record_store 6.4.1 → 6.5.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2537c52a9350b969e64d8fab36f1281813e3d1db528accd4ee0700cdc6217b80
-  data.tar.gz: 8561a6ea4212f180a47240d5f1234f43e1d1896e620f2ea0acb427e06b2306fc
+  metadata.gz: 9af43560e4a84302824fb5b1abef5476bc0995e752d3960de068b45949b1d154
+  data.tar.gz: 4bc999da542a5484d7cf51a7bb652593c323fecac6d79d8e73ccbb62bd638ea0
 SHA512:
-  metadata.gz: 81048f68e0c0710fa7d61bcc25f97583e0b73dd7a0debea7281a8e22403a46f8fb245607d1f9a74ee8a6412915184d4c1faf7a5178fd3a666b64217201715115
-  data.tar.gz: 88ed41158b07af0b2efed051d2794e54efacc90e36457b51aacb9e53e14307c15fcde259f5beda9b4df5056d7fd517fa52852e5b828d264d90433ccf62464977
+  metadata.gz: d72d0a1bffea56a12070eab25df96cd120f00107779063ae651a141310b369764eeaa5fa8993d77c67f81e2f4e98e16641e6d8dacde4f35fa09be4a6fe08236e
+  data.tar.gz: e84f52373f10caa1fa464845a13a33383c7461392f69c88c17c032f9d91e8b96ffcd87fc9f1fc798478b05b2de2660629e2d6d4b89e232b405d80009676eac5b

data/.github/workflows/ci.yml

@@ -0,0 +1,28 @@
+name: CI
+
+on: [push, pull_request]
+
+env:
+  SRB_SKIP_GEM_RBIS: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby: [ 2.7.1 ]
+    name: Test Ruby ${{ matrix.ruby }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: rubocop
+        run: bin/rubocop --version && bin/rubocop
+      - name: setup
+        run: bin/setup
+      - name: test
+        run: bundle exec rake test

data/CHANGELOG.md

@@ -1,5 +1,25 @@
 # CHANGELOG
 
+## 6.5.3
+- Adds check for detecting shadowed records, used when a record being added to a zone in record-store will have no effect because it is shadowed by another record.
+
+## 6.5.2
+- Ensure filters for implicit_records, `except_record` and `conflict_with`, are truly optional [BUGFIX]
+
+## 6.5.1
+
+Add support for a new parameter in the implicit records templates:
+
+- `except_record`: the template will *NOT* generate the `injected_records` for records matching `except_record`, even if they matched `each_record`.
+
+Also added support for regular expressions in the matching, using the already available `!ruby/regexp` text in a YAML value. The object loaded from the YAML
+will be of `Regexp` type, and will thus be used to _match_ the value, instead of being identical only. This is supported in both `except_record` and
+`each_record` fields.
+
+## 6.5.0
+
+...
+
 ## 6.4.0
 
 Add support for injecting implicit records into a zone based on a pre-configured template. Brief overview of template keys:

data/lib/record_store/cli.rb

@@ -7,7 +7,7 @@ module RecordStore
 
     def initialize(*args)
       super
-      RecordStore.config_path = options.fetch('config', "#{Dir.pwd}/config.yml")
+      RecordStore.config_path = options.fetch('config', "#{Dir.pwd}/template/config.yml")
     end
 
     def self.exit_on_failure?

data/lib/record_store/version.rb

@@ -1,3 +1,3 @@
 module RecordStore
-  VERSION = '6.4.1'.freeze
+  VERSION = '6.5.3'.freeze
 end

data/lib/record_store/zone/config/implicit_record_template.rb

@@ -26,9 +26,14 @@ module RecordStore
           def from_file(filename:)
             filepath = template_filepath_for(filename: filename)
             template_file = File.read(filepath)
-            filters_for_records_to_template = YAML.load(template_file).deep_symbolize_keys[:each_record]
 
-            new(template: ERB.new(template_file), filters_for_records_to_template: filters_for_records_to_template)
+            template_file_yaml = YAML.load(template_file).deep_symbolize_keys
+            filters_for_records_to_template = template_file_yaml[:each_record]
+            filters_for_records_to_exclude = template_file_yaml[:except_record] || []
+
+            new(template: ERB.new(template_file),
+                filters_for_records_to_template: filters_for_records_to_template,
+                filters_for_records_to_exclude: filters_for_records_to_exclude)
           end
 
           private
@@ -38,9 +43,10 @@ module RecordStore
           end
         end
 
-        def initialize(template:, filters_for_records_to_template:)
+        def initialize(template:, filters_for_records_to_template:, filters_for_records_to_exclude:)
           @template = template
           @filters_for_records_to_template = filters_for_records_to_template
+          @filters_for_records_to_exclude = filters_for_records_to_exclude
         end
 
         def generate_records_to_inject(current_records:)
@@ -61,23 +67,29 @@ module RecordStore
 
         private
 
-        attr_reader :template, :filters_for_records_to_template
+        attr_reader :template, :filters_for_records_to_template, :filters_for_records_to_exclude
 
         def should_inject?(template_records:, current_records:)
+          conflict_with = template_records[:conflict_with] || []
           current_records.none? do |record|
-            template_records[:conflict_with].any? do |filter|
+            conflict_with.any? do |filter|
               record_match?(record: record, filter: filter)
             end
           end
         end
 
         def should_template?(record:)
-          filters_for_records_to_template.any? { |filter| record_match?(record: record, filter: filter) }
+          filters_for_records_to_template.any? { |filter| record_match?(record: record, filter: filter) } && \
+            filters_for_records_to_exclude.none? { |filter| record_match?(record: record, filter: filter) }
         end
 
