Merge pull request #5 from koenrh/koenrh/add-all-providers

Add all providers
2025-02-24 23:13:24 +08:00 · 2019-01-05 15:38:40 +01:00 · 2019-01-05 15:38:40 +01:00 · ec8e8a39a2
commit ec8e8a39a2
parent c1992fafc0 aac78c1c12
2 changed files with 218 additions and 25 deletions
--- a/README.md
+++ b/README.md
@ -3,32 +3,158 @@
 Deploy your DNS configuration using [GitHub Actions](https://github.com/actions)
 using [DNSControl](https://github.com/StackExchange/dnscontrol/).

-## Supported providers
-
-Not all [providers](https://stackexchange.github.io/dnscontrol/provider-list) are
-supported yet.
-
- [ ] Active Directory PowerShell
- [ ] BIND
- [x] Cloudflare
- [x] DigitalOcean
- [x] DNSimple
- [ ] Gandi
- [ ] Google Cloud DNS
- [ ] HEXONET
- [x] Linode
- [ ] Name.com
- [ ] Namecheap
- [x] NS1
- [ ] OVH
- [x] Route 53
- [ ] SoftLayer DNS
- [ ] Vultr
-
 ## Usage

-TODO
+These are the three relevant sub commands to use with this action.
+
+### check
+
+Run the action with the 'check' argument in order to check and validate the `dnscontrol.js`
+file. This action does not communicate with the DNS providers, hence does not require
+any secrets to be set.
+
+```workflow
+action "DNSControl check" {
+  uses = "koenrh/dnscontrol-action@master"
+  args = "check"
+}
+```
+
+### preview
+
+Run the action with the 'preview' argument to check what changes need to be made.
+It prints out what DNS records are expected to be created, modified or deleted.
+This action requires the secrets for the specified DNS providers.
+
+```workflow
+action "DNSControl preview" {
+  uses = "koenrh/dnscontrol-action@master"
+  args = "preview"
+  secrets = ["CLOUDFLARE_API_USER", "CLOUDFLARE_API_KEY"]
+}
+```
+
+This is the action you probably want to run for each branch so that proposed changes
+could be verified before an authorized person merges these changes into `master`.
+
+### push
+
+Run the action with the 'push' arugment to publish the changes to the specified
+DNS providers.
+
+Running the action with the 'push' argument will publish the changes with the
+specified DNS providers. You should probably only use this command combined with
+the GitHub [Filters action](https://github.com/actions/bin/tree/master/filter#filters-for-github-actions)
+to make sure that only changes in the `master` branch are deployed to production.
+
+```workflow
+action "DNSControl push" {
+  uses = "koenrh/dnscontrol-action@master"
+  args = "push"
+  secrets = ["CLOUDFLARE_API_KEY", "CLOUDFLARE_API_USER"]
+}
+```
+
+You should probably only use this command combined with the GitHub [Filters action](https://github.com/actions/bin/tree/master/filter#filters-for-github-actions)
+to make sure that only changes in the `master` branch are deployed to production.

