From 2f4396c2e5a5d018a1b2bd427f651551941971f0 Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 13 Jul 2021 23:18:21 +1200 Subject: [PATCH] Started pdns hooks --- go.mod | 1 + go.sum | 3 +++ main.go | 20 ++++++++++++++++++-- 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 42c1fbe..284f99a 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.13 require ( github.com/jetstack/cert-manager v1.2.0 + github.com/joeig/go-powerdns/v2 v2.4.1 github.com/miekg/dns v1.1.31 github.com/stretchr/testify v1.6.1 k8s.io/apiextensions-apiserver v0.19.0 diff --git a/go.sum b/go.sum index 24a784a..f485d00 100644 --- a/go.sum +++ b/go.sum @@ -348,10 +348,13 @@ github.com/imdario/mergo v0.3.9 h1:UauaLniWCFHWd+Jp9oCEkTBj8VO/9DKg3PV3VCNMDIg= github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jarcoal/httpmock v1.0.4/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik= github.com/jetstack/cert-manager v1.2.0 h1:xgXGdvHxGwCFjB13rCQ/fwa4A7FMpPRewa3wiW++EP4= github.com/jetstack/cert-manager v1.2.0/go.mod h1:maDZ7RUO9H6RB+/ks9XBe8jf9zdC8cI0dGY3HBLzTVQ= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/joeig/go-powerdns/v2 v2.4.1 h1:bo360+v9N/cDz+fCFqH7axbmkHWd4amjRFWoe0/7ahA= +github.com/joeig/go-powerdns/v2 v2.4.1/go.mod h1:VgLq0WK8knYT+c6RcD5dB/L3LUvUXHNnGZp/nmSwJBk= github.com/jonboulle/clockwork v0.1.0 h1:VKV+ZcuP6l3yW9doeqz6ziZGgcynBVQO+obU0+0hcPo= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= diff --git a/main.go b/main.go index 85aeac9..05ac084 100644 --- a/main.go +++ b/main.go @@ -11,6 +11,8 @@ import ( "github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1" "github.com/jetstack/cert-manager/pkg/acme/webhook/cmd" + + "github.com/joeig/go-powerdns/v2" ) var GroupName = os.Getenv("GROUP_NAME") @@ -42,6 +44,7 @@ type customDNSProviderSolver struct { // 4. ensure your webhook's service account has the required RBAC role // assigned to it for interacting with the Kubernetes APIs you need. //client kubernetes.Clientset + pdns *powerdns.Client } // customDNSProviderConfig is a structure that is used to decode into when @@ -66,6 +69,10 @@ type customDNSProviderConfig struct { //Email string `json:"email"` //APIKeySecretRef v1alpha1.SecretKeySelector `json:"apiKeySecretRef"` + + APIKey string `json:"apikey"` //Api Key TODO: make this a secret ref and do a api get + Server string `json:"server"` //Server Address + } // Name is used as the name for this DNS solver when referencing it on the ACME @@ -75,7 +82,7 @@ type customDNSProviderConfig struct { // within a single webhook deployment**. // For example, `cloudflare` may be used as the name of a solver. func (c *customDNSProviderSolver) Name() string { - return "my-custom-solver" + return "powerdns" } // Present is responsible for actually presenting the DNS record with the @@ -92,7 +99,16 @@ func (c *customDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error { // TODO: do something more useful with the decoded configuration fmt.Printf("Decoded configuration %v", cfg) - // TODO: add code that sets a record in the DNS provider's console + //TODO: get a client using a secret + kubeapi + c.pdns = powerdns.NewClient(cfg.Server, "", map[string]string{"X-API-Key": cfg.APIKey}, nil) + + if ch.Action == v1alpha1.ChallengeActionPresent { + //Add: zone, record, type, ttl, value + c.pdns.Records.Add(ch.ResolvedZone, ch.ResolvedFQDN, powerdns.RRTypeTXT, 10, []string{ch.Key}) + } else { + c.pdns.Records.Delete(ch.ResolvedZone, ch.ResolvedFQDN, powerdns.RRTypeTXT) + } + return nil }