         def record_match?(record:, filter:)
           filter.all? do |key, value|
-            record.public_send(key) == value
+            if value.is_a?(Regexp)
+              value.match(record.public_send(key))
+            else
+              record.public_send(key) == value
+            end
           end
         end
 

data/lib/record_store/zone/yaml_definitions.rb

@@ -66,7 +66,10 @@ module RecordStore
         Dir["#{dir}/#{name}/*__*.yml"].each do |record_file|
           definition['records'] += load_yml_record_definitions(name, record_file)
         end
-        Zone.new(name: name, records: definition['records'], config: definition['config'])
+
+        asts = { filename => Psych.parse_file(filename) }
+
+        Zone.new(name: name, records: definition['records'], config: definition['config'], abstract_syntax_trees: asts)
       end
 
       def load_yml_record_definitions(name, record_file)

data/lib/record_store/zone.rb

@@ -20,6 +20,8 @@ module RecordStore
     validate :validate_provider_can_handle_zone_records
     validate :validate_no_empty_non_terminal
     validate :validate_can_handle_alias_records
+    validate :validate_no_duplicate_keys
+    validate :validate_zone_record_not_shadowed
 
     class << self
       def download(name, provider_name, **write_options)
@@ -61,7 +63,12 @@ module RecordStore
             current_zone = nil
             while zones.any?
               mutex.synchronize { current_zone = zones.shift }
-              mutex.synchronize { modified_zones << current_zone } unless current_zone.unchanged?
+              break if current_zone.nil? # account for the race between `zones.any?` and `zones.shift`
+
+              # `unchanged?` is deliberately outside locked context since it's a bit CPU/time heavy
+              unless current_zone.unchanged?
+                mutex.synchronize { modified_zones << current_zone }
+              end
             end
           end
         end.each(&:join)
@@ -70,10 +77,11 @@ module RecordStore
       end
     end
 
-    def initialize(name:, records: [], config: {})
+    def initialize(name:, records: [], config: {}, abstract_syntax_trees: {})
       @name = Record.ensure_ends_with_dot(name)
       @config = RecordStore::Zone::Config.new(config.deep_symbolize_keys)
       @records = build_records(records)
+      @abstract_syntax_trees = abstract_syntax_trees
     end
 
     def build_changesets(all: false)
@@ -270,6 +278,26 @@ module RecordStore
       end
     end
 
+    def validate_zone_record_not_shadowed
+      nameserver_fqdns = records
+        .select { |record| record.is_a?(Record::NS) && name != record.fqdn }
+        .map { |record| record.fqdn.delete_suffix(".") }
+        .uniq
+
+      nameserver_fqdns.each do |ns_record|
+        selected_records = records.reject do |record|
+          record.is_a?(Record::NS) && \
+            record.fqdn.delete_suffix(".") == ns_record
+        end
+        selected_records.each do |record|
+          normalized_record = record.fqdn.delete_suffix(".")
+          next unless normalized_record.end_with?(".#{ns_record}") || normalized_record == ns_record
+          errors.add(:records, "Record #{record.fqdn} #{record.type} in Zone #{name} " \
+            "is shadowed by #{ns_record} and will be ignored")
+        end
+      end
+    end
+
     def validate_no_empty_non_terminal
       return unless config.empty_non_terminal_over_wildcard?
 
@@ -307,5 +335,34 @@ module RecordStore
 
       errors.add(:records, "ALIAS record should be defined on the root of the zone: #{alias_record}")
     end
+
+    def validate_no_duplicate_keys
+      @abstract_syntax_trees.each do |filename, ast|
+        validate_no_duplicate_keys_in_node(filename, ast)
+      end
+    end
+
+    def validate_no_duplicate_keys_in_node(filename, node)
+      if node.mapping?
+        keys = node
+          .children
+          .each_slice(2)
+          .map(&:first)
+          .map(&:value)
+          .sort
+        dup_keys = keys
+          .find_all { |k| keys.count(k) > 1 }
+          .uniq
+        unless dup_keys.empty?
+          location = "#{File.basename(filename)}:#{node.start_line}"
+          description = "multiple definitions for keys #{dup_keys}"
+          errors.add(:records, "#{location}: #{description}")
+        end
+      end
+
+      node.children&.each do |child|
+        validate_no_duplicate_keys_in_node(filename, child)
+      end
+    end
   end
 end

data/lib/record_store.rb

@@ -44,6 +44,7 @@ module RecordStore
   class << self
     attr_writer :secrets_path
     attr_writer :zones_path
+    attr_writer :implicit_records_templates_path
 
     def secrets_path
       @secrets_path ||= File.expand_path(config.fetch('secrets_path'), File.dirname(config_path))

data/template/templates/implicit_records/implicit_example.yml.erb

@@ -2,6 +2,8 @@ each_record:
 - type: A
   fqdn: abc.123.com.
 - type: TXT
+except_record:
+- fqdn: !ruby/regexp /^_/
 conflict_with:
 - type: TXT
   fqdn: <%= record.fqdn %>.more.domain.com.

data/template/zones/dynect.example.com.yml

@@ -5,7 +5,7 @@ dynect.example.com:
     ignore_patterns:
     - type: NS
       fqdn: dynect.example.com.
-    implicit_record_templates:
+    implicit_records_templates:
     - implicit_example.yml.erb
   records:
   - type: A

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: record_store
 version: !ruby/object:Gem::Version
-  version: 6.4.1
+  version: 6.5.3
 platform: ruby
 authors:
 - Willem van Bergen
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-02 00:00:00.000000000 Z
+date: 2021-09-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -335,6 +335,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rubocop-https---shopify-github-io-ruby-style-guide-rubocop-yml"
 - ".rubocop.yml"
@@ -416,7 +417,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.2.20
 signing_key: 
 specification_version: 4
 summary: Manage DNS using git