TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 3 Projects Releases Packages Wiki Activity Actions
3717 commits 2 branches 70 tags 128 MiB
Commit graph

3717 commits

This branch
This branch
All branches
Author SHA1 Message Date
Yong Tang
ad41112a92
Add limit to ioutil.ReadAll for request body (#5224) 
This PR adds limit to ioutil.ReadAll for DoH request body
so that it will not be subject to large requests.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-04 12:18:05 -08:00
Chris O'Haver
967814161a
use tickers instead of time.After to avoid memory leak (#5220) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-03 23:36:02 -08:00
Yong Tang
d40d224271
Add additional permissions (#5217) 
* Add additional permissions

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Fix yamllint warning

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-02 07:01:45 -08:00
nathannaveen
f5acb9d12a
Updated workflow permissions. (#5216) 2022-03-02 04:47:08 -08:00
Yong Tang
a1429e1445
[plugin/rewrite] Refactor to satisfy security scan (#5214) 
this PR re-arrange the logic to avoid a false positive DAST scan.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-01 14:33:52 -05:00
Yong Tang
6c26446bb7
Fix pinning of github actions (#5213) 
It is recommended to pin github actions with hash so that an action
is not posing an unknown security risk (as the actions itself is not
written by us).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-01 11:32:00 -08:00
Yong Tang
402c08fea0
Add OSSF Security Scoreboard Scan (#5208) 
* Add OSSF Security Scoreboard Scan

This PR adds OSSF's Security Scoreboard Scan, to help tighten CoreDNS's security practice.

OSSF Scoreboard is recommended by GitHub. The result will show up in project's "Code Scanning Alerts" (together with existing CodeQL scan we already have).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-28 12:02:03 -05:00
dependabot[bot]
ef654ba6de
build(deps): bump github.com/Azure/azure-sdk-for-go (#5212) 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 61.6.0+incompatible to 62.0.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v61.6.0...v62.0.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:41:38 -08:00
dependabot[bot]
6712764d9b
build(deps): bump github.com/aws/aws-sdk-go from 1.43.2 to 1.43.7 (#5211) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.2 to 1.43.7.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.43.2...v1.43.7)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:41:25 -08:00
dependabot[bot]
be38f2caff
build(deps): bump google.golang.org/api from 0.69.0 to 0.70.0 (#5210) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.69.0 to 0.70.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.69.0...v0.70.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:40:40 -08:00
dependabot[bot]
978c9246d1
build(deps): bump k8s.io/client-go from 0.23.3 to 0.23.4 (#5209) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.23.3 to 0.23.4.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.23.3...v0.23.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:40:27 -08:00
Chris O'Haver
5166d9ddb5
briefly doc env vars and import substitution (#5207) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-25 15:24:33 -05:00
Chris O'Haver
66dc74caeb
plugin/etcd+kubernetes: Persist truncated state to client if CNAME lookup response is truncated (#4715) 
Persist the TC bit to client response for truncated CNAME lookups.
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-22 09:38:57 -05:00
Yong Tang
d3a118e1c1
Avoid expose arch-specific docker image tags (#5201) 
This PR tries to address the issue in 5199
where there were confusion on which image tag to use.
Because the image-specific `coredns/coredns-{arch}:version` is not usable
for all arch other than arm64, confusion happens.

This PR, for all arch-specific docker images:
1. Use `coredns/coredns:{arch}-version` (not `coredns/coredns-{arch}:version`)
   so that all images remain within the same docker repo (not multiple repos).
2. Push the arch-specific image `coredns/coredns:{arch}-version` to dockerhub.
3. Create manifest-specific `coredns/coredns:version` and `coredns/coredns:latest` from arch-specific images.
4. Push `coredns/coredns:version` and `coredns/coredns:latest` to dockerhub
5. Delete arch-specific image tags `coredns/coredns:{arch}-version` from dockerhub.

This will make arch-specific image tags invisible, but the  `coredns/coredns:version` and `coredns/coredns:latest`
will work as expected.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-22 09:35:16 -05:00
Chris O'Haver
74d4e9bb1b
kubernetes: log server start delay and api connection failures (#5044) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-22 09:21:45 -05:00
Yong Tang
b1d5d7c572
Replace deprecated NewDeltaFIFO with NewDeltaFIFOWithOptions (#5200) 
Replace deprecated  `cache.NewDeltaFIFO`

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-22 09:20:29 -05:00
coredns[bot]
a226205299 auto remove trailing whitespaces 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-02-22 10:28:07 +00:00
dependabot[bot]
8502892b03
build(deps): bump github.com/aws/aws-sdk-go from 1.42.52 to 1.43.2 (#5198) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.52 to 1.43.2.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.52...v1.43.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 07:08:14 -08:00
dependabot[bot]
49f88ba202
build(deps): bump github.com/Azure/azure-sdk-for-go (#5195) 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 61.5.0+incompatible to 61.6.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v61.5.0...v61.6.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 07:07:59 -08:00
dependabot[bot]
9a5cb3f59e
build(deps): bump k8s.io/api from 0.23.3 to 0.23.4 (#5194) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.23.3 to 0.23.4.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.23.3...v0.23.4)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 06:46:52 -08:00
dependabot[bot]
d0449826b7
build(deps): bump google.golang.org/api from 0.68.0 to 0.69.0 (#5197) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.68.0 to 0.69.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.68.0...v0.69.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 06:46:22 -08:00
dependabot[bot]
703ca84693
build(deps): bump k8s.io/apimachinery from 0.23.3 to 0.23.4 (#5196) 2022-02-21 05:18:15 -08:00
Yong Tang
2f020dcb30
Update to use the latest protobuf package to build pb (#5193) 
* Update to use the latest protobuf package to build pb

The pb package was generated some time ago with old version
of https://github.com/golang/protobuf which was deprecated
and in favor of google.golang.org/protobuf (see
deprecation notice in https://pkg.go.dev/github.com/golang/protobuf)

This PR updates the generation of pb package with
v1.27.1 of google.golang.org/protobuf.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Exclude pb from import test

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 23:11:45 -08:00
Yong Tang
c0c72e5894
Harden tls on all places (#5184) 
PR 2938 hardens tls though there are other places that uses TLS
as well and setTLSDefaults are not invoked in other paths.

