small typos

final fixes
small typo
2025-10-05 23:14:25 +02:00 · 2025-10-05 23:14:25 +02:00 · 2025-10-05 23:14:25 +02:00 · 2025-10-05 23:14:25 +02:00 · 2025-10-05 23:14:25 +02:00 · 2025-10-05 23:14:25 +02:00
2 changed files with 88 additions and 54 deletions
--- a/engine/resources/cloudflare_dns.go
+++ b/engine/resources/cloudflare_dns.go
@@ -32,6 +32,7 @@ package resources
 import (
 	"context"
 	"fmt"
+	"strings"

 	"github.com/purpleidea/mgmt/engine"
 	"github.com/purpleidea/mgmt/engine/traits"
@@ -50,10 +51,10 @@ func init() {
 // CloudflareDNSRes is a resource for managing DNS records in Cloudflare zones.
 // This resource uses the Cloudflare API to create, update, and delete DNS
 // records in a specified zone. It supports various record types including A,
-// AAAA, CNAME, MX, TXT, NS, SRV, and PTR records. The resource requires polling
-// to detect changes, as the Cloudflare API does not provide an event stream.
-// The Purge functionality allows enforcing that only managed DNS records exist
-// in the zone, removing any unmanaged records.
+// AAAA, CNAME, MX, TXT, NS, and PTR records. The resource requires polling to
+// detect changes, as the Cloudflare API does not provide an event stream. The
+// Purge functionality allows enforcing that only managed DNS records exist in
+// the zone, removing any unmanaged records.
 type CloudflareDNSRes struct {
 	traits.Base
 	traits.GraphQueryable
@@ -76,7 +77,7 @@ type CloudflareDNSRes struct {
 	// Priority is the priority value for records that support it (e.g., MX
 	// records). This is a pointer to distinguish between an unset value and
 	// a zero value.
-	Priority *int64 `lang:"priority"`
+	Priority *float64 `lang:"priority"`

 	// Proxied specifies whether the record should be proxied through
 	// Cloudflare's CDN. This is a pointer to distinguish between an unset
@@ -129,7 +130,7 @@ func (obj *CloudflareDNSRes) Validate() error {
 	}

 	if obj.APIToken == "" {
-		return fmt.Errorf("API token is required")
+		return fmt.Errorf("api token is required")
 	}

 	if obj.Type == "" {
@@ -137,7 +138,7 @@ func (obj *CloudflareDNSRes) Validate() error {
 	}

 	if (obj.TTL < 60 || obj.TTL > 86400) && obj.TTL != 1 { // API requirement
-		return fmt.Errorf("TTL must be between 60s and 86400s, or set to 1")
+		return fmt.Errorf("ttl must be between 60s and 86400s, or set to 1")
 	}

 	if obj.Zone == "" {
@@ -152,8 +153,14 @@ func (obj *CloudflareDNSRes) Validate() error {
 		return fmt.Errorf("content is required when state is 'exists'")
 	}

-	if obj.MetaParams().Poll == 0 || obj.MetaParams().Poll < 1 { // CF accepts ~4req/s so this is good enough
-		return fmt.Errorf("cloudflare:dns requires polling, set Meta:poll param	(e.g., 60 seconds), min. 1s")
+	if obj.Type == "MX" && obj.Priority == nil {
+		return fmt.Errorf("priority is required for MX records")
+	}
+
+	// cloudflare accepts ~4req/s so this is safe enough even when managing lots
+	// of records
+	if obj.MetaParams().Poll == 0 || obj.MetaParams().Poll < 60 {
+		return fmt.Errorf("cloudflare:dns requires polling, set Meta:poll param (e.g., 300s), min. 60s")
 	}

 	return nil
@@ -168,7 +175,6 @@ func (obj *CloudflareDNSRes) Init(init *engine.Init) error {
 		option.WithAPIToken(obj.APIToken),
 	)

-	//TODO: does it make more sense to check it here or in CheckApply()?
 	zoneListParams := zones.ZoneListParams{
 		Name: cloudflare.F(obj.Zone),
 	}
@@ -207,21 +213,6 @@ func (obj *CloudflareDNSRes) Watch(context.Context) error {
 // if necessary. If apply is false, it only checks if changes are needed. If
 // Purge is enabled, it will first delete any unmanaged records in the zone.
 func (obj *CloudflareDNSRes) CheckApply(ctx context.Context, apply bool) (bool, error) {
-	zone, err := obj.client.Zones.List(ctx, zones.ZoneListParams{
-		Name: cloudflare.F(obj.Zone),
-	})
-	if err != nil {
-		return false, err
-	}
-
-	if len(zone.Result) == 0 {
-		return false, fmt.Errorf("there's no zone registered with name %s", obj.Zone)
-	}
-
-	if len(zone.Result) > 1 {
-		return false, fmt.Errorf("there's more than one zone with name %s", obj.Zone)
-	}
-
 	// We start by checking the need for purging
 	if obj.Purge {
 		checkOK, err := obj.purgeCheckApply(ctx, apply)
@@ -233,7 +224,8 @@ func (obj *CloudflareDNSRes) CheckApply(ctx context.Context, apply bool) (bool,
 		}
 	}

