-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add subdomain filter to AWS provider #1375
Changes from 3 commits
3c81959
656730d
2c9210b
773817d
d26c7ef
e0b67d0
ee134b2
d6fe14f
e100a79
7d13591
41a86c0
6dbd36b
ea9f612
618f585
b1ce5f5
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -63,6 +63,7 @@ type Config struct { | |
AlibabaCloudZoneType string | ||
AWSZoneType string | ||
AWSZoneTagFilter []string | ||
AWSSubdomainFilter []string | ||
AWSAssumeRole string | ||
AWSBatchChangeSize int | ||
AWSBatchChangeInterval time.Duration | ||
|
@@ -160,6 +161,7 @@ var defaultConfig = &Config{ | |
AlibabaCloudConfigFile: "/etc/kubernetes/alibaba-cloud.json", | ||
AWSZoneType: "", | ||
AWSZoneTagFilter: []string{}, | ||
AWSSubdomainFilter: []string{}, | ||
AWSAssumeRole: "", | ||
AWSBatchChangeSize: 1000, | ||
AWSBatchChangeInterval: time.Second, | ||
|
@@ -300,6 +302,7 @@ func (cfg *Config) ParseFlags(args []string) error { | |
app.Flag("provider", "The DNS provider where the DNS records will be created (required, options: aws, aws-sd, google, azure, azure-dns, azure-private-dns, cloudflare, rcodezero, digitalocean, dnsimple, akamai, infoblox, dyn, designate, coredns, skydns, inmemory, pdns, oci, exoscale, linode, rfc2136, ns1, transip, vinyldns, rdns)").Required().PlaceHolder("provider").EnumVar(&cfg.Provider, "aws", "aws-sd", "google", "azure", "azure-dns", "azure-private-dns", "alibabacloud", "cloudflare", "rcodezero", "digitalocean", "dnsimple", "akamai", "infoblox", "dyn", "designate", "coredns", "skydns", "inmemory", "pdns", "oci", "exoscale", "linode", "rfc2136", "ns1", "transip", "vinyldns", "rdns") | ||
app.Flag("domain-filter", "Limit possible target zones by a domain suffix; specify multiple times for multiple domains (optional)").Default("").StringsVar(&cfg.DomainFilter) | ||
app.Flag("exclude-domains", "Exclude subdomains (optional)").Default("").StringsVar(&cfg.ExcludeDomains) | ||
app.Flag("subdomain-filter", "Allow only changes to specific subdomain").Default("").StringsVar(&cfg.AWSSubdomainFilter) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. it would be nice to only name it There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Agreed. Will change. |
||
app.Flag("zone-id-filter", "Filter target zones by hosted zone id; specify multiple times for multiple zones (optional)").Default("").StringsVar(&cfg.ZoneIDFilter) | ||
app.Flag("google-project", "When using the Google provider, current project is auto-detected, when running on GCP. Specify other project with this. Must be specified when running outside GCP.").Default(defaultConfig.GoogleProject).StringVar(&cfg.GoogleProject) | ||
app.Flag("google-batch-change-size", "When using the Google provider, set the maximum number of changes that will be applied in each batch.").Default(strconv.Itoa(defaultConfig.GoogleBatchChangeSize)).IntVar(&cfg.GoogleBatchChangeSize) | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -124,7 +124,9 @@ type AWSProvider struct { | |
zoneTypeFilter ZoneTypeFilter | ||
// filter hosted zones by tags | ||
zoneTagFilter ZoneTagFilter | ||
preferCNAME bool | ||
// only allow changes to specified subdomain and its subdomains | ||
subdomainFilter DomainFilter | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. should this not be changed to SubdomainFilter instead of DomainFilter? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The subdomain filter is still a domain filter and the domain filtering provided by DomainFilter will be sufficient. However, I can add a SubdomainFilter type for readability and future changes. What do you think? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yes please, just thought it would be better to divide it because of readability and future changes as well. |
||
preferCNAME bool | ||
} | ||
|
||
// AWSConfig contains configuration to create a new AWS provider. | ||
|
@@ -133,6 +135,7 @@ type AWSConfig struct { | |
ZoneIDFilter ZoneIDFilter | ||
ZoneTypeFilter ZoneTypeFilter | ||
ZoneTagFilter ZoneTagFilter | ||
SubdomainFilter DomainFilter | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Also here DomainFilter -> SubDomainFilter? |
||
BatchChangeSize int | ||
BatchChangeInterval time.Duration | ||
EvaluateTargetHealth bool | ||
|
@@ -174,6 +177,7 @@ func NewAWSProvider(awsConfig AWSConfig) (*AWSProvider, error) { | |
zoneIDFilter: awsConfig.ZoneIDFilter, | ||
zoneTypeFilter: awsConfig.ZoneTypeFilter, | ||
zoneTagFilter: awsConfig.ZoneTagFilter, | ||
subdomainFilter: awsConfig.SubdomainFilter, | ||
batchChangeSize: awsConfig.BatchChangeSize, | ||
batchChangeInterval: awsConfig.BatchChangeInterval, | ||
evaluateTargetHealth: awsConfig.EvaluateTargetHealth, | ||
|
@@ -401,8 +405,10 @@ func (p *AWSProvider) submitChanges(ctx context.Context, changes []*route53.Chan | |
return nil | ||
} | ||
|
||
filteredChangesBySubdomains := filteredChangesBySubdomains(changes, p) | ||
|
||
// separate into per-zone change sets to be passed to the API. | ||
changesByZone := changesByZone(zones, changes) | ||
changesByZone := changesByZone(zones, filteredChangesBySubdomains) | ||
if len(changesByZone) == 0 { | ||
log.Info("All records are already up to date, there are no changes for the matching hosted zones") | ||
} | ||
|
@@ -651,6 +657,18 @@ func sortChangesByActionNameType(cs []*route53.Change) []*route53.Change { | |
return cs | ||
} | ||
|
||
func filteredChangesBySubdomains(changeSet []*route53.Change, p *AWSProvider) []*route53.Change { | ||
changes := []*route53.Change{} | ||
|
||
for _, c := range changeSet { | ||
hostname := aws.StringValue(c.ResourceRecordSet.Name) | ||
if p.subdomainFilter.Match(hostname) { | ||
changes = append(changes, c) | ||
} | ||
} | ||
return changes | ||
} | ||
|
||
// changesByZone separates a multi-zone change into a single change per zone. | ||
func changesByZone(zones map[string]*route53.HostedZone, changeSet []*route53.Change) map[string][]*route53.Change { | ||
changes := make(map[string][]*route53.Change) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the indent are wrong here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also the other changes, please revert them
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are right. My bad. I'll revert and add the subdomain filter section with correct indentation.