From 7d307ad79214795c16a7b8596efbc7ec9fae5102 Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Thu, 22 May 2025 09:34:20 -0400 Subject: [PATCH 01/13] feat(cloudflare): change defaults from google to empty string for certificateAuthority to not set the CertificateAuthority field in customHostnamesConfig --- pkg/apis/externaldns/types.go | 4 ++-- pkg/apis/externaldns/types_test.go | 4 ++-- provider/cloudflare/cloudflare.go | 9 +++++++-- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/pkg/apis/externaldns/types.go b/pkg/apis/externaldns/types.go index df96f71bd..bf9d57d3c 100644 --- a/pkg/apis/externaldns/types.go +++ b/pkg/apis/externaldns/types.go @@ -254,7 +254,7 @@ var defaultConfig = &Config{ CFAPIEndpoint: "", CFPassword: "", CFUsername: "", - CloudflareCustomHostnamesCertificateAuthority: "google", + CloudflareCustomHostnamesCertificateAuthority: "", CloudflareCustomHostnames: false, CloudflareCustomHostnamesMinTLSVersion: "1.0", CloudflareDNSRecordsPerPage: 100, @@ -538,7 +538,7 @@ func App(cfg *Config) *kingpin.Application { app.Flag("cloudflare-proxied", "When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled)").BoolVar(&cfg.CloudflareProxied) app.Flag("cloudflare-custom-hostnames", "When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires \"Cloudflare for SaaS\" enabled. (default: disabled)").BoolVar(&cfg.CloudflareCustomHostnames) app.Flag("cloudflare-custom-hostnames-min-tls-version", "When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3)").Default("1.0").EnumVar(&cfg.CloudflareCustomHostnamesMinTLSVersion, "1.0", "1.1", "1.2", "1.3") - app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Cerrtificate Authority will be used by default. (default: google, options: google, ssl_com, lets_encrypt)").Default("google").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt") + app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Cerrtificate Authority will be used by default. (default: none, options: google, ssl_com, lets_encrypt, none)").Default("").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "") app.Flag("cloudflare-dns-records-per-page", "When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100)").Default(strconv.Itoa(defaultConfig.CloudflareDNSRecordsPerPage)).IntVar(&cfg.CloudflareDNSRecordsPerPage) app.Flag("cloudflare-region-key", "When using the Cloudflare provider, specify the region (default: earth)").StringVar(&cfg.CloudflareRegionKey) app.Flag("cloudflare-record-comment", "When using the Cloudflare provider, specify the comment for the DNS records (default: '')").Default("").StringVar(&cfg.CloudflareRecordComment) diff --git a/pkg/apis/externaldns/types_test.go b/pkg/apis/externaldns/types_test.go index fe13da1a5..3737c2d1a 100644 --- a/pkg/apis/externaldns/types_test.go +++ b/pkg/apis/externaldns/types_test.go @@ -76,7 +76,7 @@ var ( CloudflareProxied: false, CloudflareCustomHostnames: false, CloudflareCustomHostnamesMinTLSVersion: "1.0", - CloudflareCustomHostnamesCertificateAuthority: "google", + CloudflareCustomHostnamesCertificateAuthority: "", CloudflareDNSRecordsPerPage: 100, CloudflareDNSRecordsComment: "", CloudflareRegionKey: "", @@ -188,7 +188,7 @@ var ( CloudflareProxied: true, CloudflareCustomHostnames: true, CloudflareCustomHostnamesMinTLSVersion: "1.3", - CloudflareCustomHostnamesCertificateAuthority: "google", + CloudflareCustomHostnamesCertificateAuthority: "", CloudflareDNSRecordsPerPage: 5000, CloudflareRegionKey: "us", CoreDNSPrefix: "/coredns/", diff --git a/provider/cloudflare/cloudflare.go b/provider/cloudflare/cloudflare.go index 8980adc99..2ab5cac64 100644 --- a/provider/cloudflare/cloudflare.go +++ b/provider/cloudflare/cloudflare.go @@ -969,15 +969,20 @@ func (p *CloudFlareProvider) listCustomHostnamesWithPagination(ctx context.Conte } func getCustomHostnamesSSLOptions(customHostnamesConfig CustomHostnamesConfig) *cloudflare.CustomHostnameSSL { - return &cloudflare.CustomHostnameSSL{ + ssl := &cloudflare.CustomHostnameSSL{ Type: "dv", Method: "http", - CertificateAuthority: customHostnamesConfig.CertificateAuthority, BundleMethod: "ubiquitous", Settings: cloudflare.CustomHostnameSSLSettings{ MinTLSVersion: customHostnamesConfig.MinTLSVersion, }, } + // Set CertificateAuthority if provided + // We're not able to set it at all (even with a blank) if you're not on an enterprise plan + if customHostnamesConfig.CertificateAuthority != "" { + ssl.CertificateAuthority = customHostnamesConfig.CertificateAuthority + } + return ssl } func shouldBeProxied(ep *endpoint.Endpoint, proxiedByDefault bool) bool { From 29a6345d5ade68e5fff2c98a66425feab37ec264 Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Thu, 22 May 2025 09:44:22 -0400 Subject: [PATCH 02/13] docs(cloudflare): add section to describe selecting a custom CA --- docs/tutorials/cloudflare.