From 6fb5a8471a1292275c27a7571e0367361c5e8c83 Mon Sep 17 00:00:00 2001 From: Michel Loiseleur Date: Fri, 29 Mar 2024 17:28:12 +0100 Subject: [PATCH 01/13] chore: alphabetical order on providers --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 2dfd61711..272fad997 100644 --- a/README.md +++ b/README.md @@ -79,14 +79,14 @@ Known providers using webhooks: | Provider | Repo | | -------- | ----------- | -| IONOS | https://github.com/ionos-cloud/external-dns-ionos-webhook | -| Adguard Home Provider | https://github.com/muhlba91/external-dns-provider-adguard | -| STACKIT | https://github.com/stackitcloud/external-dns-stackit-webhook | -| GleSYS | https://github.com/glesys/external-dns-glesys | -| Hetzner | https://github.com/mconfalonieri/external-dns-hetzner-webhook | -| Bizfly Cloud | https://github.com/bizflycloud/external-dns-bizflycloud-webhook | -| Netcup | https://github.com/mrueg/external-dns-netcup-webhook | +| Adguard Home Provider | https://github.com/muhlba91/external-dns-provider-adguard | +| Bizfly Cloud | https://github.com/bizflycloud/external-dns-bizflycloud-webhook | | Gcore | https://github.com/G-Core/external-dns-gcore-webhook | +| GleSYS | https://github.com/glesys/external-dns-glesys | +| Hetzner | https://github.com/mconfalonieri/external-dns-hetzner-webhook | +| IONOS | https://github.com/ionos-cloud/external-dns-ionos-webhook | +| Netcup | https://github.com/mrueg/external-dns-netcup-webhook | +| STACKIT | https://github.com/stackitcloud/external-dns-stackit-webhook | ## Status of providers From dc9e0a581603f42ffd8e2cb8b180d3b21513ce41 Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Sun, 31 Mar 2024 19:51:28 +0800 Subject: [PATCH 02/13] dongjiang, fix ipv6 shortener and expander equal Signed-off-by: dongjiang1989 --- endpoint/endpoint.go | 32 +++++++++++++++++++++++++++++++- endpoint/endpoint_test.go | 28 ++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) diff --git a/endpoint/endpoint.go b/endpoint/endpoint.go index a45f61ac4..cee79910e 100644 --- a/endpoint/endpoint.go +++ b/endpoint/endpoint.go @@ -75,7 +75,17 @@ func (t Targets) Len() int { } func (t Targets) Less(i, j int) bool { - return t[i] < t[j] + ipi, err := netip.ParseAddr(t[i]) + if err != nil { + return t[i] < t[j] + } + + ipj, err := netip.ParseAddr(t[j]) + if err != nil { + return t[i] < t[j] + } + + return ipi.String() < ipj.String() } func (t Targets) Swap(i, j int) { @@ -92,6 +102,26 @@ func (t Targets) Same(o Targets) bool { for i, e := range t { if !strings.EqualFold(e, o[i]) { + ipA, err := netip.ParseAddr(e) + if err != nil { + log.WithFields(log.Fields{ + "targets": t, + "comparisonTargets": o, + }).Debugf("Couldn't parse %s as an IP address: %v", e, err) + } + + ipB, err := netip.ParseAddr(o[i]) + if err != nil { + log.WithFields(log.Fields{ + "targets": t, + "comparisonTargets": o, + }).Debugf("Couldn't parse %s as an IP address: %v", e, err) + } + + // IPv6 Address Shortener == IPv6 Address Expander + if ipA.IsValid() && ipB.IsValid() { + return ipA.String() == ipB.String() + } return false } } diff --git a/endpoint/endpoint_test.go b/endpoint/endpoint_test.go index 47c23e2f4..51234bdb0 100644 --- a/endpoint/endpoint_test.go +++ b/endpoint/endpoint_test.go @@ -41,6 +41,7 @@ func TestTargetsSame(t *testing.T) { {""}, {"1.2.3.4"}, {"8.8.8.8", "8.8.4.4"}, + {"dd:dd::01", "::1", "::0001"}, {"example.org", "EXAMPLE.ORG"}, } @@ -51,6 +52,33 @@ func TestTargetsSame(t *testing.T) { } } +func TestSameSuccess(t *testing.T) { + tests := []struct { + a Targets + b Targets + }{ + { + []string{"::1"}, + []string{"::0001"}, + }, + { + []string{"::1", "dd:dd::01"}, + []string{"dd:00dd::0001", "::0001"}, + }, + + { + []string{"::1", "dd:dd::01"}, + []string{"00dd:dd::0001", "::0001"}, + }, + } + + for _, d := range tests { + if d.a.Same(d.b) == false { + t.Errorf("%#v should equal %#v", d.a, d.b) + } + } +} + func TestSameFailures(t *testing.T) { tests := []struct { a Targets From b5ef2fc9135d272ea648f5a43080634ce5084433 Mon Sep 17 00:00:00 2001 From: dongjiang Date: Sun, 7 Apr 2024 09:44:08 +0800 Subject: [PATCH 03/13] Update endpoint/endpoint.go Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com> --- endpoint/endpoint.go | 1 + 1 file changed, 1 insertion(+) diff --git a/endpoint/endpoint.go b/endpoint/endpoint.go index cee79910e..f7af843f6 100644 --- a/endpoint/endpoint.go +++ b/endpoint/endpoint.go @@ -102,6 +102,7 @@ func (t Targets) Same(o Targets) bool { for i, e := range t { if !strings.EqualFold(e, o[i]) { + // IPv6 can be shortened, so it should be parsed for equality checking ipA, err := netip.ParseAddr(e) if err != nil { log.WithFields(log.Fields{ From f3c1e32930c9c83a412fc6cb02e45535e3ecd88b Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Tue, 9 Apr 2024 09:34:58 +0800 Subject: [PATCH 04/13] add unittest casae Signed-off-by: dongjiang1989 --- endpoint/endpoint_test.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/endpoint/endpoint_test.go b/endpoint/endpoint_test.go index 51234bdb0..a3b3399cf 100644 --- a/endpoint/endpoint_test.go +++ b/endpoint/endpoint_test.go @@ -70,6 +70,10 @@ func TestSameSuccess(t *testing.T) { []string{"::1", "dd:dd::01"}, []string{"00dd:dd::0001", "::0001"}, }, + { + []string{"::1", "1.1.1.1", "2600.com", "3.3.3.3"}, + []string{"2600.com", "::0001", "3.3.3.3", "1.1.1.1"}, + }, } for _, d := range tests { @@ -97,6 +101,10 @@ func TestSameFailures(t *testing.T) { []string{"1.2.3.4", "4.3.2.1"}, []string{"8.8.8.8", "8.8.4.4"}, }, + { + []string{"::1", "2600.com", "3.3.3.3"}, + []string{"2600.com", "3.3.3.3", "1.1.1.1"}, + }, } for _, d := range tests { From 46dd6d2e2bb24a965a83a139671140c3bcd413d5 Mon Sep 17 00:00:00 2001 From: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com> Date: Tue, 9 Apr 2024 11:06:20 +0200 Subject: [PATCH 05/13] doc: advertise current plan on providers (#4365) * doc: advertise current plan on providers * Update README.md Co-authored-by: Raffaele Di Fazio * Update README.md --------- Co-authored-by: Raffaele Di Fazio --- README.