Skip to content
This repository has been archived by the owner on Dec 19, 2023. It is now read-only.

feat: add support for setting DNS Sec #439

Merged
merged 1 commit into from Dec 21, 2020
Merged

feat: add support for setting DNS Sec #439

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions samples/test/dns.test.js
View file
Open in desktop
Expand Up @@ -30,6 +30,9 @@ describe(__filename, () => {
const projectId = await dns.getProjectId();
await dns.createZone(zoneName, {
dnsName: `${projectId}.appspot.com.`,
dnssecConfig: {
state: 'on',
},
});
});

Expand Down
33 changes: 33 additions & 0 deletions src/index.ts
View file
Open in desktop
Expand Up @@ -55,6 +55,39 @@ export interface CreateZoneRequest {
dnsName: string;
description?: string;
name?: string;
dnssecConfig?: ManagedZoneDnsSecConfig;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The API already excepted this field, but we weren't setting it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, there are many fields this thing accepts that we're not currently exposing. For now, this one gets us out of overground jail though.

}

export interface ManagedZoneDnsSecConfig {
/**
* Specifies parameters for generating initial DnsKeys for this ManagedZone. Can only be changed while the state is OFF.
*/
defaultKeySpecs?: DnsKeySpec[];
kind?: string | null;
/**
* Specifies the mechanism for authenticated denial-of-existence responses. Can only be changed while the state is OFF.
*/
nonExistence?: string | null;
/**
* Specifies whether DNSSEC is enabled, and what mode it is in.
*/
state?: 'on' | 'off' | null;
}

export interface DnsKeySpec {
/**
* String mnemonic specifying the DNSSEC algorithm of this key.
*/
algorithm?: string | null;
/**
* Length of the keys in bits.
*/
keyLength?: number | null;
/**
* Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, will only be used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and will be used to sign all other types of resource record sets.
*/
keyType?: string | null;
kind?: string | null;
}

export type CreateZoneResponse = [Zone, Metadata];
Expand Down
29 changes: 26 additions & 3 deletions system-test/dns.ts
View file
Open in desktop
Expand Up @@ -115,9 +115,26 @@ describe('dns', () => {
};

before(async () => {
// Clean up any leaked resources
const [zones] = await dns.getZones();
await Promise.all(zones.map(zone => zone.delete({force: true})));
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bcoe this is kind of funny. If two test suites happened to be running at the same time, there's no way this was going to work 馃槅

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch 馃憤

await ZONE.create({dnsName: DNS_DOMAIN});
await Promise.all(
zones.map(async zone => {
const hoursOld =
(Date.now() - new Date(zone.metadata.creationTime).getTime()) /
1000 /
60 /
60;
if (hoursOld > 1) {
await zone.delete({force: true});
}
})
);
await ZONE.create({
dnsName: DNS_DOMAIN,
dnssecConfig: {
state: 'on',
},
});
});

after(done => {
Expand Down Expand Up @@ -306,7 +323,12 @@ describe('dns', () => {
it('should replace records', async () => {
const name = 'test-zone-' + uuid.v4().substr(0, 18);
// Do this in a new zone so no existing records are affected.
const [zone] = await dns.createZone(name, {dnsName: DNS_DOMAIN});
const [zone] = await dns.createZone(name, {
dnsName: DNS_DOMAIN,
dnssecConfig: {
state: 'on',
},
});
const [originalRecords] = await zone.getRecords('ns');
const originalData = originalRecords[0].data;
const newRecord = zone.record('ns', {
Expand All @@ -319,6 +341,7 @@ describe('dns', () => {
const added = change.metadata.additions[0].rrdatas;
assert.deepStrictEqual(deleted, originalData);
assert.deepStrictEqual(added, newRecord.data);
await zone.delete({force: true});
});
});
});
3 changes: 1 addition & 2 deletions test/change.ts
View file
Open in desktop
Expand Up @@ -21,8 +21,6 @@ import * as promisify from '@google-cloud/promisify';
import * as assert from 'assert';
import {describe, it, before, beforeEach} from 'mocha';
import * as proxyquire from 'proxyquire';

// eslint-disable-next-line @typescript-eslint/no-unused-vars
import {Change} from '../src/change';

let promisified = false;
Expand Down Expand Up @@ -73,6 +71,7 @@ describe('Change', () => {
it('should inherit from ServiceObject', () => {
assert(change instanceof ServiceObject);

// eslint-disable-next-line @typescript-eslint/no-explicit-any
const calledWith = (change as any).calledWith_[0];

assert.strictEqual(calledWith.parent, ZONE);
Expand Down
1 change: 1 addition & 0 deletions test/index.ts
View file
Open in desktop
Expand Up @@ -123,6 +123,7 @@ describe('DNS', () => {
it('should inherit from Service', () => {
assert(dns instanceof Service);

// eslint-disable-next-line @typescript-eslint/no-explicit-any
const calledWith = (dns as any).calledWith_[0];

const baseUrl = 'https://dns.googleapis.com/dns/v1';
Expand Down
1 change: 1 addition & 0 deletions test/zone.ts
View file
Open in desktop
Expand Up @@ -166,6 +166,7 @@ describe('Zone', () => {
const zone = new Zone(dnsInstance, ZONE_NAME);
assert(zone instanceof ServiceObject);

// eslint-disable-next-line @typescript-eslint/no-explicit-any
const calledWith = (zone as any).calledWith_[0];

assert.strictEqual(calledWith.parent, dnsInstance);
Expand Down