forked from TrueCloudLab/lego
Add DNS Provider for otc (#398)
* Add otc provider. * Added tests for provider otc. * Format dns_providers * fix getZoneId * Add for tests for provider otc. * Add proxy to transport in otc provider. * Use DefaultTransport in otc provider. * Make loginRequest private in provider otc. * better error handling in provider otc. * add more tests for provider otc.
This commit is contained in:
Christian Groschupp
xenolf
parent
68261a8b20
commit
4dde48a9b9
5 changed files with 656 additions and 0 deletions
1
cli.go
1
cli.go
|
|
@ -221,6 +221,7 @@ Here is an example bash command using the CloudFlare DNS provider:
|
|||
fmt.Fprintln(w, "\tovh:\tOVH_ENDPOINT, OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY")
|
||||
fmt.Fprintln(w, "\tpdns:\tPDNS_API_KEY, PDNS_API_URL")
|
||||
fmt.Fprintln(w, "\tdnspod:\tDNSPOD_API_KEY")
|
||||
fmt.Fprintln(w, "\totc:\tOTC_USER_NAME, OTC_PASSWORD, OTC_PROJECT_NAME, OTC_DOMAIN_NAME, OTC_IDENTITY_ENDPOINT")
|
||||
w.Flush()
|
||||
|
||||
fmt.Println(`
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ import (
|
|||
"github.com/xenolf/lego/providers/dns/linode"
|
||||
"github.com/xenolf/lego/providers/dns/namecheap"
|
||||
"github.com/xenolf/lego/providers/dns/ns1"
|
||||
"github.com/xenolf/lego/providers/dns/otc"
|
||||
"github.com/xenolf/lego/providers/dns/ovh"
|
||||
"github.com/xenolf/lego/providers/dns/pdns"
|
||||
"github.com/xenolf/lego/providers/dns/rackspace"
|
||||
|
|
@ -73,6 +74,8 @@ func NewDNSChallengeProviderByName(name string) (acme.ChallengeProvider, error)
|
|||
provider, err = pdns.NewDNSProvider()
|
||||
case "ns1":
|
||||
provider, err = ns1.NewDNSProvider()
|
||||
case "otc":
|
||||
provider, err = otc.NewDNSProvider()
|
||||
default:
|
||||
err = fmt.Errorf("Unrecognised DNS provider: %s", name)
|
||||
}
|
||||
|
|
|
|||
152
providers/dns/otc/mock.go
Normal file
152
providers/dns/otc/mock.go
Normal file
|
|
@ -0,0 +1,152 @@
|
|||
package otc
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
)
|
||||
|
||||
var fakeOTCUserName = "test"
|
||||
var fakeOTCPassword = "test"
|
||||
var fakeOTCDomainName = "test"
|
||||
var fakeOTCProjectName = "test"
|
||||
var fakeOTCToken = "62244bc21da68d03ebac94e6636ff01f"
|
||||
|
||||
type DNSMock struct {
|
||||
t *testing.T
|
||||
Server *httptest.Server
|
||||
Mux *http.ServeMux
|
||||
}
|
||||
|
||||
func NewDNSMock(t *testing.T) *DNSMock {
|
||||
return &DNSMock{
|
||||
t: t,
|
||||
}
|
||||
}
|
||||
|
||||
// Setup creates the mock server
|
||||
func (m *DNSMock) Setup() {
|
||||
m.Mux = http.NewServeMux()
|
||||
m.Server = httptest.NewServer(m.Mux)
|
||||
}
|
||||
|
||||
// ShutdownServer creates the mock server
|
||||
func (m *DNSMock) ShutdownServer() {
|
||||
m.Server.Close()
|
||||
}
|
||||
|
||||
func (m *DNSMock) HandleAuthSuccessfully() {
|
||||
m.Mux.HandleFunc("/v3/auth/token", func(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("X-Subject-Token", fakeOTCToken)
|
||||
|
||||
fmt.Fprintf(w, `{
|
||||
"token": {
|
||||
"catalog": [
|
||||
{
|
||||
"type": "dns",
|
||||
"id": "56cd81db1f8445d98652479afe07c5ba",
|
||||
"name": "",
|
||||
"endpoints": [
|
||||
{
|
||||
"url": "%s",
|
||||
"region": "eu-de",
|
||||
"region_id": "eu-de",
|
||||
"interface": "public",
|
||||
"id": "0047a06690484d86afe04877074efddf"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}}`, m.Server.URL)
|
||||
})
|
||||
}
|
||||
|
||||
func (m *DNSMock) HandleListZonesSuccessfully() {
|
||||
m.Mux.HandleFunc("/v2/zones", func(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, `{
|
||||
"zones":[{
|
||||
"id":"123123"
|
||||
}]}
|
||||
`)
|
||||
|
||||
assert.Equal(m.t, r.Method, "GET")
|
||||
assert.Equal(m.t, r.URL.Path, "/v2/zones")
|
||||
assert.Equal(m.t, r.URL.RawQuery, "name=example.com.")