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 272fad997..641f31dd7 100644 --- a/README.md +++ b/README.md @@ -88,15 +88,11 @@ Known providers using webhooks: | Netcup | https://github.com/mrueg/external-dns-netcup-webhook | | STACKIT | https://github.com/stackitcloud/external-dns-stackit-webhook | -## Status of providers +## Status of in-tree providers -ExternalDNS supports multiple DNS providers which have been implemented by the [ExternalDNS contributors](https://github.com/kubernetes-sigs/external-dns/graphs/contributors). Maintaining all of those in a central repository is a challenge and we have limited resources to test changes. This means that it is very hard to test all providers for possible regressions and, as written in the [Contributing](#Contributing) section, we encourage contributors to step in as maintainers for the individual providers and help by testing the integrations. +ExternalDNS supports multiple DNS providers which have been implemented by the [ExternalDNS contributors](https://github.com/kubernetes-sigs/external-dns/graphs/contributors). Maintaining all of those in a central repository is a challenge, which introduces lots of toil and potential risks. -End-to-end testing of ExternalDNS is currently -[performed](https://github.com/zalando-incubator/kubernetes-on-aws/blob/dev/test/e2e/external_dns.go) -in the separate -[kubernetes-on-aws](https://github.com/zalando-incubator/kubernetes-on-aws) -repository. +This mean that `external-dns` has begun the process to move providers out of tree. See #4347 for more details. Those who are interested can create a webhook provider based on an _in-tree_ provider and after submit a PR to reference it here. We define the following stability levels for providers: @@ -112,7 +108,7 @@ The following table clarifies the current status of the providers according to t | AWS Route 53 | Stable | | | AWS Cloud Map | Beta | | | Akamai Edge DNS | Beta | | -| AzureDNS | Beta | | +| AzureDNS | Stable | | | BlueCat | Alpha | @seanmalloy @vinny-sabatini | | Civo | Alpha | @alejandrojnm | | CloudFlare | Beta | | From 9e47e5c58462a82a3238e1c427833826e27a90dd Mon Sep 17 00:00:00 2001 From: Bradley <41597815+userbradley@users.noreply.github.com> Date: Tue, 9 Apr 2024 11:49:52 +0100 Subject: [PATCH 06/13] Updating GKE docs on workload identity --- docs/tutorials/gke.md | 107 +++++++++++++++++++++++++++++++----------- 1 file changed, 80 insertions(+), 27 deletions(-) diff --git a/docs/tutorials/gke.md b/docs/tutorials/gke.md index af1c7a640..74b89ab07 100644 --- a/docs/tutorials/gke.md +++ b/docs/tutorials/gke.md @@ -14,7 +14,7 @@ This solution will only work when both CloudDNS and GKE are provisioned in the s ### Configure Project Environment -Setup your environment to work with Google Cloud Platform. Fill in your variables as needed, e.g. target project. +Set up your environment to work with Google Cloud Platform. Fill in your variables as needed, e.g. target project. ```bash # set variables to the appropriate desired values @@ -206,47 +206,100 @@ kubectl create secret generic "external-dns" --namespace ${EXTERNALDNS_NS:-"defa ``` After this, follow the steps in [Deploy ExternalDNS](#deploy-externaldns). Make sure to set the `--google-project` flag to match Cloud DNS project name. Make sure to uncomment out the section that mounts the secret to the ExternalDNS pods. + ### Workload Identity -[Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity) allows workloads in your GKE cluster to impersonate GSA (Google Service Accounts) using KSA (Kubernetes Service Accounts) configured during deployemnt. These are the steps to use this feature with ExternalDNS. +[Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity) allows workloads in your GKE cluster to [authenticate directly to GCP](https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity#credential-flow) using Kubernetes Service Accounts -#### Create GSA for use with Workload Identity +You have an option to chose from using the gcloud CLI or using Terraform. -```bash -DNS_SA_NAME="external-dns-sa" -DNS_SA_EMAIL="$DNS_SA_NAME@${GKE_PROJECT_ID}.iam.gserviceaccount.com" +=== "gcloud CLI" -gcloud iam service-accounts create $DNS_SA_NAME --display-name $DNS_SA_NAME -gcloud projects add-iam-policy-binding $DNS_PROJECT_ID \ - --member serviceAccount:$DNS_SA_EMAIL --role "roles/dns.admin" -``` + The below instructions assume you are using the default Kubernetes Service account name of `external-dns` in the namespace `external-dns` -#### Link KSA to GSA + Grant the Kubernetes service account DNS `roles/dns.admin` at project level + + ```shell + gcloud projects add-iam-policy-binding projects/DNS_PROJECT_ID \ + --role=roles/dns.admin \ + --member=principal://iam.googleapis.com/projects/PROJECT_NUMBER/locations/global/workloadIdentityPools/PROJECT_ID.svc.id.goog/subject/ns/external-dns/sa/external-dns \ + --condition=None + ``` + + Replace the following: + + * `DNS_PROJECT_ID` : Project ID of your DNS project. If DNS is in the same project as your GKE cluster, use your GKE project. + * `PROJECT_ID`: your Google Cloud project ID of your GKE Cluster + * `PROJECT_NUMBER`: your numerical Google Cloud project number of your GKE cluster + + If you wish to change the namespace, replace + + * `ns/external-dns` with `ns/` + + + +=== "Terraform" + + The below instructions assume you are using the default Kubernetes Service account name of `external-dns` in the namespace `external-dns` + + Create a file called `main.tf` and place in it the below. _Note: If you're an experienced terraform user feel free to split these out in to different files_ + + ```hcl + variable "gke-project" { + type = string + description = "Name of the project that the GKE cluster exists in" + default = "GKE-PROJECT" + } + + variable "ksa_name" { + type = string + description = "Name of the Kubernetes service account that will be accessing the DNS Zones" + default = "external-dns" + } + + variable "kns_name" { + type = string + description = "Name of the Kubernetes Namespace" + default = "external-dns" + } + + data "google_project" "project" { + project_id = var.gke-project + } + + locals { + member = "principal://iam.googleapis.com/projects/${data.google_project.project.number}/locations/global/workloadIdentityPools/${var.gke-project}.svc.id.goog/subject/ns/${var.kns_name}/sa/${var.ksa_name}" + } + + resource "google_project_iam_member" "external_dns" { + member = local.member + project = "DNS-PROJECT" + role = "roles/dns.admin" + } + ``` + + Replace the following + + * `GKE-PROJECT` : Project that contains your GKE cluster + * `DNS-PROJECT` : Project that holds your DNS zones + + You can also change the below if you plan to use a different service account name and namespace + + * `variable "ksa_name"` : Name of the Kubernetes service account external-dns will use + * `variable "kns_name"` : Name of the Kubernetes Name Space that will have external-dns installed to -Add an IAM policy binding bewtween the workload identity GSA and ExternalDNS GSA. This will link the ExternalDNS KSA to ExternalDNS GSA. -```bash -gcloud iam service-accounts add-iam-policy-binding $DNS_SA_EMAIL \ - --role "roles/iam.workloadIdentityUser" \ - --member "serviceAccount:$GKE_PROJECT_ID.svc.id.goog[${EXTERNALDNS_NS:-"default"}/external-dns]" -``` #### Deploy External DNS Deploy ExternalDNS with the following steps below, documented under [Deploy ExternalDNS](#deploy-externaldns). Set the `--google-project` flag to the Cloud DNS project name. -#### Link KSA to GSA in Kubernetes - -Add the proper workload identity annotation to the ExternalDNS KSA. - -```bash -kubectl annotate serviceaccount "external-dns" \ - --namespace ${EXTERNALDNS_NS:-"default"} \ - "iam.gke.io/gcp-service-account=$DNS_SA_EMAIL" -``` - #### Update ExternalDNS pods +!!! note "Only required if not enabled on all nodes" + If you have GKE Workload Identity enabled on all nodes in