modified: internal/cli/site_test.go

Author: Code-Egg

internal/cli/site.go

@@ -148,14 +148,15 @@ func newSiteCreateCmd(svc siteManager, rootOpts *rootOptions) *cobra.Command {
 		},
 	}
 
+	cmd.Flags().SortFlags = false
 	cmd.Flags().BoolVar(&withWordPress, "wp", false, "install WordPress with required dependencies")
 	cmd.Flags().BoolVar(&withLE, "le", false, "configure Let's Encrypt certificate")
+	addPHPVersionFlags(cmd, php)
 	cmd.Flags().BoolVar(&owasp.enable, "enable-owasp", false, "enable OWASP ModSecurity at virtual host level")
-	cmd.Flags().BoolVar(&owasp.disable, "disable-owasp", false, "disable OWASP ModSecurity at virtual host level")
 	cmd.Flags().BoolVar(&recaptcha.enable, "enable-recaptcha", false, "enable reCAPTCHA at virtual host level")
+	cmd.Flags().BoolVar(&owasp.disable, "disable-owasp", false, "disable OWASP ModSecurity at virtual host level")
 	cmd.Flags().BoolVar(&recaptcha.disable, "disable-recaptcha", false, "disable reCAPTCHA at virtual host level")
 	cmd.Flags().BoolVar(&withHSTS, "hsts", false, "add recommended security extra headers to static context /")
-	addPHPVersionFlags(cmd, php)
 	return cmd
 }
 
@@ -209,13 +210,14 @@ func newSiteUpdateCmd(svc siteManager, rootOpts *rootOptions) *cobra.Command {
 		},
 	}
 
+	cmd.Flags().SortFlags = false
 	cmd.Flags().BoolVar(&withWordPress, "wp", false, "ensure WordPress and LiteSpeed Cache plugin are present")
+	addPHPVersionFlags(cmd, php)
 	cmd.Flags().BoolVar(&owasp.enable, "enable-owasp", false, "enable OWASP ModSecurity at virtual host level")
-	cmd.Flags().BoolVar(&owasp.disable, "disable-owasp", false, "disable OWASP ModSecurity at virtual host level")
 	cmd.Flags().BoolVar(&recaptcha.enable, "enable-recaptcha", false, "enable reCAPTCHA at virtual host level")
+	cmd.Flags().BoolVar(&owasp.disable, "disable-owasp", false, "disable OWASP ModSecurity at virtual host level")
 	cmd.Flags().BoolVar(&recaptcha.disable, "disable-recaptcha", false, "disable reCAPTCHA at virtual host level")
 	cmd.Flags().BoolVar(&withHSTS, "hsts", false, "add recommended security extra headers to static context /")
-	addPHPVersionFlags(cmd, php)
 	return cmd
 }
 

internal/cli/site_test.go

@@ -1,6 +1,38 @@
 package cli
 
-import "testing"
+import (
+	"context"
+	"testing"
+
+	"github.com/ols/ols-cli/internal/service"
+	"github.com/spf13/pflag"
+)
+
+type noopSiteManager struct{}
+
+func (noopSiteManager) CreateSite(context.Context, service.CreateSiteOptions) error {
+	return nil
+}
+
+func (noopSiteManager) UpdateSitePHP(context.Context, service.UpdateSiteOptions) error {
+	return nil
+}
+
+func (noopSiteManager) SiteInfo(context.Context, service.SiteInfoOptions) error {
+	return nil
+}
+
+func (noopSiteManager) ShowSiteConfig(context.Context, service.ShowSiteConfigOptions) error {
+	return nil
+}
+
+func (noopSiteManager) ListSites(context.Context, service.ListSitesOptions) error {
+	return nil
+}
+
+func (noopSiteManager) DeleteSite(context.Context, service.DeleteSiteOptions) error {
+	return nil
+}
 
 func TestPHPFlagsSelected(t *testing.T) {
 	flags := phpFlags{v85: true}
@@ -59,3 +91,74 @@ func TestToggleFlagsSelectedConflict(t *testing.T) {
 		t.Fatal("expected validation error for conflicting toggle flags")
 	}
 }
+
+func TestSiteCreateFlagOrder(t *testing.T) {
+	cmd := newSiteCreateCmd(noopSiteManager{}, &rootOptions{})
+	if cmd.Flags().SortFlags {
+		t.Fatal("expected SortFlags=false for create command")
+	}
+	cmd.InitDefaultHelpFlag()
+
+	var got []string
+	cmd.Flags().VisitAll(func(f *pflag.Flag) {
+		got = append(got, f.Name)
+	})
+
+	wantPrefix := []string{
+		"wp",
+		"le",
+		"php81",
+		"php82",
+		"php83",
+		"php84",
+		"php85",
+		"enable-owasp",
+		"enable-recaptcha",
+		"disable-owasp",
+		"disable-recaptcha",
+		"hsts",
+	}
+	if len(got) < len(wantPrefix) {
+		t.Fatalf("expected at least %d flags, got %d: %#v", len(wantPrefix), len(got), got)
+	}
+	for i := range wantPrefix {
+		if got[i] != wantPrefix[i] {
+			t.Fatalf("unexpected create flag order at index %d: got %q want %q (full=%#v)", i, got[i], wantPrefix[i], got)
+		}
+	}
+}
+
+func TestSiteUpdateFlagOrder(t *testing.T) {
+	cmd := newSiteUpdateCmd(noopSiteManager{}, &rootOptions{})
+	if cmd.Flags().SortFlags {
+		t.Fatal("expected SortFlags=false for update command")
+	}
+	cmd.InitDefaultHelpFlag()
+
+	var got []string
+	cmd.Flags().VisitAll(func(f *pflag.Flag) {
+		got = append(got, f.Name)
+	})
+
+	wantPrefix := []string{
+		"wp",
+		"php81",
+		"php82",
+		"php83",
+		"php84",
+		"php85",
+		"enable-owasp",
+		"enable-recaptcha",
+		"disable-owasp",
+		"disable-recaptcha",
+		"hsts",
+	}
+	if len(got) < len(wantPrefix) {
+		t.Fatalf("expected at least %d flags, got %d: %#v", len(wantPrefix), len(got), got)
+	}
+	for i := range wantPrefix {
+		if got[i] != wantPrefix[i] {
+			t.Fatalf("unexpected update flag order at index %d: got %q want %q (full=%#v)", i, got[i], wantPrefix[i], got)
+		}
+	}
+}

