Add support for Google Domains DNS API.

[alexleigh]

https://domains.google/learn/gts-acme/

This is an ACME API for Google Domains customers, which is different from the Google Cloud Domains API for Google Cloud customers.

[github-actions]

Welcome
Please make sure you're read our DNS API Dev Guide and DNS-API-Test.
Then reply on this message, otherwise, your code will not be reviewed or merged.
We look forward to reviewing your Pull request shortly ✨

[alexleigh]

Welcome Please make sure you're read our DNS API Dev Guide and DNS-API-Test. Then reply on this message, otherwise, your code will not be reviewed or merged. We look forward to reviewing your Pull request shortly ✨

Wiki page updated here: https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#157-use-google-domains-dns-api
Tracking bug added here: #4545
DNS workflow completed here: https://github.com/alexleigh/acme.sh/actions/runs/4367707406

DNS workflow succeeded for a slightly earlier version of the script: https://github.com/alexleigh/acme.sh/actions/runs/4356430668

However, new runs of the DNS workflow have been failing at the Kali Linux docker image for unrelated reasons: the current versions of packages needed by the Kali docker image have been deleted from the Kali official repos. Until Kali fixes the Docker image, the DNS workflow cannot finish.

[alexleigh]

I reached out to the Kali team who confirmed that the Kali release docker image will be working again once Kali ver 2023.1 is released. If the DNS workflow needs to work before then, the Docker test can switch to using the Kali rolling image instead of the release image. One of the acme.sh maintainers would need to determine if such a change should be made to get the tests working again.

[alexleigh]

Figured out another way to fix the Kali Linux Docker image, created acmesh-official/acmetest#21 to allow the tests to run again.

EDIT: to be clear, the above acmetest PR is not needed for this acme.sh PR to go through. The tests have already passed.

[kn007]

Test pass. (f5dac12)
Thanks for your work.

========================
CentOS 8 x64

[alexleigh]

Kali Linux repositories have updated to be consistent with each other, so the DNS workflow has been able to complete https://github.com/alexleigh/acme.sh/actions/runs/4367707406

[saudiqbal]

Working fine with me.

[sberney]

Worked for me as well. Thanks for the code!

[heitbaum]

I have a number of domains at

https://console.cloud.google.com/net-services/dns/zones?referrer=search&project=abc-abc-123

one of which is “abc.com”

But when I run https://acmedns.googleapis.com/v1/acmeChallengeSets/abc.com

I get the following error.

{
  "error": {
    "code": 404,
    "message": "Domain abc.com is not managed by Google Domains.",
    "status": "NOT_FOUND"
  }
}

Can someone shed some light on this? How to make it work.

[alexleigh]

If your domains are managed by Google Cloud DNS, that's a separate product from Google Domains. You can try using the Cloud DNS API to manage ACME records: https://github.com/acmesh-official/acme.sh/wiki/dnsapi#49-use-google-cloud-dns-api-to-automatically-issue-cert

[moralrebuild]

Waiting the next official release for this PR.

[amplicity]

Where does one find their managed google domains 'zone'?

[saudiqbal]

There is no need for specifying a domain zone, zone is the domain for which you need the certificate.