|
||||
assert.Equal(m.t, r.Header.Get("Content-Type"), "application/json")
|
||||
})
|
||||
}
|
||||
|
||||
func (m *DNSMock) HandleListZonesEmpty() {
|
||||
m.Mux.HandleFunc("/v2/zones", func(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, `{
|
||||
"zones":[
|
||||
]}
|
||||
`)
|
||||
|
||||
assert.Equal(m.t, r.Method, "GET")
|
||||
assert.Equal(m.t, r.URL.Path, "/v2/zones")
|
||||
assert.Equal(m.t, r.URL.RawQuery, "name=example.com.")
|
||||
assert.Equal(m.t, r.Header.Get("Content-Type"), "application/json")
|
||||
})
|
||||
}
|
||||
|
||||
func (m *DNSMock) HandleDeleteRecordsetsSuccessfully() {
|
||||
m.Mux.HandleFunc("/v2/zones/123123/recordsets/321321", func(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, `{
|
||||
"zones":[{
|
||||
"id":"123123"
|
||||
}]}
|
||||
`)
|
||||
|
||||
assert.Equal(m.t, r.Method, "DELETE")
|
||||
assert.Equal(m.t, r.URL.Path, "/v2/zones/123123/recordsets/321321")
|
||||
assert.Equal(m.t, r.Header.Get("Content-Type"), "application/json")
|
||||
})
|
||||
}
|
||||
|
||||
func (m *DNSMock) HandleListRecordsetsEmpty() {
|
||||
m.Mux.HandleFunc("/v2/zones/123123/recordsets", func(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, `{
|
||||
"recordsets":[
|
||||
]}
|
||||
`)
|
||||
|
||||
assert.Equal(m.t, r.URL.Path, "/v2/zones/123123/recordsets")
|
||||
assert.Equal(m.t, r.URL.RawQuery, "type=TXT&name=_acme-challenge.example.com.")
|
||||
})
|
||||
}
|
||||
func (m *DNSMock) HandleListRecordsetsSuccessfully() {
|
||||
m.Mux.HandleFunc("/v2/zones/123123/recordsets", func(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method == "GET" {
|
||||
fmt.Fprintf(w, `{
|
||||
"recordsets":[{
|
||||
"id":"321321"
|
||||
}]}
|
||||
`)
|
||||
|
||||
assert.Equal(m.t, r.URL.Path, "/v2/zones/123123/recordsets")
|
||||
assert.Equal(m.t, r.URL.RawQuery, "type=TXT&name=_acme-challenge.example.com.")
|
||||
|
||||
} else if r.Method == "POST" {
|
||||
body, err := ioutil.ReadAll(r.Body)
|
||||
|
||||
assert.Nil(m.t, err)
|
||||
exceptedString := "{\"name\":\"_acme-challenge.example.com.\",\"description\":\"Added TXT record for ACME dns-01 challenge using lego client\",\"type\":\"TXT\",\"ttl\":300,\"records\":[\"\\\"w6uP8Tcg6K2QR905Rms8iXTlksL6OD1KOWBxTK7wxPI\\\"\"]}"
|
||||
assert.Equal(m.t, string(body), exceptedString)
|
||||
|
||||
fmt.Fprintf(w, `{
|
||||
"recordsets":[{
|
||||
"id":"321321"
|
||||
}]}
|
||||
`)
|
||||
|
||||
} else {
|
||||
m.t.Errorf("Expected method to be 'GET' or 'POST' but got '%s'", r.Method)
|
||||
}
|
||||
|
||||
assert.Equal(m.t, r.Header.Get("Content-Type"), "application/json")
|
||||
})
|
||||
}
|
||||
388
providers/dns/otc/otc.go
Normal file
388
providers/dns/otc/otc.go
Normal file
|
|
@ -0,0 +1,388 @@
|
|||
// Package otc implements a DNS provider for solving the DNS-01 challenge
|
||||
// using Open Telekom Cloud Managed DNS.
