Add DNS provider for Volcano Engine (#2282)

README.md

@@ -84,10 +84,10 @@ Detailed documentation is available [here](https://go-acme.github.io/lego/dns).
 | [Servercow](https://go-acme.github.io/lego/dns/servercow/)                      | [Shellrent](https://go-acme.github.io/lego/dns/shellrent/)                      | [Simply.com](https://go-acme.github.io/lego/dns/simply/)                        | [Sonic](https://go-acme.github.io/lego/dns/sonic/)                              |
 | [Stackpath](https://go-acme.github.io/lego/dns/stackpath/)                      | [Tencent Cloud DNS](https://go-acme.github.io/lego/dns/tencentcloud/)           | [TransIP](https://go-acme.github.io/lego/dns/transip/)                          | [UKFast SafeDNS](https://go-acme.github.io/lego/dns/safedns/)                   |
 | [Ultradns](https://go-acme.github.io/lego/dns/ultradns/)                        | [Variomedia](https://go-acme.github.io/lego/dns/variomedia/)                    | [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/)                          | [Vercel](https://go-acme.github.io/lego/dns/vercel/)                            |
-| [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/)                 | [VinylDNS](https://go-acme.github.io/lego/dns/vinyldns/)                        | [VK Cloud](https://go-acme.github.io/lego/dns/vkcloud/)                         | [Vscale](https://go-acme.github.io/lego/dns/vscale/)                            |
+| [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/)                 | [VinylDNS](https://go-acme.github.io/lego/dns/vinyldns/)                        | [VK Cloud](https://go-acme.github.io/lego/dns/vkcloud/)                         | [Volcano Engine/火山引擎](https://go-acme.github.io/lego/dns/volcengine/)           |
-| [Vultr](https://go-acme.github.io/lego/dns/vultr/)                              | [Webnames](https://go-acme.github.io/lego/dns/webnames/)                        | [Websupport](https://go-acme.github.io/lego/dns/websupport/)                    | [WEDOS](https://go-acme.github.io/lego/dns/wedos/)                              |
+| [Vscale](https://go-acme.github.io/lego/dns/vscale/)                            | [Vultr](https://go-acme.github.io/lego/dns/vultr/)                              | [Webnames](https://go-acme.github.io/lego/dns/webnames/)                        | [Websupport](https://go-acme.github.io/lego/dns/websupport/)                    |
-| [Yandex 360](https://go-acme.github.io/lego/dns/yandex360/)                     | [Yandex Cloud](https://go-acme.github.io/lego/dns/yandexcloud/)                 | [Yandex PDD](https://go-acme.github.io/lego/dns/yandex/)                        | [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/)                           |
+| [WEDOS](https://go-acme.github.io/lego/dns/wedos/)                              | [Yandex 360](https://go-acme.github.io/lego/dns/yandex360/)                     | [Yandex Cloud](https://go-acme.github.io/lego/dns/yandexcloud/)                 | [Yandex PDD](https://go-acme.github.io/lego/dns/yandex/)                        |
-| [Zonomi](https://go-acme.github.io/lego/dns/zonomi/)                            |                                                                                 |                                                                                 |                                                                                 |
+| [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/)                           | [Zonomi](https://go-acme.github.io/lego/dns/zonomi/)                            |                                                                                 |                                                                                 |
 
 <!-- END DNS PROVIDERS LIST -->
 

cmd/zz_gen_cmd_dnshelp.go

@@ -139,6 +139,7 @@ func allDNSCodes() string {
 		"versio",
 		"vinyldns",
 		"vkcloud",
+		"volcengine",
 		"vscale",
 		"vultr",
 		"webnames",
@@ -2876,6 +2877,30 @@ func displayDNSHelp(w io.Writer, name string) error {
 		ew.writeln()
 		ew.writeln(`More information: https://go-acme.github.io/lego/dns/vkcloud`)
 