-	// List existing records
+	// we're using `contains` so as to get the candidates, as `exact` might not
+	// give the expected results depending on how the user specified it.
 	listParams := dns.RecordListParams{
 		ZoneID: cloudflare.F(obj.zoneID),
 		Name: cloudflare.F(dns.RecordListParamsName{
@@ -247,10 +239,15 @@ func (obj *CloudflareDNSRes) CheckApply(ctx context.Context, apply bool) (bool,
 		return false, errwrap.Wrapf(err, "failed to list DNS records")
 	}

-	recordExists := len(recordList.Result) > 0
+	// here we filter to find the exact match
+	recordExists := false
 	var record dns.RecordResponse
-	if recordExists {
-		record = recordList.Result[0]
+	for _, r := range recordList.Result {
+		if obj.matchesRecordName(r.Name) {
+			record = r
+			recordExists = true
+			break
+		}
 	}

 	switch obj.State {
@@ -319,7 +316,11 @@ func (obj *CloudflareDNSRes) Cmp(r engine.Res) error {
 		return fmt.Errorf("apitoken differs")
 	}

-	if obj.Proxied != res.Proxied {
+	if (obj.Proxied == nil) != (res.Proxied == nil) {
+		return fmt.Errorf("proxied values differ")
+	}
+
+	if obj.Proxied != nil && *obj.Proxied != *res.Proxied {
 		return fmt.Errorf("proxied values differ")
 	}

@@ -355,7 +356,11 @@ func (obj *CloudflareDNSRes) Cmp(r engine.Res) error {
 		return fmt.Errorf("content param differs")
 	}

-	if obj.Priority != res.Priority {
+	if (obj.Priority == nil) != (res.Priority == nil) {
+		return fmt.Errorf("the priority param differs")
+	}
+
+	if obj.Priority != nil && *obj.Priority != *res.Priority {
 		return fmt.Errorf("the priority param differs")
 	}

@@ -426,7 +431,7 @@ func (obj *CloudflareDNSRes) buildRecordParam() (any, error) {
 			param.Proxied = cloudflare.F(*obj.Proxied)
 		}
 		if obj.Priority != nil { // required for MX record
-			param.Priority = cloudflare.F(float64(*obj.Priority))
+			param.Priority = cloudflare.F(*obj.Priority)
 		}
 		if obj.Comment != "" {
 			param.Comment = cloudflare.F(obj.Comment)
@@ -463,20 +468,6 @@ func (obj *CloudflareDNSRes) buildRecordParam() (any, error) {
 		}
 		return param, nil

-	case "SRV":
-		param := dns.SRVRecordParam{
-			Name: cloudflare.F(obj.RecordName),
-			Type: cloudflare.F(dns.SRVRecordTypeSRV),
-			TTL:  cloudflare.F(ttl),
-		}
-		if obj.Proxied != nil {
-			param.Proxied = cloudflare.F(*obj.Proxied)
-		}
-		if obj.Comment != "" {
-			param.Comment = cloudflare.F(obj.Comment)
-		}
-		return param, nil
-
 	case "PTR":
 		param := dns.PTRRecordParam{
 			Name:    cloudflare.F(obj.RecordName),
@@ -578,16 +569,16 @@ func (obj *CloudflareDNSRes) needsUpdate(record dns.RecordResponse) bool {
 	}

 	if obj.Priority != nil {
-		if float64(*obj.Priority) != record.Priority {
+		if *obj.Priority != record.Priority {
 			return true
 		}
 	}

-	if obj.Comment != record.Comment {
+	if obj.Comment != "" && obj.Comment != record.Comment {
 		return true
 	}

-	// TODO add more checks?
+	//TODO: add more checks?

 	return false

@@ -637,7 +628,12 @@ func (obj *CloudflareDNSRes) purgeCheckApply(ctx context.Context, apply bool) (b
 		}

 		if cfRes.Zone == obj.Zone {
-			recordKey := fmt.Sprintf("%s:%s", cfRes.RecordName, cfRes.Type)
+			recordKey := fmt.Sprintf("%s:%s:%s", cfRes.RecordName, cfRes.Type,
+				cfRes.Content)
+			if cfRes.Priority != nil {
+				// corner case for MX records which require priority set
+				recordKey = fmt.Sprintf("%s:%g", recordKey, *cfRes.Priority)
+			}
 			excludes[recordKey] = true
 		}
 	}
@@ -645,7 +641,11 @@ func (obj *CloudflareDNSRes) purgeCheckApply(ctx context.Context, apply bool) (b
 	checkOK := true

 	for _, record := range allRecords {
-		recordKey := fmt.Sprintf("%s:%s", record.Name, record.Type)
+		recordKey := fmt.Sprintf("%s:%s:%s", record.Name, record.Type,
+			record.Content)
+		if record.Priority != 0 {
+			recordKey = fmt.Sprintf("%s:%g", recordKey, record.Priority)
+		}

