Commit graph

721 commits

Author SHA1 Message Date
Tom Limoncelli
14e48b9b07
linting (#693)
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2020-03-10 16:53:17 -04:00
Tom Limoncelli
24484f1e0c
move providers/diff to pkg/diff like we should have 2 years ago (#692)
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2020-03-10 16:35:43 -04:00
Tom Limoncelli
bbbb0c8c95
Update modules (#691)
* go get -u github.com/aws/aws-sdk-go
* get -u github.com/tiramiseb/go-gandi
* go get -u google.golang.org/api

Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2020-03-10 16:26:06 -04:00
Tom Limoncelli
e6390c67d7 fix dos/unix line ending 2020-03-10 11:46:09 -04:00
Tom Limoncelli
4edf360854
get-zones output should work as input into preview (#688)
* Add tests for get-zones
* fix CAA, SSHFP, TLSA and other bugs
* New format for get-zones: "djs" which is js but uses "disco commas"
* Print diffs using github.com/andreyvit/diff

Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2020-03-10 11:32:47 -04:00
Tom Limoncelli
67e78f7e15
refactor into groups (#684)
* Refactor tests into "groups", each with its own filter (not/only/requires) to select which providers are appropriate.
* Test driver code is now a lot more simple and clear.
* Add support for not(), only(), and requires() as a way to select/reject providers for a test.
* Add docs explaining how to add tests
* Logging messages are much cleaner now, especially when tests are skipped.
* -start and -end now refer to test groups, not individual tests.  Log messages list the group numbers clearly.
* Add stringer for Capabilities
* Change the order of the tests so that simple tests are first
* Removed knownFailures from providers.json
* fmtjson providers.json

Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2020-03-10 10:13:20 -04:00
Tom Limoncelli
fa160b7202
Update README.md (#689)
* Update README.md

Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2020-03-10 09:18:19 -04:00
Tom Limoncelli
58569c1253
Rename get-zones formats as pretty/dsl/tsv to zone/js/tsv (#687)
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
2020-03-09 11:42:48 -04:00
Tom Limoncelli
8d9ca83996
GANDI_V5: Recognize that CanUseTXTMulti is valid (#680) 2020-03-05 16:23:04 -05:00
Tom Limoncelli
394b6e605f
ClouDNS: Get zone records implemented (#681)
* ClouDNS: #628 get-zones implemented

* ClouDNS: #491 convert to models.ToNameservers
2020-03-05 16:21:42 -05:00
Brice Figureau
947cc043df
(#491) convert the OVH provider to models.ToNameservers (#679)
As requested in #491, as OVH doesn't return dot-suffixed NS, we can
use `models.ToNameservers` in this provider.
2020-03-03 16:42:47 -05:00
Vatsalya Goel
884118f6dd
AZURE_DNS: Add support for Alias: AZURE_ALIAS() (#675)
* Add support for Alias in Azure

* Actioned comments and added parse tests

* GetTargetDebug

* Go formatting
2020-03-02 11:25:42 -05:00
Vatsalya Goel
56b448f329
upgrade go version to 1.14 (#676)
* upgrade go version to 1.14

* Fix build
2020-03-02 11:24:19 -05:00
Brice Figureau
e082c74de2
(#667) Remove unneeded SSHFP integration test (#677)
The test 49 was changing the fingerprint type of a SSHFP DNS RR,
but not the fingerprint hash. Changing the type of hash function
changes the hash result size (there's only two defined hash type of
different size in the RFC, SHA-1 and SHA-256).
This was failing with the OVH provider, because OVH is validating
the hash sizes of any created SSHFP RR and was finding an inconsistency.
Since there's already the test 50 which is both changing the type
and the fingerprint, the functionality is still covered and we
can remove test 49.
2020-03-02 11:23:47 -05:00
Tom Limoncelli
a3f103e97f go generate 2020-03-01 10:37:28 -05:00
Tom Limoncelli
3f68215841
GetNameservers is inconsistent across providers (#655)
* Warn if GetNameservers returns FQDN+dot strings
* Simplify logic that covers for the inconsistency
* Fix azuredns, gcloud, bind, route53
* Clean up cloudflare, digitalocean, dnsimple, gandi_v5, namedotcom
2020-03-01 10:33:24 -05:00
Phil Pennock
ecac8f1c10
DNSIMPLE: support NAPTR (#671)
Fix the model to strip quotes from all the string parts; BIND
integration tests still pass.  DNSIMPLE integration tests pass.
2020-03-01 09:36:55 -05:00
Phil Pennock
95dcce8b6f
GANDI_V5: Fix/support ALIAS, SSHFP, TLSA (#673) 2020-03-01 09:36:12 -05:00
Tom Limoncelli
a7e0ec258d
Add check-creds subcommand (#665) 2020-02-29 09:07:05 -05:00
Patrick Gaskin
6c316993ec
VULTR: Implemented get-zones (#628) (#670) 2020-02-29 09:04:00 -05:00
Tom Limoncelli
b7b0b20798
Fix broken tests (#672) 2020-02-29 09:01:51 -05:00
Tom Limoncelli
2dcb33e7b7 typo 2020-02-28 13:10:33 -05:00
Brice Figureau
bdddd466bf
(#628) Add get-zones to the OVH provider (#666)
Commit 87ad01d added the very useful `get-zones` command, which
requires providers to implement a new method `GetZoneRecords`.
This changes make the OVH provider support this.
2020-02-28 11:14:02 -05:00
Saurabh Gupta
99cef24d8f
SOFTLAYER: Fixed Lets Encrypt Certificate issue #668 (#669) 2020-02-28 11:12:56 -05:00
Tom Limoncelli
c98b922170
get-zones: NAMESERVER() never has TTL() (#658)
* NAMESERVER() never has TTL()