 ## Secrets

-TODO
+Depending on the DNS providers that are used, this action requires secrets to be
+set.
+
+### Cloudflare
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/cloudflare)
+
+- `CLOUDFLARE_API_USER`
+- `CLOUDFLARE_API_KEY`
+- `CLOUDFLARE_ACCOUNT_ID` (optional)
+- `CLOUDFLARE_ACCOUNT_NAME` (optional)
+
+### DigitalOcean
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/digitalocean)
+
+- `DIGITALOCEAN_OAUTH_TOKEN`
+
+### DNSimple
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/dnsimple)
+
+- `DNSIMPLE_ACCOUNT_ACCESS_TOKEN`
+
+### Gandi
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/gandi)
+
+- `GANDI_API_KEY`
+
+### Google CLOUD DNS
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/gcloud)
+
+- `GOOGLE_CLOUD_PROJECT_ID`
+- `GOOGLE_CLOUD_PRIVATE_KEY_ID`
+- `GOOGLE_CLOUD_PRIVATE_KEY`
+- `GOOGLE_CLOUD_CLIENT_EMAIL`
+- `GOOGLE_CLOUD_CLIENT_ID`
+- `GOOGLE_CLOUD_CLIENT_X509_CERT_URL`
+
+### Linode
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/linode)
+
+- `LINODE_ACCESS_TOKEN`
+
+### Name.com
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/name.com)
+
+- `NAME_COM_API_USER`
+- `NAME_COM_API_KEY`
+- `NAME_COM_API_URL` (optional)
+
+### Namecheap
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/namecheap)
+
+- `NAMECHEAP_API_USER`
+- `NAMECHEAP_API_KEY`
+- `NAMECHEAP_BASE_URL` (optional)
+
+
+### NS1
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/ns1)
+
+- `NSONE_API_KEY`
+
+### OVH
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/ovh)
+
+- `OVH_APP_KEY`
+- `OVH_APP_SECRET_KEY`
+- `OVH_CONSUMER_KEY`
+
+### Amazon Route 53
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/route53)
+
+- `AWS_ACCESS_KEY_ID`
+- `AWS_SECRET_ACCESS_KEY`
+- `AWS_SESSION_TOKEN` (optional)
+
+### SoftLayer
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/softlayer)
+
+- `SOFTLAYER_USERNAME`
+- `SOFTLAYER_API_KEY`
+
+### Vultr
+
+[Documentation](https://stackexchange.github.io/dnscontrol/providers/vultr)
+
+- `VULTR_TOKEN`
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -1,6 +1,6 @@
 #!/usr/bin/env bash

-set -euo pipefail
+set -eo pipefail

 # NOTE: DNSControl requires a credentials file on disk. See: https://git.io/fhIb3
 echo "{}" > creds.json
@ -16,6 +16,12 @@ then
  add_key ".cloudflare.apiuser" "\$CLOUDFLARE_API_USER"
  add_key ".cloudflare.apikey" "\$CLOUDFLARE_API_KEY"

+  if [[ -n "$CLOUDFLARE_ACCOUNT_ID" && -n "$CLOUDFLARE_ACCOUNT_NAME" ]]
+  then
+    add_key ".cloudflare.accountid" "\$CLOUDFLARE_ACCOUNT_ID"
+    add_key ".cloudflare.accountname" "\$CLOUDFLARE_ACCOUNT_NAME"
+  fi
+
 elif [[ -n "$DIGITALOCEAN_OAUTH_TOKEN" ]]
 then
  # NOTE: https://stackexchange.github.io/dnscontrol/providers/digitalocean
@ -26,16 +32,66 @@ then
  # NOTE: https://stackexchange.github.io/dnscontrol/providers/dnsimple
  add_key ".dnsimple.token" "\$DNSIMPLE_ACCOUNT_ACCESS_TOKEN"

+elif [[ -n "$GANDI_API_KEY" ]]
+then
+  # NOTE: https://stackexchange.github.io/dnscontrol/providers/gandi
+  add_key ".gandi.apikey" "\$GANDI_API_KEY"
+
+elif [[ -n "$GOOGLE_CLOUD_PROJECT_ID" && -n "$GOOGLE_CLOUD_PRIVATE_KEY_ID"
+  && -n "$GOOGLE_CLOUD_PRIVATE_KEY" && -n "$GOOGLE_CLOUD_CLIENT_EMAIL"
+  && -n "$GOOGLE_CLOUD_CLIENT_ID" && -n "$GOOGLE_CLOUD_CLIENT_X509_CERT_URL" ]]
+then
+  # NOTE: https://stackexchange.github.io/dnscontrol/providers/gcloud
+  add_key ".gcloud.type" "service_account"
+  add_key "gcloud.project_id": "\$GOOGLE_CLOUD_PROJECT_ID",
+  add_key "gcloud.private_key_id": "\$GOOGLE_CLOUD_PRIVATE_KEY_ID",
+  add_key "gcloud.private_key": "\$GOOGLE_CLOUD_PRIVATE_KEY",
+  add_key "gcloud.client_email": "\$GOOGLE_CLOUD_CLIENT_EMAIL",
+  add_key "gcloud.client_id": "\$GOOGLE_CLOUD_CLIENT_ID",
+  add_key "gcloud.auth_uri": "https://accounts.google.com/o/oauth2/auth",
+  add_key "gcloud.token_uri": "https://accounts.google.com/o/oauth2/token",
+  add_key "gcloud.auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+  add_key "gcloud.client_x509_cert_url": "\$GOOGLE_CLOUD_CLIENT_X509_CERT_URL"
+
 elif [[ -n "$LINODE_ACCESS_TOKEN" ]]
 then
  # NOTE: https://stackexchange.github.io/dnscontrol/providers/linode
  add_key ".linode.token" "\$LINODE_ACCESS_TOKEN"

