merging latest changes from 'master' branch

.github/workflows/ci.yml

@@ -16,7 +16,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v2
       with:
-        go-version: ^1.17
+        go-version: 1.17
       id: go
 
     - name: Check out code into the Go module directory
@@ -38,7 +38,7 @@ jobs:
 
     - name: Lint
       run: |
-        curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.30.0
+        curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.45.2
         make lint
   
     - name: Test

.github/workflows/docs.yml

@@ -0,0 +1,43 @@
+name: Release Docs
+
+on:
+  push:
+    tags:
+      - "v*"
+
+jobs:
+  release_docs:
+    name: Release Docs
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-python@v2
+        with:
+          python-version: "3.10"
+          cache: "pip"
+          cache-dependency-path: "./docs/scripts/requirements.txt"
+
+      - uses: actions/setup-go@v2
+        with:
+          go-version: ^1.17
+
+      - run: |
+          pip install -r docs/scripts/requirements.txt
+
+      - name: setup
+        run: |
+          ./docs/scripts/copy_docs.sh
+          go run ./docs/scripts/docs.go
+
+      - name: Configure Git user
+        run: |
+          git config --local user.email "github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+
+      - name: build and push
+        run: |
+          mike deploy ${{ github.ref_name }} latest --push --update-aliases
+          mike set-default --push latest

.github/workflows/lint-test-chart.yaml

@@ -15,18 +15,27 @@ jobs:
         with:
           fetch-depth: 0
 
+      - name: Run Artifact Hub lint
+        shell: bash
+        run: |
+          set -euo pipefail
+          curl -Lo ah_linux_amd64.tar.gz https://github.com/artifacthub/hub/releases/download/v1.6.0/ah_1.6.0_linux_amd64.tar.gz
+          tar -xzvf ah_linux_amd64.tar.gz ah
+          ./ah lint --kind helm || exit 1
+          rm -f ./ah ./ah_linux_amd64.tar.gz
+
       - name: Set up Helm
         uses: azure/setup-helm@v1
         with:
-          version: v3.6.3
+          version: 3.*
 
       - name: Set up Python
         uses: actions/setup-python@v2
         with:
           python-version: 3.7
 
       - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.1.0
+        uses: helm/chart-testing-action@v2.2.0
 
       - name: Run chart-testing (list-changed)
         id: list-changed

.github/workflows/release-chart.yaml

@@ -17,6 +17,29 @@ jobs:
         with:
           fetch-depth: 0
 
+      - name: Get chart version
+        id: chart_version
+        shell: bash
+        run: |
+          set -euo pipefail
+          chart_version="$(grep -Po "(?<=^version: ).+" charts/external-dns/Chart.yaml)"
+          echo "::set-output name=version::${chart_version}"
+
+      - name: Get changelog entry
+        id: changelog_reader
+        uses: mindsers/changelog-reader-action@v2
+        with:
+          path: charts/external-dns/CHANGELOG.md
+          version: "v${{ steps.chart_version.outputs.version }}"
+
+      - name: Create release notes
+        shell: bash
+        run: |
+          set -euo pipefail
+          cat <<"EOF" > charts/external-dns/_release-notes.md
+          ${{ steps.changelog_reader.outputs.changes }}
+          EOF
+
       - name: Configure Git
         run: |
           git config user.name "$GITHUB_ACTOR"
@@ -28,7 +51,8 @@ jobs:
           version: v3.6.3
 
       - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.2.1
+        uses: helm/chart-releaser-action@v1.3.0
         env:
           CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
           CR_RELEASE_NAME_TEMPLATE: "external-dns-helm-chart-{{ .Version }}"
+          CR_RELEASE_NOTES_FILE: _release-notes.md

.gitignore

@@ -54,3 +54,10 @@ profile.cov
 
 # Helm charts
 !/charts/external-dns/
+
+docs/LICENSE.md
+docs/code-of-conduct.md
+docs/CONTRIBUTING.md
+docs/index.md
+docs/redirect
+site

README.md

@@ -1,13 +1,16 @@
+---
+hide:
+  - toc
+  - navigation
+---
+
 <p align="center">
-	<img src="img/external-dns.png" width="40%" align="center" alt="ExternalDNS">
+	<img src="docs/img/external-dns.png" width="40%" align="center" alt="ExternalDNS">
 </p>
 