This PR hardens tls on all places.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 12:26:08 -08:00
Chris O'Haver
f8a02aaf58
dont panic when from-zone cannot be normalized (#5170) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-17 15:13:18 -05:00
Yong Tang
5bb8947309
Add Reviewdog to suggestion gofmt and whitespace changes in pull request (#5155) 
use reviewdog to automatically suggest whitespace corrections in PRs
so that code will be clean before committing into master branch.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 15:12:03 -05:00
Yong Tang
35e2070009
Add retry logic before download asset from github (#5181) 
The docker release fails when released binaries are not available for download immediately after the release is created.
This PR adds retry logic (up to 10 min).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 14:59:40 -05:00
xuweiwei
86a5902209
plugin/file: add TXT RR test case (#5079) 
Signed-off-by: xuweiwei <xuweiwei_yewu@cmss.chinamobile.com>
 2022-02-17 13:58:18 -05:00
Rudolf Schönecker
c121aaab34
Add metric counting DNS-over-HTTPS responses (#5130) 
Signed-off-by: Rudolf Schonecker <rudolf.schonecker@jamf.com>
 2022-02-17 08:37:40 -05:00
Chris O'Haver
e5626a77bb
plugin/secondary: Fix startup transfer failure wrong zone logged (#5085) 
* avoid race

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-14 12:12:08 -05:00
Elijah Andrews
80195c399f
add zones label to cache metrics (#5124) 
* add zones to cache metrics

Signed-off-by: Elijah Andrews <elijahcandrews@gmail.com>
 2022-02-14 12:10:30 -05:00
dependabot[bot]
d97dbbef61
build(deps): bump google.golang.org/api from 0.67.0 to 0.68.0 (#5186) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.67.0 to 0.68.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.67.0...v0.68.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-14 08:37:55 -08:00
dependabot[bot]
749a38e151
build(deps): bump github.com/Azure/azure-sdk-for-go (#5187) 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 61.4.0+incompatible to 61.5.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v61.4.0...v61.5.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-14 08:37:44 -08:00
dependabot[bot]
717d1424b5
build(deps): bump github.com/aws/aws-sdk-go from 1.42.47 to 1.42.52 (#5188) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.47 to 1.42.52.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.47...v1.42.52)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-14 08:37:33 -08:00
Yong Tang
c6709d930f
Fix security scans by cleaning up file path (#5185) 
While performing security scans there were several
issue raised as G304 (CWE-22): Potential file inclusion via variable.
As some files path are taken from user input, it is possible the
filepath passed by user may have unintended effect if not properly formed.
This fix add Clean to remove the security warning and address some
potential issue.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-14 11:24:21 -05:00
coredns[bot]
b40f2a0a44 auto go fmt 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-02-14 10:32:27 +00:00
Chris O'Haver
fe9ba42590
plugin/autopath: Don't panic on empty token (#5169) 
* dont panic on empty token

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-10 09:00:27 -05:00
Chris O'Haver
c5eb7d0460
dont panic when from-zone cannot be normalized (#5171) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-10 08:59:34 -05:00
Chris O'Haver
d6743531ad
fix healthy proxy error case (#5168) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-10 08:58:46 -05:00
Chris O'Haver
4064430f81
fix notes (#5175) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 15:04:09 -05:00
Yong Tang
ace3dcb1a3
Add inital 1.9.0 release note (#5145) 
* Add inital 1.9.0 release note

Add inital 1.9.0 release note, will update later if there are
more items to add.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Update notes/coredns-1.9.0.md

Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Update notes/coredns-1.9.0.md

Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Update notes/coredns-1.9.0.md

Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Update version string to 1.9.0

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 11:26:02 -08:00
Chris O'Haver
4693f40990
Revert "add wildcard warnings (#5030)" (#5167) 
This reverts commit 744468ea78.
 2022-02-09 11:25:15 -08:00
Chris O'Haver
4349b6fa63
dont panic on empty SRV segments (#5173) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 13:52:53 -05:00
Chris O'Haver
daace98352
plugin/metrics: Acknowledge other stats exported in README (#5172) 
* mention default go stats and other plugin stats in README

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 13:52:18 -05:00
Tomas Hulata
b0edae07f1
Health-checks should respect force_tcp (#5109) 
* health check should respect force_tcp

Signed-off-by: tombokombo <tombo@sysart.tech>
 2022-02-09 09:45:52 -05:00
Chris O'Haver
abaf938623
remove wildcard query functionality (#5019) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 09:25:10 -05:00
Yong Tang
40a526b27f
Stale-bot: Do not mark issues stale when pending maintainer action (#5156) 
Only adds stale with labels 'answered,needs info' in issues and 'needs update' in PRs

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-09 08:41:05 -05:00
Yong Tang
041e1eabc6
Fix a couple of code scanning alerts (#5157) 
This PR fixed a couple of code scanning alerts:

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-07 09:09:12 -05:00
dependabot[bot]
69473c5cad
build(deps): bump github.com/miekg/dns from 1.1.45 to 1.1.46 (#5163) 2022-02-07 05:34:13 -08:00
dependabot[bot]
6c941258fa
build(deps): bump google.golang.org/api from 0.66.0 to 0.67.0 (#5162) 2022-02-07 05:34:04 -08:00