+	case "volcengine":
+		// generated from: providers/dns/volcengine/volcengine.toml
+		ew.writeln(`Configuration for Volcano Engine/火山引擎.`)
+		ew.writeln(`Code:	'volcengine'`)
+		ew.writeln(`Since:	'v4.19.0'`)
+		ew.writeln()
+
+		ew.writeln(`Credentials:`)
+		ew.writeln(`	- "VOLC_ACCESSKEY":	Access Key ID (AK)`)
+		ew.writeln(`	- "VOLC_SECRETKEY":	Secret Access Key (SK)`)
+		ew.writeln()
+
+		ew.writeln(`Additional Configuration:`)
+		ew.writeln(`	- "VOLC_HOST":	API host`)
+		ew.writeln(`	- "VOLC_HTTP_TIMEOUT":	API request timeout`)
+		ew.writeln(`	- "VOLC_POLLING_INTERVAL":	Time between DNS propagation check`)
+		ew.writeln(`	- "VOLC_PROPAGATION_TIMEOUT":	Maximum waiting time for DNS propagation`)
+		ew.writeln(`	- "VOLC_REGION":	Region`)
+		ew.writeln(`	- "VOLC_SCHEME":	API scheme`)
+		ew.writeln(`	- "VOLC_TTL":	The TTL of the TXT record used for the DNS challenge`)
+
+		ew.writeln()
+		ew.writeln(`More information: https://go-acme.github.io/lego/dns/volcengine`)
+
 	case "vscale":
 		// generated from: providers/dns/vscale/vscale.toml
 		ew.writeln(`Configuration for Vscale.`)

docs/content/dns/zz_gen_volcengine.md

@@ -0,0 +1,73 @@
+---
+title: "Volcano Engine/火山引擎"
+date: 2019-03-03T16:39:46+01:00
+draft: false
+slug: volcengine
+dnsprovider:
+  since:    "v4.19.0"
+  code:     "volcengine"
+  url:      "https://www.volcengine.com/"
+---
+
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
+<!-- providers/dns/volcengine/volcengine.toml -->
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
+
+
+Configuration for [Volcano Engine/火山引擎](https://www.volcengine.com/).
+
+
+<!--more-->
+
+- Code: `volcengine`
+- Since: v4.19.0
+
+
+Here is an example bash command using the Volcano Engine/火山引擎 provider:
+
+```bash
+VOLC_ACCESSKEY=xxx \
+VOLC_SECRETKEY=yyy \
+lego --email you@example.com --dns volcengine --domains "example.org" --domains "*.example.org" run
+```
+
+
+
+
+## Credentials
+
+| Environment Variable Name | Description |
+|-----------------------|-------------|
+| `VOLC_ACCESSKEY` | Access Key ID (AK) |
+| `VOLC_SECRETKEY` | Secret Access Key (SK) |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here]({{% ref "dns#configuration-and-credentials" %}}).
+
+
+## Additional Configuration
+
+| Environment Variable Name | Description |
+|--------------------------------|-------------|
+| `VOLC_HOST` | API host |
+| `VOLC_HTTP_TIMEOUT` | API request timeout |
+| `VOLC_POLLING_INTERVAL` | Time between DNS propagation check |
+| `VOLC_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
+| `VOLC_REGION` | Region |
+| `VOLC_SCHEME` | API scheme |
+| `VOLC_TTL` | The TTL of the TXT record used for the DNS challenge |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here]({{% ref "dns#configuration-and-credentials" %}}).
+
+
+
+
+## More information
+
+- [API documentation](https://www.volcengine.com/docs/6758/155086)
+- [Go client](https://github.com/volcengine/volc-sdk-golang)
+
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
+<!-- providers/dns/volcengine/volcengine.toml -->
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

docs/data/zz_cli_help.toml

@@ -141,7 +141,7 @@ To display the documentation for a specific DNS provider, run:
   $ lego dnshelp -c code
 
