designate: allow manually overwriting DNS zone (#2204)

Co-authored-by: Fernandez Ludovic <[email protected]>
go-acme · Jul 18, 2024 · 04864ff · 04864ff
1 parent 321cea5
commit 04864ff
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 6 deletions.
diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go
@@ -704,6 +704,7 @@ func displayDNSHelp(w io.Writer, name string) error {
  ew.writeln(` - "DESIGNATE_POLLING_INTERVAL": Time between DNS propagation check`)
  ew.writeln(` - "DESIGNATE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
  ew.writeln(` - "DESIGNATE_TTL": The TTL of the TXT record used for the DNS challenge`)
+ ew.writeln(` - "DESIGNATE_ZONE_NAME": The zone name to use in the OpenStack Project to manage TXT records.`)
  ew.writeln(` - "OS_PROJECT_ID": Project ID`)
  ew.writeln(` - "OS_TENANT_NAME": Tenant name (deprecated see OS_PROJECT_NAME and OS_PROJECT_ID)`)
 

diff --git a/docs/content/dns/zz_gen_designate.md b/docs/content/dns/zz_gen_designate.md
@@ -77,6 +77,7 @@ More information [here]({{< ref "dns#configuration-and-credentials" >}}).
 | `DESIGNATE_POLLING_INTERVAL` | Time between DNS propagation check |
 | `DESIGNATE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
 | `DESIGNATE_TTL` | The TTL of the TXT record used for the DNS challenge |
+| `DESIGNATE_ZONE_NAME` | The zone name to use in the OpenStack Project to manage TXT records. |
 | `OS_PROJECT_ID` | Project ID |
 | `OS_TENANT_NAME` | Tenant name (deprecated see OS_PROJECT_NAME and OS_PROJECT_ID) |
 

diff --git a/providers/dns/designate/designate.go b/providers/dns/designate/designate.go
@@ -27,6 +27,8 @@ const (
  EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
  EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
 
+ EnvZoneName = envNamespace + "ZONE_NAME"
+
  envNamespaceClient = "OS_"
 
  EnvAuthURL = envNamespaceClient + "AUTH_URL"
@@ -127,12 +129,12 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
  info := dns01.GetChallengeInfo(domain, keyAuth)
 
- authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
+ zone, err := getAuthZone(info.EffectiveFQDN)
  if err != nil {
- return fmt.Errorf("designate: could not find zone for domain %q: %w", domain, err)
+ return fmt.Errorf("designate: %w", err)
  }
 
- zoneID, err := d.getZoneID(authZone)
+ zoneID, err := d.getZoneID(zone)
  if err != nil {
  return fmt.Errorf("designate: couldn't get zone ID in Present: %w", err)
  }
@@ -167,12 +169,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
  info := dns01.GetChallengeInfo(domain, keyAuth)
 
- authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
+ zone, err := getAuthZone(info.EffectiveFQDN)
  if err != nil {
- return fmt.Errorf("designate: could not find zone for domain %q: %w", domain, err)
+ return fmt.Errorf("designate: %w", err)
  }
 
- zoneID, err := d.getZoneID(authZone)
+ zoneID, err := d.getZoneID(zone)
  if err != nil {
  return fmt.Errorf("designate: couldn't get zone ID in CleanUp: %w", err)
  }
@@ -273,3 +275,17 @@ func (d *DNSProvider) getRecord(zoneID, wanted string) (*recordsets.RecordSet, e
 
  return nil, nil
 }
+
+func getAuthZone(fqdn string) (string, error) {
+ authZone := env.GetOrFile(EnvZoneName)
+ if authZone != "" {
+ return authZone, nil
+ }
+
+ authZone, err := dns01.FindZoneByFqdn(fqdn)
+ if err != nil {
+ return "", fmt.Errorf("could not find zone: %w", err)
+ }
+
+ return authZone, nil
+}
diff --git a/providers/dns/designate/designate.toml b/providers/dns/designate/designate.toml
@@ -63,6 +63,7 @@ Public cloud providers with support for Designate:
  [Configuration.Additional]
  OS_PROJECT_ID = "Project ID"
  OS_TENANT_NAME = "Tenant name (deprecated see OS_PROJECT_NAME and OS_PROJECT_ID)"
+ DESIGNATE_ZONE_NAME = "The zone name to use in the OpenStack Project to manage TXT records."
  DESIGNATE_POLLING_INTERVAL = "Time between DNS propagation check"
  DESIGNATE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
  DESIGNATE_TTL = "The TTL of the TXT record used for the DNS challenge"