 # ExternalDNS
-[![Build Status](https://github.com/kubernetes-sigs/external-dns/workflows/Go/badge.svg)](https://github.com/kubernetes-sigs/external-dns/actions)
-[![Coverage Status](https://coveralls.io/repos/github/kubernetes-sigs/external-dns/badge.svg)](https://coveralls.io/github/kubernetes-sigs/external-dns)
-[![GitHub release](https://img.shields.io/github/release/kubernetes-sigs/external-dns.svg)](https://github.com/kubernetes-sigs/external-dns/releases)
-[![go-doc](https://godoc.org/github.com/kubernetes-sigs/external-dns?status.svg)](https://godoc.org/github.com/kubernetes-sigs/external-dns)
-[![Go Report Card](https://goreportcard.com/badge/github.com/kubernetes-sigs/external-dns)](https://goreportcard.com/report/github.com/kubernetes-sigs/external-dns)
+
+[![Build Status](https://github.com/kubernetes-sigs/external-dns/workflows/Go/badge.svg)](https://github.com/kubernetes-sigs/external-dns/actions) [![Coverage Status](https://coveralls.io/repos/github/kubernetes-sigs/external-dns/badge.svg)](https://coveralls.io/github/kubernetes-sigs/external-dns) [![GitHub release](https://img.shields.io/github/release/kubernetes-sigs/external-dns.svg)](https://github.com/kubernetes-sigs/external-dns/releases) [![go-doc](https://godoc.org/github.com/kubernetes-sigs/external-dns?status.svg)](https://godoc.org/github.com/kubernetes-sigs/external-dns) [![Go Report Card](https://goreportcard.com/badge/github.com/kubernetes-sigs/external-dns)](https://goreportcard.com/report/github.com/kubernetes-sigs/external-dns)
 
 ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
 
@@ -23,7 +26,7 @@ To see ExternalDNS in action, have a look at this [video](https://www.youtube.co
 
 ## The Latest Release
 
-ExternalDNS' allows you to keep selected zones (via `--domain-filter`) synchronized with Ingresses and Services of `type=LoadBalancer` in various cloud providers:
+ExternalDNS allows you to keep selected zones (via `--domain-filter`) synchronized with Ingresses and Services of `type=LoadBalancer` and nodes in various cloud providers:
 * [Google Cloud DNS](https://cloud.google.com/dns/docs/)
 * [AWS Route 53](https://aws.amazon.com/route53/)
 * [AWS Cloud Map](https://docs.aws.amazon.com/cloud-map/)
@@ -77,38 +80,38 @@ We define the following stability levels for providers:
 
 The following table clarifies the current status of the providers according to the aforementioned stability levels:
 
-| Provider | Status | Maintainers |
-| -------- | ------ | ----------- |
-| Google Cloud DNS | Stable | |
-| AWS Route 53 | Stable | |
-| AWS Cloud Map | Beta | |
-| Akamai Edge DNS | Beta | |
-| AzureDNS | Beta | |
-| BlueCat | Alpha | @seanmalloy  @vinny-sabatini |
-| CloudFlare | Beta | |
-| RcodeZero | Alpha | |
-| DigitalOcean | Alpha | |
-| DNSimple | Alpha | |
-| Infoblox | Alpha | @saileshgiri |
-| Dyn | Alpha | |
-| OpenStack Designate | Alpha | |
-| PowerDNS | Alpha | |
-| CoreDNS | Alpha | |
-| Exoscale | Alpha | |
-| Oracle Cloud Infrastructure DNS | Alpha | |
-| Linode DNS | Alpha | |
-| RFC2136 | Alpha | |
-| NS1 | Alpha | |
-| TransIP | Alpha | |
-| VinylDNS | Alpha | |
-| RancherDNS | Alpha | |
-| OVH | Alpha | |
-| Scaleway DNS | Alpha | @Sh4d1 |
-| Vultr | Alpha | |
-| UltraDNS | Alpha | |
-| GoDaddy | Alpha | |
-| Gandi | Alpha | @packi |
-| SafeDNS | Alpha | @assureddt |
+| Provider                        | Status | Maintainers                  |
+| ------------------------------- | ------ | ---------------------------- |
+| Google Cloud DNS                | Stable |                              |
+| AWS Route 53                    | Stable |                              |
+| AWS Cloud Map                   | Beta   |                              |
+| Akamai Edge DNS                 | Beta   |                              |
+| AzureDNS                        | Beta   |                              |
+| BlueCat                         | Alpha  | @seanmalloy  @vinny-sabatini |
+| CloudFlare                      | Beta   |                              |
+| RcodeZero                       | Alpha  |                              |
+| DigitalOcean                    | Alpha  |                              |
+| DNSimple                        | Alpha  |                              |
+| Infoblox                        | Alpha  | @saileshgiri                 |
+| Dyn                             | Alpha  |                              |
+| OpenStack Designate             | Alpha  |                              |
+| PowerDNS                        | Alpha  |                              |
+| CoreDNS                         | Alpha  |                              |
+| Exoscale                        | Alpha  |                              |
+| Oracle Cloud Infrastructure DNS | Alpha  |                              |
+| Linode DNS                      | Alpha  |                              |
+| RFC2136                         | Alpha  |                              |
+| NS1                             | Alpha  |                              |
+| TransIP                         | Alpha  |                              |
+| VinylDNS                        | Alpha  |                              |
+| RancherDNS                      | Alpha  |                              |
+| OVH                             | Alpha  |                              |
+| Scaleway DNS                    | Alpha  | @Sh4d1                       |
+| Vultr                           | Alpha  |                              |
+| UltraDNS                        | Alpha  |                              |
+| GoDaddy                         | Alpha  |                              |
+| Gandi                           | Alpha  | @packi                       |
+| SafeDNS                         | Alpha  | @assureddt                   |
 
