Add support for huaweicloud dns (#3010)

Signed-off-by: huihuimoe <[email protected]> Co-authored-by: Tom Limoncelli <[email protected]>
StackExchange · Jun 17, 2024 · ce07c76 · ce07c76
1 parent d55474c
commit ce07c76
Show file tree

Hide file tree

Showing 16 changed files with 714 additions and 2 deletions.
diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml
@@ -88,7 +88,7 @@ jobs:
         Write-Host "Integration test providers: $Providers"
         echo "integration_test_providers=$(ConvertTo-Json -InputObject $Providers -Compress)" >> $env:GITHUB_OUTPUT
       env:
-        PROVIDERS: "['AZURE_DNS','BIND','BUNNY_DNS','CLOUDFLAREAPI','CLOUDNS','DIGITALOCEAN','GANDI_V5','GCLOUD','HEDNS','HEXONET','INWX','NAMEDOTCOM','NS1','POWERDNS','ROUTE53','TRANSIP']"
+        PROVIDERS: "['AZURE_DNS','BIND','BUNNY_DNS','CLOUDFLAREAPI','CLOUDNS','DIGITALOCEAN','GANDI_V5','GCLOUD','HEDNS','HEXONET','HUAWEICLOUD','INWX','NAMEDOTCOM','NS1','POWERDNS','ROUTE53','TRANSIP']"
         ENV_CONTEXT: ${{ toJson(env) }}
         VARS_CONTEXT: ${{ toJson(vars) }}
         SECRETS_CONTEXT: ${{ toJson(secrets) }}

diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -39,7 +39,7 @@ changelog:
       regexp: "(?i)^.*(major|new provider|feature)[(\\w)]*:+.*$"
       order: 1
     - title: 'Provider-specific changes:'
-      regexp: "(?i)((akamaiedge|autodns|axfrd|azure|azure_private_dns|bind|bunnydns|cloudflare|cloudflareapi_old|cloudns|cscglobal|desec|digitalocean|dnsimple|dnsmadeeasy|doh|domainnameshop|dynadot|easyname|exoscale|gandi|gcloud|gcore|hedns|hetzner|hexonet|hostingde|inwx|linode|loopia|luadns|msdns|mythicbeasts|namecheap|namedotcom|netcup|netlify|ns1|opensrs|oracle|ovh|packetframe|porkbun|powerdns|realtimeregister|route53|rwth|softlayer|transip|vultr).*:)+.*"
+      regexp: "(?i)((akamaiedge|autodns|axfrd|azure|azure_private_dns|bind|bunnydns|cloudflare|cloudflareapi_old|cloudns|cscglobal|desec|digitalocean|dnsimple|dnsmadeeasy|doh|domainnameshop|dynadot|easyname|exoscale|gandi|gcloud|gcore|hedns|hetzner|hexonet|hostingde|huaweicloud|inwx|linode|loopia|luadns|msdns|mythicbeasts|namecheap|namedotcom|netcup|netlify|ns1|opensrs|oracle|ovh|packetframe|porkbun|powerdns|realtimeregister|route53|rwth|softlayer|transip|vultr).*:)+.*"
       order: 2
     - title: 'Documentation:'
       regexp: "(?i)^.*(docs)[(\\w)]*:+.*$"

diff --git a/OWNERS b/OWNERS
@@ -24,6 +24,7 @@ providers/hedns @rblenkinsopp
 providers/hetzner @das7pad
 providers/hexonet @KaiSchwarz-cnic
 providers/hostingde @juliusrickert
+providers/huaweicloud @huihuimoe
 providers/internetbs @pragmaton
 providers/inwx @patschi
 providers/linode @koesie10

diff --git a/README.md b/README.md
@@ -38,6 +38,7 @@ Currently supported DNS providers:
 - Hetzner
 - HEXONET
 - hosting.de
+- Huawei Cloud DNS
 - Hurricane Electric DNS
 - INWX
 - Linode

diff --git a/documentation/SUMMARY.md b/documentation/SUMMARY.md
@@ -127,6 +127,7 @@
 * [Hetzner DNS Console](provider/hetzner.md)
 * [HEXONET](provider/hexonet.md)
 * [hosting.de](provider/hostingde.md)
+* [Huawei Cloud DNS](provider/huaweicloud.md)
 * [Hurricane Electric DNS](provider/hedns.md)
 * [Internet.bs](provider/internetbs.md)
 * [INWX](provider/inwx.md)