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/tutorials/cloudflare.md b/docs/tutorials/cloudflare.md index abfb95eed..043db64ff 100644 --- a/docs/tutorials/cloudflare.md +++ b/docs/tutorials/cloudflare.md @@ -320,6 +320,8 @@ See [Cloudflare for Platforms](https://developers.cloudflare.com/cloudflare-for- This feature is disabled by default and supports the `--cloudflare-custom-hostnames-min-tls-version` and `--cloudflare-custom-hostnames-certificate-authority` flags. +`--cloudflare-custom-hostnames-certificate-authority` defaults to not selecting a CA. If a specific CA is required use this flag to select one. + The custom hostname DNS must resolve to the Cloudflare DNS record (`external-dns.alpha.kubernetes.io/hostname`) for automatic certificate validation via the HTTP method. It's important to note that the TXT method does not allow automatic validation and is not supported. Requires [Cloudflare for SaaS](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/) product and "SSL and Certificates" API permission. From 285d9769e1ba992bb79bf5e37f59d32034174fad Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Fri, 23 May 2025 12:46:55 -0400 Subject: [PATCH 03/13] Update pkg/apis/externaldns/types.go Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com> --- pkg/apis/externaldns/types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/apis/externaldns/types.go b/pkg/apis/externaldns/types.go index bf9d57d3c..1399998dd 100644 --- a/pkg/apis/externaldns/types.go +++ b/pkg/apis/externaldns/types.go @@ -538,7 +538,7 @@ func App(cfg *Config) *kingpin.Application { app.Flag("cloudflare-proxied", "When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled)").BoolVar(&cfg.CloudflareProxied) app.Flag("cloudflare-custom-hostnames", "When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires \"Cloudflare for SaaS\" enabled. (default: disabled)").BoolVar(&cfg.CloudflareCustomHostnames) app.Flag("cloudflare-custom-hostnames-min-tls-version", "When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3)").Default("1.0").EnumVar(&cfg.CloudflareCustomHostnamesMinTLSVersion, "1.0", "1.1", "1.2", "1.3") - app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Cerrtificate Authority will be used by default. (default: none, options: google, ssl_com, lets_encrypt, none)").Default("").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "") + app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used by default. (default: none, options: google, ssl_com, lets_encrypt, none)").Default("").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "") app.Flag("cloudflare-dns-records-per-page", "When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100)").Default(strconv.Itoa(defaultConfig.CloudflareDNSRecordsPerPage)).IntVar(&cfg.CloudflareDNSRecordsPerPage) app.Flag("cloudflare-region-key", "When using the Cloudflare provider, specify the region (default: earth)").StringVar(&cfg.CloudflareRegionKey) app.Flag("cloudflare-record-comment", "When using the Cloudflare provider, specify the comment for the DNS records (default: '')").Default("").StringVar(&cfg.CloudflareRecordComment) From f78ede116212a7d9d04735524102a3cad42c5c31 Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Fri, 23 May 2025 14:55:59 -0400 Subject: [PATCH 04/13] feat(cloudflare): fix overriddenConfig for CloudflareCustomHostnamesCertificateAuthority --- pkg/apis/externaldns/types_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/apis/externaldns/types_test.go b/pkg/apis/externaldns/types_test.go index 3737c2d1a..7a81d9f10 100644 --- a/pkg/apis/externaldns/types_test.go +++ b/pkg/apis/externaldns/types_test.go @@ -188,7 +188,7 @@ var ( CloudflareProxied: true, CloudflareCustomHostnames: true, CloudflareCustomHostnamesMinTLSVersion: "1.3", - CloudflareCustomHostnamesCertificateAuthority: "", + CloudflareCustomHostnamesCertificateAuthority: "google", CloudflareDNSRecordsPerPage: 5000, CloudflareRegionKey: "us", CoreDNSPrefix: "/coredns/", From b55a04c0004d359a581499917e74ded8df86bb15 Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Fri, 23 May 2025 14:58:16 -0400 Subject: [PATCH 05/13] feat(cloudflare): fix formatting for getCustomHostnamesSSLOptions --- provider/cloudflare/cloudflare.