|
||||
package otc
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/xenolf/lego/acme"
|
||||
)
|
||||
|
||||
// DNSProvider is an implementation of the acme.ChallengeProvider interface that uses
|
||||
// OTC's Managed DNS API to manage TXT records for a domain.
|
||||
type DNSProvider struct {
|
||||
identityEndpoint string
|
||||
otcBaseURL string
|
||||
domainName string
|
||||
projectName string
|
||||
userName string
|
||||
password string
|
||||
token string
|
||||
}
|
||||
|
||||
// NewDNSProvider returns a DNSProvider instance configured for OTC DNS.
|
||||
// Credentials must be passed in the environment variables: OTC_USER_NAME,
|
||||
// OTC_DOMAIN_NAME, OTC_PASSWORD OTC_PROJECT_NAME and OTC_IDENTITY_ENDPOINT.
|
||||
func NewDNSProvider() (*DNSProvider, error) {
|
||||
domainName := os.Getenv("OTC_DOMAIN_NAME")
|
||||
userName := os.Getenv("OTC_USER_NAME")
|
||||
password := os.Getenv("OTC_PASSWORD")
|
||||
projectName := os.Getenv("OTC_PROJECT_NAME")
|
||||
identityEndpoint := os.Getenv("OTC_IDENTITY_ENDPOINT")
|
||||
return NewDNSProviderCredentials(domainName, userName, password, projectName, identityEndpoint)
|
||||
}
|
||||
|
||||
// NewDNSProviderCredentials uses the supplied credentials to return a
|
||||
// DNSProvider instance configured for OTC DNS.
|
||||
func NewDNSProviderCredentials(domainName, userName, password, projectName, identityEndpoint string) (*DNSProvider, error) {
|
||||
if domainName == "" || userName == "" || password == "" || projectName == "" {
|
||||
return nil, fmt.Errorf("OTC credentials missing")
|
||||
}
|
||||
|
||||
if identityEndpoint == "" {
|
||||
identityEndpoint = "https://iam.eu-de.otc.t-systems.com:443/v3/auth/tokens"
|
||||
}
|
||||
|
||||
return &DNSProvider{
|
||||
identityEndpoint: identityEndpoint,
|
||||
domainName: domainName,
|
||||
userName: userName,
|
||||
password: password,
|
||||
projectName: projectName,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) SendRequest(method, resource string, payload interface{}) (io.Reader, error) {
|
||||
url := fmt.Sprintf("%s/%s", d.otcBaseURL, resource)
|
||||
|
||||
body, err := json.Marshal(payload)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
req, err := http.NewRequest(method, url, bytes.NewReader(body))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
if len(d.token) > 0 {
|
||||
req.Header.Set("X-Auth-Token", d.token)
|
||||
}
|
||||
|
||||
// Workaround for keep alive bug in otc api
|
||||
tr := http.DefaultTransport.(*http.Transport)
|
||||
tr.DisableKeepAlives = true
|
||||
|
||||
client := &http.Client{
|
||||
Timeout: time.Duration(10 * time.Second),
|
||||
Transport: tr,
|
||||
}
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode >= 400 {
|
||||
return nil, fmt.Errorf("OTC API request %s failed with HTTP status code %d", url, resp.StatusCode)
|
||||
}
|
||||
|
||||
body1, err := ioutil.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return bytes.NewReader(body1), nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) loginRequest() error {
