Skip to content

Add DNS provider for ConoHa v3 #2516

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 11 commits into from
May 5, 2025
Merged

Add DNS provider for ConoHa v3 #2516

merged 11 commits into from
May 5, 2025

Conversation

msshtdev
Copy link
Contributor

@msshtdev msshtdev commented Apr 26, 2025
edited by ldez
Loading

Closes #2514

@ldez ldez self-requested a review April 26, 2025 11:37
@ldez
Copy link
Member

ldez commented Apr 26, 2025
edited
Loading

Hello, in order for a PR adding a DNS provider to be accepted, you have to:

  • add a description to your PR
  • be able to maintain this provider
  • have a homogeneous design with the other providers
  • add tests (units)
make test
  • add tests ("live")

    lego/providers/dns/cloudflare/cloudflare_test.go

    Lines 125 to 151 in c938de6

    func TestLivePresent(t *testing.T) {
    if !envTest.IsLiveTest() {
    t.Skip("skipping live test")
    }
    envTest.RestoreEnv()
    provider, err := NewDNSProvider()
    require.NoError(t, err)
    err = provider.Present(envTest.GetDomain(), "", "123d==")
    require.NoError(t, err)
    }
    func TestLiveCleanUp(t *testing.T) {
    if !envTest.IsLiveTest() {
    t.Skip("skipping live test")
    }
    envTest.RestoreEnv()
    provider, err := NewDNSProvider()
    require.NoError(t, err)
    time.Sleep(2 * time.Second)
    err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
    require.NoError(t, err)
    } 
make test
make generate-dns
  • be able to do: (and put the output of this command to a comment in your PR)
rm -rf .lego

./lego -m your@email.com --dns YOUR_PROVIDER_NAME -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

Note the wildcard domain is important.

make checks
  • do go mod tidy

@ldez ldez changed the title Add DNS provider for conohav3 Add DNS provider for ConoHa v3 Apr 26, 2025
@ldez
Copy link
Member

ldez commented Apr 26, 2025

I need the output of the following command:

rm -rf .lego

./lego -m your@email.com --dns conohav3 -d '*.example.com' -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run
  • email@example.com should be replaced by your email
  • example.com should be replaced by your domain
  • The 2 domain flag values (-d '*.example.com' -d example.com) are required and should use the same root domain

The log can be redacted to hide sensitive information.

@msshtdev
Copy link
Contributor Author

msshtdev commented Apr 26, 2025
edited by ldez
Loading

Hi, thank you very much for your review.
The output below is exactly what was printed.

msshta@dev:~/go/src/github.com/go-acme/lego/dist$ rm -rf .lego/
msshta@dev:~/go/src/github.com/go-acme/lego/dist$ ./lego -m ec6e12de-b9e1-440b-a8b4-ee829031ebf2@anonaddy.com --dns conohav3 -d '*.mssht.net' -d mssht.net -s https://acme-staging-v02.api.letsencrypt.org/directory run
2025/04/27 01:26:39 No key found for account ec6e12de-b9e1-440b-a8b4-ee829031ebf2@anonaddy.com. Generating a P256 key.
2025/04/27 01:26:39 Saved key to /var/home/msshta/go/src/github.com/go-acme/lego/dist/.lego/accounts/acme-staging-v02.api.letsencrypt.org/ec6e12de-b9e1-440b-a8b4-ee829031ebf2@anonaddy.com/keys/ec6e12de-b9e1-440b-a8b4-ee829031ebf2@anonaddy.com.key
2025/04/27 01:26:40 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf
Do you accept the TOS? Y/n
Y
2025/04/27 01:26:42 [INFO] acme: Registering account for ec6e12de-b9e1-440b-a8b4-ee829031ebf2@anonaddy.com
!!!! HEADS UP !!!!

Your account credentials have been saved in your
configuration directory at "/var/home/msshta/go/src/github.com/go-acme/lego/dist/.lego/accounts".

