simon/cert-manager-webhook-manitu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

rename hetzner to manitu

Browse Source
This commit is contained in:
Simon Zeyer 2022-10-14 14:02:23 +00:00
parent 3f5236a9b9
commit 8fc6c4f7de
13 changed files with 119 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@ -1,4 +1,4 @@
IMAGE_NAME := "mecodia/cert-manager-webhook-hetzner"
IMAGE_NAME := "mecodia/cert-manager-webhook-manitu"
OS ?= $(shell go env GOOS)
ARCH ?= $(shell go env GOARCH)
@ -36,4 +36,4 @@ rendered-manifest.yaml:
--name example-webhook \
--set image.repository=$(IMAGE_NAME) \
--set image.tag=$(IMAGE_TAG) \
deploy/hetzner-webhook > "$(OUT)/rendered-manifest.yaml"
deploy/manitu-webhook > "$(OUT)/rendered-manifest.yaml"

28
README.md
View File

@ -1,11 +1,11 @@
# ACME Webhook for Hetzner DNS
# ACME Webhook for Manitu DNS
This project provides a [cert-manager](https://cert-manager.io) ACME Webhook for [Hetzner DNS](https://hetzner.de/)
This project provides a [cert-manager](https://cert-manager.io) ACME Webhook for [Manitu DNS](https://manitu.de/)
and is based on the [Example Webhook](https://github.com/jetstack/cert-manager-webhook-example)
This README and the inspiration for this webhook was mostly taken from [Stephan Müllers INWX Webhook](https://gitlab.com/smueller18/cert-manager-webhook-inwx).
The Helm Chart is automatically published via [github pages](https://mecodia.github.io/cert-manager-webhook-hetzner/).
The Helm Chart is automatically published via [github pages](https://mecodia.github.io/cert-manager-webhook-manitu/).
## Requirements
@ -19,10 +19,10 @@ The following table lists the configurable parameters of the cert-manager chart
| Parameter | Description | Default |
| --------- | ----------- | ------- |
| `groupName` | Group name of the API service. | `dns.hetzner.cloud` |
| `groupName` | Group name of the API service. | `dns.manitu.cloud` |
| `certManager.namespace` | Namespace where cert-manager is deployed to. | `kube-system` |
| `certManager.serviceAccountName` | Service account of cert-manager installation. | `cert-manager` |
| `image.repository` | Image repository | `mecodia/cert-manager-webhook-hetzner` |
| `image.repository` | Image repository | `mecodia/cert-manager-webhook-manitu` |
| `image.tag` | Image tag | `latest` |
| `image.pullPolicy` | Image pull policy | `Always` |
| `service.type` | API service type | `ClusterIP` |
@ -41,16 +41,16 @@ Follow the [instructions](https://cert-manager.io/docs/installation/) using the
### Webhook
```bash
git clone https://github.com/mecodia/cert-manager-webhook-hetzner.git
cd cert-manager-webhook-hetzner
helm install --namespace kube-system cert-manager-webhook-hetzner ./deploy/cert-manager-webhook-hetzner
git clone https://github.com/mecodia/cert-manager-webhook-manitu.git
cd cert-manager-webhook-manitu
helm install --namespace kube-system cert-manager-webhook-manitu ./deploy/cert-manager-webhook-manitu
```
**Note**: The kubernetes resources used to install the Webhook should be deployed within the same namespace as the cert-manager.
To uninstall the webhook run
```bash
helm uninstall --namespace kube-system cert-manager-webhook-hetzner
helm uninstall --namespace kube-system cert-manager-webhook-manitu
```
## Issuer
@ -76,15 +76,15 @@ spec:
solvers:
- dns01:
webhook:
groupName: dns.hetzner.cloud
solverName: hetzner
groupName: dns.manitu.cloud
solverName: manitu
config:
APIKey: <YOUR-DNS-API-KEY-HERE>
```
### Credentials
For accessing the Hetzner DNS API, you need an API Token which you can create in the [DNS Console](https://dns.hetzner.com/settings/api-token).
