mirror of
https://github.com/go-acme/lego.git
synced 2024-12-23 01:07:23 +02:00
route53: adds option to not wait for changes (#2181)
This commit is contained in:
parent
2ec9e42ee3
commit
11b4beff7e
@ -2306,6 +2306,7 @@ func displayDNSHelp(w io.Writer, name string) error {
|
|||||||
ew.writeln(` - "AWS_REGION": Managed by the AWS client ('AWS_REGION_FILE' is not supported)`)
|
ew.writeln(` - "AWS_REGION": Managed by the AWS client ('AWS_REGION_FILE' is not supported)`)
|
||||||
ew.writeln(` - "AWS_SDK_LOAD_CONFIG": Managed by the AWS client. Retrieve the region from the CLI config file ('AWS_SDK_LOAD_CONFIG_FILE' is not supported)`)
|
ew.writeln(` - "AWS_SDK_LOAD_CONFIG": Managed by the AWS client. Retrieve the region from the CLI config file ('AWS_SDK_LOAD_CONFIG_FILE' is not supported)`)
|
||||||
ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client. Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`)
|
ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client. Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`)
|
||||||
|
ew.writeln(` - "AWS_WAIT_FOR_RECORD_SETS_CHANGED": Wait for changes to be INSYNC (it can be unstable)`)
|
||||||
ew.writeln()
|
ew.writeln()
|
||||||
|
|
||||||
ew.writeln(`Additional Configuration:`)
|
ew.writeln(`Additional Configuration:`)
|
||||||
|
@ -48,6 +48,7 @@ lego --domains example.com --email your_example@email.com --dns route53 --accept
|
|||||||
| `AWS_REGION` | Managed by the AWS client (`AWS_REGION_FILE` is not supported) |
|
| `AWS_REGION` | Managed by the AWS client (`AWS_REGION_FILE` is not supported) |
|
||||||
| `AWS_SDK_LOAD_CONFIG` | Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported) |
|
| `AWS_SDK_LOAD_CONFIG` | Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported) |
|
||||||
| `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) |
|
| `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) |
|
||||||
|
| `AWS_WAIT_FOR_RECORD_SETS_CHANGED` | Wait for changes to be INSYNC (it can be unstable) |
|
||||||
|
|
||||||
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
||||||
More information [here]({{< ref "dns#configuration-and-credentials" >}}).
|
More information [here]({{< ref "dns#configuration-and-credentials" >}}).
|
||||||
|
@ -34,6 +34,8 @@ const (
|
|||||||
EnvAssumeRoleArn = envNamespace + "ASSUME_ROLE_ARN"
|
EnvAssumeRoleArn = envNamespace + "ASSUME_ROLE_ARN"
|
||||||
EnvExternalID = envNamespace + "EXTERNAL_ID"
|
EnvExternalID = envNamespace + "EXTERNAL_ID"
|
||||||
|
|
||||||
|
EnvWaitForRecordSetsChanged = envNamespace + "WAIT_FOR_RECORD_SETS_CHANGED"
|
||||||
|
|
||||||
EnvTTL = envNamespace + "TTL"
|
EnvTTL = envNamespace + "TTL"
|
||||||
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
|
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
|
||||||
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
||||||
@ -53,6 +55,8 @@ type Config struct {
|
|||||||
AssumeRoleArn string
|
AssumeRoleArn string
|
||||||
ExternalID string
|
ExternalID string
|
||||||
|
|
||||||
|
WaitForRecordSetsChanged bool
|
||||||
|
|
||||||
TTL int
|
TTL int
|
||||||
PropagationTimeout time.Duration
|
PropagationTimeout time.Duration
|
||||||
PollingInterval time.Duration
|
PollingInterval time.Duration
|
||||||
@ -68,6 +72,8 @@ func NewDefaultConfig() *Config {
|
|||||||
AssumeRoleArn: env.GetOrDefaultString(EnvAssumeRoleArn, ""),
|
AssumeRoleArn: env.GetOrDefaultString(EnvAssumeRoleArn, ""),
|
||||||
ExternalID: env.GetOrDefaultString(EnvExternalID, ""),
|
ExternalID: env.GetOrDefaultString(EnvExternalID, ""),
|
||||||
|
|
||||||
|
WaitForRecordSetsChanged: env.GetOrDefaultBool(EnvWaitForRecordSetsChanged, true),
|
||||||
|
|
||||||
TTL: env.GetOrDefaultInt(EnvTTL, 10),
|
TTL: env.GetOrDefaultInt(EnvTTL, 10),
|
||||||
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 2*time.Minute),
|
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 2*time.Minute),
|
||||||
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, 4*time.Second),
|
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, 4*time.Second),
|
||||||
@ -235,10 +241,9 @@ func (d *DNSProvider) changeRecord(ctx context.Context, action awstypes.ChangeAc
|
|||||||
|
|
||||||
changeID := resp.ChangeInfo.Id
|
changeID := resp.ChangeInfo.Id
|
||||||
|
|
||||||
|
if d.config.WaitForRecordSetsChanged {
