From 1f79f52b1aeb1bf6f9caf965d75a8372178188f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Caletka?= Date: Fri, 10 Aug 2018 12:51:21 +0200 Subject: [PATCH] Allow wildcards in zone blacklists and whitelists --- README.rst | 8 +++++--- dzonegit.py | 7 +++++-- test_dzonegit.py | 6 ++++++ 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/README.rst b/README.rst index ab1174a..e0e2923 100644 --- a/README.rst +++ b/README.rst @@ -84,12 +84,14 @@ All boolean options default to *False*. *dzonegit.zoneblacklist* Path to a text file containing list of zone names without trailing dots, one per line. If zone is found on the blacklist, it is ignored when - ``post-receive`` hook generates configuration. + ``post-receive`` hook generates configuration. Wildcards can be used as + well, see `JSON template`_ below. *dzonegit.zonewhitelist* Path to a text file containing list of zone names without trailing dots, one per line. If not empty and zone is not found on the whitelist, - it is ignored when ``post-receive`` hook generates configuration. + it is ignored when ``post-receive`` hook generates configuration. Wildcards + can be used as well, see `JSON template`_ below. JSON template ------------- @@ -98,7 +100,7 @@ The DNS server configuration snippets are generated using a simple JSON-based template. All keys are optional but please make sure the file is a valid JSON file. It is possible to define a zone-specific options, for instance for changing DNSSEC parameters per zone. Those zone-specific options allow usage of -wildcards; if exact match of zone name is not found, the leftmost label is +wildcards; if an exact match of zone name is not found, the leftmost label is substituted with `*`. If still no match is found, the leftmost label is dropped and the second one is again substituted with `*`. In the end, a single `*` is checked. Only if even this key is not found, the value of *defaultvar* is used diff --git a/dzonegit.py b/dzonegit.py index 19b4e5d..bbca859 100644 --- a/dzonegit.py +++ b/dzonegit.py @@ -320,13 +320,16 @@ def template_config(checkoutpath, template, blacklist=set(), whitelist=set()): out.append(headertpl.substitute(mapping)) for f in sorted(Path(checkoutpath).glob("**/*.zone")): zonename = get_zone_name(f, f.read_bytes()) - if whitelist and zonename not in whitelist: + if whitelist and not any( + n in whitelist + for n in get_zone_wildcards(zonename) + ): print( "WARNING: Ignoring zone {} - not whitelisted for " "this repository.".format(zonename), ) continue - if zonename in blacklist: + if any(n in blacklist for n in get_zone_wildcards(zonename)): print( "WARNING: Ignoring zone {} - blacklisted for " "this repository.".format(zonename), diff --git a/test_dzonegit.py b/test_dzonegit.py index 9fa4545..ffb7d17 100644 --- a/test_dzonegit.py +++ b/test_dzonegit.py @@ -313,6 +313,12 @@ def test_template_config(git_dir): whitelist=set("a"), ) assert " - zone: \"dummy\"\n file: \"" not in output + output = dzonegit.template_config( + str(git_dir), + template, + blacklist=set("*"), + ) + assert " - zone: \"dummy\"\n file: \"" not in output def test_load_set_file(git_dir):