You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from the ACME server so making regular
backups of this folder is ideal.
2025/04/27 01:26:42 [INFO] [*.mssht.net, mssht.net] acme: Obtaining bundled SAN certificate
2025/04/27 01:26:43 [INFO] [*.mssht.net] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz/196934724/17024419604
2025/04/27 01:26:43 [INFO] [mssht.net] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz/196934724/17024419614
2025/04/27 01:26:43 [INFO] [*.mssht.net] acme: use dns-01 solver
2025/04/27 01:26:43 [INFO] [mssht.net] acme: Could not find solver for: tls-alpn-01
2025/04/27 01:26:43 [INFO] [mssht.net] acme: Could not find solver for: http-01
2025/04/27 01:26:43 [INFO] [mssht.net] acme: use dns-01 solver
2025/04/27 01:26:43 [INFO] [*.mssht.net] acme: Preparing to solve DNS-01
2025/04/27 01:26:44 [INFO] [mssht.net] acme: Preparing to solve DNS-01
2025/04/27 01:26:46 [INFO] [*.mssht.net] acme: Trying to solve DNS-01
2025/04/27 01:26:46 [INFO] [*.mssht.net] acme: Checking DNS record propagation. [nameservers=127.0.0.53:53]
2025/04/27 01:26:56 [INFO] Wait for propagation [timeout: 10m0s, interval: 10s]
2025/04/27 01:26:56 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:27:06 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:27:16 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:27:26 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:27:36 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:27:46 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:27:56 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:28:06 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:28:16 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:28:26 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:28:36 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:28:46 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:29:06 [INFO] [*.mssht.net] acme: Waiting for DNS record propagation.
2025/04/27 01:29:19 [INFO] [*.mssht.net] The server validated our request
2025/04/27 01:29:19 [INFO] [mssht.net] acme: Trying to solve DNS-01
2025/04/27 01:29:19 [INFO] [mssht.net] acme: Checking DNS record propagation. [nameservers=127.0.0.53:53]
2025/04/27 01:29:29 [INFO] Wait for propagation [timeout: 10m0s, interval: 10s]
2025/04/27 01:29:36 [INFO] [mssht.net] The server validated our request
2025/04/27 01:29:36 [INFO] [*.mssht.net] acme: Cleaning DNS-01 challenge
2025/04/27 01:29:37 [INFO] [mssht.net] acme: Cleaning DNS-01 challenge
2025/04/27 01:29:38 [INFO] [*.mssht.net, mssht.net] acme: Validations succeeded; requesting certificates
2025/04/27 01:29:39 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
2025/04/27 01:29:42 [INFO] [*.mssht.net] Server responded with a certificate.

@ldez ldez added this to the unreleased milestone Apr 26, 2025
ldez
ldez approved these changes May 5, 2025
View reviewed changes
Copy link
Member

@ldez ldez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

msshtdev and others added 11 commits May 5, 2025 22:16
@msshtdev @ldez
feat(dns/conohav3): add conohav3 provider copied from existing conoha…
0480762 
… package

Created a new `conohav3` DNS provider by duplicating the current `conoha` package.
This version is identical to `conoha` for now and will be adapted for ConoHa API v3.

Build and runtime tested to confirm that `conohav3` is recognized correctly.
@msshtdev @ldez
feat(dns/conohav3): update conohav3 provider to support VPS API v3.0
6a99b2c 
Updated the conohav3 implementation to support ConoHa VPS API v3.0.

Changes include:
- Endpoint base URLs updated from `tyo1` to `c3j1`
- Token issuance payload updated to new v3 format
- Token endpoint changed from `/v2.0/tokens` to `/v3/auth/tokens`
- Token value extracted from `X-Subject-Token` response header instead of response body
- Domain and record list responses updated to use `uuid` instead of `id`
- Adjusted internal parsing and field mappings accordingly

Confirmed that `conohav3` is recognized and functions as expected.
@msshtdev @ldez
fix(dns/conohav3): update error messages to use correct provider name
aaead13 
Replaced "conoha" with "conohav3" in test error messages to reflect the correct provider name.

This ensures that error outputs and test expectations are consistent with the new provider implementation.
@msshtdev @ldez
chore(dns/conohav3): regenerate DNS provider documentation and help
3906d90 
Ran `make generate-dns` to update generated files.

- Added documentation and CLI help entries for the new `conohav3` DNS provider.
- Updated switch mappings accordingly.
@ldez
review: update documentation references
16ef46d
@ldez
review: comments
a9ff833
@ldez
review: remove unused file
7c25a95
@ldez
review: fix descriptor
c94d0f3
@ldez
chore: generate
36cbd3d
@ldez
review: update names
2dd939f
@ldez
chore: generate
404b6fa
@ldez ldez force-pushed the feat/impl-conohav3-dns-provider branch from e793237 to 404b6fa Compare May 5, 2025 20:16
@ldez ldez enabled auto-merge (squash) May 5, 2025 20:16
@ldez ldez merged commit b82e6d8 into go-acme:master May 5, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ldez ldez ldez approved these changes

Assignees
No one assigned
Labels
area/dnsprovider enhancement
Milestone
unreleased
Development

Successfully merging this pull request may close these issues.

conoha: migrate from API v2.0 to v3.0
2 participants
@msshtdev @ldez