 Supported DNS providers:
-  acme-dns, alidns, allinkl, arvancloud, auroradns, autodns, azure, azuredns, bindman, bluecat, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, conoha, constellix, cpanel, derak, desec, designate, digitalocean, directadmin, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dynu, easydns, edgedns, efficientip, epik, exec, exoscale, freemyip, gandi, gandiv5, gcloud, gcore, glesys, godaddy, googledomains, hetzner, hostingde, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ipv64, iwantmyname, joker, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manual, metaname, mijnhost, mittwald, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, nearlyfreespeech, netcup, netlify, nicmanager, nifcloud, njalla, nodion, ns1, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rcodezero, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, stackpath, tencentcloud, transip, ultradns, variomedia, vegadns, vercel, versio, vinyldns, vkcloud, vscale, vultr, webnames, websupport, wedos, yandex, yandex360, yandexcloud, zoneee, zonomi
+  acme-dns, alidns, allinkl, arvancloud, auroradns, autodns, azure, azuredns, bindman, bluecat, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, conoha, constellix, cpanel, derak, desec, designate, digitalocean, directadmin, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dynu, easydns, edgedns, efficientip, epik, exec, exoscale, freemyip, gandi, gandiv5, gcloud, gcore, glesys, godaddy, googledomains, hetzner, hostingde, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ipv64, iwantmyname, joker, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manual, metaname, mijnhost, mittwald, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, nearlyfreespeech, netcup, netlify, nicmanager, nifcloud, njalla, nodion, ns1, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rcodezero, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, stackpath, tencentcloud, transip, ultradns, variomedia, vegadns, vercel, versio, vinyldns, vkcloud, volcengine, vscale, vultr, webnames, websupport, wedos, yandex, yandex360, yandexcloud, zoneee, zonomi
 
 More information: https://go-acme.github.io/lego/dns
 """

go.mod

@@ -74,6 +74,7 @@ require (
 	github.com/ultradns/ultradns-go-sdk v1.7.0-20240913052650-970ca9a
 	github.com/urfave/cli/v2 v2.27.4
 	github.com/vinyldns/go-vinyldns v0.9.16
+	github.com/volcengine/volc-sdk-golang v1.0.177
 	github.com/vultr/govultr/v3 v3.9.1
 	github.com/yandex-cloud/go-genproto v0.0.0-20240911120709-1fa0cb6f47c2
 	github.com/yandex-cloud/go-sdk v0.0.0-20240911121212-e4e74d0d02f5

providers/dns/dns_providers.go

@@ -131,6 +131,7 @@ import (
 	"github.com/go-acme/lego/v4/providers/dns/versio"
 	"github.com/go-acme/lego/v4/providers/dns/vinyldns"
 	"github.com/go-acme/lego/v4/providers/dns/vkcloud"
+	"github.com/go-acme/lego/v4/providers/dns/volcengine"
 	"github.com/go-acme/lego/v4/providers/dns/vscale"
 	"github.com/go-acme/lego/v4/providers/dns/vultr"
 	"github.com/go-acme/lego/v4/providers/dns/webnames"
@@ -400,6 +401,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) {
 		return vinyldns.NewDNSProvider()
 	case "vkcloud":
 		return vkcloud.NewDNSProvider()
+	case "volcengine":
+		return volcengine.NewDNSProvider()
 	case "vscale":
 		return vscale.NewDNSProvider()
 	case "vultr":