|
||||
type nameResponse struct {
|
||||
Name string `json:"name"`
|
||||
}
|
||||
|
||||
type userResponse struct {
|
||||
Name string `json:"name"`
|
||||
Password string `json:"password"`
|
||||
Domain nameResponse `json:"domain"`
|
||||
}
|
||||
|
||||
type passwordResponse struct {
|
||||
User userResponse `json:"user"`
|
||||
}
|
||||
type identityResponse struct {
|
||||
Methods []string `json:"methods"`
|
||||
Password passwordResponse `json:"password"`
|
||||
}
|
||||
|
||||
type scopeResponse struct {
|
||||
Project nameResponse `json:"project"`
|
||||
}
|
||||
|
||||
type authResponse struct {
|
||||
Identity identityResponse `json:"identity"`
|
||||
Scope scopeResponse `json:"scope"`
|
||||
}
|
||||
|
||||
type loginResponse struct {
|
||||
Auth authResponse `json:"auth"`
|
||||
}
|
||||
|
||||
userResp := userResponse{
|
||||
Name: d.userName,
|
||||
Password: d.password,
|
||||
Domain: nameResponse{
|
||||
Name: d.domainName,
|
||||
},
|
||||
}
|
||||
|
||||
loginResp := loginResponse{
|
||||
Auth: authResponse{
|
||||
Identity: identityResponse{
|
||||
Methods: []string{"password"},
|
||||
Password: passwordResponse{
|
||||
User: userResp,
|
||||
},
|
||||
},
|
||||
Scope: scopeResponse{
|
||||
Project: nameResponse{
|
||||
Name: d.projectName,
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
body, err := json.Marshal(loginResp)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
req, err := http.NewRequest("POST", d.identityEndpoint, bytes.NewReader(body))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
|
||||
client := &http.Client{Timeout: time.Duration(10 * time.Second)}
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode >= 400 {
|
||||
return fmt.Errorf("OTC API request failed with HTTP status code %d", resp.StatusCode)
|
||||
}
|
||||
|
||||
d.token = resp.Header.Get("X-Subject-Token")
|
||||
|
||||
if d.token == "" {
|
||||
return fmt.Errorf("unable to get auth token")
|
||||
}
|
||||
|
||||
type endpointResponse struct {
|
||||
Token struct {
|
||||
Catalog []struct {
|
||||
Type string `json:"type"`
|
||||
Endpoints []struct {
|
||||
URL string `json:"url"`
|
||||
} `json:"endpoints"`
|
||||
} `json:"catalog"`
|
||||
} `json:"token"`
|
||||
}
|
||||
var endpointResp endpointResponse
|
||||
|
||||
err = json.NewDecoder(resp.Body).Decode(&endpointResp)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
for _, v := range endpointResp.Token.Catalog {
|
||||
if v.Type == "dns" {
|
||||
for _, endpoint := range v.Endpoints {
|
||||
d.otcBaseURL = fmt.Sprintf("%s/v2", endpoint.URL)
|
||||
continue
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if d.otcBaseURL == "" {
|
||||
return fmt.Errorf("unable to get dns endpoint")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Starts a new OTC API Session. Authenticates using userName, password
|
||||
// and receives a token to be used in for subsequent requests.