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/provider/cloudflare/cloudflare.go b/provider/cloudflare/cloudflare.go index 3879e380c..dac89f627 100644 --- a/provider/cloudflare/cloudflare.go +++ b/provider/cloudflare/cloudflare.go @@ -811,9 +811,9 @@ func (p *CloudFlareProvider) listCustomHostnamesWithPagination(ctx context.Conte func getCustomHostnamesSSLOptions(customHostnamesConfig CustomHostnamesConfig) *cloudflare.CustomHostnameSSL { ssl := &cloudflare.CustomHostnameSSL{ - Type: "dv", - Method: "http", - BundleMethod: "ubiquitous", + Type: "dv", + Method: "http", + BundleMethod: "ubiquitous", Settings: cloudflare.CustomHostnameSSLSettings{ MinTLSVersion: customHostnamesConfig.MinTLSVersion, }, From 12e82b40858f6ec79a4f8b8e4bde9ca3d9c8c9dc Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Fri, 23 May 2025 15:01:00 -0400 Subject: [PATCH 06/13] feat(cloudflare): update docs --- docs/flags.md | 2 +- docs/monitoring/metrics.md | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/flags.md b/docs/flags.md index 867031aaf..4c997158b 100644 --- a/docs/flags.md +++ b/docs/flags.md @@ -92,7 +92,7 @@ | `--[no-]cloudflare-proxied` | When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled) | | `--[no-]cloudflare-custom-hostnames` | When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires "Cloudflare for SaaS" enabled. (default: disabled) | | `--cloudflare-custom-hostnames-min-tls-version=1.0` | When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3) | -| `--cloudflare-custom-hostnames-certificate-authority=google` | When using the Cloudflare provider with the Custom Hostnames, specify which Cerrtificate Authority will be used by default. (default: google, options: google, ssl_com, lets_encrypt) | +| `--cloudflare-custom-hostnames-certificate-authority=CLOUDFLARE-CUSTOM-HOSTNAMES-CERTIFICATE-AUTHORITY` | When using the Cloudflare provider with the Custom Hostnames, optionally specify which Certificate Authority will be used. (optional, options: google, ssl_com, lets_encrypt) | | `--cloudflare-dns-records-per-page=100` | When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100) | | `--cloudflare-region-key=CLOUDFLARE-REGION-KEY` | When using the Cloudflare provider, specify the region (default: earth) | | `--cloudflare-record-comment=""` | When using the Cloudflare provider, specify the comment for the DNS records (default: '') | diff --git a/docs/monitoring/metrics.md b/docs/monitoring/metrics.md index ae4752913..8d73b202a 100644 --- a/docs/monitoring/metrics.md +++ b/docs/monitoring/metrics.md @@ -80,6 +80,8 @@ curl https://localhost:7979/metrics | http_request_duration_seconds | | process_cpu_seconds_total | | process_max_fds | +| process_network_receive_bytes_total | +| process_network_transmit_bytes_total | | process_open_fds | | process_resident_memory_bytes | | process_start_time_seconds | From 426ea7e1fded8c4ff6182ac6a03af0bb06fb0bdc Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Fri, 23 May 2025 15:10:19 -0400 Subject: [PATCH 07/13] feat(cloudflare): update flags.md --- docs/flags.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/flags.md b/docs/flags.md index 4c997158b..e6f11e56b 100644 --- a/docs/flags.md +++ b/docs/flags.md @@ -92,7 +92,7 @@ | `--[no-]cloudflare-proxied` | When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled) | | `--[no-]cloudflare-custom-hostnames` | When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires "Cloudflare for SaaS" enabled. (default: disabled) | | `--cloudflare-custom-hostnames-min-tls-version=1.0` | When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3) | -| `--cloudflare-custom-hostnames-certificate-authority=CLOUDFLARE-CUSTOM-HOSTNAMES-CERTIFICATE-AUTHORITY` | When using the Cloudflare provider with the Custom Hostnames, optionally specify which Certificate Authority will be used. (optional, options: google, ssl_com, lets_encrypt) | +| `--cloudflare-custom-hostnames-certificate-authority=` | When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used by default. (default: none, options: google, ssl_com, lets_encrypt, none) | | `--cloudflare-dns-records-per-page=100` | When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100) | | `--cloudflare-region-key=CLOUDFLARE-REGION-KEY` | When