record_store 7.0.1 → 7.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5380713a7eb24d7be7ea68e2d6e2691bc929bccc22cf5098ce805665b1f2493b
-  data.tar.gz: 7a4a1354479436ed184cad12e3eb8d434c0e8fa610bbd734d66ca494bb4c5365
+  metadata.gz: e9f48a40d3262e148fff5aecff8c61e5f4f676bdc7f7bcb64e2964dc221ba078
+  data.tar.gz: 48a44aa9fc8a431653d09c1c524bcfee73ea09e6148ae9ff0552110b7db51173
 SHA512:
-  metadata.gz: 0e5bfe2bf6e97fc9a771c2472bfc4d49d94333bde7bd40c01b67203a674df743be0fc9db80cff14c126aa1d4a9b295d7028c954b372f2b033e0c56feeb1fe6b1
-  data.tar.gz: b49194a0c1e24f3a3929832c561236c9828c75ee97859233a8ce127cd7f7321526359d43f01f3653962778354b330a095dd94675aeaebb0195afa5bfe60fe1ab
+  metadata.gz: cb623045bb1b2db82232eb037adaf05a13c234d9d82e760603075ec590b5528f2daeb6dfe1df28bd6cc1987ba379f8ee070547af3336bb11213651012d527f5b
+  data.tar.gz: 73618a9cbae3b16028bcaa7dba64dda74e4324427fda3e364c7df0087ed72828f36965dae239bc0a2c37c1c7aece20950e0a0556a325e4cd10082e74c2da3429

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 # CHANGELOG
 
+## 7.1.1
+- Bugfix: Cloudflare provider now handles empty record sets properly
+
+## 7.1.0
+- Add Cloudflare as a supported DNS provider
+
 ## 7.0.1
 - Allow an underscore in the middle of a CNAME record
 

data/README.md

@@ -95,6 +95,12 @@ Regarding the `fingerprint` and `key_content`, you'll need to generate an API Si
 
 The `tenancy` and `region` are in the `Profile` menu. The `tenancy` starts with `ocid1.tenancy.oc1..`.
 
+### Cloudflare
+
+Record_store and the Cloudflare provider do not have any concept of a zone id or account. Zone names must be unique within all accounts the API key has access to, otherwise Cloudflare provider will error.
+
+`ALIAS` records in zone files are supported and created in Cloudflare as [per-record flattened](https://developers.cloudflare.com/dns/cname-flattening/set-up-cname-flattening/#per-record) CNAME records.
+
 ----
 
 # Architecture
@@ -184,14 +190,14 @@ class Provider
   #
   # Arguments:
   # record - a kind of `Record`
-  def add(zone, record)
+  def add(record, zone)
   end
 
   # Deletes an existing record from the zone. It is expected this call modifies external state.
   #
   # Arguments:
   # record - a kind of `Record`
-  def remove(zone, record)
+  def remove(record, zone)
   end
 
