diff --git a/deploy/sthome-webhook/Chart.yaml b/deploy/sthome-webhook/Chart.yaml index 3610e89..facb491 100644 --- a/deploy/sthome-webhook/Chart.yaml +++ b/deploy/sthome-webhook/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: v0.0.5-alpha.90 +appVersion: v0.0.5-alpha.97 description: Cert-Manager webhook for sthome name: sthome-webhook -version: 0.0.5-alpha.90 +version: 0.0.5-alpha.97 diff --git a/deploy/sthome-webhook/values.yaml b/deploy/sthome-webhook/values.yaml index 594d915..465cae1 100644 --- a/deploy/sthome-webhook/values.yaml +++ b/deploy/sthome-webhook/values.yaml @@ -31,7 +31,7 @@ clusterIssuer: image: repository: stuurmcp/cert-manager-webhook-sthome #repository: wstat.sthome.net:5000/cert-manager-webhook-sthome - tag: 0.0.5-alpha.90 + tag: 0.0.5-alpha.97 #pullPolicy should be IfNotPresent. Set to Always for testing purposes pullPolicy: IfNotPresent diff --git a/pkg/dns/shell.go b/pkg/dns/shell.go index e88e177..090a8b9 100644 --- a/pkg/dns/shell.go +++ b/pkg/dns/shell.go @@ -7,6 +7,7 @@ import ( "os" "os/exec" "strings" + "sync" "k8s.io/klog/v2" ) @@ -54,3 +55,66 @@ func Execute2(shell string, arg ...string) (bool, error) { klog.Infof("Script returned success\n") return true, nil } + +// CapturingPassThroughWriter is a writer that remembers +// data written to it and passes it to w +type CapturingPassThroughWriter struct { + buf bytes.Buffer + w io.Writer +} + +// NewCapturingPassThroughWriter creates new CapturingPassThroughWriter +func NewCapturingPassThroughWriter(w io.Writer) *CapturingPassThroughWriter { + return &CapturingPassThroughWriter{ + w: w, + } +} + +func (w *CapturingPassThroughWriter) Write(d []byte) (int, error) { + w.buf.Write(d) + return w.w.Write(d) +} + +// Bytes returns bytes written to the writer +func (w *CapturingPassThroughWriter) Bytes() []byte { + return w.buf.Bytes() +} + +func Execute3(shell string, arg ...string) (bool, error) { + var errStdout, errStderr error + cmd := exec.Command(shell, arg...) + stdoutIn, _ := cmd.StdoutPipe() + stderrIn, _ := cmd.StderrPipe() + stdout := NewCapturingPassThroughWriter(os.Stdout) + stderr := NewCapturingPassThroughWriter(os.Stderr) + err := cmd.Start() + if err != nil { + klog.Fatalf("cmd.Start() failed with '%s'\n", err) + } + + var wg sync.WaitGroup + wg.Add(1) + + go func() { + _, errStdout = io.Copy(stdout, stdoutIn) + wg.Done() + }() + + _, errStderr = io.Copy(stderr, stderrIn) + wg.Wait() + + err = cmd.Wait() + if err != nil { + klog.Fatalf("cmd.Run() failed with %s\n", err) + } + if errStdout != nil || errStderr != nil { + klog.Fatalf("failed to capture stdout or stderr\n") + } + //outStr, errStr := string(stdout.Bytes()), string(stderr.Bytes()) + //fmt.Printf("\nout:\n%s\nerr:\n%s\n", outStr, errStr) + errStr := string(stderr.Bytes()) + if stderr != nil { + klog.Infof("err:\n%s\n", errStr) + } + return true, nil +} diff --git a/pkg/dns/solver_local.go b/pkg/dns/solver_local.go index c85a749..b282c2c 100644 --- a/pkg/dns/solver_local.go +++ b/pkg/dns/solver_local.go @@ -52,7 +52,7 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error } // TODO: convert shell script to golang //localip := GetOutboundIP(Dnsserver_net) - success, err := Execute2( + success, err := Execute3( Shell, // "-c", AcmeAuthCmd, @@ -81,7 +81,7 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error func (loc *LocalDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error { //domainName := extractDomainName(ch.ResolvedZone) //localip := GetOutboundIP(Dnsserver_net) - success, err := Execute2( + success, err := Execute3( Shell, // "-c", AcmeAuthCmd, @@ -119,13 +119,13 @@ func (loc *LocalDNSProviderSolver) Initialize(kubeClientConfig *rest.Config, sto // Check verifies that the DNS records for the ACME challenge have propagated. func (s *LocalDNSProviderSolver) Check(DNSName string, Key string) error { ttl := 20 + klog.Info("waiting DNS record TTL to allow the DNS01 record to propagate for domain") + time.Sleep(time.Second * time.Duration(ttl)) fqdn, err := util.DNS01LookupFQDN(DNSName, false, DNS01Nameservers...) if err != nil { return err } - klog.Info("waiting DNS record TTL to allow the DNS01 record to propagate for domain") - time.Sleep(time.Second * time.Duration(ttl)) //klog.Info("checking DNS propagation: ", "dns: ", DNSName, ", fqdn: ", fqdn, ", key: ", Key, ", nameservers: ", DNS01Nameservers) klog.Info("checking DNS prop: fqdn: ", fqdn) diff --git a/pkg/util/wait.go b/pkg/util/wait.go index 35abba2..cda4531 100644 --- a/pkg/util/wait.go +++ b/pkg/util/wait.go @@ -139,15 +139,21 @@ func checkAuthoritativeNss(fqdn, value string, nameservers []string) (bool, erro klog.Infof("================== NS: %s ==================", ns) r, err := DNSQuery(fqdn, dns.TypeTXT, []string{ns}, true) //klog.Infof("DNSQuery returned \nr: %s, \nerr: %s", r, err) + rCodeStr := "" + if r == nil { + rCodeStr = "nil" + } else { + rCodeStr = dns.RcodeToString[r.Rcode] + } if err != nil { - klog.Infof("DNSQuery failed, err: %s", err) + klog.Infof("DNSQuery failed, err: %s, ns: %s, rcode: %s", err, ns, rCodeStr) return false, err } - klog.Infof("DNSQuery succeeded with r.Rcode: %d", r.Rcode) + klog.Infof("DNSQuery succeeded with r.Rcode: %s", rCodeStr) // NXDomain response is not really an error, just waiting for propagation to happen if !(r.Rcode == dns.RcodeSuccess || r.Rcode == dns.RcodeNameError) { //klog.Errorf("NS %s returned %s for %s", ns, dns.RcodeToString[r.Rcode], fqdn) - return false, fmt.Errorf("NS %s returned %s for %s", ns, dns.RcodeToString[r.Rcode], fqdn) + return false, fmt.Errorf("NS %s returned %s for %s", ns, rCodeStr, fqdn) } klog.Infof("%q: must be %s", fqdn, value) diff --git a/version.txt b/version.txt index 991435c..be06281 100644 --- a/version.txt +++ b/version.txt @@ -1,3 +1,3 @@ -0.0.5-alpha.90 -20240416-2039 -90 \ No newline at end of file +0.0.5-alpha.97 +20240418-0139 +97 \ No newline at end of file