your cluster, the below step is not necessary + Update the Pod spec to schedule the workloads on nodes that use Workload Identity and to use the annotated Kubernetes service account. ```bash From db3630d58371c314385d3c438fd430825878dd33 Mon Sep 17 00:00:00 2001 From: Bradley <41597815+userbradley@users.noreply.github.com> Date: Tue, 9 Apr 2024 11:53:07 +0100 Subject: [PATCH 07/13] Moving workload identity up in the docs as users should avoid using static credentials or the node service accounts as per googles best practices [noted here](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys#alternatives) and their [flow diagram](https://cloud.google.com/docs/authentication#auth-decision-tree) where it noted GKE users should use workload identity --- docs/tutorials/gke.md | 114 +++++++++++++++++++++--------------------- 1 file changed, 58 insertions(+), 56 deletions(-) diff --git a/docs/tutorials/gke.md b/docs/tutorials/gke.md index 74b89ab07..ba862f25b 100644 --- a/docs/tutorials/gke.md +++ b/docs/tutorials/gke.md @@ -151,62 +151,6 @@ gcloud container clusters create $GKE_CLUSTER_NAME \ --workload-pool "$GKE_PROJECT_ID.svc.id.goog" ``` -### Worker Node Service Account method - -In this method, the GSA (Google Service Account) that is associated with GKE worker nodes will be configured to have access to Cloud DNS. - -**WARNING**: This will grant access to modify the Cloud DNS zone records for all containers running on cluster, not just ExternalDNS, so use this option with caution. This is not recommended for production environments. - -```bash -GKE_SA_EMAIL="$GKE_SA_NAME@${GKE_PROJECT_ID}.iam.gserviceaccount.com" - -# assign google service account to dns.admin role in the cloud dns project -gcloud projects add-iam-policy-binding $DNS_PROJECT_ID \ - --member serviceAccount:$GKE_SA_EMAIL \ - --role roles/dns.admin -``` - -After this, follow the steps in [Deploy ExternalDNS](#deploy-externaldns). Make sure to set the `--google-project` flag to match the Cloud DNS project name. - -### Static Credentials - -In this scenario, a new GSA (Google Service Account) is created that has access to the CloudDNS zone. The credentials for this GSA are saved and installed as a Kubernetes secret that will be used by ExternalDNS. - -This allows only containers that have access to the secret, such as ExternalDNS to update records on the Cloud DNS Zone. - -#### Create GSA for use with static credentials - -```bash -DNS_SA_NAME="external-dns-sa" -DNS_SA_EMAIL="$DNS_SA_NAME@${GKE_PROJECT_ID}.iam.gserviceaccount.com" - -# create GSA used to access the Cloud DNS zone -gcloud iam service-accounts create $DNS_SA_NAME --display-name $DNS_SA_NAME - -# assign google service account to dns.admin role in cloud-dns project -gcloud projects add-iam-policy-binding $DNS_PROJECT_ID \ - --member serviceAccount:$DNS_SA_EMAIL --role "roles/dns.admin" -``` - -#### Create Kubernetes secret using static credentials - -Generate static credentials from the ExternalDNS GSA. - -```bash -# download static credentials -gcloud iam service-accounts keys create /local/path/to/credentials.json \ - --iam-account $DNS_SA_EMAIL -``` - -Create a Kubernetes secret with the credentials in the same namespace of ExternalDNS. - -```bash -kubectl create secret generic "external-dns" --namespace ${EXTERNALDNS_NS:-"default"} \ - --from-file /local/path/to/credentials.json -``` - -After this, follow the steps in [Deploy ExternalDNS](#deploy-externaldns). Make sure to set the `--google-project` flag to match Cloud DNS project name. Make sure to uncomment out the section that mounts the secret to the ExternalDNS pods. - ### Workload Identity [Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity) allows workloads in your GKE cluster to [authenticate directly to GCP](https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity#credential-flow) using Kubernetes Service Accounts @@ -291,6 +235,64 @@ You have an option to chose from using the gcloud CLI or using Terraform. + +### Worker Node Service Account method + +In this method, the GSA (Google Service Account) that is associated with GKE worker nodes will be configured to have access to Cloud DNS. + +**WARNING**: This will grant access to modify the Cloud DNS zone records for all containers running on cluster, not just ExternalDNS, so use this option with caution. This is not recommended for production environments. + +```bash +GKE_SA_EMAIL="$GKE_SA_NAME@${GKE_PROJECT_ID}.iam.gserviceaccount.com" + +# assign google service account to dns.admin role in the cloud dns project +gcloud projects add-iam-policy-binding $DNS_PROJECT_ID \ + --member serviceAccount:$GKE_SA_EMAIL \ + --role roles/dns.admin +``` + +After this, follow the steps in [Deploy ExternalDNS](#deploy-externaldns). Make sure to set the `--google-project` flag to match the Cloud DNS project name. + +### Static Credentials + +In this scenario, a new GSA (Google Service Account) is created that has access to the CloudDNS zone. The credentials for this GSA are saved and installed as a Kubernetes secret that will be used by ExternalDNS. + +This allows only containers that have access to the secret, such as ExternalDNS to update records on the Cloud DNS Zone. + +#### Create GSA for use with static credentials + +```bash +DNS_SA_NAME="external-dns-sa" +DNS_SA_EMAIL="$DNS_SA_NAME@${GKE_PROJECT_ID}.iam.gserviceaccount.com" + +# create GSA used to access the Cloud DNS zone +gcloud iam service-accounts create $DNS_SA_NAME --display-name $DNS_SA_NAME + +# assign google service account to dns.admin role in cloud-dns project +gcloud projects add-iam-policy-binding $DNS_PROJECT_ID \ + --member serviceAccount:$DNS_SA_EMAIL --role "roles/dns.admin" +``` + +#### Create Kubernetes secret using static credentials + +Generate static credentials from the ExternalDNS GSA. + +```bash +# download static credentials +gcloud iam service-accounts keys create /local/path/to/credentials.json \ + --iam-account $DNS_SA_EMAIL +``` + +Create a Kubernetes secret with the credentials in the same namespace of ExternalDNS. + +```bash +kubectl create secret generic "external-dns" --namespace ${EXTERNALDNS_NS:-"default"} \ + --from-file /local/path/to/credentials.json +``` + +After this, follow the steps in [Deploy ExternalDNS](#deploy-externaldns). Make sure to set the `--google-project` flag to match Cloud DNS project name. Make sure to uncomment out the section that mounts the secret to the ExternalDNS pods. + + #### Deploy External DNS Deploy ExternalDNS with the following steps below, documented under [Deploy ExternalDNS](#deploy-externaldns). Set the `--google-project` flag to the Cloud DNS project name. From e8e5d5c3599deaddbda807039e1177a1b9598624 Mon Sep 17 00:00:00 2001 From: Simon Kienzler Date: Thu, 14 Mar 2024 17:19:13 +0100 Subject: [PATCH 08/13] Let the `WebhookProvider` return `SoftError` on status codes >= 500 --- provider/webhook/webhook.go | 19 ++++++++++++++++--- provider/webhook/webhook_test.go | 18 +++++++++++------- 2 files changed, 27 insertions(+), 10 deletions(-) diff --git a/provider/webhook/webhook.go b/provider/webhook/webhook.go index fdd697c01..6bfe4409d 100644 --- a/provider/webhook/webhook.go +++ b/provider/webhook/webhook.go @@ -26,6 +26,7 @@ import ( "sigs.k8s.io/external-dns/endpoint" "sigs.k8s.io/external-dns/plan" + "sigs.k8s.io/external-dns/provider" webhookapi "sigs.k8s.io/external-dns/provider/webhook/api" backoff "github.com/cenkalti/backoff/v4" @@ -180,7 +181,11 @@ func (p WebhookProvider) Records(ctx context.Context) ([]*endpoint.Endpoint, err if resp.StatusCode != http.StatusOK { recordsErrorsGauge.Inc() log.Debugf("Failed to get records with code %d", resp.StatusCode) - return nil, fmt.Errorf("failed to get records with code %d", resp.StatusCode) + err := fmt.Errorf("failed to get records with code %d", resp.StatusCode) + if resp.StatusCode >= http.StatusInternalServerError { + return nil, provider.NewSoftError(err) + } + return nil, err } endpoints := []*endpoint.Endpoint{} @@ -224,7 +229,11 @@ func (p WebhookProvider) ApplyChanges(ctx context.Context, changes *plan.Changes if resp.StatusCode != http.StatusNoContent { applyChangesErrorsGauge.Inc() log.Debugf("Failed to apply changes with code %d", resp.StatusCode) - return fmt.Errorf("failed to apply changes with code %d", resp.StatusCode) + err := fmt.Errorf("failed to apply changes with code %d", resp.StatusCode) + if resp.StatusCode >= http.StatusInternalServerError { + return provider.NewSoftError(err) + } + return err } return nil } @@ -270,7 +279,11 @@ func (p WebhookProvider) AdjustEndpoints(e []*endpoint.Endpoint) ([]*endpoint.En if resp.StatusCode != http.StatusOK { adjustEndpointsErrorsGauge.Inc() log.Debugf("Failed to AdjustEndpoints with code %d", resp.StatusCode) - return nil, fmt.Errorf("failed to AdjustEndpoints with code %d", resp.StatusCode) + err := fmt.Errorf("failed to AdjustEndpoints with code %d", resp.StatusCode) + if resp.StatusCode >= http.StatusInternalServerError { + return nil, provider.NewSoftError(err) + } + return nil, err } if err := json.NewDecoder(resp.Body).Decode(&endpoints); err != nil { diff --git a/provider/webhook/webhook_test.go b/provider/webhook/webhook_test.go index ed2b17f63..03b02c20f 100644 --- a/provider/webhook/webhook_test.go +++ b/provider/webhook/webhook_test.go @@ -26,6 +26,7 @@ import ( "github.com/stretchr/testify/require" "sigs.k8s.io/external-dns/endpoint" + "sigs.k8s.io/external-dns/provider" webhookapi "sigs.k8s.io/external-dns/provider/webhook/api" ) @@ -99,10 +100,11 @@ func TestRecordsWithErrors(t *testing.T) { })) defer svr.Close() - provider, err := NewWebhookProvider(svr.URL) + p, err := NewWebhookProvider(svr.URL) require.NoError(t, err) - _, err = provider.Records(context.Background()) + _, err = p.Records(context.Background()) require.NotNil(t, err) + require.ErrorIs(t, err, provider.SoftError) } func TestApplyChanges(t *testing.T) { @@ -122,15 +124,16 @@ func TestApplyChanges(t *testing.T) { })) defer svr.Close() - provider, err := NewWebhookProvider(svr.URL) + p, err := NewWebhookProvider(svr.URL) require.NoError(t, err) - err = provider.ApplyChanges(context.TODO(), nil) + err = p.ApplyChanges(context.TODO(), nil) require.NoError(t, err) successfulApplyChanges = false - err = provider.ApplyChanges(context.TODO(), nil) + err = p.ApplyChanges(context.TODO(), nil) require.NotNil(t, err) + require.ErrorIs(t, err, provider.SoftError) } func TestAdjustEndpoints(t *testing.T) { @@ -198,7 +201,7 @@ func TestAdjustendpointsWithError(t *testing.T) { })) defer svr.Close() - provider, err := NewWebhookProvider(svr.URL) + p, err := NewWebhookProvider(svr.URL) require.NoError(t, err) endpoints := []*endpoint.Endpoint{ { @@ -210,6 +213,7 @@ func TestAdjustendpointsWithError(t *testing.T) { }, }, } - _, err = provider.AdjustEndpoints(endpoints) + _, err = p.AdjustEndpoints(endpoints) require.Error(t, err) + require.ErrorIs(t, err, provider.SoftError) } From a88cae299a47ce4e63be3cfaee5a3ecec130f1e7 Mon Sep 17 00:00:00 2001 From: Simon Kienzler Date: Fri, 22 Mar 2024 10:31:33 +0100 Subject: [PATCH 09/13] Extract check for retryable error into function --- provider/webhook/webhook.go | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/provider/webhook/webhook.go b/provider/webhook/webhook.go index 6bfe4409d..12c24dc10 100644 --- a/provider/webhook/webhook.go +++ b/provider/webhook/webhook.go @@ -182,7 +182,7 @@ func (p WebhookProvider) Records(ctx context.Context) ([]*endpoint.Endpoint, err recordsErrorsGauge.Inc() log.Debugf("Failed to get records with code %d", resp.StatusCode) err := fmt.Errorf("failed to get records with code %d", resp.StatusCode) - if resp.StatusCode >= http.StatusInternalServerError { + if isRetryableError(resp.StatusCode) { return nil, provider.NewSoftError(err) } return nil, err @@ -230,7 +230,7 @@ func (p WebhookProvider) ApplyChanges(ctx context.Context, changes *plan.Changes applyChangesErrorsGauge.Inc() log.Debugf("Failed to apply changes with code %d", resp.StatusCode) err := fmt.Errorf("failed to apply changes with code %d", resp.StatusCode) - if resp.StatusCode >= http.StatusInternalServerError { + if isRetryableError(resp.StatusCode) { return provider.NewSoftError(err) } return err @@ -280,7 +280,7 @@ func (p WebhookProvider) AdjustEndpoints(e []*endpoint.Endpoint) ([]*endpoint.En adjustEndpointsErrorsGauge.Inc() log.Debugf("Failed to AdjustEndpoints with code %d", resp.StatusCode) err := fmt.Errorf("failed to AdjustEndpoints with code %d", resp.StatusCode) - if resp.StatusCode >= http.StatusInternalServerError { + if isRetryableError(resp.StatusCode) { return nil, provider.NewSoftError(err) } return nil, err @@ -299,3 +299,8 @@ func (p WebhookProvider) AdjustEndpoints(e []*endpoint.Endpoint) ([]*endpoint.En func (p WebhookProvider) GetDomainFilter() endpoint.DomainFilter { return p.DomainFilter } + +// isRetryableError returns true for HTTP status codes between 500 and 510 (inclusive) +func isRetryableError(statusCode int) bool { + return statusCode >= http.StatusInternalServerError && statusCode <= http.StatusNotExtended +} From b020f7c9566191b8ed5392ee77c6948e27856c48 Mon Sep 17 00:00:00 2001 From: Simon Kienzler Date: Tue, 9 Apr 2024 13:56:49 +0200 Subject: [PATCH 10/13] Webhook provider: Use correct error gauge in AdjustEndpoints() func --- provider/webhook/webhook.