|
||||
func (d *DNSProvider) login() error {
|
||||
err := d.loginRequest()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) getZoneID(zone string) (string, error) {
|
||||
type zoneItem struct {
|
||||
ID string `json:"id"`
|
||||
}
|
||||
|
||||
type zonesResponse struct {
|
||||
Zones []zoneItem `json:"zones"`
|
||||
}
|
||||
|
||||
resource := fmt.Sprintf("zones?name=%s", zone)
|
||||
resp, err := d.SendRequest("GET", resource, nil)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
var zonesRes zonesResponse
|
||||
err = json.NewDecoder(resp).Decode(&zonesRes)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
if len(zonesRes.Zones) < 1 {
|
||||
return "", fmt.Errorf("zone %s not found", zone)
|
||||
}
|
||||
|
||||
if len(zonesRes.Zones) > 1 {
|
||||
return "", fmt.Errorf("to many zones found")
|
||||
}
|
||||
|
||||
if zonesRes.Zones[0].ID == "" {
|
||||
return "", fmt.Errorf("id not found")
|
||||
}
|
||||
|
||||
return zonesRes.Zones[0].ID, nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) getRecordSetID(zoneID string, fqdn string) (string, error) {
|
||||
type recordSet struct {
|
||||
ID string `json:"id"`
|
||||
}
|
||||
|
||||
type recordSetsResponse struct {
|
||||
RecordSets []recordSet `json:"recordsets"`
|
||||
}
|
||||
|
||||
resource := fmt.Sprintf("zones/%s/recordsets?type=TXT&name=%s", zoneID, fqdn)
|
||||
resp, err := d.SendRequest("GET", resource, nil)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
var recordSetsRes recordSetsResponse
|
||||
err = json.NewDecoder(resp).Decode(&recordSetsRes)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
if len(recordSetsRes.RecordSets) < 1 {
|
||||
return "", fmt.Errorf("record not found")
|
||||
}
|
||||
|
||||
if len(recordSetsRes.RecordSets) > 1 {
|
||||
return "", fmt.Errorf("to many records found")
|
||||
}
|
||||
|
||||
if recordSetsRes.RecordSets[0].ID == "" {
|
||||
return "", fmt.Errorf("id not found")
|
||||
}
|
||||
|
||||
return recordSetsRes.RecordSets[0].ID, nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) deleteRecordSet(zoneID, recordID string) error {
|
||||
resource := fmt.Sprintf("zones/%s/recordsets/%s", zoneID, recordID)
|
||||
|
||||
_, err := d.SendRequest("DELETE", resource, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Present creates a TXT record using the specified parameters
|
||||
func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||
fqdn, value, ttl := acme.DNS01Record(domain, keyAuth)
|
||||
|
||||
if ttl < 300 {
|
||||
ttl = 300 // 300 is otc minimum value for ttl
|
||||
}
|
||||
|
||||
authZone, err := acme.FindZoneByFqdn(fqdn, acme.RecursiveNameservers)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
err = d.login()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
zoneID, err := d.getZoneID(authZone)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to get zone: %s", err)
|
||||
}
|
||||
|
||||
resource := fmt.Sprintf("zones/%s/recordsets", zoneID)
|
||||
|
||||
type recordset struct {
|
||||
Name string `json:"name"`
|
||||
Description string `json:"description"`
|
||||
Type string `json:"type"`
|
||||
Ttl int `json:"ttl"`
|
||||
Records []string `json:"records"`
|
||||
}
|
||||
|
||||
r1 := &recordset{
|
||||
Name: fqdn,
|
||||
Description: "Added TXT record for ACME dns-01 challenge using lego client",
|
||||
Type: "TXT",
|
||||
Ttl: 300,
|
||||
Records: []string{fmt.Sprintf("\"%s\"", value)},
|
||||
}
|
||||
_, err = d.SendRequest("POST", resource, r1)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// CleanUp removes the TXT record matching the specified parameters
|
||||
func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||
fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
|
||||
|
||||
authZone, err := acme.FindZoneByFqdn(fqdn, acme.RecursiveNameservers)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
err = d.login()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
zoneID, err := d.getZoneID(authZone)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