using the Cloudflare provider, specify the region (default: earth) | | `--cloudflare-record-comment=""` | When using the Cloudflare provider, specify the comment for the DNS records (default: '') | From a9d90790e50a10a6d88594208d56d2f1bcec151a Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Fri, 23 May 2025 15:45:03 -0400 Subject: [PATCH 08/13] feat(cloudflare): update cloudflare_regional_test.go --- provider/cloudflare/cloudflare_regional_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/provider/cloudflare/cloudflare_regional_test.go b/provider/cloudflare/cloudflare_regional_test.go index f8273a601..0a79647f6 100644 --- a/provider/cloudflare/cloudflare_regional_test.go +++ b/provider/cloudflare/cloudflare_regional_test.go @@ -24,6 +24,7 @@ import ( "github.com/cloudflare/cloudflare-go" "github.com/stretchr/testify/assert" + "sigs.k8s.io/external-dns/endpoint" ) @@ -124,7 +125,7 @@ func Test_regionalHostname(t *testing.T) { t.Run(tt.name, func(t *testing.T) { p := CloudFlareProvider{RegionKey: tt.args.defaultRegionKey} got := p.regionalHostname(tt.args.endpoint) - assert.Equal(t, got, tt.want) + assert.Equal(t, tt.want, got) }) } } From 3807e398c8b91ba7efca0886149bc61150e8c4eb Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Sat, 24 May 2025 07:42:08 -0400 Subject: [PATCH 09/13] feat(cloudflare): updating dcos for more clarity --- docs/tutorials/cloudflare.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/tutorials/cloudflare.md b/docs/tutorials/cloudflare.md index 043db64ff..3b20e9f64 100644 --- a/docs/tutorials/cloudflare.md +++ b/docs/tutorials/cloudflare.md @@ -312,7 +312,7 @@ If not set the value will default to `global`. ## Setting cloudflare-custom-hostname -Automatic configuration of Cloudflare custom hostnames (using A/CNAME DNS records as custom origin servers) is enabled by the --cloudflare-custom-hostnames flag and the `external-dns.alpha.kubernetes.io/cloudflare-custom-hostname: ` annotation. +Automatic configuration of Cloudflare custom hostnames (using A/CNAME DNS records as custom origin servers) is enabled by the `--cloudflare-custom-hostnames` flag and the `external-dns.alpha.kubernetes.io/cloudflare-custom-hostname: ` annotation. Multiple hostnames are supported via a comma-separated list: `external-dns.alpha.kubernetes.io/cloudflare-custom-hostname: ,`. @@ -320,7 +320,7 @@ See [Cloudflare for Platforms](https://developers.cloudflare.com/cloudflare-for- This feature is disabled by default and supports the `--cloudflare-custom-hostnames-min-tls-version` and `--cloudflare-custom-hostnames-certificate-authority` flags. -`--cloudflare-custom-hostnames-certificate-authority` defaults to not selecting a CA. If a specific CA is required use this flag to select one. +`--cloudflare-custom-hostnames-certificate-authority` defaults to `none`, which explicitly means no Certificate Authority (CA) is set when using the Cloudflare API. Specifying a custom CA is only possible for enterprise accounts. The custom hostname DNS must resolve to the Cloudflare DNS record (`external-dns.alpha.kubernetes.io/hostname`) for automatic certificate validation via the HTTP method. It's important to note that the TXT method does not allow automatic validation and is not supported. From a1944d1ae4aa0db5aeed902047378b795dc072f7 Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Sat, 24 May 2025 07:43:42 -0400 Subject: [PATCH 10/13] feat(cloudflare): updating allowable and default value to none to better clarity --- pkg/apis/externaldns/types.go | 4 ++-- provider/cloudflare/cloudflare.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/apis/externaldns/types.go b/pkg/apis/externaldns/types.go index 1399998dd..6b80bbd00 100644 --- a/pkg/apis/externaldns/types.go +++ b/pkg/apis/externaldns/types.go @@ -254,7 +254,7 @@ var defaultConfig = &Config{ CFAPIEndpoint: "", CFPassword: "", CFUsername: "", - CloudflareCustomHostnamesCertificateAuthority: "", + CloudflareCustomHostnamesCertificateAuthority: "none", CloudflareCustomHostnames: false, CloudflareCustomHostnamesMinTLSVersion: "1.0", CloudflareDNSRecordsPerPage: 100, @@ -538,7 +538,7 @@ func App(cfg *Config) *kingpin.Application { app.Flag("cloudflare-proxied", "When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled)").BoolVar(&cfg.CloudflareProxied) app.Flag("cloudflare-custom-hostnames", "When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires \"Cloudflare for SaaS\" enabled. (default: disabled)").BoolVar(&cfg.CloudflareCustomHostnames) app.Flag("cloudflare-custom-hostnames-min-tls-version", "When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3)").Default("1.0").EnumVar(&cfg.CloudflareCustomHostnamesMinTLSVersion, "1.0", "1.1", "1.2", "1.3") - app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used by default. (default: none, options: google, ssl_com, lets_encrypt, none)").Default("").