Skip to content

Commit

Permalink
[DM] dns_managed_zone: refactoring #138 (#176)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ivankorn @ocsig
ivankorn authored and ocsig committed Jul 2, 2019
1 parent 9c31921 commit 461750d
Show file tree
Hide file tree
Showing 17 changed files with 740 additions and 57 deletions.
13 changes: 11 additions & 2 deletions dm/templates/dns_managed_zone/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ This template creates a managed zone in the Cloud DNS (Domain Name System).

### Resources

- [dns.v1.managedZone](https://cloud.google.com/dns/docs/)
- [gcp-types/dns-v1:managedZones](https://cloud.google.com/dns/docs/reference/v1/managedZones)

### Properties

Expand Down Expand Up @@ -59,5 +59,14 @@ See the `properties` section in the schema file(s):
```

## Examples

- [Cloud DNS Managed Zone](examples/dns_managed_zone.yaml)
- [Managed Zone with `public visibility`](examples/dns_managed_zone_public.yaml)
- [Managed Zone with `private visibility`](examples/dns_managed_zone_private.yaml)
- [Managed Zone with `private visibility config`](examples/dns_managed_zone_private_visibility_config.yaml)

## Tests Cases
- [Simple Managed Zone Test](tests/integration/dns_mz_simple.bats)
- [Managed Zone with `public visibility`](tests/integration/dns_mz_public.bats)
- [Managed Zone with `private visibility`](tests/integration/dns_mz_private.bats)
- [Managed Zone with `private visibility config`](tests/integration/dns_mz_prvt_vsblt_cfg.bats)
- [Managed Zone with `cross-project reference`](tests/integration/dns_mz_cross_project.bats)
74 changes: 41 additions & 33 deletions dm/templates/dns_managed_zone/dns_managed_zone.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,46 +17,54 @@
def generate_config(context):
""" Entry point for the deployment resources. """

resources = []

managed_zone_name = context.properties.get('zoneName')
managed_zone_name = context.properties.get('name', context.env['name'])
dnsname = context.properties['dnsName']
managed_zone_description = context.properties['description']
name_servers = '$(ref.' + context.env['name'] + '.nameServers)'
project_id = context.properties.get('project', context.env['project'])

resources = []
outputs = [
{
'name': 'dnsName',
'value': dnsname
},
{
'name': 'managedZoneDescription',
'value': managed_zone_description
},
{
'name': 'nameServers',
'value': name_servers
},
{
'name': 'managedZoneName',
'value': managed_zone_name
}
]

managed_zone = {
'name': context.env['name'],
'type': 'dns.v1.managedZone',
'properties':
{
'name': managed_zone_name,
'dnsName': dnsname,
'description': managed_zone_description
}
# https://cloud.google.com/dns/docs/reference/v1/managedZones
'type': 'gcp-types/dns-v1:managedZones',
'properties': {
'name': managed_zone_name,
'dnsName': dnsname,
'description': managed_zone_description,
'project_id': project_id
}
}

resources.append(managed_zone)

return {
'resources':
resources,
'outputs':
[
# making resources and outputs additional properties
for prop in context.properties:
if prop not in managed_zone['properties']:
managed_zone['properties'][prop] = context.properties[prop]
outputs.append(
{
'name': 'dnsName',
'value': dnsname
},
{
'name': 'managedZoneDescription',
'value': managed_zone_description
},
{
'name': 'nameServers',
'value': name_servers
},
{
'name': 'managedZoneName',
'value': managed_zone_name
'name': prop,
'value': context.properties[prop]
}
]
}
)
resources.append(managed_zone)

return {'resources': resources, 'outputs': outputs}
202 changes: 185 additions & 17 deletions dm/templates/dns_managed_zone/dns_managed_zone.py.schema
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,42 +15,194 @@
info:
title: Cloud DNS Managed Zone
author: Source Group Inc.
version: 1.0.0
description: |
Creates a managed zone in the Cloud DNS.
For more information on this resource

For more information on this resource:
- https://cloud.google.com/dns/zones/

APIs endpoints used by this template:
- gcp-types/dns-v1:managedZones =>
https://cloud.google.com/dns/docs/reference/v1/managedZones

imports:
- path: dns_managed_zone.py

additionalProperties: false

required:
- zoneName
- dnsName
- name

additionalProperties: false

properties:
zoneName:
project:
type: string
description: |
The project ID of for Managed Zone to be associated with.
description:
type: string
pattern: ^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$
pattern: ^.{0,1023}
description: |
A user-assigned name for the managed zone.
This is required by the Cloud DNS.
Must be 1-63 characters long, must begin with a letter,
end with a letter or digit, and only contain lowercase letters, digits or dashes.
A description of the managed zone. A mutable string, max 1024 characters
long. Associated with the resource for users' convenience; does not affect
managed zone's function.
dnsName:
type: string
pattern: \.$
pattern: \.
description: |
The DNS name of the managed zone; for example, "example.com."
Make sure that the value ends with a period "."
description:
dnssecConfig:
type: object
description: DNSSEC configuration.
additionalProperties: false
required:
- kind
- state
- defaultKeySpecs
proeprties:
defaultKeySpecs:
type: array
uniqueItems: true
description: |
Specifies parameters that will be used for generating initial DnsKeys
for this ManagedZone. Output only while state is not OFF.
items:
type: object
additionalProperties: false
required:
- kind
- algorithm
- keyType
- keyLength
properties:
algorithm:
oneOf:
- type: string
pattern: ^ecdsap(256|384)sha(256|384)
- type: string
pattern: ^rsasha(1|256|512)
description: |
String mnemonic specifying the DNSSEC algorithm of this key.
Acceptable values are:
- "ecdsap256sha256"
- "ecdsap384sha384"
