CHANGELOG.md

@@ -1,6 +1,16 @@
 # Changelog
 
-## [9.3.0](https://github.com/theforeman/puppet-dns/tree/9.3.0) (2022-04-19)
+## [9.4.0](https://github.com/theforeman/puppet-dns/tree/9.4.0) (2022-08-01)
+
+[Full Changelog](https://github.com/theforeman/puppet-dns/compare/9.3.0...9.4.0)
+
+**Implemented enhancements:**
+
+- Update to voxpupuli-test 5 [\#214](https://github.com/theforeman/puppet-dns/pull/214) ([ekohl](https://github.com/ekohl))
+- Add support for `allow-update` in zones [\#213](https://github.com/theforeman/puppet-dns/pull/213) ([SimonPe](https://github.com/SimonPe))
+- Manage zone records [\#212](https://github.com/theforeman/puppet-dns/pull/212) ([BDelacour](https://github.com/BDelacour))
+
+## [9.3.0](https://github.com/theforeman/puppet-dns/tree/9.3.0) (2022-04-20)
 
 [Full Changelog](https://github.com/theforeman/puppet-dns/compare/9.2.0...9.3.0)
 

Gemfile

@@ -13,7 +13,7 @@ gem 'puppet-lint-param-docs', '>= 1.3.0', {"groups"=>["test"]}
 gem 'puppet-lint-spaceship_operator_without_tag-check', {"groups"=>["test"]}
 gem 'puppet-lint-strict_indent-check', {"groups"=>["test"]}
 gem 'puppet-lint-undef_in_function-check', {"groups"=>["test"]}
-gem 'voxpupuli-test', '~> 1.4', {"groups"=>["test"]}
+gem 'voxpupuli-test', '~> 5.0', {"groups"=>["test"]}
 gem 'github_changelog_generator', '>= 1.15.0', {"groups"=>["development"]}
 gem 'puppet_metadata', '~> 1.3'
 gem 'puppet-blacksmith', '>= 6.0.0', {"groups"=>["development"]}

manifests/init.pp

@@ -152,7 +152,7 @@
   Variant[Enum['unmanaged'], Stdlib::Absolutepath] $defaultzonepath = $dns::params::defaultzonepath,
   Optional[Enum['only', 'first']] $forward                          = undef,
   Array[String] $forwarders                                         = [],
-  Optional[Variant[String, Boolean]] $listen_on_v6                  = 'any',
+  Variant[String, Boolean] $listen_on_v6                            = 'any',
   Enum['yes', 'no'] $recursion                                      = 'yes',
   Array[String] $allow_recursion                                    = ['localnets', 'localhost'],
   Array[String] $allow_query                                        = ['any'],
@@ -168,7 +168,7 @@
   Optional[String] $sysconfig_startup_options                       = $dns::params::sysconfig_startup_options,
   Optional[Boolean] $sysconfig_resolvconf_integration               = $dns::params::sysconfig_resolvconf_integration,
   Optional[Boolean] $sysconfig_disable_zone_checking                = $dns::params::sysconfig_disable_zone_checking,
-  Optional[Hash[String[1], String]] $sysconfig_additional_settings  = {},
+  Hash[String[1], String] $sysconfig_additional_settings            = {},
   Hash[String, Hash[String, Data]] $controls                        = $dns::params::controls,
   Variant[Enum['running', 'stopped'], Boolean] $service_ensure      = 'running',
   Boolean $service_enable                                           = true,
@@ -182,7 +182,6 @@
   Hash[String, Hash] $logging_categories                            = {},
   Hash[String, Hash] $logging_channels                              = {},
 ) inherits dns::params {
-
   include dns::install
   include dns::config
   contain dns::service

manifests/key.pp

@@ -17,7 +17,7 @@
 #   The size of the key to generate. Only used when generating the key. It's
 #   ignored if when a key is specified.
 #
-define dns::key(
+define dns::key (
   String               $algorithm    = 'hmac-md5',
   String               $filename     = "${name}.key",
   Optional[String]     $secret       = undef,
@@ -27,7 +27,7 @@
   $keyfilename = "${keydir}/${filename}"
 
   if $secret {
-    file {$keyfilename:
+    file { $keyfilename:
       ensure  => file,
       owner   => $dns::user,
       group   => $dns::group,
@@ -42,7 +42,7 @@
       creates => $keyfilename,
       before  => Class['dns::config'],
       notify  => Class['dns::service'],
-    }-> file { $keyfilename:
+    } -> file { $keyfilename:
       owner => 'root',
       group => $dns::params::group,
       mode  => '0640',

manifests/params.pp

@@ -116,8 +116,8 @@
   $controls              = {
     '127.0.0.1' => {
       'port' => 953,
-      'allowed_addresses' => [ '127.0.0.1' ],
-      'keys' => [ 'rndc-key' ],
+      'allowed_addresses' => ['127.0.0.1'],
+      'keys' => ['rndc-key'],
     },
   }
 }

manifests/view.pp

@@ -58,7 +58,6 @@
   Boolean                               $include_defaultzones = true,
   String                                $order                = '-',
 ) {
-
   unless $dns::enable_views {
     fail('Must set $dns::enable_views to true in order to use dns::view')
   }
@@ -89,5 +88,4 @@
     content => "};\n",
     order   => "${title}-14",
   }
-
 }

