Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add table gcp_dns_managed_zone. Closes #143 #147

Merged
merged 4 commits into from
Mar 30, 2021
Merged

Add table gcp_dns_managed_zone. Closes #143 #147

merged 4 commits into from
Mar 30, 2021

Conversation

Subhajit97
Copy link
Contributor

@Subhajit97 Subhajit97 commented Mar 18, 2021
edited
Loading

Integration test logs

Logs 
No env file present for the current environment:  staging 
 Falling back to .env config
No env file present for the current environment:  staging
customEnv TURBOT_TEST_EXPECTED_TIMEOUT 300

SETUP: tests/gcp_dns_managed_zone []

PRETEST: tests/gcp_dns_managed_zone

TEST: tests/gcp_dns_managed_zone
Running terraform
data.google_client_config.current: Refreshing state...
data.null_data_source.resource: Refreshing state...
google_compute_network.named_test_resource: Creating...
google_compute_network.named_test_resource: Still creating... [10s elapsed]
google_compute_network.named_test_resource: Creation complete after 14s [id=projects/pikachu-aaa/global/networks/turbottest55482]
google_dns_managed_zone.named_test_resource: Creating...
google_dns_managed_zone.named_test_resource: Creation complete after 2s [id=projects/pikachu-aaa/managedZones/turbottest55482]

Warning: Deprecated Resource

The null_data_source was historically used to construct intermediate values to
re-use elsewhere in configuration, the same can now be achieved using locals


Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

Outputs:

network = https://www.googleapis.com/compute/v1/projects/pikachu-aaa/global/networks/turbottest55482
project_id = pikachu-aaa
resource_aka = gcp://dns.googleapis.com/projects/pikachu-aaa/managedZones/turbottest55482
resource_id = projects/pikachu-aaa/managedZones/turbottest55482
resource_name = turbottest55482

Running SQL query: test-get-query.sql
[
  {
    "description": "Test managed zone to validate the table outcome.",
    "dns_name": "turbot.com.",
    "kind": "dns#managedZone",
    "labels": {
      "name": "turbottest55482"
    },
    "location": "global",
    "name": "turbottest55482",
    "name_servers": [
      "ns-gcp-private.googledomains.com."
    ],
    "private_visibility_config_networks": [
      {
        "kind": "dns#managedZonePrivateVisibilityConfigNetwork",
        "networkUrl": "https://www.googleapis.com/compute/v1/projects/pikachu-aaa/global/networks/turbottest55482"
      }
    ],
    "project": "pikachu-aaa",
    "visibility": "private"
  }
]
✔ PASSED

Running SQL query: test-invalid-name-query.sql
null
✔ PASSED

Running SQL query: test-list-query.sql
[
  {
    "description": "Test managed zone to validate the table outcome.",
    "name": "turbottest55482"
  }
]
✔ PASSED

Running SQL query: test-not-found-query.sql
null
✔ PASSED

Running SQL query: test-turbot-query.sql
[
  {
    "akas": [
      "gcp://dns.googleapis.com/projects/pikachu-aaa/managedZones/turbottest55482"
    ],
    "tags": {
      "name": "turbottest55482"
    },
    "title": "turbottest55482"
  }
]
✔ PASSED

POSTTEST: tests/gcp_dns_managed_zone

TEARDOWN: tests/gcp_dns_managed_zone

SUMMARY:

1/1 passed.

Example query results

Results

Basic info

select
  name,
  id,
  dns_name,
  creation_time,
  visibility
from
  gcp_dns_managed_zone;
+------------+---------------------+-------------+---------------------+------------+
| name       | id                  | dns_name    | creation_time       | visibility |
+------------+---------------------+-------------+---------------------+------------+
| test-zone1 | 8353028245613669146 | turbot.com. | 2021-03-18 12:15:32 | public     |
+------------+---------------------+-------------+---------------------+------------+

Get the zones for which DNSSEC is not enabled

select
  name,
  id,
  dns_name,
  dnssec_config_state,
  visibility
from
  gcp_dns_managed_zone
where 
  visibility = 'public'
  and dnssec_config_state <> 'on';
+------------+---------------------+-------------+---------------------+------------+
| name       | id                  | dns_name    | dnssec_config_state | visibility |
+------------+---------------------+-------------+---------------------+------------+
| test-zone1 | 8353028245613669146 | turbot.com. | off                 | public     |
+------------+---------------------+-------------+---------------------+------------+

Get the zones which are public

select
  name,
  id,
  dns_name,
  visibility
from
  gcp_dns_managed_zone
where 
  visibility = 'public';
+------------+---------------------+-------------+------------+
| name       | id                  | dns_name    | visibility |
+------------+---------------------+-------------+------------+
| test-zone1 | 8353028245613669146 | turbot.com. | public     |
+------------+---------------------+-------------+------------+

List of zones which do not have owner tag key

select
  name,
  id
from
  gcp_dns_managed_zone
where
  tags -> 'owner' is null;
+------------+---------------------+
| name       | id                  |
+------------+---------------------+
| test-zone1 | 8353028245613669146 |
+------------+---------------------+

@Subhajit97 Subhajit97 self-assigned this Mar 18, 2021
@Subhajit97 Subhajit97 marked this pull request as ready for review March 18, 2021 15:23
@Subhajit97 Subhajit97 linked an issue Mar 18, 2021 that may be closed by this pull request
Add Cloud DNS table #143
Closed
LalitLab
LalitLab approved these changes Mar 30, 2021
View reviewed changes
Copy link
Contributor

@LalitLab LalitLab left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

rajlearner17
rajlearner17 requested changes Mar 30, 2021
View reviewed changes
Copy link

@rajlearner17 rajlearner17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not able to validate if we support the out of of this below to validate the CIS (3.4/3.5) recommended algorithm. Pls provide some result

gcloud dns managed-zones describe ZONENAME --
format="json(dnsName,dnssecConfig.state,dnssecConfig.defaultKeySpecs)"

rajlearner17
rajlearner17 approved these changes Mar 30, 2021
View reviewed changes
Copy link

@rajlearner17 rajlearner17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@cbruno10 cbruno10 merged commit d405b65 into main Mar 30, 2021
@cbruno10 cbruno10 deleted the issue-143 branch March 30, 2021 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cbruno10 cbruno10 cbruno10 approved these changes

@rajlearner17 rajlearner17 rajlearner17 approved these changes

@LalitLab LalitLab LalitLab approved these changes

Assignees

@Subhajit97 Subhajit97

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add Cloud DNS table
4 participants
@Subhajit97 @cbruno10 @rajlearner17 @LalitLab