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/provider/webhook/webhook.go b/provider/webhook/webhook.go index fdd697c01..473ce7f0f 100644 --- a/provider/webhook/webhook.go +++ b/provider/webhook/webhook.go @@ -274,7 +274,7 @@ func (p WebhookProvider) AdjustEndpoints(e []*endpoint.Endpoint) ([]*endpoint.En } if err := json.NewDecoder(resp.Body).Decode(&endpoints); err != nil { - recordsErrorsGauge.Inc() + adjustEndpointsErrorsGauge.Inc() log.Debugf("Failed to decode response body: %s", err.Error()) return nil, err } From ce826315aca4ce8ca27d34f3e8a0f48176eb58f8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 03:55:53 +0000 Subject: [PATCH 11/13] build(deps): bump the dev-dependencies group with 18 updates Bumps the dev-dependencies group with 18 updates: | Package | From | To | | --- | --- | --- | | [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.5.1` | `1.5.2` | | [github.com/IBM/go-sdk-core/v5](https://github.com/IBM/go-sdk-core) | `5.16.3` | `5.16.5` | | [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) | `1.51.14` | `1.51.19` | | [github.com/civo/civogo](https://github.com/civo/civogo) | `0.3.66` | `0.3.67` | | [github.com/cloudflare/cloudflare-go](https://github.com/cloudflare/cloudflare-go) | `0.92.0` | `0.93.0` | | [github.com/digitalocean/godo](https://github.com/digitalocean/godo) | `1.111.0` | `1.112.0` | | [github.com/infobloxopen/infoblox-go-client/v2](https://github.com/infobloxopen/infoblox-go-client) | `2.5.0` | `2.6.0` | | [github.com/linode/linodego](https://github.com/linode/linodego) | `1.31.0` | `1.32.0` | | [github.com/oracle/oci-go-sdk/v65](https://github.com/oracle/oci-go-sdk) | `65.63.0` | `65.63.1` | | [github.com/projectcontour/contour](https://github.com/projectcontour/contour) | `1.28.2` | `1.28.3` | | [github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common](https://github.com/tencentcloud/tencentcloud-sdk-go) | `1.0.893` | `1.0.897` | | [github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod](https://github.com/tencentcloud/tencentcloud-sdk-go) | `1.0.893` | `1.0.897` | | [github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns](https://github.com/tencentcloud/tencentcloud-sdk-go) | `1.0.893` | `1.0.897` | | [golang.org/x/net](https://github.com/golang/net) | `0.23.0` | `0.24.0` | | [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.18.0` | `0.19.0` | | [golang.org/x/sync](https://github.com/golang/sync) | `0.6.0` | `0.7.0` | | [istio.io/api](https://github.com/istio/api) | `1.21.0` | `1.21.1` | | [istio.io/client-go](https://github.com/istio/client-go) | `1.21.0` | `1.21.1` | Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.5.1 to 1.5.2 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.5.1...sdk/internal/v1.5.2) Updates `github.com/IBM/go-sdk-core/v5` from 5.16.3 to 5.16.5 - [Release notes](https://github.com/IBM/go-sdk-core/releases) - [Changelog](https://github.com/IBM/go-sdk-core/blob/main/CHANGELOG.md) - [Commits](https://github.com/IBM/go-sdk-core/compare/v5.16.3...v5.16.5) Updates `github.com/aws/aws-sdk-go` from 1.51.14 to 1.51.19 - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.51.14...v1.51.19) Updates `github.com/civo/civogo` from 0.3.66 to 0.3.67 - [Release notes](https://github.com/civo/civogo/releases) - [Changelog](https://github.com/civo/civogo/blob/master/changelog.yml) - [Commits](https://github.com/civo/civogo/compare/v0.3.66...v0.3.67) Updates `github.com/cloudflare/cloudflare-go` from 0.92.0 to 0.93.0 - [Release notes](https://github.com/cloudflare/cloudflare-go/releases) - [Changelog](https://github.com/cloudflare/cloudflare-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/cloudflare/cloudflare-go/compare/v0.92.0...v0.93.0) Updates `github.com/digitalocean/godo` from 1.111.0 to 1.112.0 - [Release notes](https://github.com/digitalocean/godo/releases) - [Changelog](https://github.com/digitalocean/godo/blob/main/CHANGELOG.md) - [Commits](https://github.com/digitalocean/godo/compare/v1.111.0...v1.112.0) Updates `github.com/infobloxopen/infoblox-go-client/v2` from 2.5.0 to 2.6.0 - [Release notes](https://github.com/infobloxopen/infoblox-go-client/releases) - [Changelog](https://github.com/infobloxopen/infoblox-go-client/blob/master/CHANGELOG.md) - [Commits](https://github.com/infobloxopen/infoblox-go-client/compare/v2.5.0...v2.6.0) Updates `github.com/linode/linodego` from 1.31.0 to 1.32.0 - [Release notes](https://github.com/linode/linodego/releases) - [Commits](https://github.com/linode/linodego/compare/v1.31.0...v1.32.0) Updates `github.com/oracle/oci-go-sdk/v65` from 65.63.0 to 65.63.1 - [Release notes](https://github.com/oracle/oci-go-sdk/releases) - [Changelog](https://github.com/oracle/oci-go-sdk/blob/master/CHANGELOG.md) - [Commits](https://github.com/oracle/oci-go-sdk/compare/v65.63.0...v65.63.1) Updates `github.com/projectcontour/contour` from 1.28.2 to 1.28.3 - [Release notes](https://github.com/projectcontour/contour/releases) - [Changelog](https://github.com/projectcontour/contour/blob/main/RELEASES.md) - [Commits](https://github.com/projectcontour/contour/compare/v1.28.2...v1.28.3) Updates `github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common` from 1.0.893 to 1.0.897 - [Commits](https://github.com/tencentcloud/tencentcloud-sdk-go/compare/v1.0.893...v1.0.897) Updates `github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod` from 1.0.893 to 1.0.897 - [Commits](https://github.com/tencentcloud/tencentcloud-sdk-go/compare/v1.0.893...v1.0.897) Updates `github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns` from 1.0.893 to 1.0.897 - [Commits](https://github.com/tencentcloud/tencentcloud-sdk-go/compare/v1.0.893...v1.0.897) Updates `golang.org/x/net` from 0.23.0 to 0.24.0 - [Commits](https://github.com/golang/net/compare/v0.23.0...v0.24.0) Updates `golang.org/x/oauth2` from 0.18.0 to 0.19.0 - [Commits](https://github.com/golang/oauth2/compare/v0.18.0...v0.19.0) Updates `golang.org/x/sync` from 0.6.0 to 0.7.0 - [Commits](https://github.com/golang/sync/compare/v0.6.0...v0.7.0) Updates `istio.io/api` from 1.21.0 to 1.21.1 - [Commits](https://github.com/istio/api/compare/1.21.0...1.21.1) Updates `istio.io/client-go` from 1.21.0 to 1.21.1 - [Commits](https://github.com/istio/client-go/compare/1.21.0...1.21.1) --- updated-dependencies: - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/IBM/go-sdk-core/v5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/civo/civogo dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/cloudflare/cloudflare-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/digitalocean/godo dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/infobloxopen/infoblox-go-client/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/linode/linodego dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/oracle/oci-go-sdk/v65 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/projectcontour/contour dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: istio.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: istio.