mirror/stackexchange-dnscontrol
1
0
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2024-05-11 05:55:12 +00:00
Code Issues Releases Activity

refactor into groups (#684)

Browse Source 
* Refactor tests into "groups", each with its own filter (not/only/requires) to select which providers are appropriate.
* Test driver code is now a lot more simple and clear.
* Add support for not(), only(), and requires() as a way to select/reject providers for a test.
* Add docs explaining how to add tests
* Logging messages are much cleaner now, especially when tests are skipped.
* -start and -end now refer to test groups, not individual tests.  Log messages list the group numbers clearly.
* Add stringer for Capabilities
* Change the order of the tests so that simple tests are first
* Removed knownFailures from providers.json
* fmtjson providers.json

Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
This commit is contained in:
Tom Limoncelli
2020-03-10 10:13:20 -04:00
committed by GitHub
parent fa160b7202
commit 67e78f7e15
15 changed files with 10344 additions and 9999 deletions
Download Patch File Download Diff File Expand all files Collapse all files

750
integrationTest/integration_test.go
View File

@@ -3,6 +3,7 @@ package main
import (
"flag"
"fmt"
"os"
"strconv"
"strings"
"testing"
@@ -84,86 +85,168 @@ func getDomainConfigWithNameservers(t *testing.T, prv providers.DNSServiceProvid
return dc
}
func runTests(t *testing.T, prv providers.DNSServiceProvider, domainName string, knownFailures map[int]bool, origConfig map[string]string) {
dc := getDomainConfigWithNameservers(t, prv, domainName)
// run tests one at a time
end := *endIdx
tests := makeTests(t)
if end == 0 || end >= len(tests) {
end = len(tests) - 1
// testPermitted returns nil if the test is permitted, otherwise an
// error explaining why it is not.
func testPermitted(t *testing.T, p string, f TestGroup) error {
// not() and only() can't be mixed.
if len(f.only) != 0 && len(f.not) != 0 {
return fmt.Errorf("invalid filter: can't mix not() and only()")
}
for i := *startIdx; i <= end; i++ {
tst := tests[i]
if t.Failed() {
break
// TODO(tlim): Have a separate validation pass so that such mistakes
// are more visible?
// If there are any required capabilities, make sure they all exist.
if len(f.required) != 0 {
for _, c := range f.required {
if !providers.ProviderHasCapability(*providerToRun, c) {
return fmt.Errorf("%s not supported", c)
}
}
t.Run(fmt.Sprintf("%d: %s", i, tst.Desc), func(t *testing.T) {
skipVal := false
if knownFailures[i] {
t.Log("SKIPPING VALIDATION FOR KNOWN FAILURE CASE")
skipVal = true
}
// If there are any "only" items, you must be one of them.
if len(f.only) != 0 {
for _, provider := range f.only {
if p == provider {
return nil
}
dom, _ := dc.Copy()
for _, r := range tst.Records {
rc := models.RecordConfig(*r)
if strings.Contains(rc.GetTargetField(), "**current-domain**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**current-domain**", domainName, 1) + ".")
}
if strings.Contains(rc.GetTargetField(), "**current-domain-no-trailing**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**current-domain-no-trailing**", domainName, 1))
}
if strings.Contains(rc.GetLabelFQDN(), "**current-domain**") {
rc.SetLabelFromFQDN(strings.Replace(rc.GetLabelFQDN(), "**current-domain**", domainName, 1), domainName)
}
if providers.ProviderHasCapability(*providerToRun, providers.CanUseAzureAlias) {
if strings.Contains(rc.GetTargetField(), "**subscription-id**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**subscription-id**", origConfig["SubscriptionID"], 1))
}
if strings.Contains(rc.GetTargetField(), "**resource-group**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**resource-group**", origConfig["ResourceGroup"], 1))
}
}
dom.Records = append(dom.Records, &rc)
}
return fmt.Errorf("disabled by only")
}
// If there are any "not" items, you must NOT be one of them.
if len(f.not) != 0 {
for _, provider := range f.not {
if p == provider {
return fmt.Errorf("excluded by not(\"%s\")", provider)
}
dom.IgnoredLabels = tst.IgnoredLabels
models.PostProcessRecords(dom.Records)
dom2, _ := dom.Copy()
// get corrections for first time
corrections, err := prv.GetDomainCorrections(dom)
if err != nil {
t.Fatal(fmt.Errorf("runTests: %w", err))
}
return nil
}
return nil
}
//func makeClearFilter() *TestCase {
// tc := tc("Empty")
// tc.ChangeFilter = true
// return tc
//}
// desc := fmt.Sprintf("%d: %s", i, tst.Desc)
// makeChanges runs one set of DNS record tests. Returns true on success.
func makeChanges(t *testing.T, prv providers.DNSServiceProvider, dc *models.DomainConfig, tst *TestCase, desc string, expectChanges bool, origConfig map[string]string) bool {
domainName := dc.Name
return t.Run(desc, func(t *testing.T) {
dom, _ := dc.Copy()
for _, r := range tst.Records {
rc := models.RecordConfig(*r)
if strings.Contains(rc.GetTargetField(), "**current-domain**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**current-domain**", domainName, 1) + ".")