   # Updates an existing record in the zone. It is expected this call modifies external state.
@@ -199,7 +205,7 @@ class Provider
   # Arguments:
   # id - provider specific ID of record to update
   # record - a kind of `Record` which the record with `id` should be updated to
-  def update(zone, id, record)
+  def update(id, record, zone)
   end
 end
 ```

data/lib/record_store/provider/cloudflare/client.rb

@@ -0,0 +1,97 @@
+require 'net/http'
+require_relative 'response'
+
+module Cloudflare
+  class Client
+    def initialize(api_fqdn, api_token)
+      @api_fqdn = api_fqdn
+      @api_token = api_token
+    end
+
+    def get(endpoint, params = {})
+      uri = build_uri(endpoint, params)
+
+      response = request(:get, uri)
+      Cloudflare::Response.new(response)
+    end
+
+    def post(endpoint, body = nil)
+      uri = build_uri(endpoint)
+
+      response = request(:post, uri, body: body)
+      Cloudflare::Response.new(response)
+    end
+
+    def put(endpoint, body = nil)
+      uri = build_uri(endpoint)
+
+      response = request(:put, uri, body: body)
+      Cloudflare::Response.new(response)
+    end
+
+    def patch(endpoint, body = nil)
+      uri = build_uri(endpoint)
+
+      response = request(:patch, uri, body: body)
+      Cloudflare::Response.new(response)
+    end
+
+    def delete(endpoint)
+      uri = build_uri(endpoint)
+
+      response = request(:delete, uri)
+      Cloudflare::Response.new(response)
+    end
+
+    def request(method, uri, body: nil)
+      Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |conn|
+        request = case method
+        when :get
+          Net::HTTP::Get.new(uri)
+        when :post
+          request = Net::HTTP::Post.new(uri)
+          request.body = body.to_json if body
+          request
+        when :put
+          request = Net::HTTP::Put.new(uri)
+          request.body = body.to_json if body
+          request
+        when :patch
+          request = Net::HTTP::Patch.new(uri)
+          request.body = body.to_json if body
+          request
+        when :delete
+          Net::HTTP::Delete.new(uri)
+        end
+
+        cloudflare_headers.each { |k, v| request[k] = v }
+
+        begin
+          response = conn.request(request)
+        rescue StandardError => e
+          raise "HTTP error: #{e.message}"
+        end
+        response
+      end
+    end
+
+    private
+
+    def cloudflare_headers
+      @cloudflare_headers ||= {
+        'User-Agent' => "Ruby",
+        'Accept' => 'application/json',
+        'Content-Type' => 'application/json',
+        'Authorization' => "Bearer #{@api_token}"
+      }
+    end
+
+    def build_uri(endpoint, params = {})
+      URI::HTTPS.build(
+        host: @api_fqdn,
+        path: endpoint.chomp('/'),
+        query: URI.encode_www_form(params),
+      )
+    end
+  end
+end

data/lib/record_store/provider/cloudflare/response.rb

@@ -0,0 +1,60 @@
+require 'json'
+
+module Cloudflare
+  class Response
+    attr_reader :http_response
+
+    def initialize(http_response)
+      @http_response = http_response
+    end
+
+    def status_code
+      @http_response.code.to_i
+    end
+
+    def result_raw
+      result = json['result']
+
+      return if result.nil? || result.empty? || !success
+
+      result
+    end
+
+    def result
+      result = result_raw
+      return result.first if result.is_a?(Array)
+
+      result
+    end
+
+    def success
+      json['success']
+    end
+
+    def errors
+      json.fetch('errors', [])
+    end
+
+    def messages
+      json.fetch('messages', [])
+    end
+
+    def error_messages
+      errors.map { |error| error['message'] }
+    end
+
+    private
+
+    def json_content?
+      @http_response['Content-Type']&.match?(%r{application/json})
+    end
+
+    def json
+      return {} unless json_content?
+
+      JSON.parse(@http_response.body)
+    rescue JSON::ParserError => e
+      raise "JSON parsing error: #{e.message}"
+    end
+  end
+end

data/lib/record_store/provider/cloudflare.rb

@@ -0,0 +1,192 @@
+require_relative 'cloudflare/client'
+
+module RecordStore
+  class Provider::Cloudflare < Provider
+    class << self
+      def record_types
+        super | Set.new(%w(PTR))
+      end
+
+      def supports_alias?
+        true
+      end
+
+      def supports_spf?
+        # New as Cloudflare doesn't support the now deprecated spf type
+        false
+      end
+
+      # Returns: an array of `Record` for each record in the provider's zone
+      def retrieve_current_records(zone:, stdout: $stdout)
+        zone_id = zone_name_to_id(zone)
+
+        retry_on_connection_errors do
+          records = client.get("/client/v4/zones/#{zone_id}/dns_records").result_raw || []