recordID, err := d.getRecordSetID(zoneID, fqdn)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable go get record %s for zone %s: %s", fqdn, domain, err)
|
||||
}
|
||||
return d.deleteRecordSet(zoneID, recordID)
|
||||
}
|
||||
112
providers/dns/otc/otc_test.go
Normal file
112
providers/dns/otc/otc_test.go
Normal file
|
|
@ -0,0 +1,112 @@
|
|||
package otc
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"os"
|
||||
"testing"
|
||||
)
|
||||
|
||||
type OTCDNSTestSuite struct {
|
||||
suite.Suite
|
||||
Mock *DNSMock
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TearDownSuite() {
|
||||
s.Mock.ShutdownServer()
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) SetupTest() {
|
||||
s.Mock = NewDNSMock(s.T())
|
||||
s.Mock.Setup()
|
||||
s.Mock.HandleAuthSuccessfully()
|
||||
|
||||
}
|
||||
|
||||
func TestOTCDNSTestSuite(t *testing.T) {
|
||||
suite.Run(t, new(OTCDNSTestSuite))
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) createDNSProvider() (*DNSProvider, error) {
|
||||
url := fmt.Sprintf("%s/v3/auth/token", s.Mock.Server.URL)
|
||||
return NewDNSProviderCredentials(fakeOTCUserName, fakeOTCPassword, fakeOTCDomainName, fakeOTCProjectName, url)
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TestOTCDNSLoginEnv() {
|
||||
os.Setenv("OTC_DOMAIN_NAME", "unittest1")
|
||||
os.Setenv("OTC_USER_NAME", "unittest2")
|
||||
os.Setenv("OTC_PASSWORD", "unittest3")
|
||||
os.Setenv("OTC_PROJECT_NAME", "unittest4")
|
||||
os.Setenv("OTC_IDENTITY_ENDPOINT", "unittest5")
|
||||
|
||||
provider, err := NewDNSProvider()
|
||||
assert.Nil(s.T(), err)
|
||||
assert.Equal(s.T(), provider.domainName, "unittest1")
|
||||
assert.Equal(s.T(), provider.userName, "unittest2")
|
||||
assert.Equal(s.T(), provider.password, "unittest3")
|
||||
assert.Equal(s.T(), provider.projectName, "unittest4")
|
||||
assert.Equal(s.T(), provider.identityEndpoint, "unittest5")
|
||||
|
||||
os.Setenv("OTC_IDENTITY_ENDPOINT", "")
|
||||
|
||||
provider, err = NewDNSProvider()
|
||||
assert.Nil(s.T(), err)
|
||||
assert.Equal(s.T(), provider.identityEndpoint, "https://iam.eu-de.otc.t-systems.com:443/v3/auth/tokens")
|
||||
|
||||
os.Clearenv()
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TestOTCDNSLoginEnvEmpty() {
|
||||
_, err := NewDNSProvider()
|
||||
assert.Equal(s.T(), "OTC credentials missing", err.Error())
|
||||
|
||||
os.Clearenv()
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TestOTCDNSLogin() {
|
||||
otcProvider, err := s.createDNSProvider()
|
||||
|
||||
assert.Nil(s.T(), err)
|
||||
err = otcProvider.loginRequest()
|
||||
assert.Nil(s.T(), err)
|
||||
assert.Equal(s.T(), otcProvider.otcBaseURL, fmt.Sprintf("%s/v2", s.Mock.Server.URL))
|
||||
assert.Equal(s.T(), fakeOTCToken, otcProvider.token)
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TestOTCDNSEmptyZone() {
|
||||
s.Mock.HandleListZonesEmpty()
|
||||
s.Mock.HandleListRecordsetsSuccessfully()
|
||||
|
||||
otcProvider, _ := s.createDNSProvider()
|
||||
err := otcProvider.Present("example.com", "", "foobar")
|
||||
assert.NotNil(s.T(), err)
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TestOTCDNSEmptyRecordset() {
|
||||
s.Mock.HandleListZonesSuccessfully()
|
||||
s.Mock.HandleListRecordsetsEmpty()
|
||||
|
||||
otcProvider, _ := s.createDNSProvider()
|
||||
err := otcProvider.CleanUp("example.com", "", "foobar")
|
||||
assert.NotNil(s.T(), err)
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TestOTCDNSPresent() {
|
||||
s.Mock.HandleListZonesSuccessfully()
|
||||
s.Mock.HandleListRecordsetsSuccessfully()
|
||||
|
||||
otcProvider, _ := s.createDNSProvider()
|
||||
err := otcProvider.Present("example.com", "", "foobar")
|
||||
assert.Nil(s.T(), err)
|
||||
}
|
||||
|
||||
func (s *OTCDNSTestSuite) TestOTCDNSCleanup() {
|
||||
s.Mock.HandleListZonesSuccessfully()
|
||||
s.Mock.HandleListRecordsetsSuccessfully()
|
||||
s.Mock.HandleDeleteRecordsetsSuccessfully()
|
||||
|
||||
otcProvider, _ := s.createDNSProvider()
|
||||
err := otcProvider.CleanUp("example.com", "", "foobar")
|
||||
assert.Nil(s.T(), err)
|
||||
}
|
||||
Loading…
Reference in a new issue