Merge pull request #201 from janeczku/route53-fix-priv-zone

Route 53: Make sure we don't provision to a private hosted zone
This commit is contained in:
xenolf 2016-04-22 02:03:12 +02:00
commit 06124e0954

View file

@ -84,7 +84,7 @@ func (r *DNSProvider) CleanUp(domain, token, keyAuth string) error {
func (r *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error { func (r *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error {
hostedZoneID, err := r.getHostedZoneID(fqdn) hostedZoneID, err := r.getHostedZoneID(fqdn)
if err != nil { if err != nil {
return err return fmt.Errorf("Failed to determine Route 53 hosted zone ID: %v", err)
} }
recordSet := newTXTRecordSet(fqdn, value, ttl) recordSet := newTXTRecordSet(fqdn, value, ttl)
@ -103,7 +103,7 @@ func (r *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error {
resp, err := r.client.ChangeResourceRecordSets(reqParams) resp, err := r.client.ChangeResourceRecordSets(reqParams)
if err != nil { if err != nil {
return err return fmt.Errorf("Failed to change Route 53 record set: %v", err)
} }
statusID := resp.ChangeInfo.Id statusID := resp.ChangeInfo.Id
@ -114,7 +114,7 @@ func (r *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error {
} }
resp, err := r.client.GetChange(reqParams) resp, err := r.client.GetChange(reqParams)
if err != nil { if err != nil {
return false, err return false, fmt.Errorf("Failed to query Route 53 change status: %v", err)
} }
if *resp.ChangeInfo.Status == route53.ChangeStatusInsync { if *resp.ChangeInfo.Status == route53.ChangeStatusInsync {
return true, nil return true, nil
@ -131,25 +131,31 @@ func (r *DNSProvider) getHostedZoneID(fqdn string) (string, error) {
// .DNSName should not have a trailing dot // .DNSName should not have a trailing dot
reqParams := &route53.ListHostedZonesByNameInput{ reqParams := &route53.ListHostedZonesByNameInput{
DNSName: aws.String(acme.UnFqdn(authZone)), DNSName: aws.String(acme.UnFqdn(authZone)),
MaxItems: aws.String("1"),
} }
resp, err := r.client.ListHostedZonesByName(reqParams) resp, err := r.client.ListHostedZonesByName(reqParams)
if err != nil { if err != nil {
return "", err return "", err
} }
// .Name has a trailing dot var hostedZoneID string
if len(resp.HostedZones) == 0 || *resp.HostedZones[0].Name != authZone { for _, hostedZone := range resp.HostedZones {
return "", fmt.Errorf("Zone %s not found in Route53 for domain %s", authZone, fqdn) // .Name has a trailing dot
if !*hostedZone.Config.PrivateZone && *hostedZone.Name == authZone {
hostedZoneID = *hostedZone.Id
break
}
} }
zoneID := *resp.HostedZones[0].Id if len(hostedZoneID) == 0 {
if strings.HasPrefix(zoneID, "/hostedzone/") { return "", fmt.Errorf("Zone %s not found in Route 53 for domain %s", authZone, fqdn)
zoneID = strings.TrimPrefix(zoneID, "/hostedzone/")
} }
return zoneID, nil if strings.HasPrefix(hostedZoneID, "/hostedzone/") {
hostedZoneID = strings.TrimPrefix(hostedZoneID, "/hostedzone/")
}
return hostedZoneID, nil
} }
func newTXTRecordSet(fqdn, value string, ttl int) *route53.ResourceRecordSet { func newTXTRecordSet(fqdn, value string, ttl int) *route53.ResourceRecordSet {