|
||||||
return wait.For("route53", d.config.PropagationTimeout, d.config.PollingInterval, func() (bool, error) {
|
return wait.For("route53", d.config.PropagationTimeout, d.config.PollingInterval, func() (bool, error) {
|
||||||
reqParams := &route53.GetChangeInput{Id: changeID}
|
resp, err := d.client.GetChange(ctx, &route53.GetChangeInput{Id: changeID})
|
||||||
|
|
||||||
resp, err := d.client.GetChange(ctx, reqParams)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, fmt.Errorf("failed to query change status: %w", err)
|
return false, fmt.Errorf("failed to query change status: %w", err)
|
||||||
}
|
}
|
||||||
@ -246,10 +251,14 @@ func (d *DNSProvider) changeRecord(ctx context.Context, action awstypes.ChangeAc
|
|||||||
if resp.ChangeInfo.Status == awstypes.ChangeStatusInsync {
|
if resp.ChangeInfo.Status == awstypes.ChangeStatusInsync {
|
||||||
return true, nil
|
return true, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
return false, fmt.Errorf("unable to retrieve change: ID=%s", deref(changeID))
|
return false, fmt.Errorf("unable to retrieve change: ID=%s", deref(changeID))
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
func (d *DNSProvider) getExistingRecordSets(ctx context.Context, hostedZoneID, fqdn string) ([]awstypes.ResourceRecord, error) {
|
func (d *DNSProvider) getExistingRecordSets(ctx context.Context, hostedZoneID, fqdn string) ([]awstypes.ResourceRecord, error) {
|
||||||
listInput := &route53.ListResourceRecordSetsInput{
|
listInput := &route53.ListResourceRecordSetsInput{
|
||||||
HostedZoneId: aws.String(hostedZoneID),
|
HostedZoneId: aws.String(hostedZoneID),
|
||||||
|
@ -131,6 +131,7 @@ Replace `Z11111112222222333333` with your hosted zone ID and `example.com` with
|
|||||||
AWS_SDK_LOAD_CONFIG = "Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)"
|
AWS_SDK_LOAD_CONFIG = "Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)"
|
||||||
AWS_ASSUME_ROLE_ARN = "Managed by the AWS Role ARN (`AWS_ASSUME_ROLE_ARN_FILE` is not supported)"
|
AWS_ASSUME_ROLE_ARN = "Managed by the AWS Role ARN (`AWS_ASSUME_ROLE_ARN_FILE` is not supported)"
|
||||||
AWS_EXTERNAL_ID = "Managed by STS AssumeRole API operation (`AWS_EXTERNAL_ID_FILE` is not supported)"
|
AWS_EXTERNAL_ID = "Managed by STS AssumeRole API operation (`AWS_EXTERNAL_ID_FILE` is not supported)"
|
||||||
|
AWS_WAIT_FOR_RECORD_SETS_CHANGED = "Wait for changes to be INSYNC (it can be unstable)"
|
||||||
[Configuration.Additional]
|
[Configuration.Additional]
|
||||||
AWS_SHARED_CREDENTIALS_FILE = "Managed by the AWS client. Shared credentials file."
|
AWS_SHARED_CREDENTIALS_FILE = "Managed by the AWS client. Shared credentials file."
|
||||||
AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request"
|
AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request"
|
||||||
|
@ -25,7 +25,8 @@ var envTest = tester.NewEnvTest(
|
|||||||
EnvMaxRetries,
|
EnvMaxRetries,
|
||||||
EnvTTL,
|
EnvTTL,
|
||||||
EnvPropagationTimeout,
|
EnvPropagationTimeout,
|
||||||
EnvPollingInterval).
|
EnvPollingInterval,
|
||||||
|
EnvWaitForRecordSetsChanged).
|
||||||
WithDomain(envDomain).
|
WithDomain(envDomain).
|
||||||
WithLiveTestRequirements(EnvAccessKeyID, EnvSecretAccessKey, EnvRegion, envDomain)
|
WithLiveTestRequirements(EnvAccessKeyID, EnvSecretAccessKey, EnvRegion, envDomain)
|
||||||
|
|
||||||
@ -123,16 +124,18 @@ func TestNewDefaultConfig(t *testing.T) {
|
|||||||
TTL: 10,
|
TTL: 10,
|
||||||
PropagationTimeout: 2 * time.Minute,
|
PropagationTimeout: 2 * time.Minute,
|
||||||
PollingInterval: 4 * time.Second,
|
PollingInterval: 4 * time.Second,
|
||||||
|
WaitForRecordSetsChanged: true,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
desc: "",
|
desc: "set values",
|
||||||
envVars: map[string]string{
|
envVars: map[string]string{
|
||||||
EnvMaxRetries: "10",
|
EnvMaxRetries: "10",
|
||||||
EnvTTL: "99",
|
EnvTTL: "99",
|
||||||
EnvPropagationTimeout: "60",
|
EnvPropagationTimeout: "60",
|
||||||
EnvPollingInterval: "60",
|
EnvPollingInterval: "60",
|
||||||
EnvHostedZoneID: "abc123",
|
EnvHostedZoneID: "abc123",
|
||||||
|
EnvWaitForRecordSetsChanged: "false",
|
||||||
},
|
},
|
||||||
expected: &Config{
|
expected: &Config{
|
||||||
MaxRetries: 10,
|
MaxRetries: 10,
|
||||||
|
Loading…
Reference in New Issue
Block a user