From 04864ff13b01445c65cee924c790f3ef4d60a37f Mon Sep 17 00:00:00 2001 From: Jan Dittrich Date: Thu, 18 Jul 2024 17:27:04 +0200 Subject: [PATCH] designate: allow manually overwriting DNS zone (#2204) Co-authored-by: Fernandez Ludovic --- cmd/zz_gen_cmd_dnshelp.go | 1 + docs/content/dns/zz_gen_designate.md | 1 + providers/dns/designate/designate.go | 28 ++++++++++++++++++++------ providers/dns/designate/designate.toml | 1 + 4 files changed, 25 insertions(+), 6 deletions(-) diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go index 0e12e9c882..899f8daad3 100644 --- a/cmd/zz_gen_cmd_dnshelp.go +++ b/cmd/zz_gen_cmd_dnshelp.go @@ -704,6 +704,7 @@ func displayDNSHelp(w io.Writer, name string) error { ew.writeln(` - "DESIGNATE_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "DESIGNATE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) ew.writeln(` - "DESIGNATE_TTL": The TTL of the TXT record used for the DNS challenge`) + ew.writeln(` - "DESIGNATE_ZONE_NAME": The zone name to use in the OpenStack Project to manage TXT records.`) ew.writeln(` - "OS_PROJECT_ID": Project ID`) ew.writeln(` - "OS_TENANT_NAME": Tenant name (deprecated see OS_PROJECT_NAME and OS_PROJECT_ID)`) diff --git a/docs/content/dns/zz_gen_designate.md b/docs/content/dns/zz_gen_designate.md index 10e24c83b3..13606ed9ac 100644 --- a/docs/content/dns/zz_gen_designate.md +++ b/docs/content/dns/zz_gen_designate.md @@ -77,6 +77,7 @@ More information [here]({{< ref "dns#configuration-and-credentials" >}}). | `DESIGNATE_POLLING_INTERVAL` | Time between DNS propagation check | | `DESIGNATE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | | `DESIGNATE_TTL` | The TTL of the TXT record used for the DNS challenge | +| `DESIGNATE_ZONE_NAME` | The zone name to use in the OpenStack Project to manage TXT records. | | `OS_PROJECT_ID` | Project ID | | `OS_TENANT_NAME` | Tenant name (deprecated see OS_PROJECT_NAME and OS_PROJECT_ID) | diff --git a/providers/dns/designate/designate.go b/providers/dns/designate/designate.go index 9492633160..b935c1173b 100644 --- a/providers/dns/designate/designate.go +++ b/providers/dns/designate/designate.go @@ -27,6 +27,8 @@ const ( EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT" EnvPollingInterval = envNamespace + "POLLING_INTERVAL" + EnvZoneName = envNamespace + "ZONE_NAME" + envNamespaceClient = "OS_" EnvAuthURL = envNamespaceClient + "AUTH_URL" @@ -127,12 +129,12 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { func (d *DNSProvider) Present(domain, token, keyAuth string) error { info := dns01.GetChallengeInfo(domain, keyAuth) - authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN) + zone, err := getAuthZone(info.EffectiveFQDN) if err != nil { - return fmt.Errorf("designate: could not find zone for domain %q: %w", domain, err) + return fmt.Errorf("designate: %w", err) } - zoneID, err := d.getZoneID(authZone) + zoneID, err := d.getZoneID(zone) if err != nil { return fmt.Errorf("designate: couldn't get zone ID in Present: %w", err) } @@ -167,12 +169,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error { func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { info := dns01.GetChallengeInfo(domain, keyAuth) - authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN) + zone, err := getAuthZone(info.EffectiveFQDN) if err != nil { - return fmt.Errorf("designate: could not find zone for domain %q: %w", domain, err) + return fmt.Errorf("designate: %w", err) } - zoneID, err := d.getZoneID(authZone) + zoneID, err := d.getZoneID(zone) if err != nil { return fmt.Errorf("designate: couldn't get zone ID in CleanUp: %w", err) } @@ -273,3 +275,17 @@ func (d *DNSProvider) getRecord(zoneID, wanted string) (*recordsets.RecordSet, e return nil, nil } + +func getAuthZone(fqdn string) (string, error) { + authZone := env.GetOrFile(EnvZoneName) + if authZone != "" { + return authZone, nil + } + + authZone, err := dns01.FindZoneByFqdn(fqdn) + if err != nil { + return "", fmt.Errorf("could not find zone: %w", err) + } + + return authZone, nil +} diff --git a/providers/dns/designate/designate.toml b/providers/dns/designate/designate.toml index 55a1cd3c78..2681df7004 100644 --- a/providers/dns/designate/designate.toml +++ b/providers/dns/designate/designate.toml @@ -63,6 +63,7 @@ Public cloud providers with support for Designate: [Configuration.Additional] OS_PROJECT_ID = "Project ID" OS_TENANT_NAME = "Tenant name (deprecated see OS_PROJECT_NAME and OS_PROJECT_ID)" + DESIGNATE_ZONE_NAME = "The zone name to use in the OpenStack Project to manage TXT records." DESIGNATE_POLLING_INTERVAL = "Time between DNS propagation check" DESIGNATE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" DESIGNATE_TTL = "The TTL of the TXT record used for the DNS challenge"