+          records.map { |api_body| build_from_api(api_body) }
+        end
+      end
+
+      # Returns an array of the zones managed by provider as strings
+      # Cloudflare returns zones across all accounts accessible by the API token
+      # Can implement filtering in request if needed
+      def zones
+        retry_on_connection_errors do
+          zones = client.get('/client/v4/zones').result_raw || []
+          zones.map { |zone| zone['name'] }
+        end
+      end
+
+      def apply_changeset(changeset, stdout = $stdout)
+        deletes = []
+        patches = []
+        posts = []
+        puts = []
+
+        changeset.changes.each do |change|
+          case change.type
+          when :removal
+            stdout.puts "Removing #{change.record}..."
+            deletes << { id: change.record.id }
+          when :addition
+            stdout.puts "Creating #{change.record}..."
+            posts << build_api_body(change.record)
+          when :update
+            stdout.puts "Updating record with ID #{change.id} to #{change.record}..."
+            patches << build_api_body(change.record).merge(id: change.id)
+          else
+            raise ArgumentError, "Unknown change type #{change.type.inspect}"
+          end
+        end
+
+        zone_id = zone_name_to_id(changeset.zone)
+        api_body = {
+          deletes: deletes,
+          patches: patches,
+          posts: posts,
+          puts: puts
+        }
+
+        retry_on_connection_errors do
+          response = client.post("/client/v4/zones/#{zone_id}/dns_records/batch", api_body)
+          unless response.success
+            error_message = response.errors.map { |error| error['message'] }.join(', ')
+            raise RecordStore::Provider::Error, "Cloudflare API error: #{error_message}"
+          end
+        end
+      end
+
+      private
+
+      def secrets
+        super.fetch('cloudflare')
+      end
+
+      def build_api_body(record)
+        api_body = {
+          name: record.fqdn,
+          ttl: record.ttl,
+          type: record.type,
+        }
+        case record
+        when Record::A, Record::AAAA
+          api_body[:content] = record.rdata_txt
+        when Record::CNAME
+          api_body[:content] = record.rdata_txt
+        when Record::PTR
+          api_body[:content] = record.rdata_txt
+        when Record::MX
+          api_body[:content] = record.exchange
+          api_body[:priority] = record.preference
+        when Record::TXT, Record::SPF
+          api_body[:content] = record.txtdata.gsub('\;', ';')
+        when Record::CAA
+          api_body[:data] = record.rdata
+        when Record::SRV
+          api_body[:data] = rdata
+        when Record::ALIAS
+          api_body[:type] = 'CNAME'
+          api_body[:content] = record.rdata_txt
+          api_body[:settings] = { flatten_cname: true }
+        when Record::NS
+          api_body[:content] = record.nsdname
+        end
+
+        api_body
+      end
+
+      def build_from_api(api_response)
+        fqdn = Record.ensure_ends_with_dot(api_response['name'])
+
+        record_type = api_response['type']
+
+        record = {
+          record_id: api_response['id'],
+          ttl: api_response['ttl'],
+          fqdn: fqdn.downcase,
+        }
+
+        case record_type
+        when 'A', 'AAAA'
+          record.merge!(address: api_response['content'])
+        when 'CNAME'
+          if api_response.dig('settings', 'flatten_cname')
+            record_type = 'ALIAS'
+            record.merge!(alias: api_response['content'])
+          else
+            record.merge!(cname: api_response['content'])
+          end
+        when 'TXT'
+          record.merge!(txtdata: Record.unescape(api_response['content']).gsub(';', '\;'))
+        when 'MX'
+          record.merge!(preference: api_response['priority'], exchange: api_response['content'])
+        when 'PTR'
+          record.merge!(ptrdname: api_response['content'])
+        when 'CAA'
+          flags, tag, value = api_response['content'].split(' ')
+
+          record.merge!(
+            flags: flags.to_i,
+            tag: tag,
+            value: Record.unquote(value),
+          )
+        when 'SRV'
+          weight, port, host = api_response['content'].split(' ')
+
+          record.merge!(
+            priority: api_response['priority'].to_i,
+            weight: weight.to_i,
+            port: port.to_i,
+            target: Record.ensure_ends_with_dot(host),
+          )
+        when 'NS'
+          record.merge!(nsdname: api_response['content'])
+        end
+
+        Record.const_get(record_type).new(record)
+      end
+
