From 8fc6c4f7de8e678ff1c3d4fafcc4bb69ad482496 Mon Sep 17 00:00:00 2001 From: Simon Zeyer Date: Fri, 14 Oct 2022 14:02:23 +0000 Subject: [PATCH] rename hetzner to manitu --- Makefile | 4 +- README.md | 28 ++++----- .../cert-manager-webhook-hetzner/Chart.yaml | 6 +- .../templates/_helpers.tpl | 22 +++---- .../templates/apiservice.yaml | 8 +-- .../templates/deployment.yaml | 14 ++--- .../templates/pki.yaml | 42 +++++++------- .../templates/rbac.yaml | 36 ++++++------ .../templates/service.yaml | 8 +-- .../cert-manager-webhook-hetzner/values.yaml | 10 ++-- go.mod | 2 +- main.go | 57 +++++++++---------- main_test.go | 2 +- 13 files changed, 119 insertions(+), 120 deletions(-) diff --git a/Makefile b/Makefile index 64592f3..5b1e952 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -IMAGE_NAME := "mecodia/cert-manager-webhook-hetzner" +IMAGE_NAME := "mecodia/cert-manager-webhook-manitu" OS ?= $(shell go env GOOS) ARCH ?= $(shell go env GOARCH) @@ -36,4 +36,4 @@ rendered-manifest.yaml: --name example-webhook \ --set image.repository=$(IMAGE_NAME) \ --set image.tag=$(IMAGE_TAG) \ - deploy/hetzner-webhook > "$(OUT)/rendered-manifest.yaml" + deploy/manitu-webhook > "$(OUT)/rendered-manifest.yaml" diff --git a/README.md b/README.md index 7b98f3a..d96d7f0 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ -# ACME Webhook for Hetzner DNS +# ACME Webhook for Manitu DNS -This project provides a [cert-manager](https://cert-manager.io) ACME Webhook for [Hetzner DNS](https://hetzner.de/) +This project provides a [cert-manager](https://cert-manager.io) ACME Webhook for [Manitu DNS](https://manitu.de/) and is based on the [Example Webhook](https://github.com/jetstack/cert-manager-webhook-example) This README and the inspiration for this webhook was mostly taken from [Stephan Müllers INWX Webhook](https://gitlab.com/smueller18/cert-manager-webhook-inwx). -The Helm Chart is automatically published via [github pages](https://mecodia.github.io/cert-manager-webhook-hetzner/). +The Helm Chart is automatically published via [github pages](https://mecodia.github.io/cert-manager-webhook-manitu/). ## Requirements @@ -19,10 +19,10 @@ The following table lists the configurable parameters of the cert-manager chart | Parameter | Description | Default | | --------- | ----------- | ------- | -| `groupName` | Group name of the API service. | `dns.hetzner.cloud` | +| `groupName` | Group name of the API service. | `dns.manitu.cloud` | | `certManager.namespace` | Namespace where cert-manager is deployed to. | `kube-system` | | `certManager.serviceAccountName` | Service account of cert-manager installation. | `cert-manager` | -| `image.repository` | Image repository | `mecodia/cert-manager-webhook-hetzner` | +| `image.repository` | Image repository | `mecodia/cert-manager-webhook-manitu` | | `image.tag` | Image tag | `latest` | | `image.pullPolicy` | Image pull policy | `Always` | | `service.type` | API service type | `ClusterIP` | @@ -41,16 +41,16 @@ Follow the [instructions](https://cert-manager.io/docs/installation/) using the ### Webhook ```bash -git clone https://github.com/mecodia/cert-manager-webhook-hetzner.git -cd cert-manager-webhook-hetzner -helm install --namespace kube-system cert-manager-webhook-hetzner ./deploy/cert-manager-webhook-hetzner +git clone https://github.com/mecodia/cert-manager-webhook-manitu.git +cd cert-manager-webhook-manitu +helm install --namespace kube-system cert-manager-webhook-manitu ./deploy/cert-manager-webhook-manitu ``` **Note**: The kubernetes resources used to install the Webhook should be deployed within the same namespace as the cert-manager. To uninstall the webhook run ```bash -helm uninstall --namespace kube-system cert-manager-webhook-hetzner +helm uninstall --namespace kube-system