}
if !skipVal && i != *startIdx && len(corrections) == 0 {
if tst.Desc != "Empty" {
// There are "no corrections" if the last test was programmatically
// skipped. We detect this (possibly inaccurately) by checking to
// see if .Desc is "Empty".
t.Fatalf("Expect changes for all tests, but got none")
}
if strings.Contains(rc.GetTargetField(), "**current-domain-no-trailing**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**current-domain-no-trailing**", domainName, 1))
}
for _, c := range corrections {
if *verbose {
t.Log(c.Msg)
}
err = c.F()
if !skipVal && err != nil {
t.Fatal(err)
}
if strings.Contains(rc.GetLabelFQDN(), "**current-domain**") {
rc.SetLabelFromFQDN(strings.Replace(rc.GetLabelFQDN(), "**current-domain**", domainName, 1), domainName)
}
// run a second time and expect zero corrections
corrections, err = prv.GetDomainCorrections(dom2)
//if providers.ProviderHasCapability(*providerToRun, providers.CanUseAzureAlias) {
if strings.Contains(rc.GetTargetField(), "**subscription-id**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**subscription-id**", origConfig["SubscriptionID"], 1))
}
if strings.Contains(rc.GetTargetField(), "**resource-group**") {
_ = rc.SetTarget(strings.Replace(rc.GetTargetField(), "**resource-group**", origConfig["ResourceGroup"], 1))
}
//}
dom.Records = append(dom.Records, &rc)
}
dom.IgnoredLabels = tst.IgnoredLabels
models.PostProcessRecords(dom.Records)
dom2, _ := dom.Copy()
// get and run corrections for first time
corrections, err := prv.GetDomainCorrections(dom)
if err != nil {
t.Fatal(fmt.Errorf("runTests: %w", err))
}
if len(corrections) == 0 && expectChanges {
t.Fatalf("Expected changes, but got none")
}
for _, c := range corrections {
if *verbose {
t.Log(c.Msg)
}
err = c.F()
if err != nil {
t.Fatal(err)
}
if !skipVal && len(corrections) != 0 {
t.Logf("Expected 0 corrections on second run, but found %d.", len(corrections))
for i, c := range corrections {
t.Logf("#%d: %s", i, c.Msg)
}
t.FailNow()
}
// If we just emptied out the zone, no need for a second pass.
if len(tst.Records) == 0 {
return
}
// run a second time and expect zero corrections
corrections, err = prv.GetDomainCorrections(dom2)
if err != nil {
t.Fatal(err)
}
if len(corrections) != 0 {
t.Logf("Expected 0 corrections on second run, but found %d.", len(corrections))
for i, c := range corrections {
t.Logf("#%d: %s", i, c.Msg)
}
})
t.FailNow()
}
})
}
func runTests(t *testing.T, prv providers.DNSServiceProvider, domainName string, knownFailures map[int]bool, origConfig map[string]string) {
dc := getDomainConfigWithNameservers(t, prv, domainName)
testGroups := makeTests(t)
firstGroup := *startIdx
lastGroup := *endIdx
if lastGroup == 0 {
lastGroup = len(testGroups)
}
// Start the zone with a clean slate.
makeChanges(t, prv, dc, tc("Empty"), "Clean Slate", false, nil)
curGroup := -1
for gIdx, group := range testGroups {
// Abide by -start -end flags
curGroup += 1
if curGroup < firstGroup || curGroup > lastGroup {
continue
}
// Abide by filter
if err := testPermitted(t, *providerToRun, *group); err != nil {
//t.Logf("%s: ***SKIPPED(%v)***", group.Desc, err)
makeChanges(t, prv, dc, tc("Empty"), fmt.Sprintf("%02d:%s ***SKIPPED(%v)***", gIdx, group.Desc, err), false, origConfig)
continue
}
// Run the tests.
for _, tst := range group.tests {
makeChanges(t, prv, dc, tst, fmt.Sprintf("%02d:%s", gIdx, group.Desc), true, origConfig)
if t.Failed() {
break
}
}
// Remove all records so next group starts with a clean slate.
makeChanges(t, prv, dc, tc("Empty"), "Post cleanup", false, nil)
}
}
func TestDualProviders(t *testing.T) {
@@ -209,6 +292,14 @@ func TestDualProviders(t *testing.T) {
}
}
type TestGroup struct {
Desc string
required []providers.Capability
only []string
not []string
tests []*TestCase
}
type TestCase struct {
Desc string
Records []*rec
@@ -349,6 +440,45 @@ func (r *rec) ttl(t uint32) *rec {
return r
}
func manyA(namePattern, target string, n int) []*rec {
recs := []*rec{}
for i := 0; i < n; i++ {
recs = append(recs, makeRec(fmt.Sprintf(namePattern, i), target, "A"))
}
return recs
}
func testgroup(desc string, items ...interface{}) *TestGroup {
group := &TestGroup{Desc: desc}
for _, item := range items {
switch v := item.(type) {
case requiresFilter:
if len(group.tests) != 0 {
fmt.Printf("ERROR: requires() must be before all tc(): %v\n", desc)
os.Exit(1)
}
group.required = append(group.required, v.caps...)
case notFilter:
if len(group.tests) != 0 {
fmt.Printf("ERROR: not() must be before all tc(): %v\n", desc)
os.Exit(1)
}
group.not = append(group.not, v.names...)
case onlyFilter:
if len(group.tests) != 0 {
fmt.Printf("ERROR: only() must be before all tc(): %v\n", desc)
os.Exit(1)
}
group.only = append(group.only, v.names...)
case *TestCase:
group.tests = append(group.tests, v)
default:
fmt.Printf("I don't know about type %T (%v)\n", v, v)
}
}
return group
}
func tc(desc string, recs ...*rec) *TestCase {
var records []*rec
var ignored []string
@@ -366,90 +496,229 @@ func tc(desc string, recs ...*rec) *TestCase {
}
}
func manyA(namePattern, target string, n int) []*rec {
recs := []*rec{}
for i := 0; i < n; i++ {
recs = append(recs, makeRec(fmt.Sprintf(namePattern, i), target, "A"))
}
return recs
func clear(items ...interface{}) *TestCase {
return tc("Empty")
}
func makeTests(t *testing.T) []*TestCase {
// ALWAYS ADD TO BOTTOM OF LIST. Order and indexes matter.
