diff --git a/provider/cloudflare/cloudflare.go b/provider/cloudflare/cloudflare.go index c701d8b92..e662a0faf 100644 --- a/provider/cloudflare/cloudflare.go +++ b/provider/cloudflare/cloudflare.go @@ -46,6 +46,11 @@ import ( type changeAction int const ( + // Environment variable names for CloudFlare authentication + cfAPIEmailEnvKey = "CF_API_EMAIL" + cfAPIKeyEnvKey = "CF_API_KEY" + cfAPITokenEnvKey = "CF_API_TOKEN" + // cloudFlareCreate is a ChangeAction enum value cloudFlareCreate changeAction = iota // cloudFlareDelete is a ChangeAction enum value @@ -327,12 +332,12 @@ func NewCloudFlareProvider( configV4 *cloudflare.Client err error ) - if os.Getenv("CF_API_TOKEN") != "" { - token := os.Getenv("CF_API_TOKEN") - if strings.HasPrefix(token, "file:") { - tokenBytes, err := os.ReadFile(strings.TrimPrefix(token, "file:")) + token := os.Getenv(cfAPITokenEnvKey) + if token != "" { + if trimed, ok := strings.CutPrefix(token, "file:"); ok { + tokenBytes, err := os.ReadFile(trimed) if err != nil { - return nil, fmt.Errorf("failed to read CF_API_TOKEN from file: %w", err) + return nil, fmt.Errorf("failed to read %s from file: %w", cfAPITokenEnvKey, err) } token = strings.TrimSpace(string(tokenBytes)) } @@ -341,10 +346,10 @@ func NewCloudFlareProvider( option.WithAPIToken(token), ) } else { - config, err = cloudflarev0.New(os.Getenv("CF_API_KEY"), os.Getenv("CF_API_EMAIL")) + config, err = cloudflarev0.New(os.Getenv(cfAPIKeyEnvKey), os.Getenv(cfAPIEmailEnvKey)) configV4 = cloudflare.NewClient( - option.WithAPIKey(os.Getenv("CF_API_KEY")), - option.WithAPIEmail(os.Getenv("CF_API_EMAIL")), + option.WithAPIKey(os.Getenv(cfAPIKeyEnvKey)), + option.WithAPIEmail(os.Getenv(cfAPIEmailEnvKey)), ) } if err != nil { diff --git a/provider/cloudflare/cloudflare_test.go b/provider/cloudflare/cloudflare_test.go index d5119e177..4acba50d1 100644 --- a/provider/cloudflare/cloudflare_test.go +++ b/provider/cloudflare/cloudflare_test.go @@ -949,6 +949,13 @@ func TestCloudflareProvider(t *testing.T) { Value string } + // unset environment variables to avoid interference with tests + testutils.TestHelperEnvSetter(t, map[string]string{ + cfAPIEmailEnvKey: "", + cfAPIKeyEnvKey: "", + cfAPITokenEnvKey: "", + }) + tokenFile := "/tmp/cf_api_token" if err := os.WriteFile(tokenFile, []byte("abc123def"), 0o644); err != nil { t.Errorf("failed to write token file, %s", err) @@ -962,22 +969,22 @@ func TestCloudflareProvider(t *testing.T) { { Name: "use_api_token", Environment: []EnvVar{ - {Key: "CF_API_TOKEN", Value: "abc123def"}, + {Key: cfAPITokenEnvKey, Value: "abc123def"}, }, ShouldFail: false, }, { Name: "use_api_token_file_contents", Environment: []EnvVar{ - {Key: "CF_API_TOKEN", Value: tokenFile}, + {Key: cfAPITokenEnvKey, Value: tokenFile}, }, ShouldFail: false, }, { Name: "use_email_and_key", Environment: []EnvVar{ - {Key: "CF_API_KEY", Value: "xxxxxxxxxxxxxxxxx"}, - {Key: "CF_API_EMAIL", Value: "test@test.com"}, + {Key: cfAPIKeyEnvKey, Value: "xxxxxxxxxxxxxxxxx"}, + {Key: cfAPIEmailEnvKey, Value: "test@test.com"}, }, ShouldFail: false, }, @@ -989,14 +996,14 @@ func TestCloudflareProvider(t *testing.T) { { Name: "use_credentials_in_missing_file", Environment: []EnvVar{ - {Key: "CF_API_TOKEN", Value: "file://abc"}, + {Key: cfAPITokenEnvKey, Value: "file://abc"}, }, ShouldFail: true, }, { Name: "use_credentials_in_missing_file", Environment: []EnvVar{ - {Key: "CF_API_TOKEN", Value: "file:/tmp/cf_api_token"}, + {Key: cfAPITokenEnvKey, Value: "file:/tmp/cf_api_token"}, }, ShouldFail: false, }, @@ -1809,8 +1816,10 @@ func TestCustomTTLWithEnabledProxyNotChanged(t *testing.T) { } func TestCloudFlareProvider_Region(t *testing.T) { - t.Setenv("CF_API_TOKEN", "abc123def") - t.Setenv("CF_API_EMAIL", "test@test.com") + testutils.TestHelperEnvSetter(t, map[string]string{ + cfAPITokenEnvKey: "abc123def", + cfAPIEmailEnvKey: "test@test.com", + }) provider, err := NewCloudFlareProvider( endpoint.NewDomainFilter([]string{"example.com"}), provider.ZoneIDFilter{},