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "") + app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used. (default: none, options: google, ssl_com, lets_encrypt, none)").Default("none").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "none") app.Flag("cloudflare-dns-records-per-page", "When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100)").Default(strconv.Itoa(defaultConfig.CloudflareDNSRecordsPerPage)).IntVar(&cfg.CloudflareDNSRecordsPerPage) app.Flag("cloudflare-region-key", "When using the Cloudflare provider, specify the region (default: earth)").StringVar(&cfg.CloudflareRegionKey) app.Flag("cloudflare-record-comment", "When using the Cloudflare provider, specify the comment for the DNS records (default: '')").Default("").StringVar(&cfg.CloudflareRecordComment) diff --git a/provider/cloudflare/cloudflare.go b/provider/cloudflare/cloudflare.go index dac89f627..af827daa1 100644 --- a/provider/cloudflare/cloudflare.go +++ b/provider/cloudflare/cloudflare.go @@ -820,7 +820,7 @@ func getCustomHostnamesSSLOptions(customHostnamesConfig CustomHostnamesConfig) * } // Set CertificateAuthority if provided // We're not able to set it at all (even with a blank) if you're not on an enterprise plan - if customHostnamesConfig.CertificateAuthority != "" { + if customHostnamesConfig.CertificateAuthority != "none" { ssl.CertificateAuthority = customHostnamesConfig.CertificateAuthority } return ssl From 58f760129996fd782eb6e9e2c0d9bbc0da0223c4 Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Sat, 24 May 2025 07:44:49 -0400 Subject: [PATCH 11/13] feat(cloudflare): updating flag with better language around options --- pkg/apis/externaldns/types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/apis/externaldns/types.go b/pkg/apis/externaldns/types.go index 6b80bbd00..908b6b41c 100644 --- a/pkg/apis/externaldns/types.go +++ b/pkg/apis/externaldns/types.go @@ -538,7 +538,7 @@ func App(cfg *Config) *kingpin.Application { app.Flag("cloudflare-proxied", "When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled)").BoolVar(&cfg.CloudflareProxied) app.Flag("cloudflare-custom-hostnames", "When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires \"Cloudflare for SaaS\" enabled. (default: disabled)").BoolVar(&cfg.CloudflareCustomHostnames) app.Flag("cloudflare-custom-hostnames-min-tls-version", "When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3)").Default("1.0").EnumVar(&cfg.CloudflareCustomHostnamesMinTLSVersion, "1.0", "1.1", "1.2", "1.3") - app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used. (default: none, options: google, ssl_com, lets_encrypt, none)").Default("none").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "none") + app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used. None indicates no Certificate Authority will be sent to the Cloudflare API (default: none, options: google, ssl_com, lets_encrypt, none)").Default("none").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "none") app.Flag("cloudflare-dns-records-per-page", "When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100)").Default(strconv.Itoa(defaultConfig.CloudflareDNSRecordsPerPage)).IntVar(&cfg.CloudflareDNSRecordsPerPage) app.Flag("cloudflare-region-key", "When using the Cloudflare provider, specify the region (default: earth)").StringVar(&cfg.CloudflareRegionKey) app.Flag("cloudflare-record-comment", "When using the Cloudflare provider, specify the comment for the DNS records (default: '')").Default("").StringVar(&cfg.CloudflareRecordComment) From 34e9aea2d506b986cd59b56fb7a6f3461e8afa65 Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Sat, 24 May 2025 07:51:04 -0400 Subject: [PATCH 12/13] feat(cloudflare): update docs with better language for none argument --- docs/flags.md | 2 +- pkg/apis/externaldns/types.