tests := []*TestCase{
// A
tc("Empty"),
tc("Create an A record", a("@", "1.1.1.1")),
tc("Change it", a("@", "1.2.3.4")),
tc("Add another", a("@", "1.2.3.4"), a("www", "1.2.3.4")),
tc("Add another(same name)", a("@", "1.2.3.4"), a("www", "1.2.3.4"), a("www", "5.6.7.8")),
tc("Change a ttl", a("@", "1.2.3.4").ttl(1000), a("www", "1.2.3.4"), a("www", "5.6.7.8")),
tc("Change single target from set", a("@", "1.2.3.4").ttl(1000), a("www", "2.2.2.2"), a("www", "5.6.7.8")),
tc("Change all ttls", a("@", "1.2.3.4").ttl(500), a("www", "2.2.2.2").ttl(400), a("www", "5.6.7.8").ttl(400)),
tc("Delete one", a("@", "1.2.3.4").ttl(500), a("www", "5.6.7.8").ttl(400)),
tc("Add back and change ttl", a("www", "5.6.7.8").ttl(700), a("www", "1.2.3.4").ttl(700)),
tc("Change targets and ttls", a("www", "1.1.1.1"), a("www", "2.2.2.2")),
tc("Create wildcard", a("*", "1.2.3.4"), a("www", "1.1.1.1")),
tc("Delete wildcard", a("www", "1.1.1.1")),
type requiresFilter struct {
caps []providers.Capability
}
// CNAMES
tc("Empty"),
tc("Create a CNAME", cname("foo", "google.com.")),
tc("Change it", cname("foo", "google2.com.")),
tc("Change to A record", a("foo", "1.2.3.4")),
tc("Change back to CNAME", cname("foo", "google.com.")),
tc("Record pointing to @", cname("foo", "**current-domain**")),
func requires(c ...providers.Capability) requiresFilter {
return requiresFilter{caps: c}
}
// NS
tc("Empty"),
tc("NS for subdomain", ns("xyz", "ns2.foo.com.")),
tc("Dual NS for subdomain", ns("xyz", "ns2.foo.com."), ns("xyz", "ns1.foo.com.")),
tc("NS Record pointing to @", ns("foo", "**current-domain**")),
type notFilter struct {
names []string
}
// IDNAs
tc("Empty"),
tc("Internationalized name", a("ööö", "1.2.3.4")),
tc("Change IDN", a("ööö", "2.2.2.2")),
tc("Internationalized CNAME Target", cname("a", "ööö.com.")),
tc("IDN CNAME AND Target", cname("öoö", "ööö.企业.")),
func not(n ...string) notFilter {
return notFilter{names: n}
}
// MX
tc("Empty"),
tc("MX record", mx("@", 5, "foo.com.")),
tc("Second MX record, same prio", mx("@", 5, "foo.com."), mx("@", 5, "foo2.com.")),
tc("3 MX", mx("@", 5, "foo.com."), mx("@", 5, "foo2.com."), mx("@", 15, "foo3.com.")),
tc("Delete one", mx("@", 5, "foo2.com."), mx("@", 15, "foo3.com.")),
tc("Change to other name", mx("@", 5, "foo2.com."), mx("mail", 15, "foo3.com.")),
tc("Change Preference", mx("@", 7, "foo2.com."), mx("mail", 15, "foo3.com.")),
tc("Record pointing to @", mx("foo", 8, "**current-domain**")),
}
type onlyFilter struct {
names []string
}
// PTR
if !providers.ProviderHasCapability(*providerToRun, providers.CanUsePTR) {
t.Log("Skipping PTR Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
tc("Create PTR record", ptr("4", "foo.com.")),
tc("Modify PTR record", ptr("4", "bar.com.")),
)
}
func only(n ...string) onlyFilter {
return onlyFilter{names: n}
}
// ALIAS
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseAlias) {
t.Log("Skipping ALIAS Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
tc("ALIAS at root", alias("@", "foo.com.")),
tc("change it", alias("@", "foo2.com.")),
tc("ALIAS at subdomain", alias("test", "foo.com.")),
)
}
//
// NAPTR
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseNAPTR) {
t.Log("Skipping NAPTR Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
func makeTests(t *testing.T) []*TestGroup {
sha256hash := strings.Repeat("0123456789abcdef", 4)
sha512hash := strings.Repeat("0123456789abcdef", 8)
reversedSha512 := strings.Repeat("fedcba9876543210", 8)
// Each group of tests begins with testgroup("Title").
// The system will remove any records so that the tests
// begin with a clean slate (i.e. no records).
// Filters:
// Only apply to providers that CanUseAlias.
// requires(providers.CanUseAlias),
// Only apply to ROUTE53 + GANDI_V5:
// only("ROUTE53", "GANDI_V5")
// Only apply to all providers except ROUTE53 + GANDI_V5:
// not("ROUTE53", "GANDI_V5"),
// NOTE: You can't mix not() and only()
// reset(not("ROUTE53"), only("GCLOUD")), // ERROR!
// NOTE: All requires()/not()/only() must appear before any tc().
// tc()
// Each tc() indicates a set of records. The testgroup tries to
// migrate from one tc() to the next. For example the first tc()
// creates some records. The next tc() might list the same records
// but adds 1 new record and omits 1. Therefore migrating to this
// second tc() results in 1 record being created and 1 deleted; but
// for some providers it may be converting 1 record to another.
// Therefore some testgroups are testing the providers ability to
// transition between different states. Others are just testing
// whether or not a certain kind of record can be created and
// deleted.
