Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2026-05-26 11:50:24 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix(azure): apply access mode to every zone in the same block (#8110)

Browse Source
This commit is contained in:
James R T
2026-05-20 23:06:37 +08:00
committed by GitHub
parent f8dffa7fc2
commit 84faec64c3
2 changed files with 50 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugin/azure/setup.go
View File

@@ -67,18 +67,17 @@ func parse(c *caddy.Controller) (auth.EnvironmentSettings, map[string][]string,
var fall fall.F var fall fall.F
var access string var access string
var resourceGroup string
var zoneName string
for c.Next() { for c.Next() {
args := c.RemainingArgs() args := c.RemainingArgs()
var currentZoneKeys []string
for i := range args { for i := range args {
parts := strings.SplitN(args[i], ":", 2) parts := strings.SplitN(args[i], ":", 2)
if len(parts) != 2 { if len(parts) != 2 {
return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid resource group/zone: %q", args[i]) return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid resource group/zone: %q", args[i])
} }
resourceGroup, zoneName = parts[0], parts[1] resourceGroup, zoneName := parts[0], parts[1]
if resourceGroup == "" || zoneName == "" { if resourceGroup == "" || zoneName == "" {
return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid resource group/zone: %q", args[i]) return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid resource group/zone: %q", args[i])
} }
@@ -88,6 +87,7 @@ func parse(c *caddy.Controller) (auth.EnvironmentSettings, map[string][]string,
resourceGroupSet[resourceGroup+zoneName] = struct{}{} resourceGroupSet[resourceGroup+zoneName] = struct{}{}
accessMap[resourceGroup+zoneName] = "public" accessMap[resourceGroup+zoneName] = "public"
currentZoneKeys = append(currentZoneKeys, resourceGroup+zoneName)
resourceGroupMapping[resourceGroup] = append(resourceGroupMapping[resourceGroup], zoneName) resourceGroupMapping[resourceGroup] = append(resourceGroupMapping[resourceGroup], zoneName)
} }
@@ -131,7 +131,9 @@ func parse(c *caddy.Controller) (auth.EnvironmentSettings, map[string][]string,
if access != "public" && access != "private" { if access != "public" && access != "private" {
return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid access value: can be public/private, found: %s", access) return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid access value: can be public/private, found: %s", access)
} }
accessMap[resourceGroup+zoneName] = access for _, k := range currentZoneKeys {
accessMap[k] = access
}
default: default:
return env, resourceGroupMapping, accessMap, fall, c.Errf("unknown property: %q", c.Val()) return env, resourceGroupMapping, accessMap, fall, c.Errf("unknown property: %q", c.Val())
} }

64
plugin/azure/setup_test.go
View File

@@ -8,64 +8,88 @@ import (
func TestSetup(t *testing.T) { func TestSetup(t *testing.T) {
tests := []struct { tests := []struct {
body string body string
expectedError bool expectedError bool
expectedAccess map[string]string
}{ }{
{`azure`, false}, {`azure`, false, nil},
{`azure :`, true}, {`azure :`, true, nil},
{`azure resource_set:zone`, false}, {`azure resource_set:zone`, false, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
tenant tenant
}`, true}, }`, true, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
tenant abc tenant abc
}`, false}, }`, false, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
client client
}`, true}, }`, true, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
client abc client abc
}`, false}, }`, false, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
subscription subscription
}`, true}, }`, true, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
subscription abc subscription abc
}`, false}, }`, false, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
foo foo
}`, true}, }`, true, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
tenant tenant_id tenant tenant_id
client client_id client client_id
secret client_secret secret client_secret
subscription subscription_id subscription subscription_id
access public access public
}`, false}, }`, false, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
fallthrough fallthrough
}`, false}, }`, false, nil},
{`azure resource_set:zone { {`azure resource_set:zone {
environment AZUREPUBLICCLOUD environment AZUREPUBLICCLOUD
}`, false}, }`, false, nil},
{`azure resource_set:zone resource_set:zone { {`azure resource_set:zone resource_set:zone {
fallthrough fallthrough
}`, true}, }`, true, nil},
{`azure resource_set:zone,zone2 { {`azure resource_set:zone,zone2 {
access private access private
}`, false}, }`, false, nil},
{`azure resource-set:zone { {`azure resource-set:zone {
access public access public
}`, false}, }`, false, nil},
{`azure resource-set:zone { {`azure resource-set:zone {
access foo access foo
}`, true}, }`, true, nil},
{`azure rg:zone1 rg:zone2 {
access private
}`, false, map[string]string{"rgzone1": "private", "rgzone2": "private"}},
{`azure rg:zone1 {
access private
}
azure rg:zone2 {
}`, false, map[string]string{"rgzone1": "private", "rgzone2": "public"}},
{`azure rg:zone1 rg:zone2 {
}`, false, map[string]string{"rgzone1": "public", "rgzone2": "public"}},
} }
for i, test := range tests { for i, test := range tests {
c := caddy.NewTestController("dns", test.body) c := caddy.NewTestController("dns", test.body)
if _, _, _, _, err := parse(c); (err == nil) == test.expectedError { _, _, accessMap, _, err := parse(c)
if (err == nil) == test.expectedError {
t.Fatalf("Unexpected errors: %v in test: %d\n\t%s", err, i, test.body) t.Fatalf("Unexpected errors: %v in test: %d\n\t%s", err, i, test.body)
} }
if test.expectedAccess == nil {
continue
}
if len(accessMap) != len(test.expectedAccess) {
t.Fatalf("Test %d: accessMap size mismatch: got %d (%v), want %d (%v)\n\t%s",
i, len(accessMap), accessMap, len(test.expectedAccess), test.expectedAccess, test.body)
}
for k, want := range test.expectedAccess {
if got := accessMap[k]; got != want {
t.Fatalf("Test %d: accessMap[%q] = %q, want %q\n\t%s", i, k, got, want, test.body)
}
}
} }
} }