cert-manager-webhook-manitu ``` ## Issuer @@ -76,15 +76,15 @@ spec: solvers: - dns01: webhook: - groupName: dns.hetzner.cloud - solverName: hetzner + groupName: dns.manitu.cloud + solverName: manitu config: APIKey: ``` ### Credentials -For accessing the Hetzner DNS API, you need an API Token which you can create in the [DNS Console](https://dns.hetzner.com/settings/api-token). +For accessing the Manitu DNS API, you need an API Token which you can create in the [DNS Console](https://dns.manitu.com/settings/api-token). Currently we don't provide a way to use secrets for you API KEY. @@ -121,7 +121,7 @@ spec: scripts/fetch-test-binaries.sh ``` -1. Create a new test account at [Hetzner DNS Console](https://dns.hetzner.com/) or use an existing account +1. Create a new test account at [Manitu DNS Console](https://dns.manitu.com/) or use an existing account 1. Go to `testdata/config.json` and replace your api key. @@ -142,5 +142,5 @@ sudo microk8s.enable dns rbac sudo microk8s.kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v0.12.0/cert-manager.yaml sudo microk8s.config > /tmp/microk8s.config export KUBECONFIG=/tmp/microk8s.config -helm install --namespace kube-system cert-manager-webhook-hetzner deploy/hetzner-webhook +helm install --namespace kube-system cert-manager-webhook-manitu deploy/manitu-webhook ``` diff --git a/charts/cert-manager-webhook-hetzner/Chart.yaml b/charts/cert-manager-webhook-hetzner/Chart.yaml index a2eca4a..5535a60 100644 --- a/charts/cert-manager-webhook-hetzner/Chart.yaml +++ b/charts/cert-manager-webhook-hetzner/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -description: A Helm chart for the Hetzner DNS webhook for cert-manager -name: cert-manager-webhook-hetzner +description: A Helm chart for the Manitu DNS webhook for cert-manager +name: cert-manager-webhook-manitu version: 0.2.0 appVersion: 0.2.0 maintainers: - name: mecodia GmbH - url: https://github.com/mecodia/cert-manager-webhook-hetzner + url: https://github.com/mecodia/cert-manager-webhook-manitu diff --git a/charts/cert-manager-webhook-hetzner/templates/_helpers.tpl b/charts/cert-manager-webhook-hetzner/templates/_helpers.tpl index 253a87a..1c7a682 100644 --- a/charts/cert-manager-webhook-hetzner/templates/_helpers.tpl +++ b/charts/cert-manager-webhook-hetzner/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Expand the name of the chart. */}} -{{- define "cert-manager-webhook-hetzner.name" -}} +{{- define "cert-manager-webhook-manitu.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -11,7 +11,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "cert-manager-webhook-hetzner.fullname" -}} +{{- define "cert-manager-webhook-manitu.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -27,22 +27,22 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "cert-manager-webhook-hetzner.chart" -}} +{{- define "cert-manager-webhook-manitu.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "cert-manager-webhook-hetzner.selfSignedIssuer" -}} -{{ printf "%s-selfsign" (include "cert-manager-webhook-hetzner.fullname" .) }} +{{- define "cert-manager-webhook-manitu.selfSignedIssuer" -}} +{{ printf "%s-selfsign" (include "cert-manager-webhook-manitu.fullname" .) }} {{- end -}} -{{- define "cert-manager-webhook-hetzner.rootCAIssuer" -}} -{{ printf "%s-ca" (include "cert-manager-webhook-hetzner.fullname" .) }} +{{- define "cert-manager-webhook-manitu.rootCAIssuer" -}} +{{ printf "%s-ca" (include "cert-manager-webhook-manitu.fullname" .) }} {{- end -}} -{{- define "cert-manager-webhook-hetzner.rootCACertificate" -}} -{{ printf "%s-ca" (include "cert-manager-webhook-hetzner.fullname" .) }} +{{- define "cert-manager-webhook-manitu.rootCACertificate" -}} +{{ printf "%s-ca" (include "cert-manager-webhook-manitu.fullname" .) }} {{- end -}} -{{- define "cert-manager-webhook-hetzner.servingCertificate" -}} -{{ printf "%s-webhook-tls" (include "cert-manager-webhook-hetzner.fullname" .) }} +{{- define "cert-manager-webhook-manitu.servingCertificate" -}} +{{ printf "%s-webhook-tls" (include "cert-manager-webhook-manitu.fullname" .) }} {{- end -}} diff --git a/charts/cert-manager-webhook-hetzner/templates/apiservice.yaml b/charts/cert-manager-webhook-hetzner/templates/apiservice.yaml index 6c6a657..ba5c109 100644 --- a/charts/cert-manager-webhook-hetzner/templates/apiservice.yaml +++ b/charts/cert-manager-webhook-hetzner/templates/apiservice.yaml @@ -3,17 +3,17 @@ kind: APIService metadata: name: v1alpha1.{{ .Values.groupName }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} annotations: - cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/{{ include "cert-manager-webhook-hetzner.servingCertificate" . }}" + cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/{{ include "cert-manager-webhook-manitu.servingCertificate" . }}" spec: group: {{ .Values.groupName }} groupPriorityMinimum: 1000 versionPriority: 15 service: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }} + name: {{ include "cert-manager-webhook-manitu.fullname" . }} namespace: {{ .Release.Namespace }} version: v1alpha1 diff --git a/charts/cert-manager-webhook-hetzner/templates/deployment.yaml b/charts/cert-manager-webhook-hetzner/templates/deployment.yaml index 808428d..973d39e 100644 --- a/charts/cert-manager-webhook-hetzner/templates/deployment.yaml +++ b/charts/cert-manager-webhook-hetzner/templates/deployment.yaml @@ -1,26 +1,26 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }} + name: {{ include "cert-manager-webhook-manitu.fullname" . }} namespace: {{ .Release.Namespace }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} release: {{ .Release.Name }} template: metadata: labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} release: {{ .Release.Name }} spec: - serviceAccountName: {{ include "cert-manager-webhook-hetzner.fullname" . }} + serviceAccountName: {{ include "cert-manager-webhook-manitu.fullname" . }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -55,7 +55,7 @@ spec: volumes: - name: certs secret: - secretName: {{ include "cert-manager-webhook-hetzner.servingCertificate" . }} + secretName: {{ include "cert-manager-webhook-manitu.servingCertificate" . }} {{- with .Values.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} diff --git a/charts/cert-manager-webhook-hetzner/templates/pki.yaml b/charts/cert-manager-webhook-hetzner/templates/pki.yaml index 5a01da0..4bf326a 100644 --- a/charts/cert-manager-webhook-hetzner/templates/pki.yaml +++ b/charts/cert-manager-webhook-hetzner/templates/pki.yaml @@ -4,11 +4,11 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: - name: {{ include "cert-manager-webhook-hetzner.selfSignedIssuer" . }} + name: {{ include "cert-manager-webhook-manitu.selfSignedIssuer" . }} namespace: {{ .Release.Namespace | quote }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: @@ -20,19 +20,19 @@ spec: apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ include "cert-manager-webhook-hetzner.rootCACertificate" . }} + name: {{ include "cert-manager-webhook-manitu.rootCACertificate" . }} namespace: {{ .Release.Namespace | quote }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - secretName: {{ include "cert-manager-webhook-hetzner.rootCACertificate" . }} + secretName: {{ include "cert-manager-webhook-manitu.rootCACertificate" . }} duration: 43800h # 5y issuerRef: - name: {{ include "cert-manager-webhook-hetzner.selfSignedIssuer" . }} - commonName: "ca.cert-manager-webhook-hetzner.cert-manager" + name: {{ include "cert-manager-webhook-manitu.selfSignedIssuer" . }} + commonName: "ca.cert-manager-webhook-manitu.cert-manager" isCA: true --- @@ -41,16 +41,16 @@ spec: apiVersion: cert-manager.io/v1 kind: Issuer metadata: - name: {{ include "cert-manager-webhook-hetzner.rootCAIssuer" . }} + name: {{ include "cert-manager-webhook-manitu.rootCAIssuer" . }} namespace: {{ .Release.Namespace | quote }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: ca: - secretName: {{ include "cert-manager-webhook-hetzner.rootCACertificate" . }} + secretName: {{ include "cert-manager-webhook-manitu.rootCACertificate" . }} --- @@ -58,19 +58,19 @@ spec: apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ include "cert-manager-webhook-hetzner.servingCertificate" . }} + name: {{ include "cert-manager-webhook-manitu.servingCertificate" . }} namespace: {{ .Release.Namespace | quote }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - secretName: {{ include "cert-manager-webhook-hetzner.servingCertificate" . }} + secretName: {{ include "cert-manager-webhook-manitu.servingCertificate" . }} duration: 8760h # 1y issuerRef: - name: {{ include "cert-manager-webhook-hetzner.rootCAIssuer" . }} + name: {{ include "cert-manager-webhook-manitu.rootCAIssuer" . }} dnsNames: - - {{ include "cert-manager-webhook-hetzner.fullname" . }} - - {{ include "cert-manager-webhook-hetzner.fullname" . }}.{{ .Release.Namespace }} - - {{ include "cert-manager-webhook-hetzner.fullname" . }}.{{ .Release.Namespace }}.svc + - {{ include "cert-manager-webhook-manitu.fullname" . }} + - {{ include "cert-manager-webhook-manitu.fullname" . }}.{{ .Release.Namespace }} + - {{ include "cert-manager-webhook-manitu.fullname" . }}.{{ .Release.Namespace }}.svc diff --git a/charts/cert-manager-webhook-hetzner/templates/rbac.yaml b/charts/cert-manager-webhook-hetzner/templates/rbac.yaml index c942413..cc2176e 100644 --- a/charts/cert-manager-webhook-hetzner/templates/rbac.yaml +++ b/charts/cert-manager-webhook-hetzner/templates/rbac.yaml @@ -1,11 +1,11 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }} + name: {{ include "cert-manager-webhook-manitu.fullname" . }} namespace: {{ .Release.Namespace }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} --- @@ -15,11 +15,11 @@ metadata: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:webhook-authentication-reader + name: {{ include "cert-manager-webhook-manitu.fullname" . }}:webhook-authentication-reader namespace: kube-system labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} roleRef: @@ -29,7 +29,7 @@ roleRef: subjects: - apiGroup: "" kind: ServiceAccount - name: {{ include "cert-manager-webhook-hetzner.fullname" . }} + name: {{ include "cert-manager-webhook-manitu.fullname" . }} namespace: {{ .Release.Namespace }} --- # apiserver gets the auth-delegator role to delegate auth decisions to @@ -37,10 +37,10 @@ subjects: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:auth-delegator + name: {{ include "cert-manager-webhook-manitu.fullname" . }}:auth-delegator labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} roleRef: @@ -50,17 +50,17 @@ roleRef: subjects: - apiGroup: "" kind: ServiceAccount - name: {{ include "cert-manager-webhook-hetzner.fullname" . }} + name: {{ include "cert-manager-webhook-manitu.fullname" . }} namespace: {{ .Release.Namespace }} --- # Grant cert-manager permission to validate using our apiserver apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:domain-solver + name: {{ include "cert-manager-webhook-manitu.fullname" . }}:domain-solver labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} rules: @@ -74,16 +74,16 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:domain-solver + name: {{ include "cert-manager-webhook-manitu.fullname" . }}:domain-solver labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ include "cert-manager-webhook-hetzner.fullname" . }}:domain-solver + name: {{ include "cert-manager-webhook-manitu.fullname" . }}:domain-solver subjects: - apiGroup: "" kind: ServiceAccount diff --git a/charts/cert-manager-webhook-hetzner/templates/service.yaml b/charts/cert-manager-webhook-hetzner/templates/service.yaml index f6604e0..ac03021 100644 --- a/charts/cert-manager-webhook-hetzner/templates/service.yaml +++ b/charts/cert-manager-webhook-hetzner/templates/service.yaml @@ -1,11 +1,11 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "cert-manager-webhook-hetzner.fullname" . }} + name: {{ include "cert-manager-webhook-manitu.fullname" . }} namespace: {{ .Release.Namespace }} labels: - app: {{ include "cert-manager-webhook-hetzner.name" . }} - chart: {{ include "cert-manager-webhook-hetzner.chart" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} + chart: {{ include "cert-manager-webhook-manitu.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: @@ -16,5 +16,5 @@ spec: protocol: TCP name: https selector: - app: {{ include "cert-manager-webhook-hetzner.name" . }} + app: {{ include "cert-manager-webhook-manitu.name" . }} release: {{ .Release.Name }} diff --git a/charts/cert-manager-webhook-hetzner/values.yaml b/charts/cert-manager-webhook-hetzner/values.yaml index 4f57511..d199b56 100644 --- a/charts/cert-manager-webhook-hetzner/values.yaml +++ b/charts/cert-manager-webhook-hetzner/values.yaml @@ -1,24 +1,24 @@ # The GroupName here is used to identify your company or business unit that # created this webhook. -# For hetzner, this may be "acme.mycompany.com". +# For manitu, this may be "acme.mycompany.com". # This name will need to be referenced in each Issuer's `webhook` stanza to # inform cert-manager of where to send ChallengePayload resources in order to # solve the DNS01 challenge. # This group name should be **unique**, hence using your own company's domain # here is recommended. -groupName: dns.hetzner.cloud +groupName: dns.manitu.cloud certManager: namespace: cert-manager serviceAccountName: cert-manager image: - repository: mecodia/cert-manager-webhook-hetzner + repository: mecodia/cert-manager-webhook-manitu tag: latest pullPolicy: Always -nameOverride: "webhook-hetzner" -fullnameOverride: "cert-manager-webhook-hetzner" +nameOverride: "webhook-manitu" +fullnameOverride: "cert-manager-webhook-manitu" replicaCount: 1 diff --git a/go.mod b/go.mod index 014c9e0..fe4ead2 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/mecodia/cert-manager-webhook-hetzner +module github.com/mecodia/cert-manager-webhook-manitu go 1.13 diff --git a/main.go b/main.go index f8ad94b..6f8c825 100644 --- a/main.go +++ b/main.go @@ -30,15 +30,15 @@ func main() { // webhook, where the Name() method will be used to disambiguate between // the different implementations. cmd.RunWebhookServer(GroupName, - &hetznerDNSProviderSolver{}, + &manituDNSProviderSolver{}, ) } -// hetznerDNSProviderSolver implements the provider-specific logic needed to +// manituDNSProviderSolver implements the provider-specific logic needed to // 'present' an ACME challenge TXT record for your own DNS provider. // To do so, it must implement the `github.com/jetstack/cert-manager/pkg/acme/webhook.Solver` // interface. -type hetznerDNSProviderSolver struct { +type manituDNSProviderSolver struct { // If a Kubernetes 'clientset' is needed, you must: // 1. uncomment the additional `client` field in this structure below // 2. uncomment the "k8s.io/client-go/kubernetes" import at the top of the file @@ -48,7 +48,7 @@ type hetznerDNSProviderSolver struct { //client kubernetes.Clientset } -// hetznerDNSProviderConfig is a structure that is used to decode into when +// manituDNSProviderConfig is a structure that is used to decode into when // solving a