internal/service/site.go

@@ -48,6 +48,8 @@ const (
 	defaultVHRecaptchaReqLimit   = 500
 	defaultOWASPModSecRulesFile  = "/usr/local/lsws/conf/owasp/modsec_includes.conf"
 	defaultModSecurityModuleFile = "/usr/local/lsws/modules/mod_security.so"
+	defaultLiteSpeedRepoScript   = "https://repo.litespeed.sh"
+	defaultRepoScriptTempPath    = "/tmp/ols-cli-litespeed-repo.sh"
 	wpArchiveURL                 = "https://wordpress.org/latest.tar.gz"
 	wpArchiveSHA1URL             = "https://wordpress.org/latest.tar.gz.sha1"
 	wpCLIPharURL                 = "https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar"
@@ -967,10 +969,36 @@ func upsertINIValue(content, key, value string) (string, bool) {
 }
 
 func (s SiteService) configureLiteSpeedRepo(ctx context.Context, info platform.Info) error {
-	s.console.Bullet("Using hardened mode: repository bootstrap scripts are disabled")
-	if err := verifyLiteSpeedPackageAvailability(ctx, s.runner, info); err != nil {
+	if err := verifyLiteSpeedPackageAvailability(ctx, s.runner, info); err == nil {
+		s.console.Bullet("LiteSpeed package repository is already configured")
+		return nil
+	}
+	s.console.Bullet("Configuring LiteSpeed package repository")
+	if err := s.bootstrapLiteSpeedRepo(ctx); err != nil {
 		return err
 	}
+	if err := verifyLiteSpeedPackageAvailability(ctx, s.runner, info); err != nil {
+		return apperr.Wrap(
+			apperr.CodeCommand,
+			"LiteSpeed repository bootstrap completed but openlitespeed is still unavailable",
+			err,
+		)
+	}
+	s.console.Bullet("LiteSpeed package repository configured")
+	return nil
+}
+
+func (s SiteService) bootstrapLiteSpeedRepo(ctx context.Context) error {
+	if err := downloadToFile(defaultLiteSpeedRepoScript, defaultRepoScriptTempPath, 0o700); err != nil {
+		return apperr.Wrap(apperr.CodeCommand, "failed to download LiteSpeed repository bootstrap script", err)
+	}
+	defer func() {
+		_ = os.Remove(defaultRepoScriptTempPath)
+	}()
+
+	if _, err := s.runner.Run(ctx, "bash", defaultRepoScriptTempPath); err != nil {
+		return apperr.Wrap(apperr.CodeCommand, "failed to execute LiteSpeed repository bootstrap script", err)
+	}
 	return nil
 }
 
@@ -980,23 +1008,23 @@ func verifyLiteSpeedPackageAvailability(ctx context.Context, run runner.Runner,
 		if _, err := run.Run(ctx, "apt-cache", "show", "openlitespeed"); err != nil {
 			return apperr.Wrap(
 				apperr.CodeCommand,
-				"openlitespeed package is not available via apt repositories; configure the LiteSpeed repository manually",
+				"openlitespeed package is not available via apt repositories",
 				err,
 			)
 		}
 	case platform.PackageManagerYUM:
 		if _, err := run.Run(ctx, "yum", "-q", "info", "openlitespeed"); err != nil {
 			return apperr.Wrap(
 				apperr.CodeCommand,
-				"openlitespeed package is not available via yum repositories; configure the LiteSpeed repository manually",
+				"openlitespeed package is not available via yum repositories",
 				err,
 			)
 		}
 	case platform.PackageManagerDNF:
 		if _, err := run.Run(ctx, "dnf", "-q", "info", "openlitespeed"); err != nil {
 			return apperr.Wrap(
 				apperr.CodeCommand,
-				"openlitespeed package is not available via dnf repositories; configure the LiteSpeed repository manually",
+				"openlitespeed package is not available via dnf repositories",
 				err,
 			)
 		}