dnscontrol-action/README.md

# DNSControl Action

![](https://github.com/koenrh/dnscontrol-action/workflows/build/badge.svg)

Deploy your DNS configuration using [GitHub Actions](https://github.com/actions)
using [DNSControl](https://github.com/StackExchange/dnscontrol/).

## Usage

These are the three relevant sub commands to use with this action.

### check

Run the action with the 'check' argument in order to check and validate the `dnsconfig.js`
file. This action does not communicate with the DNS providers, hence does not require
any secrets to be set.

```yaml
name: Check

on: pull_request

jobs:
  check:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master

      - name: DNSControl check
        uses: koenrh/dnscontrol-action@v3
        with:
          args: check
```

### preview

Run the action with the 'preview' argument to check what changes need to be made.
It prints out what DNS records are expected to be created, modified or deleted.
This action requires the secrets for the specified DNS providers.

```yaml
name: Preview

on: pull_request

jobs:
  preview:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master

      - name: DNSControl preview
        uses: koenrh/dnscontrol-action@v3
        env:
          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
        with:
          args: preview
```

This is the action you probably want to run for each branch so that proposed changes
could be verified before an authorized person merges these changes into `master`.

#### Pull request comment

Optionally, you could configure your GitHub Action so that the output of the 'preview'
command is published as a comment to the pull request for the branch containing the
changes. This saves you several clicks through the menus to get to the output logs
for the preview job.

```
 ******************** Domain: example.com
----- Getting nameservers from: cloudflare
----- DNS Provider: cloudflare...6 corrections
#1: CREATE record: @ TXT 1 v=spf1 include:_spf.google.com -all
#2: CREATE record: @ MX 1 1  aspmx.l.google.com.
#3: CREATE record: @ MX 1 5  alt1.aspmx.l.google.com.
#4: CREATE record: @ MX 1 5  alt2.aspmx.l.google.com.
#5: CREATE record: @ MX 1 10  alt3.aspmx.l.google.com.
#6: CREATE record: @ MX 1 10  alt4.aspmx.l.google.com.
----- Registrar: none...0 corrections
Done. 6 corrections.
```

Provided that your GitHub Action job for 'preview' is named `preview`, you could
use the following snippet to enable pull request comments using Unsplash's [comment-on-pr](https://github.com/unsplash/comment-on-pr)
GitHub Action.

```yaml
- name: Preview pull request comment
  uses: unsplash/comment-on-pr@v1.2.0
  env:
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  with:
    msg: |
      ```
      ${{ steps.preview.outputs.output }}
      ```
    check_for_duplicate_msg: true
```

### push

Run the action with the 'push' arugment to publish the changes to the specified
DNS providers.

Running the action with the 'push' argument will publish the changes with the
specified DNS providers. The example workflow depicted below contains a filtering
pattern so that it only runs on the `master` branch.

```yaml
name: Push

on:
  push:
    branches:
      - master

jobs:
  push:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master

      - name: DNSControl push
        uses: koenrh/dnscontrol-action@v3
        env:
          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
        with:
          args: push
```

## Credentials

Depending on the DNS providers that are used, this action requires credentials to
be set. These secrets can be configured through a file named `creds.json`. You
should **not** add secrets as plaintext to this file, but use GitHub
Actions [encrypted secrets](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets)
instead. These encrypted secrets are exposed at runtime as environment variables.
See the DNSControl [Service Providers](https://stackexchange.github.io/dnscontrol/provider-list)
documentation for details.

To follow the Cloudflare example, add an encrypted secret named `CLOUDFLARE_API_TOKEN`
and then define the `creds.json` file as follows.

```json
{
  "cloudflare":{
    "apitoken": "$CLOUDFLARE_API_TOKEN"
  }
}
```
First commit. 2019-01-05 19:24:28 +08:00			`# DNSControl Action`

Add GitHub Actions build workflow badge 2019-09-23 01:35:53 +08:00			`![](https://github.com/koenrh/dnscontrol-action/workflows/build/badge.svg)`

First commit. 2019-01-05 19:24:28 +08:00			`Deploy your DNS configuration using [GitHub Actions](https://github.com/actions)`
			`using [DNSControl](https://github.com/StackExchange/dnscontrol/).`

			`## Usage`

Updated README. 2019-01-05 22:12:33 +08:00			`These are the three relevant sub commands to use with this action.`

			`### check`

Fix typo in README 2020-02-09 21:20:56 +08:00			Run the action with the 'check' argument in order to check and validate the `dnsconfig.js`
Updated README. 2019-01-05 22:12:33 +08:00			`file. This action does not communicate with the DNS providers, hence does not require`
			`any secrets to be set.`

Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			```yaml
			`name: Check`

			`on: pull_request`

			`jobs:`
			`check:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@master`

			`- name: DNSControl check`
Update references to v3 2020-03-28 05:40:51 +08:00			`uses: koenrh/dnscontrol-action@v3`
Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			`with:`
			`args: check`
Updated README. 2019-01-05 22:12:33 +08:00			```

			`### preview`

			`Run the action with the 'preview' argument to check what changes need to be made.`
			`It prints out what DNS records are expected to be created, modified or deleted.`
			`This action requires the secrets for the specified DNS providers.`

Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			```yaml
			`name: Preview`

			`on: pull_request`

			`jobs:`
			`preview:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@master`

			`- name: DNSControl preview`
Update references to v3 2020-03-28 05:40:51 +08:00			`uses: koenrh/dnscontrol-action@v3`
Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			`env:`
Update README 2020-02-23 21:33:57 +08:00			`CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}`
Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			`with:`
			`args: preview`
Updated README. 2019-01-05 22:12:33 +08:00			```

			`This is the action you probably want to run for each branch so that proposed changes`
			could be verified before an authorized person merges these changes into `master`.

Add pull request comment documentation to README Closes https://github.com/koenrh/dnscontrol-action/issues/28 2020-07-26 00:07:14 +08:00			`#### Pull request comment`

			`Optionally, you could configure your GitHub Action so that the output of the 'preview'`
			`command is published as a comment to the pull request for the branch containing the`
			`changes. This saves you several clicks through the menus to get to the output logs`
			`for the preview job.`

			```
			`******************** Domain: example.com`
			`----- Getting nameservers from: cloudflare`
			`----- DNS Provider: cloudflare...6 corrections`
			`#1: CREATE record: @ TXT 1 v=spf1 include:_spf.google.com -all`
			`#2: CREATE record: @ MX 1 1 aspmx.l.google.com.`
			`#3: CREATE record: @ MX 1 5 alt1.aspmx.l.google.com.`
			`#4: CREATE record: @ MX 1 5 alt2.aspmx.l.google.com.`
			`#5: CREATE record: @ MX 1 10 alt3.aspmx.l.google.com.`
			`#6: CREATE record: @ MX 1 10 alt4.aspmx.l.google.com.`
			`----- Registrar: none...0 corrections`
			`Done. 6 corrections.`
			```

			Provided that your GitHub Action job for 'preview' is named `preview`, you could
			`use the following snippet to enable pull request comments using Unsplash's [comment-on-pr](https://github.com/unsplash/comment-on-pr)`
			`GitHub Action.`

			```yaml
			`- name: Preview pull request comment`
			`uses: unsplash/comment-on-pr@v1.2.0`
			`env:`
			`GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}`
			`with:`
			`msg: \|`
			```
			`${{ steps.preview.outputs.output }}`
			```
			`check_for_duplicate_msg: true`
			```

Updated README. 2019-01-05 22:12:33 +08:00			`### push`

			`Run the action with the 'push' arugment to publish the changes to the specified`
			`DNS providers.`

			`Running the action with the 'push' argument will publish the changes with the`
Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			`specified DNS providers. The example workflow depicted below contains a filtering`
			pattern so that it only runs on the `master` branch.

			```yaml
			`name: Push`

			`on:`
			`push:`
			`branches:`
			`- master`

			`jobs:`
			`push:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@master`

			`- name: DNSControl push`
Update references to v3 2020-03-28 05:40:51 +08:00			`uses: koenrh/dnscontrol-action@v3`
Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			`env:`
Update README 2020-02-23 21:33:57 +08:00			`CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}`
Update examples in README This updates the GitHub Actions workflow examples in the README to the new YAML syntax. Fixes #13 2019-09-23 01:29:04 +08:00			`with:`
			`args: push`
Updated README. 2019-01-05 22:12:33 +08:00			```

Update README 2020-02-23 21:33:57 +08:00			`## Credentials`

			`Depending on the DNS providers that are used, this action requires credentials to`
			be set. These secrets can be configured through a file named `creds.json`. You
			`should not add secrets as plaintext to this file, but use GitHub`
			`Actions [encrypted secrets](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets)`
			`instead. These encrypted secrets are exposed at runtime as environment variables.`
			`See the DNSControl [Service Providers](https://stackexchange.github.io/dnscontrol/provider-list)`
			`documentation for details.`

			To follow the Cloudflare example, add an encrypted secret named `CLOUDFLARE_API_TOKEN`
			and then define the `creds.json` file as follows.

			```json
			`{`
			`"cloudflare":{`
			`"apitoken": "$CLOUDFLARE_API_TOKEN"`
			`}`
			`}`
			```