providers/dns/volcengine/volcengine.go

@@ -0,0 +1,242 @@
+// Package volcengine implements a DNS provider for solving the DNS-01 challenge using Volcano Engine.
+package volcengine
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net/http"
+	"sync"
+	"time"
+
+	"github.com/go-acme/lego/v4/challenge/dns01"
+	"github.com/go-acme/lego/v4/platform/config/env"
+	"github.com/miekg/dns"
+	"github.com/volcengine/volc-sdk-golang/base"
+	volc "github.com/volcengine/volc-sdk-golang/service/dns"
+)
+
+// Environment variables names.
+const (
+	envNamespace = "VOLC_"
+
+	EnvAccessKey = envNamespace + "ACCESSKEY"
+	EnvSecretKey = envNamespace + "SECRETKEY"
+
+	EnvRegion = envNamespace + "REGION"
+	EnvHost   = envNamespace + "HOST"
+	EnvScheme = envNamespace + "SCHEME"
+
+	EnvTTL                = envNamespace + "TTL"
+	EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
+	EnvPollingInterval    = envNamespace + "POLLING_INTERVAL"
+	EnvHTTPTimeout        = envNamespace + "HTTP_TIMEOUT"
+)
+
+// https://www.volcengine.com/docs/6758/170354
+const defaultTTL = 600
+
+// Config is used to configure the creation of the DNSProvider.
+type Config struct {
+	AccessKey string
+	SecretKey string
+
+	Region string
+	Host   string
+	Scheme string
+
+	PropagationTimeout time.Duration
+	PollingInterval    time.Duration
+	TTL                int
+	HTTPTimeout        time.Duration
+}
+
+// NewDefaultConfig returns a default configuration for the DNSProvider.
+func NewDefaultConfig() *Config {
+	return &Config{
+		TTL:                env.GetOrDefaultInt(EnvTTL, defaultTTL),
+		PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 240*time.Second),
+		PollingInterval:    env.GetOrDefaultSecond(EnvPollingInterval, 10*time.Second),
+		HTTPTimeout:        env.GetOrDefaultSecond(EnvHTTPTimeout, volc.Timeout*time.Second),
+	}
+}
+
+// DNSProvider implements the challenge.Provider interface.
+type DNSProvider struct {
+	client *volc.Client
+	config *Config
+
+	recordIDs   map[string]*string
+	recordIDsMu sync.Mutex
+}
+
+// NewDNSProvider returns a DNSProvider instance configured for Volcano Engine.
+// Credentials must be passed in the environment variable: VOLC_ACCESSKEY, VOLC_SECRETKEY.
+func NewDNSProvider() (*DNSProvider, error) {
+	values, err := env.Get(EnvAccessKey, EnvSecretKey)
+	if err != nil {
+		return nil, fmt.Errorf("volcengine: %w", err)
+	}
+
+	config := NewDefaultConfig()
+	config.AccessKey = values[EnvAccessKey]
+	config.SecretKey = values[EnvSecretKey]
+	config.Scheme = env.GetOrDefaultString(EnvScheme, "https")
+	config.Host = env.GetOrDefaultString(EnvHost, "open.volcengineapi.com")
+	config.Region = env.GetOrDefaultString(EnvRegion, volc.DefaultRegion)
+
+	return NewDNSProviderConfig(config)
+}
+
+// NewDNSProviderConfig return a DNSProvider instance configured for Volcano Engine.
+func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
+	if config == nil {
+		return nil, errors.New("volcengine: the configuration of the DNS provider is nil")
+	}
+
+	if config.AccessKey == "" || config.SecretKey == "" {
+		return nil, errors.New("volcengine: missing credentials")
+	}
+
+	return &DNSProvider{
+		config:    config,
+		client:    newClient(config),
+		recordIDs: make(map[string]*string),
+	}, nil
+}
+
+// Timeout returns the timeout and interval to use when checking for DNS propagation.
+// Adjusting here to cope with spikes in propagation times.
+func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
+	return d.config.PropagationTimeout, d.config.PollingInterval
+}
+
+// Present creates a TXT record to fulfill the dns-01 challenge.
+func (d *DNSProvider) Present(domain, token, keyAuth string) error {