For accessing the Manitu DNS API, you need an API Token which you can create in the [DNS Console](https://dns.manitu.com/settings/api-token).
Currently we don't provide a way to use secrets for you API KEY.
@ -121,7 +121,7 @@ spec:
scripts/fetch-test-binaries.sh
```
1. Create a new test account at [Hetzner DNS Console](https://dns.hetzner.com/) or use an existing account
1. Create a new test account at [Manitu DNS Console](https://dns.manitu.com/) or use an existing account
1. Go to `testdata/config.json` and replace your api key.
@ -142,5 +142,5 @@ sudo microk8s.enable dns rbac
sudo microk8s.kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v0.12.0/cert-manager.yaml
sudo microk8s.config > /tmp/microk8s.config
export KUBECONFIG=/tmp/microk8s.config
helm install --namespace kube-system cert-manager-webhook-hetzner deploy/hetzner-webhook
helm install --namespace kube-system cert-manager-webhook-manitu deploy/manitu-webhook
```

6
charts/cert-manager-webhook-hetzner/Chart.yaml
View File

@ -1,8 +1,8 @@
apiVersion: v1
description: A Helm chart for the Hetzner DNS webhook for cert-manager
name: cert-manager-webhook-hetzner
description: A Helm chart for the Manitu DNS webhook for cert-manager
name: cert-manager-webhook-manitu
version: 0.2.0
appVersion: 0.2.0
maintainers:
- name: mecodia GmbH
url: https://github.com/mecodia/cert-manager-webhook-hetzner
url: https://github.com/mecodia/cert-manager-webhook-manitu

22
charts/cert-manager-webhook-hetzner/templates/_helpers.tpl
View File

@ -2,7 +2,7 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "cert-manager-webhook-hetzner.name" -}}
{{- define "cert-manager-webhook-manitu.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
@ -11,7 +11,7 @@ Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "cert-manager-webhook-hetzner.fullname" -}}
{{- define "cert-manager-webhook-manitu.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
@ -27,22 +27,22 @@ If release name contains chart name it will be used as a full name.
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "cert-manager-webhook-hetzner.chart" -}}
{{- define "cert-manager-webhook-manitu.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "cert-manager-webhook-hetzner.selfSignedIssuer" -}}
{{ printf "%s-selfsign" (include "cert-manager-webhook-hetzner.fullname" .) }}
{{- define "cert-manager-webhook-manitu.selfSignedIssuer" -}}
{{ printf "%s-selfsign" (include "cert-manager-webhook-manitu.fullname" .) }}
{{- end -}}
{{- define "cert-manager-webhook-hetzner.rootCAIssuer" -}}
{{ printf "%s-ca" (include "cert-manager-webhook-hetzner.fullname" .) }}
{{- define "cert-manager-webhook-manitu.rootCAIssuer" -}}
{{ printf "%s-ca" (include "cert-manager-webhook-manitu.fullname" .) }}
{{- end -}}
{{- define "cert-manager-webhook-hetzner.rootCACertificate" -}}
{{ printf "%s-ca" (include "cert-manager-webhook-hetzner.fullname" .) }}
{{- define "cert-manager-webhook-manitu.rootCACertificate" -}}
{{ printf "%s-ca" (include "cert-manager-webhook-manitu.fullname" .) }}
{{- end -}}
{{- define "cert-manager-webhook-hetzner.servingCertificate" -}}
{{ printf "%s-webhook-tls" (include "cert-manager-webhook-hetzner.fullname" .) }}
{{- define "cert-manager-webhook-manitu.servingCertificate" -}}
{{ printf "%s-webhook-tls" (include "cert-manager-webhook-manitu.fullname" .) }}
{{- end -}}

8
charts/cert-manager-webhook-hetzner/templates/apiservice.yaml
View File

@ -3,17 +3,17 @@ kind: APIService
metadata:
name: v1alpha1.{{ .Values.groupName }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/{{ include "cert-manager-webhook-hetzner.servingCertificate" . }}"
cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/{{ include "cert-manager-webhook-manitu.servingCertificate" . }}"
spec:
group: {{ .Values.groupName }}
groupPriorityMinimum: 1000
versionPriority: 15
service:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}