diff --git a/documentation/provider/huaweicloud.md b/documentation/provider/huaweicloud.md
@@ -0,0 +1,77 @@
+## Configuration
+
+
+This provider is for the [Huawei Cloud DNS](https://www.huaweicloud.com/intl/en-us/product/dns.html)(Public DNS).  To use this provider, add an entry to `creds.json` with `TYPE` set to `HUAWEICLOUD`.
+along with the API credentials.
+
+Example:
+
+{% code title="creds.json" %}
+```json
+{
+  "huaweicloud": {
+    "TYPE": "HUAWEICLOUD",
+    "KeyId": "YOUR_ACCESS_KEY_ID",
+    "SecretKey": "YOUR_SECRET_ACCESS_KEY",
+    "Region": "YOUR_SERVICE_REGION"
+  }
+}
+```
+{% endcode %}
+
+## Metadata
+This provider does not recognize any special metadata fields unique to Huawei Cloud DNS.
+
+## Usage
+An example configuration:
+
+{% code title="dnsconfig.js" %}
+```javascript
+var REG_NONE = NewRegistrar("none");
+var DSP_HWCLOUD = NewDnsProvider("huaweicloud");
+
+D("example.com", REG_NONE, DnsProvider(DSP_HWCLOUD),
+    A("test", "1.2.3.4"),
+END);
+```
+{% endcode %}
+
+## Activation
+DNSControl depends on a standard [IAM User](https://support.huaweicloud.com/intl/en-us/usermanual-iam/iam_02_0003.html) with permission to list, create and update hosted zones.
+
+The `DNS FullAccess` policy will also work, but that provides access to many other areas and violates the "principle of least privilege".
+
+The minimum permissions required are as follows:
+
+```json
+{
+    "Version": "1.1",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "dns:recordset:delete",
+                "dns:recordset:create",
+                "dns:zone:create",
+                "dns:recordset:get",
+                "dns:nameserver:getZoneNameServer",
+                "dns:zone:list",
+                "dns:recordset:update",
+                "dns:recordset:list",
+                "dns:zone:get"
+            ]
+        }
+    ]
+}
+```
+
+To determine the `Region` parameter, refer to the [endpoint page of huaweicloud](https://developer.huaweicloud.com/intl/en-us/endpoint?DNS). For example, on the international site, the `Region` name `ap-southeast-1` is known to work.
+
+If that doesn't work, log into Huaweicloud's website and open the [API Explorer](https://console-intl.huaweicloud.com/apiexplorer/#/openapi/DNS/debug?api=ListPublicZones), find the `ListPublicZones` API, select a different Region and click Debug to try and find your Region.
+
+## New domains
+If a domain does not exist in your Huawei Cloud account, DNSControl will automatically add it with the `push` command.
+
+## GeoDNS
+Managing GeoDNS RRSet on Huawei Cloud (also called **Line** in Huawei Cloud DNS) is not supported in DNSControl.
+If your Zone needs to use GeoDNS, please create it manually in the console and use [IGNORE](../language-reference/domain-modifiers/IGNORE.md) modifiers in DNSControl to prevent changing it.
diff --git a/documentation/providers.md b/documentation/providers.md
@@ -40,6 +40,7 @@ If a feature is definitively not supported for whatever reason, we would also li
 | [`HETZNER`](provider/hetzner.md) | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❔ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❔ | ✅ | ✅ | ❔ | ❔ | ❔ | ✅ | ✅ | ✅ |
 | [`HEXONET`](provider/hexonet.md) | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ❔ | ❔ | ❔ | ❔ | ✅ | ❔ | ✅ | ❔ | ❔ | ✅ | ❔ | ❔ | ❔ | ❔ | ✅ | ✅ | ❔ |
 | [`HOSTINGDE`](provider/hostingde.md) | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❔ | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ | ❔ | ✅ | ✅ | ❔ | ❔ | ❔ | ✅ | ✅ | ✅ |
+| [`HUAWEICLOUD`](provider/huaweicloud.md) | ❌ | ✅ | ❌ | ❔ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❔ | ❔ | ❔ | ✅ | ✅ | ✅ |
 | [`INTERNETBS`](provider/internetbs.md) | ❌ | ❌ | ✅ | ❌ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❌ | ❔ |
 | [`INWX`](provider/inwx.md) | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ❔ | ✅ | ❔ | ✅ | ✅ | ❔ | ✅ | ✅ | ✅ | ✅ | ❔ | ❔ | ❔ | ❔ | ✅ | ✅ | ✅ |
 | [`LINODE`](provider/linode.md) | ❌ | ✅ | ❌ | ❌ | ❔ | ✅ | ❔ | ❔ | ❌ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❌ | ❌ | ✅ |
@@ -130,6 +131,7 @@ Providers in this category and their maintainers are:
 |[`HETZNER`](provider/hetzner.md)|@das7pad|
 |[`HEXONET`](provider/hexonet.md)|@KaiSchwarz-cnic|
 |[`HOSTINGDE`](provider/hostingde.md)|@membero|
+|[`HUAWEICLOUD`](provider/huaweicloud.md)|@huihuimoe|
 |[`INTERNETBS`](provider/internetbs.md)|@pragmaton|
 |[`INWX`](provider/inwx.md)|@patschi|
 |[`LINODE`](provider/linode.md)|@koesie10|

diff --git a/go.mod b/go.mod
@@ -65,6 +65,7 @@ require (
 	github.com/fbiville/markdown-table-formatter v0.3.0
 	github.com/google/go-cmp v0.6.0
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
+	github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.100
 	github.com/juju/errors v1.0.0
 	github.com/kylelemons/godebug v1.1.0
 	github.com/mattn/go-isatty v0.0.20
@@ -125,10 +126,13 @@ require (
 	github.com/hashicorp/go-sockaddr v1.0.2 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
 	github.com/peterhellberg/link v1.1.0 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
@@ -141,7 +145,9 @@ require (
 	github.com/smartystreets/assertions v1.2.0 // indirect
 	github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
+	github.com/tjfoc/gmsm v1.4.1 // indirect
 	github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 // indirect
+	go.mongodb.org/mongo-driver v1.12.0 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
 	go.opentelemetry.io/otel v1.24.0 // indirect