+elif [[ -n "$NAME_COM_API_USER" && -n "$NAME_COM_API_KEY" ]]
+then
+  # NOTE: https://stackexchange.github.io/dnscontrol/providers/name.com<Paste>
+  add_key ".[\"name.com\"].apiuser" "\$NAME_COM_API_USER"
+  add_key ".[\"name.com\"].apikey" "\$NAME_COM_API_KEY"
+
+  if [[ -n "$NAME_COM_API_URL" ]]
+  then
+    add_key ".[\"name.com\"].apiurl" "\$NAME_COM_API_URL"
+  fi
+
+elif [[ -n "$NAMECHEAP_API_USER" && -n "$NAMECHEAP_API_KEY" ]]
+then
+  # NOTE: https://stackexchange.github.io/dnscontrol/providers/namecheap
+  add_key ".namecheap.apiuser" "\$NAMECHEAP_API_USER"
+  add_key ".namecheap.apikey" "\$NAMECHEAP_API_KEY"
+
+  if [[ -n "$NAMECHEAP_BASE_URL" ]]
+  then
+    add_key ".namecheap.BaseURL" "\$NAMECHEAP_BASE_URL"
+  fi
+
 elif [[ -n "$NSONE_API_KEY" ]]
 then
  # NOTE: https://stackexchange.github.io/dnscontrol/providers/ns1
  add_key ".ns1.api_token" "\$NSONE_API_KEY"

+elif [[ -n "$OVH_APP_KEY" && -n "$OVH_APP_SECRET_KEY" && -n "$OVH_CONSUMER_KEY" ]]
+then
+  # NOTE: https://stackexchange.github.io/dnscontrol/providers/ovh
+  add_key ".ovh.app-key" "\$OVH_APP_KEY"
+  add_key ".ovh.app-seret-key" "\$OVH_APP_SECRET_KEY"
+  add_key ".ovh.consumer-key" "\$OVH_CONSUMER_KEY"
+
 elif [[ -n "$AWS_ACCESS_KEY_ID" && -n "$AWS_SECRET_ACCESS_KEY" ]]
 then
  # NOTE: https://stackexchange.github.io/dnscontrol/providers/route53
@ -46,6 +102,17 @@ then
  then
    add_key ".r53.Token" "\$AWS_SESSION_TOKEN"
  fi
+
+elif [[ -n "$SOFTLAYER_USERNAME" && -n "$SOFTLAYER_API_KEY" ]]
+then
+  # NOTE: https://stackexchange.github.io/dnscontrol/providers/softlayer
+  add_key ".softlayer.username" "\$SOFTLAYER_USERNAME"
+  add_key ".softlayer.api_key" "\$SOFTLAYER_API_KEY"
+
+elif [[ -n "$VULTR_TOKEN" ]]
+then
+  # NOTE: https://stackexchange.github.io/dnscontrol/providers/vultr
+  add_key ".vultr.token" "\$VULTR_TOKEN"
 fi

 sh -c "dnscontrol $*"