 		if excludes[recordKey] {
 			continue
@@ -678,3 +678,27 @@ func (obj *CloudflareDNSRes) GraphQueryAllowed(opts ...engine.GraphQueryableOpti
 	}
 	return nil
 }
+
+// matchesRecordName checks if a record name from the API matches our desired
+// record name. Handles both FQDN (www.example.com) and short form (www)
+// comparisons.
+func (obj *CloudflareDNSRes) matchesRecordName(apiRecordName string) bool {
+	desired := obj.normalizeRecordName(obj.RecordName)
+	actual := obj.normalizeRecordName(apiRecordName)
+	return desired == actual
+}
+
+// normalizeRecordName converts a record name to a consistent format for
+// comparison. Converts to FQDN format (e.g., "www" -> "www.example.com", "@" ->
+// "example.com")
+func (obj *CloudflareDNSRes) normalizeRecordName(name string) string {
+	if name == "@" || name == obj.Zone {
+		return obj.Zone
+	}
+
+	if strings.HasSuffix(name, "."+obj.Zone) {
+		return name
+	}
+
+	return name + "." + obj.Zone
+}
--- a/engine/resources/virt_builder.go
+++ b/engine/resources/virt_builder.go
@@ -36,6 +36,7 @@ import (
 	"net/url"
 	"os"
 	"os/exec"
+	"os/user"
 	"path"
 	"path/filepath"
 	"runtime"
@@ -621,6 +622,15 @@ func (obj *VirtBuilderRes) CheckApply(ctx context.Context, apply bool) (bool, er

 	cmd := exec.CommandContext(ctx, cmdName, cmdArgs...)

+	usr, err := user.Current()
+	if err != nil {
+		return false, err
+	}
+	// FIXME: consider building this from an empty environment?
+	cmd.Env = append(os.Environ(),
+		fmt.Sprintf("HOME=%s", usr.HomeDir),
+	)
+
 	// ignore signals sent to parent process (we're in our own group)
 	cmd.SysProcAttr = &syscall.SysProcAttr{
 		Setpgid: true,
@@ -638,7 +648,7 @@ func (obj *VirtBuilderRes) CheckApply(ctx context.Context, apply bool) (bool, er
 		return false, errwrap.Wrapf(err, "error starting cmd")
 	}

-	err := cmd.Wait() // we can unblock this with the timeout
+	cmderr := cmd.Wait() // we can unblock this with the timeout
 	out := b.String()

 	p := path.Join(obj.varDir, fmt.Sprintf("%d.log", start))
@@ -648,7 +658,7 @@ func (obj *VirtBuilderRes) CheckApply(ctx context.Context, apply bool) (bool, er
 		}
 	}

-	if err == nil {
+	if cmderr == nil {
 		obj.init.Logf("built image successfully!")
 		return false, nil // success!
 	}
@@ -667,7 +677,7 @@ func (obj *VirtBuilderRes) CheckApply(ctx context.Context, apply bool) (bool, er
 		obj.init.Logf("deleted partial output")
 	}

-	exitErr, ok := err.(*exec.ExitError) // embeds an os.ProcessState
+	exitErr, ok := cmderr.(*exec.ExitError) // embeds an os.ProcessState
 	if !ok {
 		// command failed in some bad way
 		return false, errwrap.Wrapf(err, "cmd failed in some bad way")
Author	SHA1	Message	Date
Lourenço Vales	ad86804f56	small typos	2025-10-05 23:14:25 +02:00
Lourenço Vales	0784060d05	final fixes	2025-10-05 23:14:25 +02:00
Lourenço Vales	2591c7468d	small typo	2025-10-05 23:14:25 +02:00
Lourenço Vales	7d2c20a579	changed validation for MX record corner case	2025-10-05 23:14:25 +02:00
Lourenço Vales	472cb18060	added more robust validation; small changes	2025-10-05 23:14:25 +02:00
Lourenço Vales	3d721f4688	fixed slight error in validation	2025-10-05 23:14:25 +02:00
Lourenço Vales	8fff0f5d24	adding doc comments	2025-10-05 23:14:25 +02:00
Lourenço Vales	9e45a08704	fixed record deletion by changing the matching condition	2025-10-05 23:14:25 +02:00
Lourenço Vales	5cf369d2a8	adding Poll condition to guarantee minimum time between tries	2025-10-05 23:14:25 +02:00
Lourenço Vales	bce129c9eb	everything is implemented, now on to testing	2025-10-05 23:14:25 +02:00
Lourenço Vales	70da562ceb	added partial cloudflare api integration	2025-10-05 23:14:25 +02:00
Lourenço Vales	c6dc388427	added cmp function	2025-10-05 23:14:25 +02:00
Lourenço Vales	17c8153c1e	added CheckApply function; made some changes to structure	2025-10-05 23:14:25 +02:00
Lourenço Vales	62ecbf633d	engine: resources: Add Cloudflare DNS resource	2025-10-05 23:14:25 +02:00
James Shubin	06f54e5628	engine: resources: Virt builder needs HOME sometimes Seems this is new or got pulled in automatically somehow. This fixes: virt-builder: error: ssh-inject: $HOME environment variable is not set	2025-10-03 17:16:35 -04:00