Fixes https://github.com/StackExchange/dnscontrol/issues/630
2020-02-27 23:56:49 -05:00
Tom Limoncelli
4adef209c7
AZUREDNS: Do not warn about underscore for acm-validations.aws (#661)
* Check for acm-validations.aws.
2020-02-27 23:10:35 -05:00
Joel Margolis
a57bf35788
EXOSCALE: Update exoscale/egoscale client to v0.23.0 (#664)
* Update Exoscale provider

* Update vendor folder for exoscale/egoscale v0.23.0

* Fix typos and SRV parsing

* Add . at the end of SRV records for exoscale
2020-02-27 23:06:12 -05:00
Tom Limoncelli
938abd7b76 Fix headings in docs/get-zones.md 2020-02-27 16:29:16 -05:00
Joel Margolis
1232c17293
HEXONET: Update hexonet-sdk to v2.2.3+incompatible (#662)
* Update hexonet-sdk to v2.2.3+incompatible

* Update vendor

* Go mod tidy
2020-02-27 13:04:17 -05:00
Tom Limoncelli
1616c50ba7
GANDI_V5: Upgrade to newest github.com/tiramiseb/go-gandi 2020-02-27 12:06:24 -05:00
Saurabh Gupta
7c9a23b215
SOFTLAYER: Fixed Softlayer TXT Record existence Issue #583 (#659) 2020-02-27 11:14:13 -05:00
Tom Limoncelli
798cdffd81
CLOUDFLARE: get-zones --ttl flag should handle CF's magic TTLs better (#657)
Fixes https://github.com/StackExchange/dnscontrol/issues/630
2020-02-27 11:11:59 -05:00
Tom Limoncelli
7789b4dbdc
get-zones: Implement --ttl flag for pretty and dsl (#654) 2020-02-25 07:23:40 -05:00
Tom Limoncelli
8b8f193afb
Update privider-list.md (#653)
* AZUREDNS is now an officially supported provider
* Update missing providers (https://github.com/StackExchange/dnscontrol/issues/632)

Fixes https://github.com/StackExchange/dnscontrol/issues/632
2020-02-25 07:23:04 -05:00
Phil Pennock
4fed6534c7
Tests: ensure provider capabilities are checked (#650)
* Tests: ensure provider capabilities are checked

Adds test: `TestCapabilitiesAreFiltered`

We have a number of records and pseudo-records which in theory can only
be used with a given provider if that provider indicates support.  In
practice, we've been missing the checks for that support and have been
passing the records down anyway.  The advice comment in the
providers/capabilities.go file to edit `checkProviderCapabilities()` has
not been reliably followed.

We need an internal self-consistency test.  The constants are not
directly exported or enumerable based solely on the package interfaces
at run-time, but with source access for a test suite, we can use the
`go/ast` and related interfaces to examine the code, extract all the
constants from a given package, figure out which ones we want to be
handled, and then insist that they're handled.

Before my recent work, we only checked:

    ALIAS PTR SRV CAA TLSA

After this commit, we check:

    ALIAS AUTODNSSEC CAA NAPTR PTR R53_ALIAS SSHFP SRV TLSA

I've added `AUTODNSSEC` as a new feature; `SSHFP` and `PTR` were caught
in other recent commits from me; implementing this test caused me to
have to add `NAPTR` and `R53_ALIAS`.  I whitelist `CanUseTXTMulti` as a
special-case.

This should prevent regressions.  We will probably want to post publicly
to warn people that if they're using SSHFP/PTR/NAPTR/R53_ALIAS then they
should check the feature matrix and if they don't see their provider
listed, to report is as "hey that actually works" so we can update the
provider flags.  Bonus: our feature matrix will suddenly be more
accurate.

* Add comments/docs for capabilities authors

* fixup!

