Embed types-dnscontrol.d.ts into the binary instead of fetching it via HTTP (#1942)

Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>

commands/types/base-types.d.ts

@@ -0,0 +1,32 @@
+interface Domain {
+    name: string;
+    subdomain: string;
+    registrar: unknown;
+    meta: Record<string, unknown>;
+    records: DNSRecord[];
+    dnsProviders: Record<string, unknown>;
+    defaultTTL: number;
+    nameservers: unknown[];
+    ignored_names: unknown[];
+    ignored_targets: unknown[];
+    [key: string]: unknown;
+}
+
+interface DNSRecord {
+    type: string;
+    meta: Record<string, unknown>;
+    ttl: number;
+}
+
+type DomainModifier =
+    | ((domain: Domain) => void)
+    | Partial<Domain>
+    | DomainModifier[];
+
+type RecordModifier =
+    | ((record: DNSRecord) => void)
+    | Partial<DNSRecord['meta']>;
+
+type Duration =
+    | `${number}${'s' | 'm' | 'h' | 'd' | 'w' | 'n' | 'y' | ''}`
+    | number /* seconds */;

commands/types/fetch.d.ts

@@ -0,0 +1,76 @@
+/**
+ * `FETCH` is a wrapper for the [Fetch API](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API). This allows dynamically setting DNS records based on an external data source, e.g. the API of your cloud provider.
+ *
+ * Compared to `fetch` from Fetch API, `FETCH` will call [PANIC](https://dnscontrol.org/js#PANIC) to terminate the execution of the script, and therefore DNSControl, if a network error occurs.
+ *
+ * Otherwise the syntax of `FETCH` is the same as `fetch`.
+ *
+ * `FETCH` is not enabled by default. Please read the warnings below.
+ *
+ * > WARNING:
+ * >
+ * > 1. Relying on external sources adds a point of failure. If the external source doesn't work, your script won't either. Please make sure you are aware of the consequences.
+ * > 2. Make sure DNSControl only uses verified configuration if you want to use `FETCH`. For example, an attacker can send Pull Requests to your config repo, and have your CI test malicious configurations and make arbitrary HTTP requests. Therefore, `FETCH` must be explicitly enabled with flag `--allow-fetch` on DNSControl invocation.
+ *
+ * ```js
+ * var REG_NONE = NewRegistrar('none');
+ * var DNS_BIND = NewDnsProvider('bind');
+ *
+ * D('example.com', REG_NONE, DnsProvider(DNS_BIND), [
+ *   A('@', '1.2.3.4'),
+ * ]);
+ *
+ * FETCH('https://example.com', {
+ *   // All three options below are optional
+ *   headers: {"X-Authentication": "barfoo"},
+ *   method: "POST",
+ *   body: "Hello World",
+ * }).then(function(r) {
+ *   return r.text();
+ * }).then(function(t) {
+ *   // Example of generating record based on response
+ *   D_EXTEND('example.com', [
+ *     TXT('@', t.slice(0, 100)),
+ *   ]);
+ * });
+ * ```
+ */
+declare function FETCH(
+    url: string,
+    init?: {
+        method?:
+            | 'GET'
+            | 'POST'
+            | 'PUT'
+            | 'PATCH'
+            | 'DELETE'
+            | 'HEAD'
+            | 'OPTIONS';
+        headers?: { [key: string]: string | string[] };
+        // Ignored by the underlying code
+        // redirect: 'follow' | 'error' | 'manual';
+        body?: string;
+    }
+): Promise<FetchResponse>;
+
+interface FetchResponse {
+    readonly bodyUsed: boolean;
+    readonly headers: ResponseHeaders;
+    readonly ok: boolean;
+    readonly status: number;
+    readonly statusText: string;
+    readonly type: string;
+
+    text(): Promise<string>;
+    json(): Promise<any>;
+}
+
+interface ResponseHeaders {
+    get(name: string): string | undefined;
+    getAll(name: string): string[];
+    has(name: string): boolean;
+
+    append(name: string, value: string): void;
+    delete(name: string): void;
+    set(name: string, value: string): void;
+}

commands/types/others.d.ts

@@ -0,0 +1,65 @@
+declare function require(name: `${string}.json`): any;
+declare function require(name: string): true;
+
+/**
+ * Issuer critical flag. CA that does not understand this tag will refuse to issue certificate for this domain.
+ *
+ * CAA record is supported only by BIND, Google Cloud DNS, Amazon Route 53 and OVH. Some certificate authorities may not support this record until the mandatory date of September 2017.
+ */
+declare const CAA_CRITICAL: RecordModifier;
+
+/**
+ * This disables a safety check intended to prevent:
+ * 1. Two owners toggling a record between two settings.
+ * 2. The other owner wiping all records at this label, which won't
+ * be noticed until the next time dnscontrol is run.
+ * See https://github.com/StackExchange/dnscontrol/issues/1106
+ */
+declare const IGNORE_NAME_DISABLE_SAFETY_CHECK: RecordModifier;
+
+// Cloudflare aliases:
+
+/** Proxy disabled. */
+declare const CF_PROXY_OFF: RecordModifier;
+/** Proxy enabled. */
+declare const CF_PROXY_ON: RecordModifier;
+/** Proxy+Railgun enabled. */
+declare const CF_PROXY_FULL: RecordModifier;
+
+/** Proxy default off for entire domain (the default) */
+declare const CF_PROXY_DEFAULT_OFF: DomainModifier;
+/** Proxy default on for entire domain */
+declare const CF_PROXY_DEFAULT_ON: DomainModifier;
+/** UniversalSSL off for entire domain */
+declare const CF_UNIVERSALSSL_OFF: DomainModifier;
+/** UniversalSSL on for entire domain */
+declare const CF_UNIVERSALSSL_ON: DomainModifier;
+
+/**
+ * Set default values for CLI variables. See: https://dnscontrol.org/cli-variables
+ */
+declare function CLI_DEFAULTS(vars: Record<string, unknown>): void;
+
+/**
+ * `END` permits the last item to include a comma.
+ *
+ * ```js
+ * D("foo.com", ...
+ *    A(...),
+ *    A(...),
+ *    A(...),
+ * END)
+ * ```
+ */
+declare const END: DomainModifier & RecordModifier;
+
+/**
+ * Permit labels like `"foo.bar.com.bar.com"` (normally an error)
+ *
+ * ```js
+ * D("bar.com", ...
+ *     A("foo.bar.com", "10.1.1.1", DISABLE_REPEATED_DOMAIN_CHECK),
+ * )
+ * ```
+ */
+declare const DISABLE_REPEATED_DOMAIN_CHECK: RecordModifier;