name: {{ include "cert-manager-webhook-manitu.fullname" . }}
namespace: {{ .Release.Namespace }}
version: v1alpha1

14
charts/cert-manager-webhook-hetzner/templates/deployment.yaml
View File

@ -1,26 +1,26 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}
name: {{ include "cert-manager-webhook-manitu.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
release: {{ .Release.Name }}
spec:
serviceAccountName: {{ include "cert-manager-webhook-hetzner.fullname" . }}
serviceAccountName: {{ include "cert-manager-webhook-manitu.fullname" . }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
@ -55,7 +55,7 @@ spec:
volumes:
- name: certs
secret:
secretName: {{ include "cert-manager-webhook-hetzner.servingCertificate" . }}
secretName: {{ include "cert-manager-webhook-manitu.servingCertificate" . }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}

42
charts/cert-manager-webhook-hetzner/templates/pki.yaml
View File

@ -4,11 +4,11 @@
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: {{ include "cert-manager-webhook-hetzner.selfSignedIssuer" . }}
name: {{ include "cert-manager-webhook-manitu.selfSignedIssuer" . }}
namespace: {{ .Release.Namespace | quote }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
@ -20,19 +20,19 @@ spec:
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ include "cert-manager-webhook-hetzner.rootCACertificate" . }}
name: {{ include "cert-manager-webhook-manitu.rootCACertificate" . }}
namespace: {{ .Release.Namespace | quote }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
secretName: {{ include "cert-manager-webhook-hetzner.rootCACertificate" . }}
secretName: {{ include "cert-manager-webhook-manitu.rootCACertificate" . }}
duration: 43800h # 5y
issuerRef:
name: {{ include "cert-manager-webhook-hetzner.selfSignedIssuer" . }}
commonName: "ca.cert-manager-webhook-hetzner.cert-manager"
name: {{ include "cert-manager-webhook-manitu.selfSignedIssuer" . }}
commonName: "ca.cert-manager-webhook-manitu.cert-manager"
isCA: true
---
@ -41,16 +41,16 @@ spec:
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: {{ include "cert-manager-webhook-hetzner.rootCAIssuer" . }}
name: {{ include "cert-manager-webhook-manitu.rootCAIssuer" . }}
namespace: {{ .Release.Namespace | quote }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
ca:
secretName: {{ include "cert-manager-webhook-hetzner.rootCACertificate" . }}
secretName: {{ include "cert-manager-webhook-manitu.rootCACertificate" . }}
---
@ -58,19 +58,19 @@ spec:
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ include "cert-manager-webhook-hetzner.servingCertificate" . }}
name: {{ include "cert-manager-webhook-manitu.servingCertificate" . }}
namespace: {{ .Release.Namespace | quote }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
secretName: {{ include "cert-manager-webhook-hetzner.servingCertificate" . }}
secretName: {{ include "cert-manager-webhook-manitu.servingCertificate" . }}
duration: 8760h # 1y
issuerRef:
name: {{ include "cert-manager-webhook-hetzner.rootCAIssuer" . }}
name: {{ include "cert-manager-webhook-manitu.rootCAIssuer" . }}
dnsNames:
- {{ include "cert-manager-webhook-hetzner.fullname" . }}
- {{ include "cert-manager-webhook-hetzner.fullname" . }}.{{ .Release.Namespace }}
- {{ include "cert-manager-webhook-hetzner.fullname" . }}.{{ .Release.Namespace }}.svc
- {{ include "cert-manager-webhook-manitu.fullname" . }}
- {{ include "cert-manager-webhook-manitu.fullname" . }}.{{ .Release.Namespace }}
- {{ include "cert-manager-webhook-manitu.fullname" . }}.{{ .Release.Namespace }}.svc

36
charts/cert-manager-webhook-hetzner/templates/rbac.yaml
View File

@ -1,11 +1,11 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}
name: {{ include "cert-manager-webhook-manitu.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
---
@ -15,11 +15,11 @@ metadata:
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:webhook-authentication-reader