* fixup!
2020-02-25 07:22:32 -05:00
Tom Limoncelli
3ce5b22d1a
BIND: Simplify serial number generation (#652)
* The old algorithm was very complex for no good reason.
* The new algorithm is simply: Use yymmdd00 or (previous serial number +1) whichever is bigger.
2020-02-23 14:50:00 -05:00
Tom Limoncelli
772ca4e7dd
Linting (#647)
* linting
* Fix adding-new-rtypes.md to include validation
* BIND: improve docs wrt SOA records, get-zones
2020-02-23 14:47:14 -05:00
Tom Limoncelli
9812ecd9ff
BIND: Improve SOA serial number handling (#651)
* github.com/miekg/dns
* Greatly simplify the logic for handling serial numbers. Related code was all over the place. Now it is abstracted into one testable method makeSoa. This simplifies code in many other places.
* Update docs/_providers/bind.md: Edit old text. Add SOA description.
* SOA records are now treated like any other record internally. You still can't specify them in dnsconfig.js, but that's by design.
* The URL for issue 491 was wrong in many places
* BIND: Clarify GENERATE_ZONEFILE message
2020-02-23 13:58:49 -05:00
Phil Pennock
3c41a39252
BIND: Implement AutoDNSSEC (#648)
There's a philosophy issue here around what is the Bind output meant to
do.  Since AFAIK we're not integrating into Bind's catalog zones or the
like, we're just targeting the zonefiles, we're not in a position to do
_anything_ relating to registrar options such as setting up DS glue.

So at one level, enabling AutoDNSSEC for Bind is a lie. But without
this, folks can't target a Bind zone as a secondary provider for their
domain, to get debug dumps of the zone output, because the checks for
"Can" block it.  So I think this commit achieves a happy compromise: we
write a comment into the Bind zonefile, indicating that DNSSEC was
requested.

Actually: we add support for arbitrary zone comments to be written into
a zonefile via a slightly ugly "can be `nil`" parameter.  We then write
in a generation timestamp comment, and if AutoDNSSEC was requested we
then write that in too.
2020-02-22 13:27:24 -05:00
Tom Limoncelli
7384743f6d
pretty helpers.js (#649) 2020-02-22 12:07:10 -05:00
Phil Pennock
9b239f41a3
Add AUTODNSSEC, implement for DNSimple (#640)
* Add AUTODNSSEC, implement for DNSimple

There are two models for DNSSEC in DNS management: either dnscontrol
manages all the DNSSEC records and has to be invoked regularly for
re-signing, or the provider manages DNSSEC automatically and dnscontrol
is not involved beyond saying "yeah, do that".

This implements the latter, as a model, and for one provider.

Potentially we could tune/configure options for DNSSEC such as
algorithm, but DNSimple don't expose that API so I haven't implemented
it.

This minimal model should be something which maps into other providers
cleanly.

* Fix missing CanAutoDNSSEC on provider

* Validation fix for master broken

This is broken in master and causing Travis in my branch to fail.  The
validation tool runs with `gofmt -s` to require "simplify", and so
rejects an ignored second bound variable to range iteration.

* Correct wire in the AUTODNSSEC validation step
2020-02-22 07:09:31 -05:00
Tom Limoncelli
b360ddd1e9
NAMEDOTCOM: Implement get-zones (#645)
* NAMEDOTCOM: Implement get-zones
2020-02-21 15:03:27 -05:00
Tom Limoncelli
3c507d6b77
get-zones: new output format nameonly; remove tsvfqdn (#644)
* Add nameonly; remove tsvfqdn

* document tsv fields
2020-02-21 14:59:47 -05:00
Tom Limoncelli
1ec696e4fa
Implement get-zones (#641) 2020-02-21 13:49:10 -05:00
Tom Limoncelli
f5d6f8074d
BIND: Implement get-zones (#642)
* BIND: implement get-zones
* BIND: Implement ZoneLister
2020-02-21 13:48:55 -05:00
Phil Pennock
d221471e38
dnsimple: bug-fix SSHFP, add multi TXT support (#639)
* dnsimple: bug-fix SSHFP, add multi TXT support

The default logic for encoding SSHFP records was dropping the key and
hash algorithms and just posting the content, the `Can` check didn't
stop attempts to use SSHFP.  So, implement SSHFP support.

DNSimple support multiple DNS strings in a TXT record, by representing
the payload as quoted strings already.  This doesn't appear to be
documented, but it does actually work.

* Update docs support matrix too

* fix go fmt missing upstream

Tests failing on my branch for something broken upstream

* fix typo in error message
2020-02-21 13:23:30 -05:00
Tom Limoncelli
7c0e02539c
ACTIVEDIRECTORY: Implement get-zones (#643)
* activedir: implement get-zones
2020-02-21 12:54:00 -05:00
Tom Limoncelli
386275fde1
ROUTE53: Fully implement get-zones (#638)
* ROUTE53: Implement ListZones

* DNSIMPLE: Fix comment
2020-02-20 15:07:34 -05:00
Amelia Aronsohn
b45c6b6b6c
DNSimple: Implement GetZones and ListZones (#637)
* Update to latest dnsimple-go

* Implement GetZoneRecords

* Better naming

* Return NS records in GetZoneRecords

* Be clearer with the comment.

As an employee I confirm this is exactly how this works. No guessing needed.

* Respect that Puncycode encoding can blow up

* Implement ListZones and the ZoneLister Interface

* Categorize DNSIMPLE

* Update docs with go generate

* vendor modules

* Don't store intermediary Zone data
2020-02-20 14:52:19 -05:00
Juho Teperi
ca99517ced
Do get zones (#635)
* Implement GetZoneRecords for Digitalocean provider
* Clean fixme comment from digitalocean provider
2020-02-19 13:11:49 -05:00