From 19ab8cd6aca03cf8e6ee6f338ce606cd966d7bde Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Wed, 18 Oct 2017 10:58:36 +0200 Subject: [PATCH] Cloudflare: Disable proxy mode for TXT and others (#361) * Cloudflare: Disable proxy mode for TXT and others * Improve code according to review * Add test * Disable proxy mode for wildcards * Fix review, add test * Move var * chore: fix some golang related stuff * chore: update changelog to reflect latest changes --- CHANGELOG.md | 4 ++++ provider/cloudflare.go | 14 ++++++++++++++ provider/cloudflare_test.go | 37 +++++++++++++++++++++++++++++++++++-- 3 files changed, 53 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8401b883ec..40bc5c649a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## v0.4.7 - 2017-10-18 + + - CloudFlare: Disable proxy mode for TXT and others (#361) @dunglas + ## v0.4.6 - 2017-10-12 - [AWS Route53 provider] Support customization of DNS record TTL through the use of annotation `external-dns.alpha.kubernetes.io/ttl` on services or ingresses (#320) @kevinjqiu diff --git a/provider/cloudflare.go b/provider/cloudflare.go index a13a60ac7a..cef57b1643 100644 --- a/provider/cloudflare.go +++ b/provider/cloudflare.go @@ -19,6 +19,7 @@ package provider import ( "fmt" "os" + "strings" cloudflare "github.com/cloudflare/cloudflare-go" log "github.com/sirupsen/logrus" @@ -36,6 +37,15 @@ const ( cloudFlareUpdate = "UPDATE" ) +var cloudFlareTypeNotSupported = map[string]bool{ + "LOC": true, + "MX": true, + "NS": true, + "SPF": true, + "TXT": true, + "SRV": true, +} + // cloudFlareDNS is the subset of the CloudFlare API that we actually use. Add methods as required. Signatures must match exactly. type cloudFlareDNS interface { UserDetails() (cloudflare.User, error) @@ -260,6 +270,10 @@ func newCloudFlareChanges(action string, endpoints []*endpoint.Endpoint, proxied } func newCloudFlareChange(action string, endpoint *endpoint.Endpoint, proxied bool) *cloudFlareChange { + if proxied && (cloudFlareTypeNotSupported[endpoint.RecordType] || strings.Contains(endpoint.DNSName, "*")) { + proxied = false + } + return &cloudFlareChange{ Action: action, ResourceRecordSet: cloudflare.DNSRecord{ diff --git a/provider/cloudflare_test.go b/provider/cloudflare_test.go index 02d2aeb885..d01fd67ab9 100644 --- a/provider/cloudflare_test.go +++ b/provider/cloudflare_test.go @@ -336,9 +336,42 @@ func (m *mockCloudFlareUpdateRecordsFail) ListZones(zoneID ...string) ([]cloudfl } func TestNewCloudFlareChanges(t *testing.T) { - action := cloudFlareCreate endpoints := []*endpoint.Endpoint{{DNSName: "new", Target: "target"}} - _ = newCloudFlareChanges(action, endpoints, true) + newCloudFlareChanges(cloudFlareCreate, endpoints, true) +} + +func TestNewCloudFlareChangeNoProxied(t *testing.T) { + change := newCloudFlareChange(cloudFlareCreate, &endpoint.Endpoint{DNSName: "new", RecordType: "A", Target: "target"}, false) + assert.False(t, change.ResourceRecordSet.Proxied) +} + +func TestNewCloudFlareChangeProxiable(t *testing.T) { + var cloudFlareTypes = []struct { + recordType string + proxiable bool + }{ + {"A", true}, + {"CNAME", true}, + {"LOC", false}, + {"MX", false}, + {"NS", false}, + {"SPF", false}, + {"TXT", false}, + {"SRV", false}, + } + + for _, cloudFlareType := range cloudFlareTypes { + change := newCloudFlareChange(cloudFlareCreate, &endpoint.Endpoint{DNSName: "new", RecordType: cloudFlareType.recordType, Target: "target"}, true) + + if cloudFlareType.proxiable { + assert.True(t, change.ResourceRecordSet.Proxied) + } else { + assert.False(t, change.ResourceRecordSet.Proxied) + } + } + + change := newCloudFlareChange(cloudFlareCreate, &endpoint.Endpoint{DNSName: "*.foo", RecordType: "A", Target: "target"}, true) + assert.False(t, change.ResourceRecordSet.Proxied) } func TestCloudFlareZones(t *testing.T) {