TEST -- DO NOT MERGE#4246
Closed
TomOnTime wants to merge 4 commits into
Closed
Conversation
- Replace hardcoded PROVIDERS array with dynamic read from `integrationTest/profiles.json`. - Add sparse-checkout step to fetch only the profiles file. - Existing filtering on `*_DOMAIN` env vars remains intact, so providers without configured secrets are skipped automatically.
…n_tests.yml`. - Remove instructions to manually add providers to the PROVIDERS list in `writing-providers.md`, `byo-secrets.md` and `release-engineering.md`. - Update checklist and FAQ to reflect the new automated approach.
…n_tests.yml`. - Use `-AsHashtable` flag because `profiles.json` contains keys with mixed casing (`TYPE` vs `domain`), which PowerShell rejects without this flag.
…nabled (#4189) ### Description Fixes the CNAME + other record type validation to allow coexistence when the CNAME is proxied through Cloudflare (`CF_PROXY_ON` or `CF_PROXY_FULL`). ### Problem When using the Cloudflare provider with `CF_PROXY_ON`, dnscontrol rejects configurations that have a CNAME and another record type (e.g., MX) on the same name: ``` cannot have CNAME and MX record with same name: mailscanner.example.com ``` However, when a CNAME is proxied, Cloudflare flattens it internally and returns A/AAAA records to resolvers. The CNAME is never served to the public, so the RFC 1034 §3.6.2 restriction does not apply. Cloudflare itself allows this configuration and it works correctly. ### Root Cause The `checkCNAMEs` function in `pkg/normalize/validate.go` unconditionally rejects any record type (except AKAMAICDN) that shares a label with a CNAME, without checking whether the CNAME uses Cloudflare proxy flattening. ### Fix When building the CNAME label map, also track which CNAMEs have `cloudflare_proxy` metadata set to `"on"` or `"full"`. Skip the conflict error for those labels, following the same pattern as the existing AKAMAICDN exception. ### Tests Added `TestCNAMECloudflareProxied` that verifies: - Proxied CNAME + MX on the same label produces no error - Non-proxied CNAME + MX on the same label still produces an error Fixes #4181 Co-authored-by: rvasikarla <rvasikarla@splunk.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.