DNS01 challenge. // This information is provided by cert-manager, and may be a reference to // additional configuration that's needed to solve the challenge for this @@ -62,7 +62,7 @@ type hetznerDNSProviderSolver struct { // You should not include sensitive information here. If credentials need to // be used by your provider here, you should reference a Kubernetes Secret // resource and fetch these credentials using a Kubernetes clientset. -type hetznerDNSProviderConfig struct { +type manituDNSProviderConfig struct { // Change the two fields below according to the format of the configuration // to be decoded. // These fields will be set by users in the @@ -77,8 +77,8 @@ type hetznerDNSProviderConfig struct { // solvers configured with the same Name() **so long as they do not co-exist // within a single webhook deployment**. // For example, `cloudflare` may be used as the name of a solver. -func (c *hetznerDNSProviderSolver) Name() string { - return "hetzner" +func (c *manituDNSProviderSolver) Name() string { + return "manitu" } type Zones struct { @@ -86,20 +86,19 @@ type Zones struct { } type Zone struct { - ZoneID string `json:"id"` + ZoneID string `json:"name"` } type Entries struct { - Records []Entry `json:"records"` + Records []Entry `json:"TXT"` } type Entry struct { - ID string `json:"id,omitempty"` - Name string `json:"name"` + Name string `json:"host"` TTL int `json:"ttl"` Type string `json:"type"` Value string `json:"value"` - ZoneID string `json:"zone_id"` + ZoneID string `json:"zone"` } // Present is responsible for actually presenting the DNS record with the @@ -107,7 +106,7 @@ type Entry struct { // This method should tolerate being called multiple times with the same value. // cert-manager itself will later perform a self check to ensure that the // solver has correctly configured the DNS provider. -func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error { +func (c *manituDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error { cfg, err := loadConfig(ch.Config) if err != nil { return err @@ -118,14 +117,14 @@ func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error name, zone := c.getDomainAndEntry(ch) - // Get Zones (GET https://dns.hetzner.com/api/v1/zones) + // Get Zones (GET https://dnsapi.elutions-network.de/api/v1/zones) // Create client client := &http.Client{} // Create request - req, err := http.NewRequest("GET", "https://dns.hetzner.com/api/v1/zones?search_name="+zone, nil) + req, err := http.NewRequest("GET", "https://dnsapi.elutions-network.de/api/v1/zones/"+zone, nil) // Headers - req.Header.Add("Auth-API-Token", cfg.APIKey) + req.Header.Add("Authorization", cfg.APIKey) // Fetch Request resp, err := client.Do(req) @@ -134,20 +133,20 @@ func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error } // Read Response Body - respBody := Zones{} + respBody := Zone{} json.NewDecoder(resp.Body).Decode(&respBody) // Display Results fmt.Println("response Status : ", resp.Status) fmt.Println("response Headers : ", resp.Header) - fmt.Println("response Body : ", respBody.Zones[0].ZoneID) + fmt.Println("response Body : ", respBody.Zone.ZoneID) // Create DNS entry, err := json.Marshal(Entry{"", name, 300, "TXT", ch.Key, respBody.Zones[0].ZoneID}) body := bytes.NewBuffer(entry) // Create request - req, err = http.NewRequest("POST", "https://dns.hetzner.com/api/v1/records", body) + req, err = http.NewRequest("POST", "https://dnsapi.elutions-network.de/api/v1/records", body) // Headers req.Header.Add("Content-Type", "application/json") req.Header.Add("Auth-API-Token", cfg.APIKey) @@ -175,7 +174,7 @@ func (c *hetznerDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error // value provided on the ChallengeRequest should be cleaned up. // This is in order to