search

go-acme / lego

Let's Encrypt/ACME client and library written in Go
https://go-acme.github.io/lego/
MIT License
7.99k stars 1.02k forks source link

cloudflare: update api client to v0.70.0 #1931

Closed darron closed 1 year ago

darron commented 1 year ago

I was having problems with lego yesterday - thought it might be because of the older cloudflare-go package.

Turns out - that wasn't it - it was API key shenanigans - but I thought maybe y'all would be interested in a library upgrade PR.

The tests pass:

=== RUN   TestNewDNSProvider
=== RUN   TestNewDNSProvider/success_email,_API_key
=== RUN   TestNewDNSProvider/success_API_token
=== RUN   TestNewDNSProvider/success_separate_API_tokens
=== RUN   TestNewDNSProvider/missing_credentials
=== RUN   TestNewDNSProvider/missing_email
=== RUN   TestNewDNSProvider/missing_api_key
--- PASS: TestNewDNSProvider (0.00s)
    --- PASS: TestNewDNSProvider/success_email,_API_key (0.00s)
    --- PASS: TestNewDNSProvider/success_API_token (0.00s)
    --- PASS: TestNewDNSProvider/success_separate_API_tokens (0.00s)
    --- PASS: TestNewDNSProvider/missing_credentials (0.00s)
    --- PASS: TestNewDNSProvider/missing_email (0.00s)
    --- PASS: TestNewDNSProvider/missing_api_key (0.00s)
=== RUN   TestNewDNSProviderWithToken
=== RUN   TestNewDNSProviderWithToken/same_client_when_zone_token_is_missing
=== RUN   TestNewDNSProviderWithToken/same_client_when_zone_token_equals_dns_token
=== RUN   TestNewDNSProviderWithToken/failure_when_only_zone_api_given
=== RUN   TestNewDNSProviderWithToken/different_clients_when_zone_and_dns_token_differ
=== RUN   TestNewDNSProviderWithToken/aliases_work_as_expected
--- PASS: TestNewDNSProviderWithToken (0.00s)
    --- PASS: TestNewDNSProviderWithToken/same_client_when_zone_token_is_missing (0.00s)
    --- PASS: TestNewDNSProviderWithToken/same_client_when_zone_token_equals_dns_token (0.00s)
    --- PASS: TestNewDNSProviderWithToken/failure_when_only_zone_api_given (0.00s)
    --- PASS: TestNewDNSProviderWithToken/different_clients_when_zone_and_dns_token_differ (0.00s)
    --- PASS: TestNewDNSProviderWithToken/aliases_work_as_expected (0.00s)
=== RUN   TestNewDNSProviderConfig
=== RUN   TestNewDNSProviderConfig/success_with_email_and_api_key
=== RUN   TestNewDNSProviderConfig/success_with_api_token
=== RUN   TestNewDNSProviderConfig/prefer_api_token
=== RUN   TestNewDNSProviderConfig/missing_credentials
=== RUN   TestNewDNSProviderConfig/missing_email
=== RUN   TestNewDNSProviderConfig/missing_api_key
=== RUN   TestNewDNSProviderConfig/missing_api_token,_fallback_to_api_key/email
--- PASS: TestNewDNSProviderConfig (0.00s)
    --- PASS: TestNewDNSProviderConfig/success_with_email_and_api_key (0.00s)
    --- PASS: TestNewDNSProviderConfig/success_with_api_token (0.00s)
    --- PASS: TestNewDNSProviderConfig/prefer_api_token (0.00s)
    --- PASS: TestNewDNSProviderConfig/missing_credentials (0.00s)
    --- PASS: TestNewDNSProviderConfig/missing_email (0.00s)
    --- PASS: TestNewDNSProviderConfig/missing_api_key (0.00s)
    --- PASS: TestNewDNSProviderConfig/missing_api_token,_fallback_to_api_key/email (0.00s)
=== RUN   TestLivePresent
    cloudflare_test.go:270: skipping live test
--- SKIP: TestLivePresent (0.00s)
=== RUN   TestLiveCleanUp
    cloudflare_test.go:283: skipping live test
--- SKIP: TestLiveCleanUp (0.00s)
PASS
    github.com/go-acme/lego/v4/providers/dns/cloudflare coverage: 36.0% of statements
ok      github.com/go-acme/lego/v4/providers/dns/cloudflare 0.631s  coverage: 36.0% of statements

I ran and got a certificate:

$ make build
BIN_OUTPUT: dist/lego
rm -rf dist/ builds/ cover.out
Version: d1c260a3f4bcaa94a726b5e977f58e7efa034118
go build -trimpath -ldflags '-X "main.version=d1c260a3f4bcaa94a726b5e977f58e7efa034118"' -o  dist/lego ./cmd/lego/
$ ~/bin/lego --version
lego version d1c260a3f4bcaa94a726b5e977f58e7efa034118 darwin/arm64
$ ~/bin/lego --email darron.froese@dapperlabs.com \
  --dns cloudflare \
  --domains "testing.dapper.services" \
  --domains "a.testing.dapper.services" \
  --domains "b.testing.dapper.services" \
  --domains "c.testing.dapper.services" run
2023/06/07 15:48:23 [INFO] [testing.dapper.services, a.testing.dapper.services, b.testing.dapper.services, c.testing.dapper.services] acme: Obtaining bundled SAN certificate
2023/06/07 15:48:24 [INFO] [a.testing.dapper.services] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/234835955367
2023/06/07 15:48:24 [INFO] [b.testing.dapper.services] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/234835955377
2023/06/07 15:48:24 [INFO] [c.testing.dapper.services] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/234835955387
2023/06/07 15:48:24 [INFO] [testing.dapper.services] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/234835955397
2023/06/07 15:48:24 [INFO] [a.testing.dapper.services] acme: Could not find solver for: tls-alpn-01
2023/06/07 15:48:24 [INFO] [a.testing.dapper.services] acme: Could not find solver for: http-01
2023/06/07 15:48:24 [INFO] [a.testing.dapper.services] acme: use dns-01 solver
2023/06/07 15:48:24 [INFO] [b.testing.dapper.services] acme: Could not find solver for: tls-alpn-01
2023/06/07 15:48:24 [INFO] [b.testing.dapper.services] acme: Could not find solver for: http-01
2023/06/07 15:48:24 [INFO] [b.testing.dapper.services] acme: use dns-01 solver
2023/06/07 15:48:24 [INFO] [testing.dapper.services] acme: Could not find solver for: tls-alpn-01
2023/06/07 15:48:24 [INFO] [testing.dapper.services] acme: Could not find solver for: http-01
2023/06/07 15:48:24 [INFO] [testing.dapper.services] acme: use dns-01 solver
2023/06/07 15:48:24 [INFO] [c.testing.dapper.services] acme: Could not find solver for: tls-alpn-01
2023/06/07 15:48:24 [INFO] [c.testing.dapper.services] acme: Could not find solver for: http-01
2023/06/07 15:48:24 [INFO] [c.testing.dapper.services] acme: use dns-01 solver
2023/06/07 15:48:24 [INFO] [a.testing.dapper.services] acme: Preparing to solve DNS-01
2023/06/07 15:48:24 [INFO] cloudflare: new record for a.testing.dapper.services, ID 54004c24a57d045e921119286f57b106
2023/06/07 15:48:24 [INFO] [b.testing.dapper.services] acme: Preparing to solve DNS-01
2023/06/07 15:48:24 [INFO] cloudflare: new record for b.testing.dapper.services, ID 648699ac06cc42c66bb329fbe84951b3
2023/06/07 15:48:24 [INFO] [testing.dapper.services] acme: Preparing to solve DNS-01
2023/06/07 15:48:25 [INFO] cloudflare: new record for testing.dapper.services, ID 372931330dfe9da28dbcebaae057a8dc
2023/06/07 15:48:25 [INFO] [c.testing.dapper.services] acme: Preparing to solve DNS-01
2023/06/07 15:48:25 [INFO] cloudflare: new record for c.testing.dapper.services, ID 12d0a24e985d55e5884c2c8207788b85
2023/06/07 15:48:25 [INFO] [a.testing.dapper.services] acme: Trying to solve DNS-01
2023/06/07 15:48:25 [INFO] [a.testing.dapper.services] acme: Checking DNS record propagation using [10.255.0.1:53]
2023/06/07 15:48:27 [INFO] Wait for propagation [timeout: 2m0s, interval: 2s]
2023/06/07 15:48:52 [INFO] [a.testing.dapper.services] The server validated our request
2023/06/07 15:48:52 [INFO] [b.testing.dapper.services] acme: Trying to solve DNS-01
2023/06/07 15:48:52 [INFO] [b.testing.dapper.services] acme: Checking DNS record propagation using [10.255.0.1:53]
2023/06/07 15:48:54 [INFO] Wait for propagation [timeout: 2m0s, interval: 2s]
2023/06/07 15:48:58 [INFO] [b.testing.dapper.services] The server validated our request
2023/06/07 15:48:58 [INFO] [testing.dapper.services] acme: Trying to solve DNS-01
2023/06/07 15:48:58 [INFO] [testing.dapper.services] acme: Checking DNS record propagation using [10.255.0.1:53]
2023/06/07 15:49:00 [INFO] Wait for propagation [timeout: 2m0s, interval: 2s]
2023/06/07 15:49:08 [INFO] [testing.dapper.services] The server validated our request
2023/06/07 15:49:08 [INFO] [c.testing.dapper.services] acme: Trying to solve DNS-01
2023/06/07 15:49:08 [INFO] [c.testing.dapper.services] acme: Checking DNS record propagation using [10.255.0.1:53]
2023/06/07 15:49:10 [INFO] Wait for propagation [timeout: 2m0s, interval: 2s]
2023/06/07 15:49:16 [INFO] [c.testing.dapper.services] The server validated our request
2023/06/07 15:49:16 [INFO] [a.testing.dapper.services] acme: Cleaning DNS-01 challenge
2023/06/07 15:49:16 [INFO] [b.testing.dapper.services] acme: Cleaning DNS-01 challenge
2023/06/07 15:49:16 [INFO] [testing.dapper.services] acme: Cleaning DNS-01 challenge
2023/06/07 15:49:17 [INFO] [c.testing.dapper.services] acme: Cleaning DNS-01 challenge
2023/06/07 15:49:17 [INFO] [testing.dapper.services, a.testing.dapper.services, b.testing.dapper.services, c.testing.dapper.services] acme: Validations succeeded; requesting certificates
2023/06/07 15:49:17 [INFO] [testing.dapper.services] Server responded with a certificate.
darron commented 1 year ago

Also note - I had to update the DNSRecords method because the API changed but it doesn't appear that it's used anywhere.

I don't know this codebase well enough to know if maybe I'm missing something.