DIGITALOCEAN: CAA is supported with some caveats (#592)

Change the tests to skip test case with CAA `;` value for Digitalocean, because that specific feature isn't supported. Closes #588
2024-05-11 05:55:12 +00:00 · 2020-01-24 19:21:01 +02:00
parent d3dc5a5eb7
commit bfa36ebbf8
3 changed files with 26 additions and 1 deletions
--- a/docs/_providers/digitalocean.md
+++ b/docs/_providers/digitalocean.md
@ -35,3 +35,8 @@ D("example.tld", REG_NONE, DnsProvider(DIGITALOCEAN),

 ## Activation
 [Create OAuth Token](https://cloud.digitalocean.com/settings/applications)
+
+## Limitations
+
+- Digialocean DNS doesn't support `;` value with CAA-records ([DigitalOcean documentation](https://www.digitalocean.com/docs/networking/dns/how-to/create-caa-records/))
+- No support for TXT records with multiple strings, as the API prevents espacing quotes.
--- a/integrationTest/integration_test.go
+++ b/integrationTest/integration_test.go
@ -493,12 +493,19 @@ func makeTests(t *testing.T) []*TestCase {
 	if !providers.ProviderHasCapability(*providerToRun, providers.CanUseCAA) {
 		t.Log("Skipping CAA Tests because provider does not support them")
 	} else {
+		manyRecordsTc := tc("CAA many records", caa("@", "issue", 0, "letsencrypt.org"), caa("@", "issuewild", 0, ";"), caa("@", "iodef", 128, "mailto:test@example.com"))
+
+		// Digitalocean doesn't support ";" as value for CAA records
+		if *providerToRun == "DIGITALOCEAN" {
+			manyRecordsTc = tc("CAA many records", caa("@", "issue", 0, "letsencrypt.org"), caa("@", "issuewild", 0, "comodoca.com"), caa("@", "iodef", 128, "mailto:test@example.com"))
+		}
+
 		tests = append(tests, tc("Empty"),
 			tc("CAA record", caa("@", "issue", 0, "letsencrypt.org")),
 			tc("CAA change tag", caa("@", "issuewild", 0, "letsencrypt.org")),
 			tc("CAA change target", caa("@", "issuewild", 0, "example.com")),
 			tc("CAA change flag", caa("@", "issuewild", 128, "example.com")),
-			tc("CAA many records", caa("@", "issue", 0, "letsencrypt.org"), caa("@", "issuewild", 0, ";"), caa("@", "iodef", 128, "mailto:test@example.com")),
+			manyRecordsTc,
 			tc("CAA delete", caa("@", "issue", 0, "letsencrypt.org")),
 		)
 	}
--- a/providers/digitalocean/digitaloceanProvider.go
+++ b/providers/digitalocean/digitaloceanProvider.go
@ -67,6 +67,10 @@ var features = providers.DocumentationNotes{
 	providers.DocCreateDomains:       providers.Can(),
 	providers.DocOfficiallySupported: providers.Cannot(),
 	providers.CanUseSRV:              providers.Can(),
+	// Digitalocean support CAA records, except
+	// ";" value with issue/issuewild records:
+	// https://www.digitalocean.com/docs/networking/dns/how-to/create-caa-records/
+	providers.CanUseCAA: providers.Can(),
 }

 func init() {
@ -215,6 +219,8 @@ func toRc(dc *models.DomainConfig, r *godo.DomainRecord) *models.RecordConfig {
 		SrvWeight:    uint16(r.Weight),
 		SrvPort:      uint16(r.Port),
 		Original:     r,
+		CaaTag:       r.Tag,
+		CaaFlag:      uint8(r.Flags),
 	}
 	t.SetLabelFromFQDN(name, dc.Name)
 	t.SetTarget(target)
@ -240,6 +246,11 @@ func toReq(dc *models.DomainConfig, rc *models.RecordConfig) *godo.DomainRecordE
 	case "TXT":
 		// TXT records are the one place where DO combines many items into one field.
 		target = rc.GetTargetCombined()
+	case "CAA":
+		// DO API requires that value ends in dot
+		// But the value returned from API doesn't contain this,
+		// so no need to strip the dot when reading value from API.
+		target = target + "."
 	default:
 		// no action required
 	}
@ -252,5 +263,7 @@ func toReq(dc *models.DomainConfig, rc *models.RecordConfig) *godo.DomainRecordE
 		Priority: priority,
 		Port:     int(rc.SrvPort),
 		Weight:   int(rc.SrvWeight),
+		Tag:      rc.CaaTag,
+		Flags:    int(rc.CaaFlag),
 	}
 }