// clear() is the same as tc("Empty"). It removes all records. You
// can use this to verify a provider can delete all the records in
// the last tc(), or to provide a clean slate for the next tc().
// Each testgroup() begins and ends with clear(), so you don't have
// to list the clear() yourself.
tests := []*TestGroup{
//
// Basic functionality (add/rename/change/delete).
//
testgroup("A",
// These tests aren't specific to "A" records. We're testing
// general ability to add/rename/change/delete any record.
tc("Create an A record", a("@", "1.1.1.1")),
tc("Change it", a("@", "1.2.3.4")),
tc("Add another", a("@", "1.2.3.4"), a("www", "1.2.3.4")),
tc("Add another(same name)", a("@", "1.2.3.4"), a("www", "1.2.3.4"), a("www", "5.6.7.8")),
tc("Change a ttl", a("@", "1.2.3.4").ttl(1000), a("www", "1.2.3.4"), a("www", "5.6.7.8")),
tc("Change single target from set", a("@", "1.2.3.4").ttl(1000), a("www", "2.2.2.2"), a("www", "5.6.7.8")),
tc("Change all ttls", a("@", "1.2.3.4").ttl(500), a("www", "2.2.2.2").ttl(400), a("www", "5.6.7.8").ttl(400)),
tc("Delete one", a("@", "1.2.3.4").ttl(500), a("www", "5.6.7.8").ttl(400)),
tc("Add back and change ttl", a("www", "5.6.7.8").ttl(700), a("www", "1.2.3.4").ttl(700)),
tc("Change targets and ttls", a("www", "1.1.1.1"), a("www", "2.2.2.2")),
tc("Create wildcard", a("*", "1.2.3.4"), a("www", "1.1.1.1")),
tc("Delete wildcard", a("www", "1.1.1.1")),
),
testgroup("CNAME",
tc("Create a CNAME", cname("foo", "google.com.")),
tc("Change CNAME target", cname("foo", "google2.com.")),
tc("Change to A record", a("foo", "1.2.3.4")),
tc("Change back to CNAME", cname("foo", "google.com.")),
clear(),
tc("Record pointing to @", cname("foo", "**current-domain**")),
),
testgroup("MX",
not("ACTIVEDIRECTORY_PS"), // Not implemented.
tc("MX record", mx("@", 5, "foo.com.")),
tc("Second MX record, same prio", mx("@", 5, "foo.com."), mx("@", 5, "foo2.com.")),
tc("3 MX", mx("@", 5, "foo.com."), mx("@", 5, "foo2.com."), mx("@", 15, "foo3.com.")),
tc("Delete one", mx("@", 5, "foo2.com."), mx("@", 15, "foo3.com.")),
tc("Change to other name", mx("@", 5, "foo2.com."), mx("mail", 15, "foo3.com.")),
tc("Change Preference", mx("@", 7, "foo2.com."), mx("mail", 15, "foo3.com.")),
tc("Record pointing to @", mx("foo", 8, "**current-domain**")),
),
testgroup("NS",
not("DNSIMPLE", "EXOSCALE"),
// DNSIMPLE: Does not support NS records nor subdomains.
// EXOSCALE: FILL IN
tc("NS for subdomain", ns("xyz", "ns2.foo.com.")),
tc("Dual NS for subdomain", ns("xyz", "ns2.foo.com."), ns("xyz", "ns1.foo.com.")),
tc("NS Record pointing to @", ns("foo", "**current-domain**")),
),
testgroup("IGNORE function",
tc("Create some records", txt("foo", "simple"), a("foo", "1.2.3.4")),
tc("Add a new record - ignoring foo", a("bar", "1.2.3.4"), ignore("foo")),
clear(),
tc("Create some records", txt("bar.foo", "simple"), a("bar.foo", "1.2.3.4")),
tc("Add a new record - ignoring *.foo", a("bar", "1.2.3.4"), ignore("*.foo")),
),
testgroup("single TXT",
tc("Create a TXT", txt("foo", "simple")),
tc("Change a TXT", txt("foo", "changed")),
clear(),
tc("Create a TXT with spaces", txt("foo", "with spaces")),
tc("Change a TXT with spaces", txt("foo", "with whitespace ")),
tc("Create 1 TXT as array", txtmulti("foo", []string{"simple"})),
clear(),
tc("Create a 255-byte TXT", txt("foo", strings.Repeat("A", 255))),
),
testgroup("empty TXT", not("DNSIMPLE", "CLOUDFLAREAPI"),
tc("TXT with empty str", txt("foo1", "")),
// https://github.com/StackExchange/dnscontrol/issues/598
// We decided that permitting the TXT target to be an empty
// string is not a requirement (even though RFC1035 permits it).
// In the future we might make it "capability" to
// indicate which vendors support an empty TXT record.
// However at this time there is no pressing need for this
// feature.
),
//
// Tests that exercise the API protocol and/or code
//
testgroup("Case Sensitivity",
// The decoys are required so that there is at least one actual change in each tc.
tc("Create CAPS", mx("BAR", 5, "BAR.com.")),
tc("Downcase label", mx("bar", 5, "BAR.com."), a("decoy", "1.1.1.1")),
tc("Downcase target", mx("bar", 5, "bar.com."), a("decoy", "2.2.2.2")),
tc("Upcase both", mx("BAR", 5, "BAR.COM."), a("decoy", "3.3.3.3")),
),
testgroup("IDNA",
not("SOFTLAYER"),
// SOFTLAYER: fails at direct internationalization, punycode works, of course.
tc("Internationalized name", a("ööö", "1.2.3.4")),
tc("Change IDN", a("ööö", "2.2.2.2")),
tc("Internationalized CNAME Target", cname("a", "ööö.com.")),
),
testgroup("IDNAs in CNAME targets",
not("LINODE"),
// LINODE: hostname validation does not allow the target domain TLD
tc("IDN CNAME AND Target", cname("öoö", "ööö.企业.")),
),
testgroup("page size",
// Tests the paging code of providers. Many providers page at 100.