+      def client
+        Cloudflare::Client.new(
+          secrets['api_fqdn'],
+          secrets['api_token'],
+        )
+      end
+
+      def zone_name_to_id(zone_name)
+        retry_on_connection_errors do
+          matching_zones = client.get('/client/v4/zones').result_raw.select { |zone| zone['name'] == zone_name }
+
+          case matching_zones.size
+          when 0
+            raise "Zone not found for #{zone_name}"
+          when 1
+            matching_zones.first['id']
+          else
+            raise "Multiple zones found for #{zone_name}. " \
+              "API key must only return the zone on which records are to be managed."
+          end
+        end
+      end
+    end
+  end
+end

data/lib/record_store/provider.rb

@@ -36,6 +36,8 @@ module RecordStore
           'NS1'
         when /\.oraclecloud\.net\z/
           'OracleCloudDNS'
+        when /\.cloudflare\.com\z/
+          'Cloudflare'
         end
       end
 
@@ -121,15 +123,15 @@ module RecordStore
 
       private
 
-      def add(record)
+      def add(record, zone)
         raise NotImplementedError
       end
 
-      def remove(record)
+      def remove(record, zone)
         raise NotImplementedError
       end
 
-      def update(id, record)
+      def update(id, record, zone)
         raise NotImplementedError
       end
 

data/lib/record_store/version.rb

@@ -1,3 +1,3 @@
 module RecordStore
-  VERSION = '7.0.1'.freeze
+  VERSION = '7.1.1'.freeze
 end

data/lib/record_store.rb

@@ -36,6 +36,7 @@ require 'record_store/provider/dnsimple'
 require 'record_store/provider/google_cloud_dns'
 require 'record_store/provider/ns1'
 require 'record_store/provider/oracle_cloud_dns'
+require 'record_store/provider/cloudflare'
 require 'record_store/cli'
 
 module RecordStore

data/record_store.gemspec

@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'fog-dynect', '>= 0.4', '< 0.6'
   spec.add_runtime_dependency 'fog-json'
   spec.add_runtime_dependency 'fog-xml'
-  spec.add_runtime_dependency 'google-cloud-dns', '~> 0.31'
+  spec.add_runtime_dependency 'google-cloud-dns', '>= 0.31', '< 2.0'
   spec.add_runtime_dependency 'ns1'
   spec.add_runtime_dependency 'oci', '>= 2.14', '< 2.22'
   spec.add_runtime_dependency 'ruby-limiter', '>= 1.0.1', '< 3'
@@ -46,7 +46,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'mocha'
   spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rake'
-  spec.add_development_dependency 'rubocop', '~> 1.64.0'
+  spec.add_development_dependency 'rubocop', '~> 1.67.0'
   spec.add_development_dependency 'rubocop-shopify', '~> 2.15.1'
   spec.add_development_dependency 'vcr'
   spec.add_development_dependency 'webmock'

data/template/secrets.json

@@ -23,5 +23,9 @@
     "token_uri": "https://oauth2.googleapis.com/token",
     "auth_provider_x509_cert_url": "auth_provider_x509_cert_url",
     "client_x509_cert_url": "client_x509_cert_url"
+  },
+  "cloudflare": {
+    "api_fqdn": "api.cloudflare.com",
+    "api_token": "local-dev-key"
   }
 }

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: record_store
 version: !ruby/object:Gem::Version
-  version: 7.0.1
+  version: 7.1.1
 platform: ruby
 authors:
 - Willem van Bergen
 - Emil Stolarsky
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-19 00:00:00.000000000 Z
+date: 2024-10-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -145,16 +145,22 @@ dependencies:
   name: google-cloud-dns
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.31'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.31'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: ns1
   requirement: !ruby/object:Gem::Requirement
@@ -299,14 +305,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.64.0
+        version: 1.67.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.64.0
+        version: 1.67.0
 - !ruby/object:Gem::Dependency
   name: rubocop-shopify
   requirement: !ruby/object:Gem::Requirement
@@ -383,6 +389,9 @@ files:
 - lib/record_store/changeset.rb
 - lib/record_store/cli.rb
 - lib/record_store/provider.rb
+- lib/record_store/provider/cloudflare.rb
+- lib/record_store/provider/cloudflare/client.rb
+- lib/record_store/provider/cloudflare/response.rb
 - lib/record_store/provider/dnsimple.rb
 - lib/record_store/provider/dnsimple/patch_api_header.rb
 - lib/record_store/provider/dnsimple/patch_request_error_to_include_errors.rb
@@ -431,7 +440,7 @@ licenses:
 - MIT
 metadata:
   allowed_push_host: https://rubygems.org
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -446,8 +455,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.13
-signing_key: 
+rubygems_version: 3.5.22
+signing_key:
 specification_version: 4
 summary: Manage DNS using git
 test_files: []