- "rsasha1"
- "rsasha256"
- "rsasha512"
keyLength:
type: integer
description: Length of the keys in bits.
keyType:
type: string
pattern: ^(key|zone)Signing
description: |
Specifies whether this is a key signing key (KSK) or a zone
signing key (ZSK). Key signing keys have the Secure Entry Point
flag set and, when active, will only be used to sign resource
record sets of type DNSKEY. Zone signing keys do not have the
Secure Entry Point flag set and will be used to sign all other
types of resource record sets.
Acceptable values are:
- "keySigning"
- "zoneSigning"
kind:
type: string
pattern: ^dns#managedZoneDnsSecConfig
default: "dns#managedZoneDnsSecConfig"
description: |
Identifies what kind of resource this is.
Value: the fixed string "dns#managedZoneDnsSecConfig".
nonExistence:
type: string
pattern: ^.{0,1023}$
description: |
A description of the managed zone. A mutable string, max 1024 characters
long. Associated with the resource for users' convenience; does not affect
managed zone's function.
Specifies the mechanism used to provide authenticated
denial-of-existence responses. Output only while state is not OFF.
Acceptable values are:
- "nsec"
- "nsec3"
pattern: ^nsec3?
state:
type: string
pattern: ^(on|off|transfer)
description: |
Specifies whether DNSSEC is enabled, and what mode it is in.
Acceptable values are:
- "off"
- "on"
- "transfer"
kind:
type: string
pattern: ^dns#managedZone
default: "dns#managedZone"
description: |
Identifies what kind of resource this is.
Value is the fixed string "dns#managedZone".
labels:
type: object
description: User labels.
propertyNames:
type: string
name:
type: string
pattern: ^[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?
description: |
User assigned name for this resource. Must be unique within the project.
The name must be 1-63 characters long, must begin with a letter, end
with a letter or digit, and only contain lowercase letters, digits or dashes.
nameServerSet:
type: string
description: |
Optionally specifies the NameServerSet for this ManagedZone. A
NameServerSet is a set of DNS name servers that all host the same
ManagedZones. Most users will leave this field unset.
nameServers:
type: array
description: |
Delegate your managed_zone to these virtual name servers; defined by the
server (output only)
privateVisibilityConfig:
type: object
description: |
For privately visible zones, the set of Virtual Private Cloud resources
that the zone is visible from.
additionalProperties: false
properties:
kind:
type: string
pattern: ^dns#managedZonePrivateVisibilityConfig
description: |
Identifies what kind of resource this is.
Value: the fixed string "dns#managedZonePrivateVisibilityConfig"
networks:
type: array
items:
type: object
additionalProperties: false
required:
- kind
- networkUrl
properties:
kind:
type: string
pattern: ^dns#managedZonePrivateVisibilityConfigNetwork
description: |
Identifies what kind of resource this is.
Value: the fixed string "dns#managedZonePrivateVisibilityConfigNetwork".
networkUrl:
type: string
pattern: ^https:\/\/www.googleapis.com\/compute\/v1\/projects\/[a-zA-Z0-9_-]+\/global\/networks\/[a-zA-Z0-9_-]+
description: |
The fully qualified URL of the VPC network to bind to. This should be formatted
like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
visibility:
type: string
pattern: ^(public|private)
description: |
The zone's visibility. Public zones are exposed to the Internet, while
private zones are visible only to Virtual Private Cloud resources.
Acceptable values are "private" and "public".

outputs:
properties:
Expand All @@ -67,9 +219,25 @@ outputs:
- managedZoneName:
type: string
description: The managed zone's resource name.

- visibility:
type: string
description: |
The zone's visibility. Public zones are exposed to the Internet,
while private zones are visible only to Virtual Private Cloud
resources.
- privateVisibilityConfig:
type: object
description: |
For privately visible zones, the set of Virtual Private Cloud
resources that the zone is visible from.
- dnssecConfig:
type: object
description: DNSSEC configuration.
documentation:
- templates/dns_managed_zone/README.md

examples:
- templates/dns_managed_zone/examples/dns_managed_zone.yaml
- templates/dns_managed_zone/examples/dns_managed_zone_private.yaml
- templates/dns_managed_zone/examples/dns_managed_zone_private_visibility_config.yaml
- templates/dns_managed_zone/examples/dns_managed_zone_public.yaml
4 changes: 2 additions & 2 deletions dm/templates/dns_managed_zone/examples/dns_managed_zone.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Example of the DNS managed zone template usage.
#
# In this example, a DNS managed zone is created with the use of
# the `zoneName` and `dnsName` properties.
# the `name` and `dnsName` properties.

imports:
- path: templates/dns_managed_zone/dns_managed_zone.py
Expand All @@ -11,6 +11,6 @@ resources:
- name: test-managed-zone
type: dns_managed_zone.py
properties:
zoneName: test-managed-zone
name: test-managed-zone
dnsName: foobar.local.
description: 'My foobar DNS Managed Zone'
17 changes: 17 additions & 0 deletions dm/templates/dns_managed_zone/examples/dns_managed_zone_private.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Example of the DNS managed zone template usage.
#
# In this example, a private DNS managed zone is created with the use of
# the `visibility` and `dnsName` properties.

imports:
- path: templates/dns_managed_zone/dns_managed_zone.py
name: dns_managed_zone.py

resources:
- name: private-mz
type: dns_managed_zone.py
properties:
name: private-mz
dnsName: private-mz.local.
description: "Private DNS Managed Zone"
visibility: private
Loading

0 comments on commit 461750d

Please sign in to comment.