// Notes:
// - gandi: page size is 100, therefore we test with 99, 100, and 101
// - ns1: free acct only allows 50 records, therefore we skip
// - digitalocean: fails due to rate limiting, not page limits.
not("NS1"),
tc("99 records", manyA("rec%04d", "1.2.3.4", 99)...),
tc("100 records", manyA("rec%04d", "1.2.3.4", 100)...),
tc("101 records", manyA("rec%04d", "1.2.3.4", 101)...),
),
testgroup("Large updates",
// Verify https://github.com/StackExchange/dnscontrol/issues/493
only("ROUTE53"),
tc("600 records", manyA("rec%04d", "1.2.3.4", 600)...),
tc("Update 600 records", manyA("rec%04d", "1.2.3.5", 600)...),
tc("Empty"), // Delete them all
tc("1200 records", manyA("rec%04d", "1.2.3.4", 1200)...),
tc("Update 1200 records", manyA("rec%04d", "1.2.3.5", 1200)...),
),
//
// CanUse* types:
//
testgroup("CAA",
requires(providers.CanUseCAA),
tc("CAA record", caa("@", "issue", 0, "letsencrypt.org")),
tc("CAA change tag", caa("@", "issuewild", 0, "letsencrypt.org")),
tc("CAA change target", caa("@", "issuewild", 0, "example.com")),
tc("CAA change flag", caa("@", "issuewild", 128, "example.com")),
tc("CAA many records",
caa("@", "issue", 0, "letsencrypt.org"),
caa("@", "issuewild", 0, "comodoca.com"),
caa("@", "iodef", 128, "mailto:test@example.com")),
tc("CAA delete", caa("@", "issue", 0, "letsencrypt.org")),
),
testgroup("CAA with ;",
requires(providers.CanUseCAA), not("DIGITALOCEAN"),
// Test support of ";" as a value
tc("CAA many records", caa("@", "issuewild", 0, ";")),
),
testgroup("NAPTR",
requires(providers.CanUseNAPTR),
tc("NAPTR record", naptr("test", 100, 10, "U", "E2U+sip", "!^.*$!sip:customer-service@example.com!", "example.foo.com.")),
tc("NAPTR second record", naptr("test", 102, 10, "U", "E2U+email", "!^.*$!mailto:information@example.com!", "example.foo.com.")),
tc("NAPTR delete record", naptr("test", 100, 10, "U", "E2U+email", "!^.*$!mailto:information@example.com!", "example.foo.com.")),
@@ -459,14 +728,14 @@ func makeTests(t *testing.T) []*TestCase {
tc("NAPTR change flags", naptr("test", 103, 20, "A", "E2U+email", "!^.*$!mailto:information@example.com!", "example2.foo.com.")),
tc("NAPTR change service", naptr("test", 103, 20, "A", "E2U+sip", "!^.*$!mailto:information@example.com!", "example2.foo.com.")),
tc("NAPTR change regexp", naptr("test", 103, 20, "A", "E2U+sip", "!^.*$!sip:customer-service@example.com!", "example2.foo.com.")),
)
}
),
// SRV
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseSRV) {
t.Log("Skipping SRV Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
testgroup("PTR", requires(providers.CanUsePTR), not("ACTIVEDIRECTORY_PS"),
tc("Create PTR record", ptr("4", "foo.com.")),
tc("Modify PTR record", ptr("4", "bar.com.")),
),
testgroup("SRV", requires(providers.CanUseSRV), not("ACTIVEDIRECTORY_PS", "CLOUDNS"),
tc("SRV record", srv("_sip._tcp", 5, 6, 7, "foo.com.")),
tc("Second SRV record, same prio", srv("_sip._tcp", 5, 6, 7, "foo.com."), srv("_sip._tcp", 5, 60, 70, "foo2.com.")),
tc("3 SRV", srv("_sip._tcp", 5, 6, 7, "foo.com."), srv("_sip._tcp", 5, 60, 70, "foo2.com."), srv("_sip._tcp", 15, 65, 75, "foo3.com.")),
@@ -475,19 +744,13 @@ func makeTests(t *testing.T) []*TestCase {
tc("Change Priority", srv("_sip._tcp", 52, 6, 7, "foo.com."), srv("_sip._tcp", 15, 65, 75, "foo4.com.")),
tc("Change Weight", srv("_sip._tcp", 52, 62, 7, "foo.com."), srv("_sip._tcp", 15, 65, 75, "foo4.com.")),
tc("Change Port", srv("_sip._tcp", 52, 62, 72, "foo.com."), srv("_sip._tcp", 15, 65, 75, "foo4.com.")),
)
if *providerToRun == "NAMEDOTCOM" || *providerToRun == "HEXONET" || *providerToRun == "EXOSCALE" {
t.Log("Skipping SRV Null Target test because provider does not support them")
} else {
tests = append(tests, tc("Null Target", srv("_sip._tcp", 52, 62, 72, "foo.com."), srv("_sip._tcp", 15, 65, 75, ".")))
