Addresses #5901
Related: #4056
Add clear documentation on annotation placement for Gateway API sources
to prevent confusion about which annotations go on Gateway vs Route resources.
Changes:
- Add Gateway API Annotation Placement section to annotations.md
- Add Annotations section with examples to gateway-api.md
- Include Cloudflare and AWS provider examples
- Document common mistakes
Per review feedback, compressed annotations.md section to minimal size:
- Removed annotation placement matrix table
- Removed YAML examples
- Kept concise 2-line summary
- Kept link to comprehensive documentation
Co-authored-by: Claude <noreply@anthropic.com>
* docs: clarify hostname annotation behavior
* docs: specify how hostname annotation behavior can be configured
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
---------
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* Reintroduce base config for txt owner migration
# Conflicts:
# controller/execute.go
# registry/txt.go
# Conflicts:
# pkg/apis/externaldns/types.go
* Added label update logic and fixed existing tests
* Fixed existing declaration in tests, re introduced tests for new flag, regened flags.md from make
* Fixed tests logic and target expression evaluation, fixed update of label in the TXT registry process
* Set Old owner id var down the plan to calculate changes correctly
* Lint fixes
* (wip) Code cleaning and test coverage
* Simplified label overwriting on migration and implem tests for coverage
* Fix tests
* Update txt registry doc
* Fix rebase issues in txt test
* Update docs/registry/txt.md
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* Update docs/registry/txt.md
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* Update docs/registry/txt.md
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* Fix label overriding in TXT record generation when migration is enabled
* Make linter happy
* Regen flags, fix types tests after types updates
* Removed boolean flag that enabled migration, evaluate only against old owner flag instead
---------
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* fix(aws): warn on TXT AccessDenied due to ABAC
ExternalDNS writes TXT ownership records. ABAC missing TXT can cause 403
AccessDenied from Route 53.
* Update AWS ABAC docs to include TXT in record types
* Log entries when AccessDenied occurs and batch contains TXT
* Added unit tests for AccessDenied detection, TXT detection and logging
Refs: #5773
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* fix(aws): Drop prescriptive IAM warning
* Return the first Route 53 error from `submitChanges` so operators see
the original AWS message
* Remove IAM-guessing branch while keeping split-and-retry submission
* Tidy error test and fall back to `provider.NewSoftErrorf` when no AWS
error was captured
* Add tests for error return on failures upon zone submission
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* fix(aws): Remove TXT-specific error handling
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* fix(aws): Remove Route53 final error message
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* fix(aws): Remove unused import of `error`
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
---------
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* feat(cli): add Cobra binder and backend switch
* add FlagBinder with Kingpin and Cobra implementations
* support --cli-backend and EXTERNAL_DNS_CLI (default: kingpin)
* add tests for binders and CLI switch
Refs: #5379
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* feat(cli): centralize flag registration and add Cobra parity
Started moving CLI flag registration into a common binder function,
avoiding duplication between Kingpin and Cobra.
Refs: #5820
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* feat(cli): enforce Cobra parity with Kingpin
* Add `regexpValue` and `RegexpVar` to Cobra binder with
`setRegexpDefault`
* Enforce `--provider` presence and validate against `providerNames
* require at least one `--source` and validate against new
`allowedSources`
* Expand tests for Kingpin and Cobra
Refs: #5379
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* feat(cli): Commit go-lint edits
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* feat(cli): add kingpin vs cobra binder parity
* Test parity assertion across binders
* Test Cobra-specific incapabilities (`--no-<flag>` and env vars)
* Deduplicate regexp flag handling
Refs: #5379
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* feat(cli): Rebuild flags documentation
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
---------
Signed-off-by: Tobias Harnickell <tobias.harnickell@bedag.ch>
* feat(source/f5-virtual-server): add host aliases support for Virtual Server source
* fix: markdown lint
* fix: markdown lint
* refactor(source/f5_virtualserver): remove if check for array length, already taken care of by the iterator
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* feat(source): add min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source): add min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/min-ttl): added min-ttl support
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* feat(source): add min-ttl support
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
---------
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* scoping the AWS IAM policy to explicitely defined AWS Route53 zones
* Apply suggestions from code review
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* Update aws.md
* Update docs/tutorials/aws.md
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* Update aws.md
breaking up lines to make it pass markdown linting
---------
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
Only grant endpointslices permissions when using service source and remove
outdated endpoints RBAC from provider tutorials.
