search

vadimkim / cert-manager-webhook-hetzner

cert-manager webhook for Hetzner DNS API
https://dns.hetzner.com/api-docs
Apache License 2.0
95 stars 39 forks source link

I can't get it working without `zoneName` in `ClusterIssuer` #14

Closed cprass closed 1 year ago

cprass commented 2 years ago

Hi, first of all thanks for your work.

I'm trying to use the Hetzner solver but it doesn't quite work.

I want to add a single ClusterIssuer for multiple DNS zones, so I didn't add the zoneName config to the issuer.

Then I created a simple certificate:

apiVersion: cert-manager.io/v1alpha2 #  I tried with `v1` too, but no change
kind: Certificate
metadata:
  name: test-cert
  namespace: cert-manager
spec:
  commonName: mydomain.com # I tried with or without commonName, same effect - the commonName is deprecated according to the cert-manager docs
  dnsNames:
    - mydomain.com
  issuerRef:
    name: letsencrypt-staging-dns
    kind: ClusterIssuer
  secretName: test-cert

I get this logs from the webhook pod:

splitting domain name _acme-challenge.mydomain.com. failed! 
unable to find id for zone name ``; wrong number of zones in response 3 must be exactly = 1
Error calling API status:422 Unprocessable Entity url: https://dns.hetzner.com/api/v1/records method: POST
Error calling API status:422 Unprocessable Entity url: https://dns.hetzner.com/api/v1/records method: POST
Added TXT record result:
Presented txt record _acme-challenge.mydomain.com.

After looking at the code it looks like the zoneName is required even tho the docs say it's optional. The dnsNames entry is the FQDN and equal to the Hetzner zone-name in my case.

Am I maybe missing something?

hamburghammer commented 2 years ago

I think this has something to do with the image being outdated. The feature making zoneName optional was introduced in 24d81c1ddb53ce837672c33ef9fb30ae2ebd50f7 which was committed in Aug 21, 2021. The latest image tag was build with a version from back in May 8, 2020 (DockerHub). Publishing a new image might fix this (#13)

yelhouti commented 1 year ago

Facing the same issue, let's ping the owner :p @vadimkim hope he has time to publish

vadimkim commented 1 year ago

Hi! Give me couple of days to remember how to publish new images

vadimkim commented 1 year ago

I published new image on dockerhub and updated the index file. But latest changes were not merged into master. Will check what has been changed and make another release: 1.1.1 not to break the existing one

vadimkim commented 1 year ago

Published version 1.1.1. Docker image is the same as for 1.1.0