feat(GODT-2374): Import TLS certs via shell

internal/frontend/cli/frontend.go

@@ -135,12 +135,16 @@ func New(bridge *bridge.Bridge, restarter *restarter.Restarter, eventCh <-chan e
 	fe.AddCmd(configureCmd)
 
 	// TLS commands.
-	exportTLSCmd := &ishell.Cmd{
-		Name: "export-tls",
+	fe.AddCmd(&ishell.Cmd{
+		Name: "export-tls-cert",
 		Help: "Export the TLS certificate used by the Bridge",
 		Func: fe.exportTLSCerts,
-	}
-	fe.AddCmd(exportTLSCmd)
+	})
+	fe.AddCmd(&ishell.Cmd{
+		Name: "import-tls-cert",
+		Help: "Import a TLS certificate to be used by the Bridge",
+		Func: fe.importTLSCerts,
+	})
 
 	// All mail visibility commands.
 	allMailCmd := &ishell.Cmd{

internal/frontend/cli/system.go

@@ -226,6 +226,27 @@ func (f *frontendCLI) exportTLSCerts(c *ishell.Context) {
 	}
 }
 
+func (f *frontendCLI) importTLSCerts(c *ishell.Context) {
+	certPath := f.readStringInAttempts("Enter the path to the cert.pem file", c.ReadLine, f.isFile)
+	if certPath == "" {
+		f.printAndLogError(errors.New("failed to get cert path"))
+		return
+	}
+
+	keyPath := f.readStringInAttempts("Enter the path to the key.pem file", c.ReadLine, f.isFile)
+	if keyPath == "" {
+		f.printAndLogError(errors.New("failed to get key path"))
+		return
+	}
+
+	if err := f.bridge.SetBridgeTLSCertPath(certPath, keyPath); err != nil {
+		f.printAndLogError(err)
+		return
+	}
+
+	f.Println("TLS certificate imported. Restart Bridge to use it.")
+}
+
 func (f *frontendCLI) isPortFree(port string) bool {
 	port = strings.ReplaceAll(port, ":", "")
 	if port == "" {
@@ -252,3 +273,12 @@ func (f *frontendCLI) isCacheLocationUsable(location string) bool {
 
 	return stat.IsDir()
 }
+
+func (f *frontendCLI) isFile(location string) bool {
+	stat, err := os.Stat(location)
+	if err != nil {
+		return false
+	}
+
+	return !stat.IsDir()
+}