* Fix#702: Spurious null MX changes on CloudFlare
* Test roundtripping null MX on Cloudflare
* Use an if instead of TrimSuffix
* Add other providers that support RFC 7505
* Suppress test for non-compliant providers
Final changes before V3.0.0 release
* Remove old Gandi. Fixes#575
* Many cleanups
* go mod tidy && go mod vendor
* integration_test.go: Output subtest name
* Cleanups
* integration_test.go: Description should include sub-test name
* Add a whitespace test to js/parse_tests/017-txt.js
* Cloudflare strips whitespace from end of TXT
* Fixes https://github.com/StackExchange/dnscontrol/issues/700
* Whitespace at end of TXT records
Name.com strips the whitespace from the end of a TXT record. There's
nothing we can do other than file a bug.
* Fixes https://github.com/StackExchange/dnscontrol/issues/701
* Refactor tests into "groups", each with its own filter (not/only/requires) to select which providers are appropriate.
* Test driver code is now a lot more simple and clear.
* Add support for not(), only(), and requires() as a way to select/reject providers for a test.
* Add docs explaining how to add tests
* Logging messages are much cleaner now, especially when tests are skipped.
* -start and -end now refer to test groups, not individual tests. Log messages list the group numbers clearly.
* Add stringer for Capabilities
* Change the order of the tests so that simple tests are first
* Removed knownFailures from providers.json
* fmtjson providers.json
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
The test 49 was changing the fingerprint type of a SSHFP DNS RR,
but not the fingerprint hash. Changing the type of hash function
changes the hash result size (there's only two defined hash type of
different size in the RFC, SHA-1 and SHA-256).
This was failing with the OVH provider, because OVH is validating
the hash sizes of any created SSHFP RR and was finding an inconsistency.
Since there's already the test 50 which is both changing the type
and the fingerprint, the functionality is still covered and we
can remove test 49.
Commit 87ad01d added the very useful `get-zones` command, which
requires providers to implement a new method `GetZoneRecords`.
This changes make the OVH provider support this.
* Update Exoscale provider
* Update vendor folder for exoscale/egoscale v0.23.0
* Fix typos and SRV parsing
* Add . at the end of SRV records for exoscale
* Replaced errors.Wrap with fmt.Errorf (#589)
* Find: errors\.Wrap\(([^,]+),\s+(["`][^"`]*)(["`])\)
Replace: fmt.Errorf($2: %w$3, $1)
* Replaced errors.Wrapf with fmt.Errorf (#589)
* Find: errors\.Wrapf\(([^,]+),\s+(["`][^"`]*)(["`])\)
Replace: fmt.Errorf($2: %w$3, $1)
* Find: errors\.Wrapf\(([^,]+),\s+(["`][^"`]*)(["`])(,[^)]+)\)
* Replace: fmt.Errorf($2: %w$3$4, $1)
* Replaced errors.Errorf with fmt.Errorf (#589)
* Find: errors\.Errorf
Replace: fmt.Errorf
* Cleaned up remaining imports
* Cleanup
* Regenerate provider support matrix
This was broken by #533 ... and it's now the third time this has been missed.
* Switched to v2 go.mod
Also set GO111MODULE=on in build stuff to always use Go modules
even when in GOPATH.
* Ensure go.mod, go.sum, and vendor are up to date
* Attempt to fix Azure pipelines
* Add set -e to properly fail on exit (it didn't seem to be
propagating properly before).
* Set workingDirectory for GoFmt and GoGen (this might be why it
fails unlike compile and unitests).
* Another attempt to fix Azure Pipelines
* Use the Go env template for all go-related jobs.
* Completely fixed Azure Pipelines
* Added a display name to GoFmt for consistency.
* Fixed diffs for GoFmt and GoGen.
* Show git status for checks.
* Drop GOPATH for tests
TODO: Do the same for integration tests.
* Drop GOPATH for integration tests
* Show more diffs
* Regenerate provider support matrix
This wasn't done in #590...
* ClouDNS: first version of provider
* ClouDNS: documentation
* ClouDNS: code cleanup
* ClouDNS: GetNameservers now uses ClouDNS API to fetch NS servers list
* ClouDNS: CAA support
* ClouDNS: TLSA support
* ClouDNS: tests credentials now use variables instead of hardcoded values
* ClouDNS: SSHFP support
* ClouDNS: export only necessary methods
* providers/cloudflare: Support API tokens
Cloudflare API tokens are a new way to authenticate to Cloudflare API.
