Added 3rd shell execute. Improved log messages. Moved propagation wait to start of check procedure.

2024-04-18 01:44:11 +02:00 · 2024-04-18 01:44:11 +02:00 · ecaa627551
commit ecaa627551
parent d1e49c7bba
6 changed files with 83 additions and 13 deletions
--- a/deploy/sthome-webhook/Chart.yaml
+++ b/deploy/sthome-webhook/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: v0.0.5-alpha.90
+appVersion: v0.0.5-alpha.97
 description: Cert-Manager webhook for sthome
 name: sthome-webhook
-version: 0.0.5-alpha.90
+version: 0.0.5-alpha.97
--- a/deploy/sthome-webhook/values.yaml
+++ b/deploy/sthome-webhook/values.yaml
@ -31,7 +31,7 @@ clusterIssuer:
 image:
  repository: stuurmcp/cert-manager-webhook-sthome
  #repository: wstat.sthome.net:5000/cert-manager-webhook-sthome
-  tag: 0.0.5-alpha.90
+  tag: 0.0.5-alpha.97
  #pullPolicy should be IfNotPresent. Set to Always for testing purposes
  pullPolicy: IfNotPresent

--- a/pkg/dns/shell.go
+++ b/pkg/dns/shell.go
@ -7,6 +7,7 @@ import (
 	"os"
 	"os/exec"
 	"strings"
+	"sync"

 	"k8s.io/klog/v2"
 )
@ -54,3 +55,66 @@ func Execute2(shell string, arg ...string) (bool, error) {
 	klog.Infof("Script returned success\n")
 	return true, nil
 }
+
+// CapturingPassThroughWriter is a writer that remembers
+// data written to it and passes it to w
+type CapturingPassThroughWriter struct {
+	buf bytes.Buffer
+	w   io.Writer
+}
+
+// NewCapturingPassThroughWriter creates new CapturingPassThroughWriter
+func NewCapturingPassThroughWriter(w io.Writer) *CapturingPassThroughWriter {
+	return &CapturingPassThroughWriter{
+		w: w,
+	}
+}
+
+func (w *CapturingPassThroughWriter) Write(d []byte) (int, error) {
+	w.buf.Write(d)
+	return w.w.Write(d)
+}
+
+// Bytes returns bytes written to the writer
+func (w *CapturingPassThroughWriter) Bytes() []byte {
+	return w.buf.Bytes()
+}
+
+func Execute3(shell string, arg ...string) (bool, error) {
+	var errStdout, errStderr error
+	cmd := exec.Command(shell, arg...)
+	stdoutIn, _ := cmd.StdoutPipe()
+	stderrIn, _ := cmd.StderrPipe()
+	stdout := NewCapturingPassThroughWriter(os.Stdout)
+	stderr := NewCapturingPassThroughWriter(os.Stderr)
+	err := cmd.Start()
+	if err != nil {
+		klog.Fatalf("cmd.Start() failed with '%s'\n", err)
+	}
+
+	var wg sync.WaitGroup
+	wg.Add(1)
+
+	go func() {
+		_, errStdout = io.Copy(stdout, stdoutIn)
+		wg.Done()
+	}()
+
+	_, errStderr = io.Copy(stderr, stderrIn)
+	wg.Wait()
+
+	err = cmd.Wait()
+	if err != nil {
+		klog.Fatalf("cmd.Run() failed with %s\n", err)
+	}
+	if errStdout != nil || errStderr != nil {
+		klog.Fatalf("failed to capture stdout or stderr\n")
+	}
+	//outStr, errStr := string(stdout.Bytes()), string(stderr.Bytes())
+	//fmt.Printf("\nout:\n%s\nerr:\n%s\n", outStr, errStr)
+	errStr := string(stderr.Bytes())
+	if stderr != nil {
+		klog.Infof("err:\n%s\n", errStr)
+	}
+	return true, nil
+}
--- a/pkg/dns/solver_local.go
+++ b/pkg/dns/solver_local.go
@ -52,7 +52,7 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
 	}
 	// TODO: convert shell script to golang
 	//localip := GetOutboundIP(Dnsserver_net)
-	success, err := Execute2(
+	success, err := Execute3(
 		Shell,
 		//	"-c",
 		AcmeAuthCmd,
@ -81,7 +81,7 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
 func (loc *LocalDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error {
 	//domainName := extractDomainName(ch.ResolvedZone)
 	//localip := GetOutboundIP(Dnsserver_net)
-	success, err := Execute2(
+	success, err := Execute3(
 		Shell,
 		//	"-c",
 		AcmeAuthCmd,
@ -119,13 +119,13 @@ func (loc *LocalDNSProviderSolver) Initialize(kubeClientConfig *rest.Config, sto
 // Check verifies that the DNS records for the ACME challenge have propagated.
 func (s *LocalDNSProviderSolver) Check(DNSName string, Key string) error {
 	ttl := 20
+	klog.Info("waiting DNS record TTL to allow the DNS01 record to propagate for domain")
+	time.Sleep(time.Second * time.Duration(ttl))

 	fqdn, err := util.DNS01LookupFQDN(DNSName, false, DNS01Nameservers...)
 	if err != nil {
 		return err
 	}
-	klog.Info("waiting DNS record TTL to allow the DNS01 record to propagate for domain")
-	time.Sleep(time.Second * time.Duration(ttl))

 	//klog.Info("checking DNS propagation: ", "dns: ", DNSName, ", fqdn: ", fqdn, ", key: ", Key, ", nameservers: ", DNS01Nameservers)
 	klog.Info("checking DNS prop: fqdn: ", fqdn)
--- a/pkg/util/wait.go
+++ b/pkg/util/wait.go
@ -139,15 +139,21 @@ func checkAuthoritativeNss(fqdn, value string, nameservers []string) (bool, erro
 		klog.Infof("================== NS: %s ==================", ns)
 		r, err := DNSQuery(fqdn, dns.TypeTXT, []string{ns}, true)
 		//klog.Infof("DNSQuery returned \nr: %s, \nerr: %s", r, err)
+		rCodeStr := ""
+		if r == nil {
+			rCodeStr = "nil"
+		} else {
+			rCodeStr = dns.RcodeToString[r.Rcode]
+		}
 		if err != nil {
-			klog.Infof("DNSQuery failed, err: %s", err)
+			klog.Infof("DNSQuery failed, err: %s, ns: %s, rcode: %s", err, ns, rCodeStr)
 			return false, err
 		}
-		klog.Infof("DNSQuery succeeded with r.Rcode: %d", r.Rcode)
+		klog.Infof("DNSQuery succeeded with r.Rcode: %s", rCodeStr)
 		// NXDomain response is not really an error, just waiting for propagation to happen
 		if !(r.Rcode == dns.RcodeSuccess || r.Rcode == dns.RcodeNameError) {
 			//klog.Errorf("NS %s returned %s for %s", ns, dns.RcodeToString[r.Rcode], fqdn)
-			return false, fmt.Errorf("NS %s returned %s for %s", ns, dns.RcodeToString[r.Rcode], fqdn)
+			return false, fmt.Errorf("NS %s returned %s for %s", ns, rCodeStr, fqdn)
 		}

 		klog.Infof("%q: must be %s", fqdn, value)
--- a/version.txt
+++ b/version.txt
@ -1,3 +1,3 @@
-0.0.5-alpha.90
-20240416-2039
-90
+0.0.5-alpha.97
+20240418-0139
+97