octaviaclient/tests/unit/osc/v2/test_listener.py     |  8 +++++++-
 octaviaclient/tests/unit/osc/v2/test_pool.py         |  8 +++++++-
 ...tls-versions-ciphers-unsets-8d06a502c8ad38ff.yaml |  4 ++++
 5 files changed, 39 insertions(+), 3 deletions(-)
 create mode 100644 releasenotes/notes/add-tls-versions-ciphers-unsets-8d06a502c8ad38ff.yaml

diff --git a/octaviaclient/osc/v2/listener.py b/octaviaclient/osc/v2/listener.py
index 24e5f46..d798256 100644
--- a/octaviaclient/osc/v2/listener.py
+++ b/octaviaclient/osc/v2/listener.py
@@ -610,10 +610,20 @@ class UnsetListener(command.Command):
             action='store_true',
             help="Clear all allowed CIDRs from the listener."
         )
+        parser.add_argument(
+            '--tls-versions',
+            action='store_true',
+            help='Clear all TLS versions from the listener.',
+        )
+        parser.add_argument(
+            '--tls-ciphers',
+            action='store_true',
+            help='Clear all TLS ciphers from the listener.',
+        )
         parser.add_argument(
             '--wait',
             action='store_true',
-            help='Wait for action to complete',
+            help='Wait for action to complete.',
         )
         return parser
 
diff --git a/octaviaclient/osc/v2/pool.py b/octaviaclient/osc/v2/pool.py
index eb9a0b5..4a8b95d 100644
--- a/octaviaclient/osc/v2/pool.py
+++ b/octaviaclient/osc/v2/pool.py
@@ -443,6 +443,16 @@ class UnsetPool(command.Command):
             action='store_true',
             help="Clear the certificate reference for this pool."
         )
+        parser.add_argument(
+            '--tls-versions',
+            action='store_true',
+            help='Clear all TLS versions from the pool.',
+        )
+        parser.add_argument(
+            '--tls-ciphers',
+            action='store_true',
+            help='Clear all TLS ciphers from the pool.',
+        )
         parser.add_argument(
             '--wait',
             action='store_true',
diff --git a/octaviaclient/tests/unit/osc/v2/test_listener.py b/octaviaclient/tests/unit/osc/v2/test_listener.py
index d6c6972..064d9d5 100644
--- a/octaviaclient/tests/unit/osc/v2/test_listener.py
+++ b/octaviaclient/tests/unit/osc/v2/test_listener.py
@@ -388,7 +388,7 @@ class TestListenerUnset(TestListener):
                   'timeout_member_connect', 'timeout_member_data',
                   'timeout_tcp_inspect', 'client_ca_tls_container_ref',
                   'client_authentication', 'client_crl_container_ref',
-                  'allowed_cidrs')
+                  'allowed_cidrs', 'tls_versions', 'tls_ciphers')
 
     def setUp(self):
         super().setUp()
@@ -442,6 +442,12 @@ class TestListenerUnset(TestListener):
     def test_listener_unset_allowed_cidrs(self):
         self._test_listener_unset_param('allowed_cidrs')
 
+    def test_listener_unset_tls_versions(self):
+        self._test_listener_unset_param('tls_versions')
+
+    def test_listener_unset_tls_ciphers(self):
+        self._test_listener_unset_param('tls_ciphers')
+
     def _test_listener_unset_param(self, param):
         self.api_mock.listener_set.reset_mock()
         arg_param = param.replace('_', '-') if '_' in param else param
diff --git a/octaviaclient/tests/unit/osc/v2/test_pool.py b/octaviaclient/tests/unit/osc/v2/test_pool.py
index 04c9103..9f72736 100644
--- a/octaviaclient/tests/unit/osc/v2/test_pool.py
+++ b/octaviaclient/tests/unit/osc/v2/test_pool.py
@@ -257,7 +257,7 @@ class TestPoolSet(TestPool):
 class TestPoolUnset(TestPool):
     PARAMETERS = ('name', 'description', 'ca_tls_container_ref',
                   'crl_container_ref', 'session_persistence',
-                  'tls_container_ref')
+                  'tls_container_ref', 'tls_versions', 'tls_ciphers')
 
     def setUp(self):
         super().setUp()
@@ -284,6 +284,12 @@ class TestPoolUnset(TestPool):
     def test_pool_unset_tls_container_ref(self):
         self._test_pool_unset_param('tls_container_ref')
 
+    def test_pool_unset_tls_versions(self):
+        self._test_pool_unset_param('tls_versions')
+
+    def test_pool_unset_tls_ciphers(self):
+        self._test_pool_unset_param('tls_ciphers')
+
     def _test_pool_unset_param(self, param):
         self.api_mock.pool_set.reset_mock()
         arg_param = param.replace('_', '-') if '_' in param else param
diff --git a/releasenotes/notes/add-tls-versions-ciphers-unsets-8d06a502c8ad38ff.yaml b/releasenotes/notes/add-tls-versions-ciphers-unsets-8d06a502c8ad38ff.yaml
new file mode 100644
index 0000000..c7cc202
--- /dev/null
+++ b/releasenotes/notes/add-tls-versions-ciphers-unsets-8d06a502c8ad38ff.yaml
@@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Added TLS versions and ciphers unset to listeners and pools.