+	ctx := context.Background()
+
+	info := dns01.GetChallengeInfo(domain, keyAuth)
+
+	zone, err := d.getZone(ctx, info.EffectiveFQDN)
+	if err != nil {
+		return fmt.Errorf("volcengine: get zone ID: %w", err)
+	}
+
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, deref(zone.ZoneName))
+	if err != nil {
+		return fmt.Errorf("volcengine: %w", err)
+	}
+
+	crr := &volc.CreateRecordRequest{
+		Host:  pointer(subDomain),
+		TTL:   pointer(int64(d.config.TTL)),
+		Type:  pointer("TXT"),
+		Value: pointer(info.Value),
+		ZID:   zone.ZID,
+	}
+
+	record, err := d.client.CreateRecord(ctx, crr)
+	if err != nil {
+		return fmt.Errorf("volcengine: create record: %w", err)
+	}
+
+	d.recordIDsMu.Lock()
+	d.recordIDs[token] = record.RecordID
+	d.recordIDsMu.Unlock()
+
+	return nil
+}
+
+// CleanUp removes the TXT record matching the specified parameters.
+func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
+	info := dns01.GetChallengeInfo(domain, keyAuth)
+
+	// gets the record's unique ID
+	d.recordIDsMu.Lock()
+	recordID, ok := d.recordIDs[token]
+	d.recordIDsMu.Unlock()
+	if !ok {
+		return fmt.Errorf("volcengine: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
+	}
+
+	drr := &volc.DeleteRecordRequest{RecordID: recordID}
+
+	err := d.client.DeleteRecord(context.Background(), drr)
+	if err != nil {
+		return fmt.Errorf("volcengine: delete record: %w", err)
+	}
+
+	return nil
+}
+
+func (d *DNSProvider) getZone(ctx context.Context, fqdn string) (volc.TopZoneResponse, error) {
+	for _, index := range dns.Split(fqdn) {
+		domain := fqdn[index:]
+
+		lzr := &volc.ListZonesRequest{
+			Key:        pointer(dns01.UnFqdn(domain)),
+			SearchMode: pointer("exact"),
+		}
+
+		zones, err := d.client.ListZones(ctx, lzr)
+		if err != nil {
+			return volc.TopZoneResponse{}, fmt.Errorf("list zones: %w", err)
+		}
+
+		total := deref(zones.Total)
+
+		if total == 0 || len(zones.Zones) == 0 {
+			continue
+		}
+
+		if total > 1 {
+			return volc.TopZoneResponse{}, fmt.Errorf("too many zone for %s", domain)
+		}
+
+		return zones.Zones[0], nil
+	}
+
+	return volc.TopZoneResponse{}, fmt.Errorf("zone no found for fqdn: %s", fqdn)
+}
+
+// https://github.com/volcengine/volc-sdk-golang/tree/main/service/dns
+// https://github.com/volcengine/volc-sdk-golang/blob/main/example/dns/demo_dns_test.go
+func newClient(config *Config) *volc.Client {
+	// https://github.com/volcengine/volc-sdk-golang/blob/fae992a31d02754e271c322095413d374ea4ea1b/service/dns/config.go#L20-L35
+	serviceInfo := &base.ServiceInfo{
+		Timeout: config.HTTPTimeout,
+		Host:    config.Host,
+		Header:  http.Header{"Accept": []string{"application/json"}},
+		Scheme:  config.Scheme,
+		Credentials: base.Credentials{
+			Service:         volc.ServiceName,
+			Region:          config.Region,
+			AccessKeyID:     config.AccessKey,
+			SecretAccessKey: config.SecretKey,
+		},
+	}
+
+	// https://github.com/volcengine/volc-sdk-golang/blob/fae992a31d02754e271c322095413d374ea4ea1b/service/dns/caller.go#L17-L19
+	client := base.NewClient(serviceInfo, nil)
+
+	// https://github.com/volcengine/volc-sdk-golang/blob/fae992a31d02754e271c322095413d374ea4ea1b/service/dns/caller.go#L25-L34
+	caller := &volc.VolcCaller{Volc: client}
+	caller.Volc.SetAccessKey(serviceInfo.Credentials.AccessKeyID)
+	caller.Volc.SetSecretKey(serviceInfo.Credentials.SecretAccessKey)
+	caller.Volc.SetHost(serviceInfo.Host)
+	caller.Volc.SetScheme(serviceInfo.Scheme)
+	caller.Volc.SetTimeout(serviceInfo.Timeout)
+
+	return volc.NewClient(caller)
+}
+
+func pointer[T any](v T) *T { return &v }
+
+func deref[T any](v *T) T {
+	if v == nil {
+		var zero T
+		return zero
+	}
+
+	return *v
+}