facilitate multiple DNS validations for the same domain // concurrently. -func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error { +func (c *manituDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error { cfg, err := loadConfig(ch.Config) if err != nil { return err @@ -186,12 +185,12 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error name, zone := c.getDomainAndEntry(ch) - // Get Zones (GET https://dns.hetzner.com/api/v1/zones) + // Get Zones (GET https://dnsapi.elutions-network.de/api/v1/zones) // Create client client := &http.Client{} // Create request - zReq, err := http.NewRequest("GET", "https://dns.hetzner.com/api/v1/zones?search_name="+zone, nil) + zReq, err := http.NewRequest("GET", "https://dnsapi.elutions-network.de/api/v1/zones?search_name="+zone, nil) // Headers zReq.Header.Add("Auth-API-Token", cfg.APIKey) @@ -212,7 +211,7 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error fmt.Println("response Body : ", name) // Create request - eReq, err := http.NewRequest("GET", "https://dns.hetzner.com/api/v1/records?zone_id="+zRespBody.Zones[0].ZoneID, nil) + eReq, err := http.NewRequest("GET", "https://dnsapi.elutions-network.de/api/v1/records?zone_id="+zRespBody.Zones[0].ZoneID, nil) // Headers eReq.Header.Add("Auth-API-Token", cfg.APIKey) @@ -234,9 +233,9 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error for _, e := range eRespBody.Records { if e.Type == "TXT" && e.Name == name && e.Value == ch.Key { fmt.Println("Found DOMAIN: ", e) - // Delete Record (DELETE https://dns.hetzner.com/api/v1/records/1) + // Delete Record (DELETE https://dnsapi.elutions-network.de/api/v1/records/1) // Create request - req, err := http.NewRequest("DELETE", "https://dns.hetzner.com/api/v1/records/"+e.ID, nil) + req, err := http.NewRequest("DELETE", "https://dnsapi.elutions-network.de/api/v1/records/"+e.ID, nil) // Headers req.Header.Add("Auth-API-Token", cfg.APIKey) @@ -271,14 +270,14 @@ func (c *hetznerDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error // provider accounts. // The stopCh can be used to handle early termination of the webhook, in cases // where a SIGTERM or similar signal is sent to the webhook process. -func (c *hetznerDNSProviderSolver) Initialize(kubeClientConfig *rest.Config, stopCh <-chan struct{}) error { +func (c *manituDNSProviderSolver) Initialize(kubeClientConfig *rest.Config, stopCh <-chan struct{}) error { return nil } // loadConfig is a small helper function that decodes JSON configuration into // the typed config struct. -func loadConfig(cfgJSON *extapi.JSON) (hetznerDNSProviderConfig, error) { - cfg := hetznerDNSProviderConfig{} +func loadConfig(cfgJSON *extapi.JSON) (manituDNSProviderConfig, error) { + cfg := manituDNSProviderConfig{} // handle the 'base case' where no configuration has been provided if cfgJSON == nil { return cfg, nil @@ -290,7 +289,7 @@ func loadConfig(cfgJSON *extapi.JSON) (hetznerDNSProviderConfig, error) { return cfg, nil } -func (c *hetznerDNSProviderSolver) getDomainAndEntry(ch *v1alpha1.ChallengeRequest) (string, string) { +func (c *manituDNSProviderSolver) getDomainAndEntry(ch *v1alpha1.ChallengeRequest) (string, string) { // Both ch.ResolvedZone and ch.ResolvedFQDN end with a dot: '.' entry := strings.TrimSuffix(ch.ResolvedFQDN, ch.ResolvedZone) entry = strings.TrimSuffix(entry, ".") diff --git a/main_test.go b/main_test.go index 2b8ef9b..88fba70 100644 --- a/main_test.go +++ b/main_test.go @@ -28,7 +28,7 @@ func TestRunsSuite(t *testing.T) { // dns.SetBinariesPath("_test/kubebuilder/bin"), //) - fixture := dns.NewFixture(&hetznerDNSProviderSolver{}, + fixture := dns.NewFixture(&manituDNSProviderSolver{}, dns.SetBinariesPath(kubeBuilderBinPath), dns.SetResolvedZone(zone), dns.SetAllowAmbientCredentials(false),