Unlike the Global API key, tokens can be given specific permissions to
only access parts of the API. See [1] for details.
[1] https://blog.cloudflare.com/api-tokens-general-availability/
This commit introduces a new credential for cloudflare called
`apitoken`, which is mutually exclusive with `apiuser` and `apikey`.
In order for DNSControl to work with this token, it should have the
right to read DNS zones and edit DNS records.
Closes#534
* CLOUDFLARE: Update integration tests for api token
According to the RFC, the way to indicate that a SRV has no target is to set the target to ".". Some providers do not handle this, or the API returns "" instead of ".". This situation is now tested in the integration tests and all providers (that support this) have been fixed.
* Cloudflare: Fix decoding empty SRV target (fixes#561)
SRV records with empty (".") targets are now returned as false by
the API, which breaks Unmarshaling it into a string.
* Use custom type for Cloudflare SRV target
Rewrote the SRV target decoding to use a custom type for (un)marshaling, as
Cloudflare returns false for null targets, but it requires a single period
for giving it one. The target code has also been made more flexible to future
API changes with additional normalization.
This has been tested with record creation, deletion, and update and works
as of 2019-11-05.
* DigitalOcean: Fix target FQDN for null targets
Without this, dnscontrol thinks an update is needed (.. != .) even
when the SRV target is correct.
* DNSimple: Fix parsing of null SRV target
DNSimple only returns two fields when the target is null.
* NameDotCom: Add note about not supporting null SRV targets, skip test
* DNSimple: Do not append a . unless we have all three parts
Signed-off-by: Amelia Aronsohn <squirrel@wearing.black>
* Regenerated provider matrix
* condense AD 'unsupported record type' warnings
* active directory provider can create/modify/delete NS records!
* ad passes more of the tests now
* skip root NS records for safety
* clarifying comment
* govendor gopkg.in/yaml.v2
* Ignore YAML and BIND test data litter. Create README.txt files to force git to create subdirectories.
* Update convertzone to also read OctoDNS files
* Add gandi LiveDNS api provider
* vendor testify and gandi live DNS
* govendor update github.com/prasmussen/gandi-api/{client,live_dns}
* Fix Gandi-livedns TXT unit test
* TravisCI should use go 1.10
* Stable comparison of metadata (#239)
Iterating over a map in Go never produces twice the same ordering.
Thus when comparing two metadata map with more than one key, the
`differ` is always finding differences.
To properly compare records metadata, we need to iterate the maps
in a deterministic way.
Signed-off-by: Brice Figureau <brice@daysofwonder.com>
* Support for Route53 ALIAS record type (#239)
Route53 ALIAS doesn't behave like a regular ALIAS, and is much more
limited as its target can only be some specific AWS resources or
another record in the same zone.
According to #239, this change adds a new directive R53_ALIAS which
implements this specific alias. This record type can only be used
with the Route53 provider.
This directive usage looks like this:
```js
D("example.com", REGISTRAR, DnsProvider("ROUTE53"),
R53_ALIAS("foo1", "A", "bar") // record in same zone
R53_ALIAS("foo2", "A",
"blahblah.elasticloadbalancing.us-west-1.amazonaws.com",
R53_ZONE('Z368ELLRRE2KJ0')) // ELB in us-west-1
```
Unfortunately, Route53 requires indicating the hosted zone id
where the target is defined (those are listed in AWS documentation,
see the R53_ALIAS documentation for links).
* Add support for the IGNORE(name) directive (#183)
IGNORE is like NO_PURGE but for a spefic record instead of the whole
zone. This is very useful for instance if you have a zone where
only some records are managed externally from dnscontrol (for instance
using kubernetes external dns system).
Adding IGNORE("foo") in the zone will make dnscontrol not trying
to manage the "foo" record (and especially not deleting it).
dnscontrol will error out if the "foo" record is both ignored and
managed in dnscontrol.
This can be seen as a generic Cloudflare's ignored label.
Signed-off-by: Brice Figureau <brice@daysofwonder.com>
* Deprecate CloudFlare ignoredLabels in favor of IGNORE (#183)
Since IGNORE implements a generic `ignoredLabels` system, let
the user know CF `ignoredLabels` are deprecated.
Signed-off-by: Brice Figureau <brice@daysofwonder.com>