name: {{ include "cert-manager-webhook-manitu.fullname" . }}:webhook-authentication-reader
namespace: kube-system
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
roleRef:
@ -29,7 +29,7 @@ roleRef:
subjects:
- apiGroup: ""
kind: ServiceAccount
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}
name: {{ include "cert-manager-webhook-manitu.fullname" . }}
namespace: {{ .Release.Namespace }}
---
# apiserver gets the auth-delegator role to delegate auth decisions to
@ -37,10 +37,10 @@ subjects:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:auth-delegator
name: {{ include "cert-manager-webhook-manitu.fullname" . }}:auth-delegator
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
roleRef:
@ -50,17 +50,17 @@ roleRef:
subjects:
- apiGroup: ""
kind: ServiceAccount
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}
name: {{ include "cert-manager-webhook-manitu.fullname" . }}
namespace: {{ .Release.Namespace }}
---
# Grant cert-manager permission to validate using our apiserver
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:domain-solver
name: {{ include "cert-manager-webhook-manitu.fullname" . }}:domain-solver
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
rules:
@ -74,16 +74,16 @@ rules:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:domain-solver
name: {{ include "cert-manager-webhook-manitu.fullname" . }}:domain-solver
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:domain-solver
name: {{ include "cert-manager-webhook-manitu.fullname" . }}:domain-solver
subjects:
- apiGroup: ""
kind: ServiceAccount

8
charts/cert-manager-webhook-hetzner/templates/service.yaml
View File

@ -1,11 +1,11 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "cert-manager-webhook-hetzner.fullname" . }}
name: {{ include "cert-manager-webhook-manitu.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
chart: {{ include "cert-manager-webhook-hetzner.chart" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
chart: {{ include "cert-manager-webhook-manitu.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
@ -16,5 +16,5 @@ spec:
protocol: TCP
name: https
selector:
app: {{ include "cert-manager-webhook-hetzner.name" . }}
app: {{ include "cert-manager-webhook-manitu.name" . }}
release: {{ .Release.Name }}

10
charts/cert-manager-webhook-hetzner/values.yaml
View File

@ -1,24 +1,24 @@
# The GroupName here is used to identify your company or business unit that
# created this webhook.
# For hetzner, this may be "acme.mycompany.com".
# For manitu, this may be "acme.mycompany.com".
# This name will need to be referenced in each Issuer's `webhook` stanza to
# inform cert-manager of where to send ChallengePayload resources in order to
# solve the DNS01 challenge.
# This group name should be **unique**, hence using your own company's domain
# here is recommended.
groupName: dns.hetzner.cloud
groupName: dns.manitu.cloud
certManager:
namespace: cert-manager
serviceAccountName: cert-manager
image:
repository: mecodia/cert-manager-webhook-hetzner
repository: mecodia/cert-manager-webhook-manitu
tag: latest
pullPolicy: Always
nameOverride: "webhook-hetzner"
fullnameOverride: "cert-manager-webhook-hetzner"
nameOverride: "webhook-manitu"
fullnameOverride: "cert-manager-webhook-manitu"
replicaCount: 1

2
go.mod
View File

@ -1,4 +1,4 @@
module github.com/mecodia/cert-manager-webhook-hetzner
module github.com/mecodia/cert-manager-webhook-manitu
go 1.13

57
main.go
View File

@ -30,15 +30,15 @@ func main() {
// webhook, where the Name() method will be used to disambiguate between
// the different implementations.
cmd.RunWebhookServer(GroupName,
&hetznerDNSProviderSolver{},
&manituDNSProviderSolver{},
)
}
// hetznerDNSProviderSolver implements the provider-specific logic needed to
// manituDNSProviderSolver implements the provider-specific logic needed to
// 'present' an ACME challenge TXT record for your own DNS provider.