providers/dns/volcengine/volcengine.toml

@@ -0,0 +1,28 @@
+Name = "Volcano Engine/火山引擎"
+Description = ''''''
+URL = "https://www.volcengine.com/"
+Code = "volcengine"
+Since = "v4.19.0"
+
+Example = '''
+VOLC_ACCESSKEY=xxx \
+VOLC_SECRETKEY=yyy \
+lego --email you@example.com --dns volcengine --domains "example.org" --domains "*.example.org" run
+'''
+
+[Configuration]
+  [Configuration.Credentials]
+    VOLC_ACCESSKEY = "Access Key ID (AK)"
+    VOLC_SECRETKEY = "Secret Access Key (SK)"
+  [Configuration.Additional]
+    VOLC_REGION = "Region"
+    VOLC_HOST = "API host"
+    VOLC_SCHEME = "API scheme"
+    VOLC_POLLING_INTERVAL = "Time between DNS propagation check"
+    VOLC_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
+    VOLC_TTL = "The TTL of the TXT record used for the DNS challenge"
+    VOLC_HTTP_TIMEOUT = "API request timeout"
+
+[Links]
+  API = "https://www.volcengine.com/docs/6758/155086"
+  GoClient = "https://github.com/volcengine/volc-sdk-golang"

providers/dns/volcengine/volcengine_test.go

@@ -0,0 +1,148 @@
+package volcengine
+
+import (
+	"testing"
+	"time"
+
+	"github.com/go-acme/lego/v4/platform/tester"
+	"github.com/stretchr/testify/require"
+)
+
+const envDomain = envNamespace + "DOMAIN"
+
+var envTest = tester.NewEnvTest(
+	EnvAccessKey,
+	EnvSecretKey,
+	EnvRegion,
+	EnvHost,
+	EnvScheme).
+	WithDomain(envDomain)
+
+func TestNewDNSProvider(t *testing.T) {
+	testCases := []struct {
+		desc     string
+		envVars  map[string]string
+		expected string
+	}{
+		{
+			desc: "success",
+			envVars: map[string]string{
+				EnvAccessKey: "access",
+				EnvSecretKey: "secret",
+			},
+		},
+		{
+			desc: "missing access key",
+			envVars: map[string]string{
+				EnvSecretKey: "secret",
+			},
+			expected: "volcengine: some credentials information are missing: VOLC_ACCESSKEY",
+		},
+		{
+			desc: "missing secret key",
+			envVars: map[string]string{
+				EnvAccessKey: "access",
+			},
+			expected: "volcengine: some credentials information are missing: VOLC_SECRETKEY",
+		},
+		{
+			desc:     "missing credentials",
+			envVars:  map[string]string{},
+			expected: "volcengine: some credentials information are missing: VOLC_ACCESSKEY,VOLC_SECRETKEY",
+		},
+	}
+
+	for _, test := range testCases {
+		t.Run(test.desc, func(t *testing.T) {
+			defer envTest.RestoreEnv()
+			envTest.ClearEnv()
+
+			envTest.Apply(test.envVars)
+
+			p, err := NewDNSProvider()
+
+			if test.expected == "" {
+				require.NoError(t, err)
+				require.NotNil(t, p)
+				require.NotNil(t, p.config)
+			} else {
+				require.EqualError(t, err, test.expected)
+			}
+		})
+	}
+}
+
+func TestNewDNSProviderConfig(t *testing.T) {
+	testCases := []struct {
+		desc      string
+		expected  string
+		accessKey string
+		secretKey string
+	}{
+		{
+			desc:      "success",
+			accessKey: "access",
+			secretKey: "secret",
+		},
+		{
+			desc:      "missing access key",
+			secretKey: "secret",
+			expected:  "volcengine: missing credentials",
+		},
+		{
+			desc:      "missing secret key",
+			accessKey: "access",
+			expected:  "volcengine: missing credentials",
+		},
+		{
+			desc:     "missing credentials",
+			expected: "volcengine: missing credentials",
+		},
+	}
+
+	for _, test := range testCases {
+		t.Run(test.desc, func(t *testing.T) {
+			config := NewDefaultConfig()
+			config.AccessKey = test.accessKey
+			config.SecretKey = test.secretKey
+
+			p, err := NewDNSProviderConfig(config)
+
+			if test.expected == "" {
+				require.NoError(t, err)
+				require.NotNil(t, p)
+				require.NotNil(t, p.config)
+			} else {
+				require.EqualError(t, err, test.expected)
+			}
+		})
+	}
+}
+
+func TestLivePresent(t *testing.T) {
+	if !envTest.IsLiveTest() {
+		t.Skip("skipping live test")
+	}
+
+	envTest.RestoreEnv()
+	provider, err := NewDNSProvider()
+	require.NoError(t, err)
+
+	err = provider.Present(envTest.GetDomain(), "", "123d==")
+	require.NoError(t, err)
+}
+
+func TestLiveCleanUp(t *testing.T) {
+	if !envTest.IsLiveTest() {
+		t.Skip("skipping live test")
+	}
+
+	envTest.RestoreEnv()
+	provider, err := NewDNSProvider()
+	require.NoError(t, err)
+
+	time.Sleep(1 * time.Second)
+
+	err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
+	require.NoError(t, err)
+}