Add rbac tests for the chart.
* feat(source/istio): support version 1.22
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/istio): support version 1.22
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/istio): support version 1.22
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/istio): support version 1.22
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/istio): support version 1.22
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/istio): support version 1.22
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/istio): support version 1.22
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/istio): support version 1.25+
Co-authored-by: mthemis-provenir <168411899+mthemis-provenir@users.noreply.github.com>
---------
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
Co-authored-by: mthemis-provenir <168411899+mthemis-provenir@users.noreply.github.com>
* feat(source): pods added support for annotation filter and label selectors
* feat(source/pods): support for annotation and label filter
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
---------
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(traefik)!: disable legacy listeners on traefik.containo.us API Group
* update docs accordingly
* update test accordingly
* type argument is infered
* fix rebase
* feat(aws): add support for geoproximity routing
* remove the invalid test
* make some changes based on review comments
* fix linting errors
* make changes based on review feedback
* add more tests to get better coverage
* update docs
* make the linter happy
* address review feedback
This commit addresses the review feedback by making the following changes:
- use a more object-oriented approach for geoProximity handling
- change log levels to warnings instead of errors
- add more test cases for geoProximity
* fix linting error
* use shorter annotation names
* docs: added treafik public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
docs: added treafik public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
docs: added treafik public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
docs: added treafik public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
docs: added treafik public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
docs: added treafik public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
docs: added treafik public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
docs: added treafik public and private routing
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
docs(traefik): public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* docs(traefik): public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* docs(traefik): public and private routing
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* docs(traefik): public and private routing
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* docs(traefik): public and private routing
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
---------
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* feat(cloudflare): add support for MX records
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* test(txt): add additional TXT and MX record test cases
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* feat(endpoint): implement parsing for MX and SRV records with structured targets
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(txt): remove TXT record type from supported types in NewTXTRegistry
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(digitalocean): streamline MX record handling
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(cloudflare): improve error handling in change creation
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(endpoint): return all parsed SRV targets instead of a single target
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* test(endpoint): add parsing tests for MX and SRV records
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(endpoint): streamline MX and SRV record validation and parsing
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(digital_ocean): simplify MX record parsing
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(docs): update link to CRD source in MX record documentation
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(cloudflare): improve error handling for MX record parsing
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(cloudflare): improve error message formatting for MX record parsing
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(endpoint): rename ParseMXRecord to NewMXTarget and update references
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(endpoint): update NewMXTarget to return pointer and adjust tests accordingly
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(cloudflare): consolidate proxyEnabled and proxyDisabled variable declarations
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(endpoint): update TestNewMXTarget to reflect changes in MXTarget struct fields and add missing test case for host validation
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* fix(digitalocean): improve MX record handling by adjusting error handling and ensuring proper priority and host retrieval
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(endpoint): change MXTarget fields to unexported and update NewMXTarget to use them
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(cloudflare): update groupByNameAndTypeWithCustomHostnames to use provider methods and enhance MX record handling in tests
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* test(cloudflare): enhance test cover
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(endpoint): remove unused SRVTarget struct from endpoint.go
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* refactor(endpoint): rename NewMXTarget to NewMXRecord for clarity and update references
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
* Update docs/sources/mx-record.md
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
---------
Signed-off-by: Arthur Le Roux <arthurleroux@protonmail.com>
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
- add flag to enable regional hostname feature
- support deletion of regional hostname on annotation edit
- correctly support differences detection with cloudflare state
- increased tests coverage
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
* feat(source/pod): add support ttl annotation
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support ttl annotation
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
---------
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support for fqdn templating
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support for fqdn templating
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support for fqdn templating
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support for fqdn templating
Co-authored-by: vflaux <38909103+vflaux@users.noreply.github.com>
* feat(source/pod): add support for fqdn templating
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support for fqdn templating
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support for fqdn templating
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
* feat(source/pod): add support for fqdn templating
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
---------
Signed-off-by: ivan katliarchuk <ivan.katliarchuk@gmail.com>
Co-authored-by: vflaux <38909103+vflaux@users.noreply.github.com>
Co-authored-by: Michel Loiseleur <97035654+mloiseleur@users.noreply.github.com>