manifests/zone.pp

@@ -16,6 +16,9 @@
 # @param manage_file_name
 #   Whether to set the file parameter in the zone file.
 #
+# @param replace_file
+#   Whether to update the zone file when a change is detected.
+#
 # @param update_policy
 #   This can be used to specifiy additional update policy rules in the
 #   following format
@@ -33,9 +36,15 @@
 # @param expire
 # @param negttl
 # @param serial
+# @param records
+#   A list of records which will be added to the zone file in
+#   the RFC 1035 format (see https://datatracker.ietf.org/doc/html/rfc1035)
+#   Example ['host1 IN A 192.168.0.10', 'alt-host1 IN CNAME host1']
+#
 # @param masters
 # @param allow_transfer
 # @param allow_query
+# @param allow_update
 # @param also_notify
 # @param zone
 # @param contact
@@ -64,16 +73,19 @@
   Integer $expire                                         = 604800,
   Integer $negttl                                         = 3600,
   Integer $serial                                         = 1,
+  Array[String[1]] $records                               = [],
   Array $masters                                          = [],
   Array $allow_transfer                                   = [],
   Array $allow_query                                      = [],
+  Array $allow_update                                     = [],
   Array $also_notify                                      = [],
   String $zone                                            = $title,
   Optional[String] $contact                               = undef,
   Stdlib::Absolutepath $zonefilepath                      = $dns::zonefilepath,
   String $filename                                        = "db.${title}",
   Boolean $manage_file                                    = true,
   Boolean $manage_file_name                               = false,
+  Boolean $replace_file                                   = false,
   Enum['first', 'only'] $forward                          = 'first',
   Array $forwarders                                       = [],
   Optional[Enum['yes', 'no', 'explicit']] $dns_notify     = undef,
@@ -84,7 +96,6 @@
   Optional[Enum['allow', 'maintain', 'off']] $auto_dnssec = undef,
   Optional[String[1]] $dnssec_policy                      = undef,
 ) {
-
   $_contact = pick($contact, "root.${zone}.")
 
   $zonefilename = "${zonefilepath}/${filename}"
@@ -99,6 +110,9 @@
   } else {
     $_target_views = ['_GLOBAL_']
   }
+  if !$allow_update.empty and $update_policy {
+    fail('It is a configuration error to specify both allow_update and update_policy at the same time.')
+  }
 
   if $zonetype == 'slave' {
     $_dns_notify = pick($dns_notify, 'no')
@@ -130,7 +144,7 @@
       group   => $dns::group,
       mode    => '0644',
       content => template('dns/zone.header.erb'),
-      replace => false,
+      replace => $replace_file,
       notify  => Class['dns::service'],
     }
   }

metadata.json

@@ -1,6 +1,6 @@
 {
   "name": "theforeman-dns",
-  "version": "9.3.0",
+  "version": "9.4.0",
   "author": "theforeman",
   "summary": "Manage the ISC BIND daemon",
   "license": "Apache-2.0",

spec/defines/dns_zone_spec.rb

@@ -72,6 +72,19 @@
         ])
       end
 
+      context 'when replace_file => true' do
+        let(:params) { { replace_file: true } }
+
+        it "should create zone file with replace => true" do
+          should contain_file("#{zonefilepath}/db.example.com").with({
+            :owner    => user_name,
+            :group    => user_name,
+            :mode     => '0644',
+            :replace  => 'true',
+          }).that_notifies('Class[Dns::Service]')
+        end
+      end
+
       context 'when reverse => true' do
         let(:title) { '1.168.192.in-addr.arpa' }
         let(:params) {{ :reverse => true }}
@@ -111,6 +124,27 @@
         end
       end
 
+      context 'with records' do
+        let(:params) { { records: ['host1 IN A 192.0.2.10', 'vm-host1 IN CNAME host1', 'host2 IN A 192.0.2.11']} }
+
+        it "should have valid zone file contents" do
+          verify_exact_contents(catalogue, "#{zonefilepath}/db.example.com", [
+            '$TTL 10800',
+            '@ IN SOA puppetmaster.example.com. root.example.com. (',
+            '	1	;Serial',
+            '	86400	;Refresh',
+            '	3600	;Retry',
+            '	604800	;Expire',
+            '	3600	;Negative caching TTL',
+            ')',
+            '@ IN NS puppetmaster.example.com.',
+            'host1 IN A 192.0.2.10',
+            'vm-host1 IN CNAME host1',
+            'host2 IN A 192.0.2.11',
+          ])
+        end
+      end
+
       context 'when allow_transfer defined' do
         let(:params) {rndc_policy_params.merge({ :allow_transfer => ['192.168.1.2'] })}
 

spec/spec_helper.rb

@@ -3,6 +3,8 @@
 
 require 'voxpupuli/test/spec_helper'
 
+add_mocked_facts!
+
 def get_content(subject, title)
   is_expected.to contain_file(title)
   content = subject.resource('file', title).send(:parameters)[:content]

templates/named.zone.erb

@@ -19,6 +19,9 @@ zone "<%= @zone %>" {
             <%- end -%>
     };
 <%   end -%>
+<%   unless @allow_update.empty? -%>
+    allow-update { <%= @allow_update.join('; ') %>; };
+<%   end -%>
 <% end -%>
 <% if @auto_dnssec -%>
     auto-dnssec <%= @auto_dnssec %>;

templates/zone.header.erb

@@ -16,3 +16,6 @@ $TTL <%= @ttl %>
 <%= @soa %>. IN AAAA <%= @soaipv6 %>
 <% end -%>
 <% end -%>
+<%- @records.each do |record| -%>
+<%= record %>
+<%- end -%>