mirror/stackexchange-dnscontrol
1
0
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2024-05-11 05:55:12 +00:00
Code Issues Releases Activity

Add check-creds subcommand (#665)

Browse Source
This commit is contained in:
Tom Limoncelli
2020-02-29 09:07:05 -05:00
committed by GitHub
parent 6c316993ec
commit a7e0ec258d
4 changed files with 90 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
commands/getZones.go
View File

@ -52,6 +52,42 @@ EXAMPLES:
} }
}()) }())
// check-creds foo bar
// is the same as
// get-zones --format=nameonly foo bar all
var _ = cmd(catUtils, func() *cli.Command {
var args GetZoneArgs
return &cli.Command{
Name: "check-creds",
Usage: "Do a small operation to verify credentials (stand-alone)",
Action: func(ctx *cli.Context) error {
if ctx.NArg() != 2 {
return cli.NewExitError("Arguments should be: credskey providername (Ex: r53 ROUTE53)", 1)
}
args.CredName = ctx.Args().Get(0)
args.ProviderName = ctx.Args().Get(1)
args.ZoneNames = []string{"all"}
args.OutputFormat = "nameonly"
return exit(GetZone(args))
},
Flags: args.flags(),
UsageText: "dnscontrol check-creds [command options] credkey provider",
Description: `Do a trivia operation to verify credentials. This is a stand-alone utility.
If successful, a list of zones will be output. If not, hopefully you
see verbose error messages.
ARGUMENTS:
credkey: The name used in creds.json (first parameter to NewDnsProvider() in dnsconfig.js)
provider: The name of the provider (second parameter to NewDnsProvider() in dnsconfig.js)
EXAMPLES:
dnscontrol get-zones myr53 ROUTE53
dnscontrol get-zones --out=/dev/null myr53 ROUTE53`,
}
}())
// GetZoneArgs args required for the create-domain subcommand. // GetZoneArgs args required for the create-domain subcommand.
type GetZoneArgs struct { type GetZoneArgs struct {
GetCredentialsArgs // Args related to creds.json GetCredentialsArgs // Args related to creds.json

11
docs/_providers/gcloud.md
View File

@ -69,3 +69,14 @@ currently no facility for creating a name server set. You need special permissi
will enable it on your account, responding with a list of names to use in the `name_server_set` field above. will enable it on your account, responding with a list of names to use in the `name_server_set` field above.
> `name_server_set` only applies on `create-domains` at the moment. Additional work needs to be done to support it during `push` > `name_server_set` only applies on `create-domains` at the moment. Additional work needs to be done to support it during `push`
# Debugging credentials
You can test your `creds.json` entry with the command: `dnscontrol check-creds foo GCLOUD` where `foo` is the name of key used in `creds.json`. Error messages you might see:
* `googleapi: Error 403: Permission denied on resource project REDACTED., forbidden`
* Hint: `project_id` may be invalid.
* `private key should be a PEM or plain PKCS1 or PKCS8; parse error:`
* Hint: `private_key` may be invalid.
* `Response: {"error":"invalid_grant","error_description":"Invalid grant: account not found"}`
* Hint: `client_email` may be invalid.

37
docs/check-creds.md Normal file
View File

@ -0,0 +1,37 @@
---
layout: default
title: Check-Creds subcommand
---
# check-creds
This is a stand-alone utility to help verify entries in `creds.json`.
The command does a trivia operation to verify credentials. If
successful, a list of zones will be output. If not, hopefully you see
verbose error messages.
Syntax:
dnscontrol check-creds [command options] credkey provider
--creds value Provider credentials JSON file (default: "creds.json")
--out value Instead of stdout, write to this file
ARGUMENTS:
credkey: The name used in creds.json (first parameter to NewDnsProvider() in dnsconfig.js)
provider: The name of the provider (second parameter to NewDnsProvider() in dnsconfig.js)
EXAMPLES:
dnscontrol get-zones myr53 ROUTE53
dnscontrol get-zones --out=/dev/null myr53 ROUTE53
# Example commands
dnscontrol get-zone
# Developer Note
This command is not implemented for all providers.
To add this to a provider, implement the get-zones subcommand

7
docs/get-zones.md
View File

@ -78,7 +78,7 @@ go generate
Find the `GetZoneRecords` function in the `*Provider.go` file. Find the `GetZoneRecords` function in the `*Provider.go` file.
If currently returns `fmt.Errorf("not implemented")`. It currently returns `fmt.Errorf("not implemented")`.
Instead, it should gather the records from the provider Instead, it should gather the records from the provider
and return them as a list of RecordConfig structs. and return them as a list of RecordConfig structs.
@ -99,3 +99,8 @@ will query the provider for the list of zones.
(Technically what is happening is by implementing the `ListZones` (Technically what is happening is by implementing the `ListZones`
function, you are completing the `ZoneLister` interface for that function, you are completing the `ZoneLister` interface for that
provider.) provider.)
Implementing the `ListZones` function also activates the `check-creds`
subcommand for that provider. Please add to the provider documentation
a list of error messages that people might see if the credentials are
invalid. See `docs/_providers/gcloud.md` for examples.