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] --- go.mod | 49 +++++++++++++++--------------- go.sum | 96 +++++++++++++++++++++++++++++----------------------------- 2 files changed, 72 insertions(+), 73 deletions(-) diff --git a/go.mod b/go.mod index 853f9aee2..581a0f596 100644 --- a/go.mod +++ b/go.mod @@ -5,26 +5,26 @@ go 1.22 require ( cloud.google.com/go/compute/metadata v0.2.3 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.2.0 github.com/F5Networks/k8s-bigip-ctlr/v2 v2.16.0 github.com/IBM-Cloud/ibm-cloud-cli-sdk v1.3.0 - github.com/IBM/go-sdk-core/v5 v5.16.3 + github.com/IBM/go-sdk-core/v5 v5.16.5 github.com/IBM/networking-go-sdk v0.45.0 github.com/akamai/AkamaiOPEN-edgegrid-golang v1.2.2 github.com/alecthomas/kingpin/v2 v2.4.0 github.com/aliyun/alibaba-cloud-sdk-go v1.62.712 github.com/ans-group/sdk-go v1.17.0 - github.com/aws/aws-sdk-go v1.51.14 + github.com/aws/aws-sdk-go v1.51.19 github.com/bodgit/tsig v1.2.2 github.com/cenkalti/backoff/v4 v4.3.0 - github.com/civo/civogo v0.3.66 - github.com/cloudflare/cloudflare-go v0.92.0 + github.com/civo/civogo v0.3.67 + github.com/cloudflare/cloudflare-go v0.93.0 github.com/cloudfoundry-community/go-cfclient v0.0.0-20190201205600-f136f9222381 github.com/datawire/ambassador v1.12.4 github.com/denverdino/aliyungo v0.0.0-20230411124812-ab98a9173ace - github.com/digitalocean/godo v1.111.0 + github.com/digitalocean/godo v1.112.0 github.com/dnsimple/dnsimple-go v1.7.0 github.com/exoscale/egoscale v0.102.3 github.com/ffledgling/pdns-go v0.0.0-20180219074714-524e7daccd99 @@ -34,9 +34,9 @@ require ( github.com/google/uuid v1.6.0 github.com/gophercloud/gophercloud v1.11.0 github.com/hooklift/gowsdl v0.5.0 - github.com/infobloxopen/infoblox-go-client/v2 v2.5.0 + github.com/infobloxopen/infoblox-go-client/v2 v2.6.0 github.com/linki/instrumented_http v0.3.0 - github.com/linode/linodego v1.31.0 + github.com/linode/linodego v1.32.0 github.com/maxatome/go-testdeep v1.14.0 github.com/miekg/dns v1.1.58 github.com/nesv/go-dynect v0.6.0 @@ -44,19 +44,19 @@ require ( github.com/onsi/ginkgo v1.16.5 github.com/openshift/api v0.0.0-20230607130528-611114dca681 github.com/openshift/client-go v0.0.0-20230607134213-3cd0021bbee3 - github.com/oracle/oci-go-sdk/v65 v65.63.0 + github.com/oracle/oci-go-sdk/v65 v65.63.1 github.com/ovh/go-ovh v1.4.3 github.com/patrickmn/go-cache v2.1.0+incompatible github.com/pkg/errors v0.9.1 github.com/pluralsh/gqlclient v1.11.0 - github.com/projectcontour/contour v1.28.2 + github.com/projectcontour/contour v1.28.3 github.com/prometheus/client_golang v1.19.0 github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.9.0 - github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.893 - github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.893 - github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.893 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.897 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.897 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.897 github.com/transip/gotransip/v6 v6.23.0 github.com/ultradns/ultradns-sdk-go v1.3.7 github.com/vinyldns/go-vinyldns v0.9.16 @@ -64,15 +64,15 @@ require ( go.etcd.io/etcd/api/v3 v3.5.13 go.etcd.io/etcd/client/v3 v3.5.13 go.uber.org/ratelimit v0.3.1 - golang.org/x/net v0.23.0 - golang.org/x/oauth2 v0.18.0 - golang.org/x/sync v0.6.0 + golang.org/x/net v0.24.0 + golang.org/x/oauth2 v0.19.0 + golang.org/x/sync v0.7.0 golang.org/x/time v0.5.0 google.golang.org/api v0.172.0 gopkg.in/ns1/ns1-go.v2 v2.9.1 gopkg.in/yaml.v2 v2.4.0 - istio.io/api v1.21.0 - istio.io/client-go v1.21.0 + istio.io/api v1.21.1 + istio.io/client-go v1.21.1 k8s.io/api v0.29.3 k8s.io/apimachinery v0.29.3 k8s.io/client-go v0.29.3 @@ -84,7 +84,7 @@ require ( cloud.google.com/go/compute v1.23.4 // indirect code.cloudfoundry.org/gofileutils v0.0.0-20170111115228-4d0c80011a0f // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect github.com/Masterminds/semver v1.4.2 // indirect github.com/Yamashou/gqlgenc v0.14.0 // indirect github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect @@ -112,13 +112,13 @@ require ( github.com/go-openapi/swag v0.22.7 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect - github.com/go-playground/validator/v10 v10.18.0 // indirect + github.com/go-playground/validator/v10 v10.19.0 // indirect github.com/go-resty/resty/v2 v2.12.0 // indirect github.com/goccy/go-json v0.10.2 // indirect github.com/gofrs/flock v0.8.1 // indirect github.com/gofrs/uuid v4.4.0+incompatible // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v5 v5.2.0 // indirect + github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect @@ -196,14 +196,13 @@ require ( go.uber.org/atomic v1.10.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.26.0 // indirect - golang.org/x/crypto v0.21.0 // indirect + golang.org/x/crypto v0.22.0 // indirect golang.org/x/exp v0.0.0-20231226003508-02704c960a9b // indirect golang.org/x/mod v0.16.0 // indirect - golang.org/x/sys v0.18.0 // indirect - golang.org/x/term v0.18.0 // indirect + golang.org/x/sys v0.19.0 // indirect + golang.org/x/term v0.19.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/tools v0.17.0 // indirect - google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240311132316-a219d84964c2 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 // indirect google.golang.org/grpc v1.62.1 // indirect diff --git a/go.sum b/go.sum index 876cf5f4a..62e7d10b6 100644 --- a/go.sum +++ b/go.sum @@ -48,8 +48,8 @@ github.com/Azure/azure-sdk-for-go v16.2.1+incompatible h1:KnPIugL51v3N3WwvaSmZbx github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 h1:E+OJmp2tPvt1W+amx48v1eqbjDYsgN+RzP4q16yV5eM= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1/go.mod h1:a6xsAQUZg+VsS3TJ05SRp524Hs4pZ/AeFSr5ENf0Yjo= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 h1:FDif4R1+UUR+00q6wquyX90K7A8dN+R5E8GEadoP7sU= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2/go.mod h1:aiYBYui4BJ/BJCAIKs92XiPyQfTaBWqvHujDwKb6CBU= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 h1:lpOxwrQ919lCZoNCd69rVt8u1eLZuMORrGXqy8sNf3c= @@ -69,8 +69,8 @@ github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxB github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaCgOUdVHxE8QB52S6NiVdDQvGlny1qvPqA= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.4.1/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= @@ -79,8 +79,8 @@ github.com/F5Networks/k8s-bigip-ctlr/v2 v2.16.0/go.mod h1:FldIDBO8Hwd+RZGT8JGRGS github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo= github.com/IBM-Cloud/ibm-cloud-cli-sdk v1.3.0 h1:doaNKL5riraIgQjvp9c+5V1VxhJtGU2zHA8pKD36KEQ= github.com/IBM-Cloud/ibm-cloud-cli-sdk v1.3.0/go.mod h1:5af0xTkIeNbzWSXOLReMnWy6SC9gVyxdXibvkKIby9o= -github.com/IBM/go-sdk-core/v5 v5.16.3 h1:GJI62GNAagX2xeTMpTACIqki5rDVO3YbxzMuIpAXSrQ= -github.com/IBM/go-sdk-core/v5 v5.16.3/go.mod h1:aojBkkq4HXkOYdn7YZ6ve8cjPWHdcB3tt8v0b9Cbac8= +github.com/IBM/go-sdk-core/v5 v5.16.5 h1:5ZltNcryRI8kVcuvNJGR2EXKqb7HtM4atA0Nm5QwAFE= +github.com/IBM/go-sdk-core/v5 v5.16.5/go.mod h1:GatGZpxlo1KaxiRN6E10/rNgWtUtx1hN/GoHSCaSPKA= github.com/IBM/networking-go-sdk v0.45.0 h1:tYgDhVDpgKvELNY7tcodbZ4ny9fatpEWM6PwtQcDe20= github.com/IBM/networking-go-sdk v0.45.0/go.mod h1:NnJPA1e5GWr5opJe+5Hs6e1G6RcBIFz64TrkZsdnSp8= github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= @@ -150,8 +150,8 @@ github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:W github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.51.14 h1:qedX6zZEO1a+5kra+D4ythOYR3TgaROC0hTPxhTFh8I= -github.com/aws/aws-sdk-go