}
}
),
testgroup("SRV w/ null target", not("NAMEDOTCOM", "HEXONET", "EXOSCALE"),
tc("Null Target", srv("_sip._tcp", 52, 62, 72, "foo.com."), srv("_sip._tcp", 15, 65, 75, ".")),
),
// SSHFP
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseSSHFP) {
t.Log("Skipping SSHFP Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
testgroup("SSHFP",
requires(providers.CanUseSSHFP),
tc("SSHFP record",
sshfp("@", 1, 1, "66c7d5540b7d75a1fb4c84febfa178ad99bdd67c")),
tc("SSHFP change algorithm",
@@ -501,105 +764,19 @@ func makeTests(t *testing.T) []*TestCase {
sshfp("@", 2, 1, "8888888888888888fb4c84febfa178ad99bdd67c")),
tc("SSHFP delete two",
sshfp("@", 1, 1, "66666666666d75a1fb4c84febfa178ad99bdd67c")),
)
}
),
// CAA
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseCAA) {
t.Log("Skipping CAA Tests because provider does not support them")
} else {
manyRecordsTc := tc("CAA many records", caa("@", "issue", 0, "letsencrypt.org"), caa("@", "issuewild", 0, ";"), caa("@", "iodef", 128, "mailto:test@example.com"))
// Digitalocean doesn't support ";" as value for CAA records
if *providerToRun == "DIGITALOCEAN" {
manyRecordsTc = tc("CAA many records", caa("@", "issue", 0, "letsencrypt.org"), caa("@", "issuewild", 0, "comodoca.com"), caa("@", "iodef", 128, "mailto:test@example.com"))
}
tests = append(tests, tc("Empty"),
tc("CAA record", caa("@", "issue", 0, "letsencrypt.org")),
tc("CAA change tag", caa("@", "issuewild", 0, "letsencrypt.org")),
tc("CAA change target", caa("@", "issuewild", 0, "example.com")),
tc("CAA change flag", caa("@", "issuewild", 128, "example.com")),
manyRecordsTc,
tc("CAA delete", caa("@", "issue", 0, "letsencrypt.org")),
)
}
// TLSA
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseTLSA) {
t.Log("Skipping TLSA Tests because provider does not support them")
} else {
sha256hash := strings.Repeat("0123456789abcdef", 4)
sha512hash := strings.Repeat("0123456789abcdef", 8)
reversedSha512 := strings.Repeat("fedcba9876543210", 8)
tests = append(tests, tc("Empty"),
testgroup("TLSA",
requires(providers.CanUseTLSA),
tc("TLSA record", tlsa("_443._tcp", 3, 1, 1, sha256hash)),
tc("TLSA change usage", tlsa("_443._tcp", 2, 1, 1, sha256hash)),
tc("TLSA change selector", tlsa("_443._tcp", 2, 0, 1, sha256hash)),
tc("TLSA change matchingtype", tlsa("_443._tcp", 2, 0, 2, sha512hash)),
tc("TLSA change certificate", tlsa("_443._tcp", 2, 0, 2, reversedSha512)),
)
}
),
// Case
tests = append(tests, tc("Empty"),
tc("Create CAPS", mx("BAR", 5, "BAR.com.")),
tc("Downcase label", mx("bar", 5, "BAR.com."), a("decoy", "1.1.1.1")),
tc("Downcase target", mx("bar", 5, "bar.com."), a("decoy", "2.2.2.2")),
tc("Upcase both", mx("BAR", 5, "BAR.COM."), a("decoy", "3.3.3.3")),
// The decoys are required so that there is at least one actual change in each tc.
)
// Test large zonefiles.
// Mostly to test paging. Many providers page at 100
// Known page sizes:
// - gandi: 100
skip := map[string]bool{
"NS1": true, // ns1 free acct only allows 50 records
}
if skip[*providerToRun] {
t.Log("Skipping Large record count Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
tc("99 records", manyA("rec%04d", "1.2.3.4", 99)...),
tc("100 records", manyA("rec%04d", "1.2.3.4", 100)...),
tc("101 records", manyA("rec%04d", "1.2.3.4", 101)...),
)
}
// NB(tlim): To temporarily skip most of the tests, insert a line like this:
//tests = nil
// TXT (single)
tests = append(tests, tc("Empty"),
tc("Create a TXT", txt("foo", "simple")),
tc("Change a TXT", txt("foo", "changed")),
tc("Empty"),
tc("Create a TXT with spaces", txt("foo", "with spaces")),
tc("Change a TXT with spaces", txt("foo", "with whitespace")),
tc("Create 1 TXT as array", txtmulti("foo", []string{"simple"})),
tc("Empty"),
tc("Create a 255-byte TXT", txt("foo", "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")),
)
// FUTURE(tal): https://github.com/StackExchange/dnscontrol/issues/598
// We decided that handling an empty TXT string is not a
// requirement. In the future we might make it a "capability" to
// indicate which vendors fully support RFC 1035, which requires
// that a TXT string can be empty.