// To do so, it must implement the `github.com/jetstack/cert-manager/pkg/acme/webhook.Solver`
// interface.
type hetznerDNSProviderSolver struct {
type manituDNSProviderSolver struct {
// If a Kubernetes 'clientset' is needed, you must:
// 1. uncomment the additional `client` field in this structure below
// 2. uncomment the "k8s.io/client-go/kubernetes" import at the top of the file
@ -48,7 +48,7 @@ type hetznerDNSProviderSolver struct {
//client kubernetes.Clientset
}
// hetznerDNSProviderConfig is a structure that is used to decode into when
// manituDNSProviderConfig is a structure that is used to decode into when
// solving a DNS01 challenge.
// This information is provided by cert-manager, and may be a reference to
// additional configuration that's needed to solve the challenge for this
@ -62,7 +62,7 @@ type hetznerDNSProviderSolver struct {
// You should not include sensitive information here. If credentials need to
// be used by your provider here, you should reference a Kubernetes Secret
// resource and fetch these credentials using a Kubernetes clientset.
type hetznerDNSProviderConfig struct {
type manituDNSProviderConfig struct {
// Change the two fields below according to the format of the configuration
// to be decoded.
// These fields will be set by users in the
@ -77,8 +77,8 @@ type hetznerDNSProviderConfig struct {
// solvers configured with the same Name() **so long as they do not co-exist
// within a single webhook deployment**.
// For example, `cloudflare` may be used as the name of a solver.
func (c *hetznerDNSProviderSolver) Name() string {
return "hetzner"
func (c *manituDNSProviderSolver) Name() string {
return "manitu"
}
type Zones struct {
@ -86,20 +86,19 @@ type Zones struct {
}
type Zone struct {
ZoneID string `json:"id"`
ZoneID string `json:"name"`
}
type Entries struct {
Records []Entry `json:"records"`
Records []Entry `json:"TXT"`
}
type Entry struct {
ID string `json:"id,omitempty"`
Name string `json:"name"`
Name string `json:"host"`
TTL int `json:"ttl"`
Type string `json:"type"`
Value string `json:"value"`
ZoneID string `json:"zone_id"`
ZoneID string `json:"zone"`
}
// Present is responsible for actually presenting the DNS record with the
@ -107,7 +106,7 @@ type Entry struct {
// This method should tolerate being called multiple times with the same value.
// cert-manager itself will later perform a self check to ensure that the
// solver has correctly configured the DNS provider.
func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error {
func (c *manituDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error {
cfg, err := loadConfig(ch.Config)
if err != nil {
return err
@ -118,14 +117,14 @@ func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
name, zone := c.getDomainAndEntry(ch)
// Get Zones (GET https://dns.hetzner.com/api/v1/zones)
// Get Zones (GET https://dnsapi.elutions-network.de/api/v1/zones)
// Create client
client := &http.Client{}
// Create request
req, err := http.NewRequest("GET", "https://dns.hetzner.com/api/v1/zones?search_name="+zone, nil)
req, err := http.NewRequest("GET", "https://dnsapi.elutions-network.de/api/v1/zones/"+zone, nil)
// Headers
req.Header.Add("Auth-API-Token", cfg.APIKey)
req.Header.Add("Authorization", cfg.APIKey)
// Fetch Request
resp, err := client.Do(req)
@ -134,20 +133,20 @@ func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
}
// Read Response Body
respBody := Zones{}
respBody := Zone{}
json.NewDecoder(resp.Body).Decode(&respBody)
// Display Results
fmt.Println("response Status : ", resp.Status)
fmt.Println("response Headers : ", resp.Header)
fmt.Println("response Body : ", respBody.Zones[0].ZoneID)
fmt.Println("response Body : ", respBody.Zone.ZoneID)
// Create DNS
entry, err := json.Marshal(Entry{"", name, 300, "TXT", ch.Key, respBody.Zones[0].ZoneID})
body := bytes.NewBuffer(entry)
// Create request
req, err = http.NewRequest("POST", "https://dns.hetzner.com/api/v1/records", body)
req, err = http.NewRequest("POST", "https://dnsapi.elutions-network.de/api/v1/records", body)
// Headers
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Auth-API-Token", cfg.APIKey)
@ -175,7 +174,7 @@ func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
// value provided on the ChallengeRequest should be cleaned up.