v1.51.14/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.51.19 h1:jp/Vx/mUpXttthvvo/4/Nn/3+zumirIlAFkp1Irf1kM= +github.com/aws/aws-sdk-go v1.51.19/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= @@ -184,12 +184,12 @@ github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1 github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/civo/civogo v0.3.66 h1:yzTsaQApTeH5UsRTtL4umx5ERAtzCpd4HuS9qTyoZs0= -github.com/civo/civogo v0.3.66/go.mod h1:S/iYmGvQOraxdRtcXeq/2mVX01/ia2qfpQUp2SsTLKA= +github.com/civo/civogo v0.3.67 h1:R6MepF20Od7KQdcEKpr3GD8zKy1Jly0SuBDubZkEU2s= +github.com/civo/civogo v0.3.67/go.mod h1:S/iYmGvQOraxdRtcXeq/2mVX01/ia2qfpQUp2SsTLKA= github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/cloudflare-go v0.92.0 h1:ltJvGvqZ4G6Fm2hHOYZ5RWpJQcrM0oDrsjjZydZhFJQ= -github.com/cloudflare/cloudflare-go v0.92.0/go.mod h1:nUqvBUUDRxNzsDSQjbqUNWHEIYAoUlgRmcAzMKlFdKs= +github.com/cloudflare/cloudflare-go v0.93.0 h1:rV0eHb42NUewfK5qa2+LKAD4v4oFA0QGDABn/lMyF78= +github.com/cloudflare/cloudflare-go v0.93.0/go.mod h1:N1u1cLZ4lG6NeezGOWi7P6aq1DK2iVYg9ze7GZbUmZE= github.com/cloudfoundry-community/go-cfclient v0.0.0-20190201205600-f136f9222381 h1:rdRS5BT13Iae9ssvcslol66gfOOXjaLYwqerEn/cl9s= github.com/cloudfoundry-community/go-cfclient v0.0.0-20190201205600-f136f9222381/go.mod h1:e5+USP2j8Le2M0Jo3qKPFnNhuo1wueU4nWHCXBOfQ14= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= @@ -253,8 +253,8 @@ github.com/denverdino/aliyungo v0.0.0-20230411124812-ab98a9173ace/go.mod h1:TK05 github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/digitalocean/godo v1.111.0 h1:nBXi9LtykvQiwZjMbljrwr17HwABSBY8ZE872dm2DzI= -github.com/digitalocean/godo v1.111.0/go.mod h1:R6EmmWI8CT1+fCtjWY9UCB+L5uufuZH13wk3YhxycCs= +github.com/digitalocean/godo v1.112.0 h1:UwtcgoSa3YpnYyaDAk188VbScRRGtrBiFqoMdadyMbI= +github.com/digitalocean/godo v1.112.0/go.mod h1:Z2mTP848Vi3IXXl5YbPekUgr4j4tOePomA+OE1Ag98w= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= @@ -422,8 +422,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= -github.com/go-playground/validator/v10 v10.18.0 h1:BvolUXjp4zuvkZ5YN5t7ebzbhlUtPsPm2S9NAZ5nl9U= -github.com/go-playground/validator/v10 v10.18.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= +github.com/go-playground/validator/v10 v10.19.0 h1:ol+5Fu+cSq9JD7SoSqe04GMI92cbn0+wvQ3bZ8b/AU4= +github.com/go-playground/validator/v10 v10.19.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= github.com/go-resty/resty/v2 v2.12.0 h1:rsVL8P90LFvkUYq/V5BTVe203WfRIU4gvcf+yfzJzGA= github.com/go-resty/resty/v2 v2.12.0/go.mod h1:o0yGPrkS3lOe1+eFajk6kBW8ScXzwU3hD69/gt2yB/0= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= @@ -461,8 +461,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A= github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= -github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw= -github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/gddo v0.0.0-20190419222130-af0f2af80721/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4= @@ -653,8 +653,8 @@ github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo= -github.com/infobloxopen/infoblox-go-client/v2 v2.5.0 h1:asY/oOz3JMCuqFBBZpax0N4dgm+PPCpapACN5rfaBHA= -github.com/infobloxopen/infoblox-go-client/v2 v2.5.0/go.mod h1:Zu7c+X0mTB6ahIYm7p9LlvfcH814ZUEP+eXGPEYLDU4= +github.com/infobloxopen/infoblox-go-client/v2 v2.6.0 h1:nwdGhQ5XRheGybEdUQ4cSl1Vw2UsSQKKi+HEleguQug= +github.com/infobloxopen/infoblox-go-client/v2 v2.6.0/go.mod h1:Zu7c+X0mTB6ahIYm7p9LlvfcH814ZUEP+eXGPEYLDU4= github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8= @@ -749,8 +749,8 @@ github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-b github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4= github.com/linki/instrumented_http v0.3.0 h1:dsN92+mXpfZtjJraartcQ99jnuw7fqsnPDjr85ma2dA= github.com/linki/instrumented_http v0.3.0/go.mod h1:pjYbItoegfuVi2GUOMhEqzvm/SJKuEL3H0tc8QRLRFk= -github.com/linode/linodego v1.31.0 h1:XY04rtgQfAzCWx3QUqIc9VVJ6usyLC5MoTEzrdAoIYY= -github.com/linode/linodego v1.31.0/go.mod h1:y8GDP9uLVH4jTB9qyrgw79qfKdYJmNCGUOJmfuiOcmI= +github.com/linode/linodego v1.32.0 h1:OmZzB3iON6uu84VtLFf64uKmAQqJJarvmsVguroioPI= +github.com/linode/linodego v1.32.0/go.mod h1:y8GDP9uLVH4jTB9qyrgw79qfKdYJmNCGUOJmfuiOcmI= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/lyft/protoc-gen-star v0.4.10/go.mod h1:mE8fbna26u7aEA2QCVvvfBU/ZrPgocG1206xAFPcs94= github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= @@ -900,8 +900,8 @@ github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxS github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= -github.com/oracle/oci-go-sdk/v65 v65.63.0 h1:Q6eZU2olI+nOMpnrvHtpCE774AS1bYOujv89p4pOi08= -github.com/oracle/oci-go-sdk/v65 v65.63.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0= +github.com/oracle/oci-go-sdk/v65 v65.63.1 h1:dYL7sk9L1+C9LCmoq+zjPMNteuJJfk54YExq/4pV9xQ= +github.com/oracle/oci-go-sdk/v65 v65.63.1/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0= github.com/ovh/go-ovh v1.4.3 h1:Gs3V823zwTFpzgGLZNI6ILS4rmxZgJwJCz54Er9LwD0= github.com/ovh/go-ovh v1.4.3/go.mod h1:AkPXVtgwB6xlKblMjRKJJmjRp+ogrE7fz2lVgcQY8SY= github.com/oxtoacart/bpool v0.0.0-20150712133111-4e1c5567d7c2 h1:CXwSGu/LYmbjEab5aMCs5usQRVBGThelUKBNnoSOuso= @@ -939,8 +939,8 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/projectcontour/contour v1.28.2 h1:8ulObqLrWqJt2RXlPQS+M1iKC8zwpR7/xWCcnEKA92A= -github.com/projectcontour/contour v1.28.2/go.mod h1:2LemHD5dxeazJyqda18SmUZ6XOaxsvdcFVBQww13gcM= +github.com/projectcontour/contour v1.28.3 h1:K1/1zwQe0GTZCqRKR1XQN202j670iV9h5XWlc8Fp+9g= +github.com/projectcontour/contour v1.28.3/go.mod h1:DIzYwbwPl64i/oA+DcOXEe/TwN+SlrLciBaioj4W5M0= github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= @@ -1088,12 +1088,12 @@ github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8 github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.893 h1:SBqwWPolKFcczzMvO2qJXWGfqVVgfz3bfwurSyAoVgM= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.893/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.893 h1:eTk+1DpVvqS1abTcdmkwZGPg5w3tF4IxtgGnF1F1JLc= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.893/go.mod h1:UME84h6swRaKiUlIAxkbc8hT1bkRIOsKffGSR9Xv30I= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.893 h1:uh3D0UsZ0iHdGKyBRs9nJPatlZNSAiQRTf3mXJ/zdOU= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.893/go.mod h1:Z9OPa+VtBBWppOfcGPIOTFHlE24s01v6gGPbfs+MHu8= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.897 h1:FdBhC7GpdpgiDvreo8EQjh7y9oWAFWw+2U8kH4GsX1k= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.897/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.897 h1:y/RGIZwM0jSt/7tnTAzRw7jNx/bNdoWpyAQyfxiQITQ= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.897/go.mod h1:ASaQLVEyBfJgvLkWqB/w2qmISoTI9NcZkj7KWlC0CSo= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.897 h1:LR9MuSLmzBIg02gjnxvksWQ4rZVm++KEt04p9+WOt28= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/privatedns