//
// // TXT (empty)
// if (provider supports empty txt strings) {
// tests = append(tests, tc("Empty"),
// tc("TXT with empty str", txt("foo1", "")),
// )
// }
// TXTMulti
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseTXTMulti) {
t.Log("Skipping TXTMulti Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
testgroup("TXTMulti",
requires(providers.CanUseTXTMulti),
tc("Create TXTMulti 1",
txtmulti("foo1", []string{"simple"}),
),
@@ -622,61 +799,38 @@ func makeTests(t *testing.T) []*TestCase {
txtmulti("foo2", []string{"fun", "two"}),
txtmulti("foo3", []string{"eh", "bzz", "cee"}),
),
tc("Empty"),
tc("3x255-byte TXTMulti",
txtmulti("foo3", []string{"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY", "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ"}),
),
)
}
txtmulti("foo3", []string{strings.Repeat("X", 255), strings.Repeat("Y", 255), strings.Repeat("Z", 255)})),
),
// ignored records
tests = append(tests, tc("Empty"),
tc("Create some records", txt("foo", "simple"), a("foo", "1.2.3.4")),
tc("Add a new record - ignoring foo", a("bar", "1.2.3.4"), ignore("foo")),
)
//
// Pseudo rtypes:
//
tests = append(tests, tc("Empty"),
tc("Create some records", txt("bar.foo", "simple"), a("bar.foo", "1.2.3.4")),
tc("Add a new record - ignoring *.foo", a("bar", "1.2.3.4"), ignore("*.foo")),
)
testgroup("ALIAS",
requires(providers.CanUseAlias),
tc("ALIAS at root", alias("@", "foo.com.")),
tc("change it", alias("@", "foo2.com.")),
tc("ALIAS at subdomain", alias("test", "foo.com.")),
),
// R53_ALIAS
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseRoute53Alias) {
t.Log("Skipping Route53 ALIAS Tests because provider does not support them")
} else {
tests = append(tests, tc("Empty"),
tc("create dependent records", a("foo", "1.2.3.4"), a("quux", "2.3.4.5")),
tc("ALIAS to A record in same zone", a("foo", "1.2.3.4"), a("quux", "2.3.4.5"), r53alias("bar", "A", "foo.**current-domain**")),
tc("change it", a("foo", "1.2.3.4"), a("quux", "2.3.4.5"), r53alias("bar", "A", "quux.**current-domain**")),
)
}
// test r53 for very very large batch sizes
if *providerToRun == "ROUTE53" {
tests = append(tests, tc("Empty"),
tc("600 records", manyA("rec%04d", "1.2.3.4", 600)...),
tc("Update 600 records", manyA("rec%04d", "1.2.3.5", 600)...),
tc("Empty"),
tc("1200 records", manyA("rec%04d", "1.2.3.4", 1200)...),
tc("Update 1200 records", manyA("rec%04d", "1.2.3.5", 1200)...),
)
}
// AZURE_ALIAS
if !providers.ProviderHasCapability(*providerToRun, providers.CanUseAzureAlias) {
t.Log("Skipping AZURE_ALIAS Tests because provider does not support them")
} else {
t.Log("SubscriptionID: ")
tests = append(tests, tc("Empty"),
testgroup("AZURE_ALIAS",
requires(providers.CanUseAzureAlias),
tc("create dependent A records", a("foo.a", "1.2.3.4"), a("quux.a", "2.3.4.5")),
tc("ALIAS to A record in same zone", a("foo.a", "1.2.3.4"), a("quux.a", "2.3.4.5"), azureAlias("bar.a", "A", "/subscriptions/**subscription-id**/resourceGroups/**resource-group**/providers/Microsoft.Network/dnszones/**current-domain-no-trailing**/A/foo.a")),
tc("change it", a("foo.a", "1.2.3.4"), a("quux.a", "2.3.4.5"), azureAlias("bar.a", "A", "/subscriptions/**subscription-id**/resourceGroups/**resource-group**/providers/Microsoft.Network/dnszones/**current-domain-no-trailing**/A/quux.a")),
tc("create dependent CNAME records", cname("foo.cname", "google.com"), cname("quux.cname", "google2.com")),
tc("ALIAS to CNAME record in same zone", cname("foo.cname", "google.com"), cname("quux.cname", "google2.com"), azureAlias("bar", "CNAME", "/subscriptions/**subscription-id**/resourceGroups/**resource-group**/providers/Microsoft.Network/dnszones/**current-domain-no-trailing**/CNAME/foo.cname")),
tc("change it", cname("foo.cname", "google.com"), cname("quux.cname", "google2.com"), azureAlias("bar.cname", "CNAME", "/subscriptions/**subscription-id**/resourceGroups/**resource-group**/providers/Microsoft.Network/dnszones/**current-domain-no-trailing**/CNAME/quux.cname")),
)
),
testgroup("R53_ALIAS",
requires(providers.CanUseRoute53Alias),
tc("create dependent records", a("foo", "1.2.3.4"), a("quux", "2.3.4.5")),
tc("ALIAS to A record in same zone", a("foo", "1.2.3.4"), a("quux", "2.3.4.5"), r53alias("bar", "A", "foo.**current-domain**")),