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/flags.md b/docs/flags.md index e6f11e56b..5c3d7c362 100644 --- a/docs/flags.md +++ b/docs/flags.md @@ -92,7 +92,7 @@ | `--[no-]cloudflare-proxied` | When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled) | | `--[no-]cloudflare-custom-hostnames` | When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires "Cloudflare for SaaS" enabled. (default: disabled) | | `--cloudflare-custom-hostnames-min-tls-version=1.0` | When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3) | -| `--cloudflare-custom-hostnames-certificate-authority=` | When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used by default. (default: none, options: google, ssl_com, lets_encrypt, none) | +| `--cloudflare-custom-hostnames-certificate-authority=none` | When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used. A value of none indicates no Certificate Authority will be sent to the Cloudflare API (default: none, options: google, ssl_com, lets_encrypt, none) | | `--cloudflare-dns-records-per-page=100` | When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100) | | `--cloudflare-region-key=CLOUDFLARE-REGION-KEY` | When using the Cloudflare provider, specify the region (default: earth) | | `--cloudflare-record-comment=""` | When using the Cloudflare provider, specify the comment for the DNS records (default: '') | diff --git a/pkg/apis/externaldns/types.go b/pkg/apis/externaldns/types.go index 908b6b41c..e034c91d6 100644 --- a/pkg/apis/externaldns/types.go +++ b/pkg/apis/externaldns/types.go @@ -538,7 +538,7 @@ func App(cfg *Config) *kingpin.Application { app.Flag("cloudflare-proxied", "When using the Cloudflare provider, specify if the proxy mode must be enabled (default: disabled)").BoolVar(&cfg.CloudflareProxied) app.Flag("cloudflare-custom-hostnames", "When using the Cloudflare provider, specify if the Custom Hostnames feature will be used. Requires \"Cloudflare for SaaS\" enabled. (default: disabled)").BoolVar(&cfg.CloudflareCustomHostnames) app.Flag("cloudflare-custom-hostnames-min-tls-version", "When using the Cloudflare provider with the Custom Hostnames, specify which Minimum TLS Version will be used by default. (default: 1.0, options: 1.0, 1.1, 1.2, 1.3)").Default("1.0").EnumVar(&cfg.CloudflareCustomHostnamesMinTLSVersion, "1.0", "1.1", "1.2", "1.3") - app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used. None indicates no Certificate Authority will be sent to the Cloudflare API (default: none, options: google, ssl_com, lets_encrypt, none)").Default("none").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "none") + app.Flag("cloudflare-custom-hostnames-certificate-authority", "When using the Cloudflare provider with the Custom Hostnames, specify which Certificate Authority will be used. A value of none indicates no Certificate Authority will be sent to the Cloudflare API (default: none, options: google, ssl_com, lets_encrypt, none)").Default("none").EnumVar(&cfg.CloudflareCustomHostnamesCertificateAuthority, "google", "ssl_com", "lets_encrypt", "none") app.Flag("cloudflare-dns-records-per-page", "When using the Cloudflare provider, specify how many DNS records listed per page, max possible 5,000 (default: 100)").Default(strconv.Itoa(defaultConfig.CloudflareDNSRecordsPerPage)).IntVar(&cfg.CloudflareDNSRecordsPerPage) app.Flag("cloudflare-region-key", "When using the Cloudflare provider, specify the region (default: earth)").StringVar(&cfg.CloudflareRegionKey) app.Flag("cloudflare-record-comment", "When using the Cloudflare provider, specify the comment for the DNS records (default: '')").Default("").StringVar(&cfg.CloudflareRecordComment) From 517fc3b91e246e09b7b88a33b2f10125970792dd Mon Sep 17 00:00:00 2001 From: Henry Arend Date: Sat, 24 May 2025 07:51:17 -0400 Subject: [PATCH 13/13] feat(cloudflare): update tests for new default value --- pkg/apis/externaldns/types_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/apis/externaldns/types_test.go b/pkg/apis/externaldns/types_test.go index 7a81d9f10..ebe71a7bd 100644 --- a/pkg/apis/externaldns/types_test.go +++ b/pkg/apis/externaldns/types_test.go @@ -76,7 +76,7 @@ var ( CloudflareProxied: false, CloudflareCustomHostnames: false, CloudflareCustomHostnamesMinTLSVersion: "1.0", - CloudflareCustomHostnamesCertificateAuthority: "", + CloudflareCustomHostnamesCertificateAuthority: "none", CloudflareDNSRecordsPerPage: 100, CloudflareDNSRecordsComment: "", CloudflareRegionKey: "",