// This is in order to facilitate multiple DNS validations for the same domain
// concurrently.
func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error {
func (c *manituDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error {
cfg, err := loadConfig(ch.Config)
if err != nil {
return err
@ -186,12 +185,12 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error
name, zone := c.getDomainAndEntry(ch)
// Get Zones (GET https://dns.hetzner.com/api/v1/zones)
// Get Zones (GET https://dnsapi.elutions-network.de/api/v1/zones)
// Create client
client := &http.Client{}
// Create request
zReq, err := http.NewRequest("GET", "https://dns.hetzner.com/api/v1/zones?search_name="+zone, nil)
zReq, err := http.NewRequest("GET", "https://dnsapi.elutions-network.de/api/v1/zones?search_name="+zone, nil)
// Headers
zReq.Header.Add("Auth-API-Token", cfg.APIKey)
@ -212,7 +211,7 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error
fmt.Println("response Body : ", name)
// Create request
eReq, err := http.NewRequest("GET", "https://dns.hetzner.com/api/v1/records?zone_id="+zRespBody.Zones[0].ZoneID, nil)
eReq, err := http.NewRequest("GET", "https://dnsapi.elutions-network.de/api/v1/records?zone_id="+zRespBody.Zones[0].ZoneID, nil)
// Headers
eReq.Header.Add("Auth-API-Token", cfg.APIKey)
@ -234,9 +233,9 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error
for _, e := range eRespBody.Records {
if e.Type == "TXT" && e.Name == name && e.Value == ch.Key {
fmt.Println("Found DOMAIN: ", e)
// Delete Record (DELETE https://dns.hetzner.com/api/v1/records/1)
// Delete Record (DELETE https://dnsapi.elutions-network.de/api/v1/records/1)
// Create request
req, err := http.NewRequest("DELETE", "https://dns.hetzner.com/api/v1/records/"+e.ID, nil)
req, err := http.NewRequest("DELETE", "https://dnsapi.elutions-network.de/api/v1/records/"+e.ID, nil)
// Headers
req.Header.Add("Auth-API-Token", cfg.APIKey)
@ -271,14 +270,14 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error
// provider accounts.
// The stopCh can be used to handle early termination of the webhook, in cases
// where a SIGTERM or similar signal is sent to the webhook process.
func (c *hetznerDNSProviderSolver) Initialize(kubeClientConfig *rest.Config, stopCh <-chan struct{}) error {
func (c *manituDNSProviderSolver) Initialize(kubeClientConfig *rest.Config, stopCh <-chan struct{}) error {
return nil
}
// loadConfig is a small helper function that decodes JSON configuration into
// the typed config struct.
func loadConfig(cfgJSON *extapi.JSON) (hetznerDNSProviderConfig, error) {
cfg := hetznerDNSProviderConfig{}
func loadConfig(cfgJSON *extapi.JSON) (manituDNSProviderConfig, error) {
cfg := manituDNSProviderConfig{}
// handle the 'base case' where no configuration has been provided
if cfgJSON == nil {
return cfg, nil
@ -290,7 +289,7 @@ func loadConfig(cfgJSON *extapi.JSON) (hetznerDNSProviderConfig, error) {
return cfg, nil
}
func (c *hetznerDNSProviderSolver) getDomainAndEntry(ch *v1alpha1.ChallengeRequest) (string, string) {
func (c *manituDNSProviderSolver) getDomainAndEntry(ch *v1alpha1.ChallengeRequest) (string, string) {
// Both ch.ResolvedZone and ch.ResolvedFQDN end with a dot: '.'
entry := strings.TrimSuffix(ch.ResolvedFQDN, ch.ResolvedZone)
entry = strings.TrimSuffix(entry, ".")

2
main_test.go
View File

@ -28,7 +28,7 @@ func TestRunsSuite(t *testing.T) {
// dns.SetBinariesPath("_test/kubebuilder/bin"),
//)
fixture := dns.NewFixture(&hetznerDNSProviderSolver{},
fixture := dns.NewFixture(&manituDNSProviderSolver{},
dns.SetBinariesPath(kubeBuilderBinPath),
dns.SetResolvedZone(zone),
dns.SetAllowAmbientCredentials(false),