v1.0.897/go.mod h1:9BUF4LG1Dft3NPIG10vRQPoiLRmfay1JZ9C8Iia+Yu0= github.com/terra-farm/udnssdk v1.3.5 h1:MNR3adfuuEK/l04+jzo8WW/0fnorY+nW515qb3vEr6I= github.com/terra-farm/udnssdk v1.3.5/go.mod h1:8RnM56yZTR7mYyUIvrDgXzdRaEyFIzqdEi7+um26Sv8= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= @@ -1226,8 +1226,9 @@ golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1331,8 +1332,8 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190130055435-99b60b757ec1/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1343,8 +1344,8 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.18.0 h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI= -golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8= +golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= +golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1358,8 +1359,8 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= -golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180425194835-bb9c189858d9/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1439,16 +1440,18 @@ golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= +golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1458,7 +1461,6 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= @@ -1584,8 +1586,6 @@ google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -1728,10 +1728,10 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -istio.io/api v1.21.0 h1:K/+8GrGoupyCBa7/a/znnEzg34Qk0l1Rpki1PrtSVJY= -istio.io/api v1.21.0/go.mod h1:TFCMUCAHRjxBv1CsIsFCsYHPHi4axVI4vdIzVr8eFjY= -istio.io/client-go v1.21.0 h1:Fr4Tcnmdk3SOXoeeyHzCgpKfTWVgkeuIYm7tRdARo5A= -istio.io/client-go v1.21.0/go.mod h1:xFI6wdIPsXqUfE1P/sae1ImFN3KXcYCjKn1S24coFZI= +istio.io/api v1.21.1 h1:CvpPFvJ6Mv/PUVoiVJBX7seZ90f0Sxu3g4jYVno+IqA= +istio.io/api v1.21.1/go.mod h1:TFCMUCAHRjxBv1CsIsFCsYHPHi4axVI4vdIzVr8eFjY= +istio.io/client-go v1.21.1 h1:gAZCeG4pV2o2L6WaD/MLruNB+tBxa+Y21BuRJmFYlAI= +istio.io/client-go v1.21.1/go.mod h1:mqwsapfu4b1FG47puY9H8y4+ga1+d+hxfdosNQ1HclY= k8s.io/api v0.18.0/go.mod h1:q2HRQkfDzHMBZL9l/y9rH63PkQl4vae0xRT+8prbrK8= k8s.io/api v0.18.2/go.mod h1:SJCWI7OLzhZSvbY7U8zwNl9UA4o1fizoug34OV/2r78= k8s.io/api v0.18.4/go.mod h1:lOIQAKYgai1+vz9J7YcDZwC26Z0zQewYOGWdyIPUUQ4= From 477411e998228e60696d8914aeac660365a56b7d Mon Sep 17 00:00:00 2001 From: bford Date: Thu, 11 Apr 2024 12:49:26 +1000 Subject: [PATCH 12/13] feat: Add support for excludeDomains argument in chart --- charts/external-dns/CHANGELOG.md | 4 ++++ charts/external-dns/README.md | 1 + charts/external-dns/templates/deployment.yaml | 3 +++ charts/external-dns/values.yaml | 3 +++ 4 files changed, 11 insertions(+) diff --git a/charts/external-dns/CHANGELOG.md b/charts/external-dns/CHANGELOG.md index 49f026057..ad0a8f136 100644 --- a/charts/external-dns/CHANGELOG.md +++ b/charts/external-dns/CHANGELOG.md @@ -18,6 +18,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [UNRELEASED] +## Added + +- Added support for setting `excludeDomains` argument. ([#4380](https://github.com/kubernetes-sigs/external-dns/pull/4380))[@bford-evs](https://github.com/bford-evs) + ## [v1.14.4] - 2023-04-03 ### Added diff --git a/charts/external-dns/README.md b/charts/external-dns/README.md index 777f1a85a..a94215f64 100644 --- a/charts/external-dns/README.md +++ b/charts/external-dns/README.md @@ -87,6 +87,7 @@ If `namespaced` is set to `true`, please ensure that `sources` my only contains | dnsPolicy | string | `nil` | [DNS policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) for the pod, if not set the default will be used. | | domainFilters | list | `[]` | | | env | list | `[]` | [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `external-dns` container. | +| excludeDomains | list | `[]` | | | extraArgs | list | `[]` | Extra arguments to provide to _ExternalDNS_. | | extraVolumeMounts | list | `[]` | Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `external-dns` container. | | extraVolumes | list | `[]` | Extra [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) for the `Pod`. | diff --git a/charts/external-dns/templates/deployment.yaml b/charts/external-dns/templates/deployment.yaml index ea98981c0..84fc991ff 100644 --- a/charts/external-dns/templates/deployment.yaml +++ b/charts/external-dns/templates/deployment.yaml @@ -108,6 +108,9 @@ spec: {{- range .Values.domainFilters }} - --domain-filter={{ . }} {{- end }} + {{- range .Values.excludeDomains }} + - --exclude-domains={{ . }} + {{- end }} - --provider={{ $providerName }} {{- range .Values.extraArgs }} - {{ tpl . $ }} diff --git a/charts/external-dns/values.yaml b/charts/external-dns/values.yaml index a11d5df8e..e82645dae 100644 --- a/charts/external-dns/values.yaml +++ b/charts/external-dns/values.yaml @@ -219,6 +219,9 @@ txtSuffix: ## - Limit possible target zones by domain suffixes. domainFilters: [] +## -- Intentionally exclude domains from being managed. +excludeDomains: [] + provider: # -- _ExternalDNS_ provider name; for the available providers and how to configure them see [README](https://github.com/kubernetes-sigs/external-dns/blob/master/charts/external-dns/README.md#providers). name: aws From 6a95a095ac420859280bbf6ea6f73c0eb63cd6bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Federico=20Fran=C3=A7ois?= Date: Tue, 16 Apr 2024 17:29:14 +0200 Subject: [PATCH 13/13] docs(aws): fix typo and upgrade cleanup flow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Federico François --- docs/tutorials/aws.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/docs/tutorials/aws.md b/docs/tutorials/aws.md index bfabc6fa6..54eafba5f 100644 --- a/docs/tutorials/aws.md +++ b/docs/tutorials/aws.md @@ -211,10 +211,12 @@ aws iam attach-user-policy --user-name "externaldns" --policy-arn $POLICY_ARN ```bash SECRET_ACCESS_KEY=$(aws iam create-access-key --user-name "externaldns") -cat <<-EOF > /local/path/to/credentials +ACCESS_KEY_ID=$(echo $SECRET_ACCESS_KEY | jq -r '.AccessKey.AccessKeyId') + +cat <<-EOF > credentials [default] -aws_access_key_id = $(echo $SECRET_ACCESS_KEY | jq -r '.AccessKey.AccessKeyId') +aws_access_key_id = $(echo $ACCESS_KEY_ID) aws_secret_access_key = $(echo $SECRET_ACCESS_KEY | jq -r '.AccessKey.SecretAccessKey') EOF ``` @@ -910,13 +912,17 @@ eksctl delete cluster --name $EKS_CLUSTER_NAME --region $EKS_CLUSTER_REGION Give ExternalDNS some time to clean up the DNS records for you. Then delete the hosted zone if you created one for the testing purpose. ```bash -aws route53 delete-hosted-zone --id $NODE_ID # e.g /hostedzone/ZEWFWZ4R16P7IB +aws route53 delete-hosted-zone --id $ZONE_ID # e.g /hostedzone/ZEWFWZ4R16P7IB ``` If IAM user credentials were used, you can remove the user with: ```bash aws iam detach-user-policy --user-name "externaldns" --policy-arn $POLICY_ARN + +# If static credentials were used +aws iam delete-access-key --user-name "externaldns" --access-key-id $ACCESS_KEY_ID + aws iam delete-user --user-name "externaldns" ```