 ## Kubernetes version compatibility
 
@@ -174,7 +177,8 @@ The following tutorials are provided:
 * [UltraDNS](docs/tutorials/ultradns.md)
 * [GoDaddy](docs/tutorials/godaddy.md)
 * [Gandi](docs/tutorials/gandi.md)
-* [SafeDNS](docs/tutorials/safedns.md)
+* [SafeDNS](docs/tutorials/UKFast_SafeDNS.md)
+* [Nodes as source](docs/tutorials/nodes.md)
 
 ### Running Locally
 

charts/external-dns/CHANGELOG.md

@@ -0,0 +1,30 @@
+# ExternalDNS Helm Chart Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+---
+
+<!-- ## [UNRELEASED]
+### Added
+### Changed
+### Deprecated
+### Removed -->
+
+## [v1.9.0] - UNRELEASED
+
+### Changed
+
+- Update _ExternalDNS_ version to [v0.11.0](https://github.com/kubernetes-sigs/external-dns/releases/tag/v0.11.0).
+
+## [v1.8.0] - UNRELEASED
+
+### Added
+
+- Add annotations to Deployment. [#2477](https://github.com/kubernetes-sigs/external-dns/pull/2477) from @beastob
+
+### Changed
+
+- Fix RBAC for `istio-virtualservice` source when `istio-gateway` isn't also added. [#2564](https://github.com/kubernetes-sigs/external-dns/pull/2564) from @mcwarman

charts/external-dns/Chart.yaml

@@ -2,12 +2,14 @@ apiVersion: v2
 name: external-dns
 description: ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
 type: application
-version: 1.7.1
-appVersion: 0.10.2
+version: 1.9.0
+appVersion: 0.11.0
 keywords:
   - kubernetes
   - external-dns
   - dns
+  - service
+  - ingress
 home: https://github.com/kubernetes-sigs/external-dns/
 icon: https://github.com/kubernetes-sigs/external-dns/raw/master/img/external-dns.png
 sources:
@@ -17,9 +19,5 @@ maintainers:
     email: [email protected]
 annotations:
   artifacthub.io/changes: |
-    - kind: added
-      description: "Allow custom ClusterRole rules to be specified for sources without defaults."
     - kind: changed
-      description: "Update ExternalDNS version to v0.10.2."
-    - kind: changed
-      description: "Set ClusterRole rules based more enabled sources."
+      description: "Update ExternalDNS version to v0.11.0"

charts/external-dns/README.md

@@ -13,7 +13,7 @@ helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
 After you've installed the repo you can install the chart.
 
 ```shell
-helm upgrade --install external-dns/external-dns
+helm upgrade --install external-dns external-dns/external-dns
 ```
 