tc("change it", a("foo", "1.2.3.4"), a("quux", "2.3.4.5"), r53alias("bar", "A", "quux.**current-domain**")),
),
}
// Empty last
tests = append(tests, tc("Empty"))
return tests
}

93
integrationTest/providers.json
View File

@@ -1,94 +1,87 @@
{
"ACTIVEDIRECTORY_PS": {
"ADServer": "$AD_SERVER",
"domain": "$AD_DOMAIN",
"knownFailures": "29,30,31,32,33,34,35,38,39,40,41,48,50,51,52"
"domain": "$AD_DOMAIN"
},
"AZURE_DNS": {
"SubscriptionID": "$AZURE_SUBSCRIPTION_ID",
"ResourceGroup": "$AZURE_RESOURCE_GROUP",
"TenantID": "$AZURE_TENANT_ID",
"ClientID": "$AZURE_CLIENT_ID",
"ClientSecret": "$AZURE_CLIENT_SECRET",
"ResourceGroup": "$AZURE_RESOURCE_GROUP",
"SubscriptionID": "$AZURE_SUBSCRIPTION_ID",
"TenantID": "$AZURE_TENANT_ID",
"domain": "$AZURE_DOMAIN"
},
"BIND": {
"domain": "example.com"
},
"CLOUDNS": {
"auth-id": "$CLOUDNS_AUTH_ID",
"auth-password": "$CLOUDNS_AUTH_PASSWORD",
"domain": "$CLOUDNS_DOMAIN",
"knownFailures": "52"
"CLOUDFLAREAPI": {
"apitoken": "$CF_TOKEN",
"domain": "$CF_DOMAIN"
},
"CLOUDFLAREAPI_OLD": {
"apikey": "$CF_KEY",
"apiuser": "$CF_USER",
"domain": "$CF_DOMAIN"
},
"CLOUDFLAREAPI": {
"apitoken": "$CF_TOKEN",
"domain": "$CF_DOMAIN"
"CLOUDNS": {
"auth-id": "$CLOUDNS_AUTH_ID",
"auth-password": "$CLOUDNS_AUTH_PASSWORD",
"domain": "$CLOUDNS_DOMAIN"
},
"DIGITALOCEAN": {
"token": "$DO_TOKEN",
"domain": "$DO_DOMAIN"
"domain": "$DO_DOMAIN",
"token": "$DO_TOKEN"
},
"DNSIMPLE": {
"COMMENT": "20-22: no ns records managable. Not even for subdomains.",
"baseurl": "https://api.sandbox.dnsimple.com",
"domain": "$DNSIMPLE_DOMAIN",
"knownFailures": "20,21,22",
"token": "$DNSIMPLE_TOKEN"
},
"EXOSCALE": {
"dns-endpoint": "https://api.exoscale.ch/dns",
"apikey": "$EXOSCALE_API_KEY",
"secretkey": "$EXOSCALE_SECRET_KEY",
"dns-endpoint": "https://api.exoscale.ch/dns",
"domain": "$EXOSCALE_DOMAIN",
"knownFailures": "20,21,22"
"secretkey": "$EXOSCALE_SECRET_KEY"
},
"GANDI": {
"COMMENT": "5: gandi does not accept TTLs less than 300",
"apikey": "$GANDI_KEY",
"domain": "$GANDI_DOMAIN",
"knownFailures": "5"
"domain": "$GANDI_DOMAIN"
},
"GANDI-LIVEDNS": {
"COMMENT": "5: gandi does not accept TTLs less than 300",
"apikey": "$GANDILIVE_KEY",
"domain": "$GANDILIVE_DOMAIN",
"knownFailures": "5"
"domain": "$GANDILIVE_DOMAIN"
},
"GANDI_V5": {
"apikey": "$GANDI_V5_APIKEY",
"domain": "$GANDI_V5_DOMAIN"
},
"GCLOUD": {
"type": "$GCLOUD_TYPE",
"client_email": "$GCLOUD_EMAIL",
"domain": "$GCLOUD_DOMAIN",
"private_key": "$GCLOUD_PRIVATEKEY",
"project_id": "$GCLOUD_PROJECT"
"project_id": "$GCLOUD_PROJECT",
"type": "$GCLOUD_TYPE"
},
"HEXONET": {
"apientity": "$HEXONET_ENTITY",
"apilogin": "$HEXONET_UID",
"apipassword": "$HEXONET_PW",
"apientity": "$HEXONET_ENTITY",
"debugmode": "$HEXONET_DEBUGMODE",
"ipaddress": "$HEXONET_IP",
"domain": "dnscontrol.com"
"domain": "dnscontrol.com",
"ipaddress": "$HEXONET_IP"
},
"LINODE": {
"COMMENT": "25: Linode's hostname validation does not allow the target domain TLD",
"token": "$LINODE_TOKEN",
"domain": "$LINODE_DOMAIN",
"knownFailures": "27"
"token": "$LINODE_TOKEN"
},
"NS1": {
"domain": "$NS1_DOMAIN",
"api_token": "$NS1_TOKEN"
"NAMECHEAP": {
"apikey": "$NAMECHEAP_KEY",
"apiuser": "$NAMECHEAP_USER",
"domain": "$NAMECHEAP_DOMAIN"
},
"NAMEDOTCOM": {
"apikey": "$NAMEDOTCOM_KEY",
@@ -96,14 +89,19 @@
"apiuser": "$NAMEDOTCOM_USER",
"domain": "$NAMEDOTCOM_DOMAIN"
},
"NAMECHEAP": {
"apikey": "$NAMECHEAP_KEY",
"apiuser": "$NAMECHEAP_USER",
"domain": "$NAMECHEAP_DOMAIN"
"NS1": {
"api_token": "$NS1_TOKEN",
"domain": "$NS1_DOMAIN"
},
"OCTODNS": {
"domain": "example.com",
"directory": "config"
"directory": "config",
"domain": "example.com"
},
"OVH": {
"app-key": "$OVH_APP_KEY",
"app-secret-key": "$OVH_APP_SECRET_KEY",
"consumer-key": "$OVH_CONSUMER_KEY",
"domain": "$OVH_DOMAIN"
},
"ROUTE53": {
"KeyId": "$R53_KEY_ID",
@@ -112,19 +110,12 @@
},
"SOFTLAYER": {
"COMMENT": "22-25 softlayer fails at direct internationalization, puncode works though",
"knownFailures": "22,23,24,25",
"api_key": "$SL_API_KEY",
"domain": "$SL_DOMAIN",
"username": "$SL_USERNAME",
"api_key": "$SL_API_KEY"
"username": "$SL_USERNAME"
},
"VULTR": {
"token": "$VULTR_TOKEN",
"domain": "$VULTR_DOMAIN"
},
"OVH": {
"app-key": "$OVH_APP_KEY",
"app-secret-key": "$OVH_APP_SECRET_KEY",
"consumer-key": "$OVH_CONSUMER_KEY",
"domain": "$OVH_DOMAIN"
"domain": "$VULTR_DOMAIN",
"token": "$VULTR_TOKEN"
}
}