Refactoring - improving coverage

.github/workflows/golangci-lint.yml

@@ -8,14 +8,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Setup Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: 1.18.4
+          go-version: 1.19
 
       - name: Check out code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v6
         with:
-          version: v1.48
+          version: v1.63.4

main.go

@@ -21,7 +21,7 @@ func main() {
 	// Read global config
 	var err error
 	var logger *zap.Logger
-	config, usedConfigFile, err := acmedns.ReadConfig(*configPtr)
+	config, usedConfigFile, err := acmedns.ReadConfig(*configPtr, "./config.cfg")
 	if err != nil {
 		fmt.Printf("Error: %s\n", err)
 		os.Exit(1)

pkg/acmedns/acmetxt.go

@@ -6,7 +6,7 @@ import (
 	"github.com/google/uuid"
 )
 
-// Check if IP belongs to an allowed net
+// AllowedFrom Check if IP belongs to an allowed net
 func (a ACMETxt) AllowedFrom(ip string) bool {
 	remoteIP := net.ParseIP(ip)
 	// Range not limited
@@ -22,7 +22,7 @@ func (a ACMETxt) AllowedFrom(ip string) bool {
 	return false
 }
 
-// Go through list (most likely from headers) to check for the IP.
+// AllowedFromList Go through list (most likely from headers) to check for the IP.
 // Reason for this is that some setups use reverse proxy in front of acme-dns
 func (a ACMETxt) AllowedFromList(ips []string) bool {
 	if len(ips) == 0 {

pkg/acmedns/config.go

@@ -8,6 +8,13 @@ import (
 	"github.com/BurntSushi/toml"
 )
 
+const (
+	ApiTlsProviderNone               = "none"
+	ApiTlsProviderLetsEncrypt        = "letsencrypt"
+	ApiTlsProviderLetsEncryptStaging = "letsencryptstaging"
+	ApiTlsProviderCert               = "cert"
+)
+
 func FileIsAccessible(fname string) bool {
 	_, err := os.Stat(fname)
 	if err != nil {
@@ -45,19 +52,26 @@ func prepareConfig(conf AcmeDnsConfig) (AcmeDnsConfig, error) {
 		conf.API.ACMECacheDir = "api-certs"
 	}
 
+	switch conf.API.TLS {
+	case ApiTlsProviderCert, ApiTlsProviderLetsEncrypt, ApiTlsProviderLetsEncryptStaging, ApiTlsProviderNone:
+		// we have a good value
+	default:
+		return conf, fmt.Errorf("invalid value for api.tls, expected one of [%s, %s, %s, %s]", ApiTlsProviderCert, ApiTlsProviderLetsEncrypt, ApiTlsProviderLetsEncryptStaging, ApiTlsProviderNone)
+	}
+
 	return conf, nil
 }
 
-func ReadConfig(configFile string) (AcmeDnsConfig, string, error) {
+func ReadConfig(configFile, fallback string) (AcmeDnsConfig, string, error) {
 	var usedConfigFile string
 	var config AcmeDnsConfig
 	var err error
 	if FileIsAccessible(configFile) {
 		usedConfigFile = configFile
 		config, err = readTomlConfig(configFile)
-	} else if FileIsAccessible("./config.cfg") {
-		usedConfigFile = "./config.cfg"
-		config, err = readTomlConfig("./config.cfg")
+	} else if FileIsAccessible(fallback) {
+		usedConfigFile = fallback
+		config, err = readTomlConfig(fallback)
 	} else {
 		err = fmt.Errorf("configuration file not found")
 	}

pkg/acmedns/logging.go

@@ -1,14 +1,18 @@
 package acmedns
 
 import (
-	"encoding/json"
-	"fmt"
+	"go.uber.org/zap/zapcore"
 
 	"go.uber.org/zap"
 )
 
 func SetupLogging(config AcmeDnsConfig) (*zap.Logger, error) {
-	var logger *zap.Logger
+	var (
+		logger *zap.Logger
+		zapCfg zap.Config
+		err    error
+	)
+
 	logformat := "console"
 	if config.Logconfig.Format == "json" {
 		logformat = "json"
@@ -21,23 +25,22 @@ func SetupLogging(config AcmeDnsConfig) (*zap.Logger, error) {
 	if config.Logconfig.Logtype == "file" {
 		errorPath = config.Logconfig.File
 	}
-	zapConfigJson := fmt.Sprintf(`{
-   "level": "%s",
-   "encoding": "%s",
-   "outputPaths": ["%s"],
-   "errorOutputPaths": ["%s"],
-   "encoderConfig": {
-	 "timeKey": "time",
-     "messageKey": "msg",
-     "levelKey": "level",
-     "levelEncoder": "lowercase",
-	 "timeEncoder": "iso8601"
-   }
- }`, config.Logconfig.Level, logformat, outputPath, errorPath)
-	var zapCfg zap.Config
-	if err := json.Unmarshal([]byte(zapConfigJson), &zapCfg); err != nil {
+
+	zapCfg.Level, err = zap.ParseAtomicLevel(config.Logconfig.Level)
+	if err != nil {
 		return logger, err
 	}
-	logger, err := zapCfg.Build()
+	zapCfg.Encoding = logformat
+	zapCfg.OutputPaths = []string{outputPath}
+	zapCfg.ErrorOutputPaths = []string{errorPath}
+	zapCfg.EncoderConfig = zapcore.EncoderConfig{
+		TimeKey:     "time",
+		MessageKey:  "msg",
+		LevelKey:    "level",
+		EncodeLevel: zapcore.LowercaseLevelEncoder,
+		EncodeTime:  zapcore.ISO8601TimeEncoder,
+	}
+
+	logger, err = zapCfg.Build()
 	return logger, err
 }

pkg/acmedns/testdata/test_read_fallback_config.toml

@@ -0,0 +1,36 @@
+[general]
+listen = "127.0.0.1:53"
+protocol = "both"
+domain = "test.example.org"
+nsname = "test.example.org"
+nsadmin = "test.example.org"
+records = [
+    "test.example.org. A 127.0.0.1",
+    "test.example.org. NS test.example.org.",
+]
+debug = true
+
+[database]
+engine = "dinosaur"
+connection = "roar"
+
+[api]
+ip = "0.0.0.0"
+disable_registration = false
+port = "443"
+tls = "none"
+tls_cert_privkey = "/etc/tls/example.org/privkey.pem"
+tls_cert_fullchain = "/etc/tls/example.org/fullchain.pem"
+acme_cache_dir = "api-certs"
+notification_email = ""
+corsorigins = [
+    "*"
+]
+use_header = true
+header_name = "X-is-gonna-give-it-to-ya"
+
+[logconfig]
+loglevel = "info"
+logtype = "stdout"
+logfile = "./acme-dns.log"
+logformat = "json"

pkg/acmedns/types.go

@@ -8,7 +8,7 @@ type Account struct {
 	Subdomain string
 }
 
-// DNSConfig holds the config structure
+// AcmeDnsConfig holds the config structure
 type AcmeDnsConfig struct {
 	General   general
 	Database  dbsettings