 ## Configuration
@@ -37,6 +37,7 @@ The following table lists the configurable parameters of the _ExternalDNS_ chart
 | `podLabels`                       | Labels to add to the pod.                                                                                                                                                                                                                                                                                             | `{}`                                   |
 | `podAnnotations`                  | Annotations to add to the pod.                                                                                                                                                                                                                                                                                        | `{}`                                   |
 | `podSecurityContext`              | Security context for the pod, this supports the full [PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podsecuritycontext-v1-core) API.                                                                                                                                       | _see values.yaml_                      |
+| `shareProcessNamespace`           | If `true` enable [Process Namespace Sharing](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/)                                                                                                                        | `false`                      |
 | `securityContext`                 | Security context for the _external-dns_ container, this supports the full [SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#securitycontext-v1-core) API.                                                                                                                        | _see values.yaml_                      |
 | `priorityClassName`               | Priority class name to use for the pod.                                                                                                                                                                                                                                                                               | `""`                                   |
 | `terminationGracePeriodSeconds`   | Termination grace period for the pod.                                                                                                                                                                                                                                                                                 | `null`                                 |

charts/external-dns/templates/deployment.yaml

@@ -30,6 +30,9 @@ spec:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       serviceAccountName: {{ include "external-dns.serviceAccountName" . }}
+      {{- with .Values.shareProcessNamespace }}
+      shareProcessNamespace: {{ . }}
+      {{- end }}
       {{- with .Values.podSecurityContext }}
       securityContext:
         {{- toYaml . | nindent 8 }}

charts/external-dns/values.yaml

@@ -34,6 +34,8 @@ podLabels: {}
 # Annotations to add to the Pod
 podAnnotations: {}
 
+shareProcessNamespace: false
+
 podSecurityContext:
   fsGroup: 65534
 

docs/contributing/chart.md

@@ -3,3 +3,5 @@
 ## Chart Changes
 
 When contributing chart changes please follow the same process as when contributing other content but also please **DON'T** modify _Chart.yaml_ in the PR as this would result in a chart release when merged and will mean that your PR will need modifying before it can be accepted. The chart version will be updated as part of the PR to release the chart.
+
+Please **DO** add your changes to the _CHANGELOG.md_ file in the chart directory under the `## [UNRELEASED]` section, if there isn't an uncommented `## [UNRELEASED]` section please copy the commented out template and use that.

docs/proposal/registry.md

@@ -32,8 +32,7 @@ The following presents two ways to implement the registry, and we are planning t
 
 This implementation idea is borrowed from [Mate](https://github.com/linki/mate/)
 
-Each record created by external-dns is accompanied by the TXT record, which internally stores the external-dns identifier. For example, if external dns with `owner-id="external-dns-1"` record to be created with dns name `foo.zone.org`, external-dns will create a TXT record with the same dns name `foo.zone.org` and injected value of `"external-dns-1"`. The transfer of ownership can be done by modifying the value of the TXT record.  If no TXT record exists for the record or the value does not match its own `owner-id`, then external-dns will simply ignore it.
-
+Each record created by external-dns is accompanied by the TXT record, which internally stores the external-dns identifier. For example, if external dns with `owner-id="external-dns-1"` record to be created with dns name `foo.zone.org`, external-dns will create a TXT record with the same dns name `<record_type>-foo.zone.org` and injected value of `"external-dns-1"`. The transfer of ownership can be done by modifying the value of the TXT record.  If no TXT record exists for the record or the value does not match its own `owner-id`, then external-dns will simply ignore it.
 
 #### Goods
 1. Easy to guarantee cross-cluster ownership safety

docs/registry.md

@@ -0,0 +1,14 @@
+### TXT Registry migration to a new format ###
+
+In order to support more record types and be able to track ownership without TXT record name clash, a new TXT record is introduced.
+It contains record type it manages, e.g.:
+* A record foo.example.com will be tracked with classic foo.example.com TXT record
+* At the same time a new TXT record will be created a-foo.example.com
+
+Prefix and suffix are extended with %{record_type} template where the user can control how prefixed/suffixed records should look like.
+
+In order to maintain compatibility, both records will be maintained for some time, in order to have downgrade possibility.
+
+Later on, the old format will be dropped and only the new format will be kept (<record_type>-<endpoint_name>).
+
+Cleanup will be done by controller itself.

docs/scripts/copy_docs.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -eo pipefail
+
+cp CONTRIBUTING.md code-of-conduct.md ./docs/
+
+cp LICENSE ./docs/LICENSE.md
+
+cp README.md ./docs/index.md