Skip to content

[WIP] DNS provider framework - PowerDNS plugin #12737

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
sudo87 wants to merge 51 commits into
base: main
Choose a base branch
from
Draft

[WIP] DNS provider framework - PowerDNS plugin #12737

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
51 commits
Select commit Hold shift + click to select a range
7b9fc0e
wip: dns provider framework
sudo87 Feb 4, 2026
b2d597c
add db schema, vo and dao classes
sudo87 Feb 10, 2026
6ef7f9b
add powerdns module in plugins
sudo87 Feb 11, 2026
9911c28
Changes done to AddDnsServer, ListDnsServer, DeleteDnsServer and Upda…
sudo87 Feb 12, 2026
df21318
1. Setup Dns zone schema
sudo87 Feb 13, 2026
f29b8be
following dns zone apis are integrated:
sudo87 Feb 15, 2026
9b77c37
Tested following flow:
sudo87 Feb 16, 2026
c5972ae
Add associate and disassociate zone to network APIs
sudo87 Feb 16, 2026
99f8c7d
following things are done:
sudo87 Feb 17, 2026
e011ce1
add missing license, cleanup, log std
sudo87 Feb 18, 2026
4a9f66d
following changes are done:
sudo87 Feb 19, 2026
c64cf81
include:
sudo87 Feb 20, 2026
4df11a4
normalize dns zone and record in svc layer, always use dotless data i…
sudo87 Feb 21, 2026
857436e
enable apis for all roles
sudo87 Feb 21, 2026
582b687
add ACL annotation, entitytype, minor cleanup
sudo87 Feb 21, 2026
add7763
acl related changes, fixes, mistakes
sudo87 Feb 25, 2026
1fe79bd
fixes related to acl, dao
sudo87 Feb 25, 2026
6ca9d5a
add views for dns_server and dns_zone
sudo87 Feb 26, 2026
1c1eef3
Add Listener for VM lifecycle to add dnsrecords for associated dns zone
sudo87 Mar 2, 2026
caf8533
1. implement event processing for vm start/stop/destroy, nic create/d…
sudo87 Mar 3, 2026
856158c
starting on ui work
sudo87 Mar 3, 2026
928db65
resolve merge conflict with main
sudo87 Mar 3, 2026
369bb16
fix lint issue
sudo87 Mar 3, 2026
0df50ce
fix list dnsservers api, ui screens for dns servers, generate events
sudo87 Mar 4, 2026
a9afbce
UI related work and fixes in updateDnsServer cmd
sudo87 Mar 10, 2026
6bcfbc6
resolve conflict with main
sudo87 Mar 13, 2026
c74a579
resolve build and licensefailure issue
sudo87 Mar 14, 2026
7f5e2a7
continue UI component work, fix minor issue with apis
sudo87 Mar 17, 2026
d8cca73
resolve conflict with main
sudo87 Mar 17, 2026
a1eca74
work on updateDnsServer ui screen, fixed acl issue for dns server and…
sudo87 Mar 18, 2026
981bb64
add associate and disassociate dns zone to network ui screens, networ…
sudo87 Mar 19, 2026
af7ce8e
fix addDnsRecord and deleteDnsRecord flow for automatic registration …
sudo87 Mar 20, 2026
bde9fd9
improve cleanup logic for DNS zone and server
sudo87 Mar 23, 2026
5682a5a
modify delete flow for dns zone and server, ask to key in name
sudo87 Mar 23, 2026
c6abed1
Following changes are part of this commit:
sudo87 Mar 25, 2026
f1dcd00
add unit tests
sudo87 Apr 1, 2026
f524bbe
resolve conflict with main
sudo87 Apr 1, 2026
9d4e141
unit tests
sudo87 Apr 1, 2026
8d10ae1
Following changes are done:
sudo87 Apr 6, 2026
3567819
fix automatic dns record registration based on vm and nic lifecycle
sudo87 Apr 9, 2026
883dc32
changes:
sudo87 Apr 10, 2026
3ae9834
fix normalizing dns record values for mx, srv and other type
sudo87 Apr 11, 2026
a036281
split cleanup of old dns urls and new record registration
sudo87 Apr 13, 2026
6466362
unit tests
sudo87 Apr 14, 2026
9d0884a
add marvin test for powerdns
sudo87 Apr 15, 2026
30566d1
merge main changes
sudo87 Apr 15, 2026
f96d4cd
trim trailing space
sudo87 Apr 15, 2026
2d14c26
rename credentials param in dns server vue files to apikey
sudo87 Apr 16, 2026
001a197
rename apikey to dnsapikey, refactor ui and add dig verification in i…
sudo87 Apr 17, 2026
172ac67
rename dnsrecordurl -> nicdnsname, DnsNicJoinView -> nicDnsJoinVo
sudo87 Apr 20, 2026
5f627aa
changes in this commit:
sudo87 Apr 24, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix normalizing dns record values for mx, srv and other type
  • Loading branch information
@sudo87
sudo87 committed Apr 11, 2026
commit 3ae983432592a871e523a4b799394987fd7807f2
4 changes: 2 additions & 2 deletions api/src/main/java/org/apache/cloudstack/api/command/user/dns/CreateDnsRecordCmd.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,10 @@ public class CreateDnsRecordCmd extends BaseAsyncCmd {
description = "ID of the DNS zone")
private Long dnsZoneId;

@Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "Record name")
@Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "DNS record name")
private String name;

@Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, required = true, description = "Record type (A, CNAME)")
@Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, required = true, description = "DNS record type (e.g., A, AAAA, CNAME, MX, TXT, etc.)")
private String type;

@Parameter(name = ApiConstants.CONTENTS, type = CommandType.LIST, collectionType = CommandType.STRING, required = true,
Expand Down
7 changes: 0 additions & 7 deletions plugins/dns/powerdns/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,4 @@
<version>4.23.0.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>

<properties>
<maven.compiler.source>11</maven.compiler.source>
<maven.compiler.target>11</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>

</project>
6 changes: 3 additions & 3 deletions plugins/dns/powerdns/src/test/java/org/apache/cloudstack/dns/DnsProviderUtilTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
package org.apache.cloudstack.dns;

import static org.apache.cloudstack.dns.DnsProviderUtil.appendPublicSuffixToZone;
import static org.apache.cloudstack.dns.DnsProviderUtil.normalizeDomain;
import static org.apache.cloudstack.dns.DnsProviderUtil.normalizeDomainForDb;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;

Expand Down Expand Up @@ -89,13 +89,13 @@ public void testAppendPublicSuffix() {
if (Strings.isNotBlank(publicSuffix)) {
result = executeAppendSuffixTest(userZoneName, publicSuffix);
} else {
result = appendPublicSuffixToZone(normalizeDomain(userZoneName), publicSuffix);
result = appendPublicSuffixToZone(normalizeDomainForDb(userZoneName), publicSuffix);
}
assertEquals(expectedResult, result);
}
}

String executeAppendSuffixTest(String zoneName, String domainSuffix) {
return appendPublicSuffixToZone(normalizeDomain(zoneName), domainSuffix);
return appendPublicSuffixToZone(normalizeDomainForDb(zoneName), domainSuffix);
}
}
197 changes: 197 additions & 0 deletions ...ins/dns/powerdns/src/test/java/org/apache/cloudstack/dns/NormalizeDnsRecordValueTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,197 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.

package org.apache.cloudstack.dns;

import static org.apache.cloudstack.dns.DnsRecord.RecordType.A;
import static org.apache.cloudstack.dns.DnsRecord.RecordType.AAAA;
import static org.apache.cloudstack.dns.DnsRecord.RecordType.CNAME;
import static org.apache.cloudstack.dns.DnsRecord.RecordType.MX;
import static org.apache.cloudstack.dns.DnsRecord.RecordType.NS;
import static org.apache.cloudstack.dns.DnsRecord.RecordType.PTR;
import static org.apache.cloudstack.dns.DnsRecord.RecordType.SRV;
import static org.apache.cloudstack.dns.DnsRecord.RecordType.TXT;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;

import java.util.Arrays;
import java.util.Collection;

import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
public class NormalizeDnsRecordValueTest {

private final String description;
private final String input;
private final DnsRecord.RecordType recordType;
private final String expected;
private final boolean expectException;

public NormalizeDnsRecordValueTest(String description, String input,
DnsRecord.RecordType recordType,
String expected, boolean expectException) {
this.description = description;
this.input = input;
this.recordType = recordType;
this.expected = expected;
this.expectException = expectException;
}

@Parameterized.Parameters(name = "{0}")
public static Collection<Object[]> data() {
return Arrays.asList(new Object[][] {

// ----------------------------------------------------------------
// Guard: blank/null value — all record types should throw
// ----------------------------------------------------------------
{"null value, A record", null, A, null, true},
{"empty value, A record", "", A, null, true},
{"blank value, A record", " ", A, null, true},

{"null value, AAAA record", null, AAAA, null, true},
{"null value, CNAME record", null, CNAME, null, true},
{"null value, MX record", null, MX, null, true},
{"null value, TXT record", null, TXT, null, true},
{"null value, SRV record", null, SRV, null, true},
{"null value, NS record", null, NS, null, true},
{"null value, PTR record", null, PTR, null, true},

// ----------------------------------------------------------------
// A record
// ----------------------------------------------------------------
{"A: valid IPv4", "93.184.216.34", A, "93.184.216.34", false},
{"A: valid IPv4 with whitespace", " 93.184.216.34 ", A, "93.184.216.34", false},
{"A: loopback", "127.0.0.1", A, "127.0.0.1", false},
{"A: all-zeros", "0.0.0.0", A, "0.0.0.0", false},
{"A: broadcast", "255.255.255.255", A, "255.255.255.255", false},
{"A: private 10.x", "10.0.0.1", A, "10.0.0.1", false},
{"A: private 192.168.x", "192.168.1.1", A, "192.168.1.1", false},

{"A: IPv6 rejected", "2001:db8::1", A, null, true},
{"A: domain rejected", "example.com", A, null, true},
{"A: partial IP rejected", "192.168.1", A, null, true},
{"A: trailing dot rejected", "93.184.216.34.", A, null, true},
{"A: octet out of range rejected", "256.0.0.1", A, null, true},

// ----------------------------------------------------------------
// AAAA record
// ----------------------------------------------------------------
{"AAAA: full IPv6", "2001:0db8:0000:0000:0000:0000:0000:0001", AAAA,
"2001:0db8:0000:0000:0000:0000:0000:0001", false},

{"AAAA: compressed IPv6", "2001:db8::1", AAAA, "2001:db8::1", false},
{"AAAA: loopback", "::1", AAAA, "::1", false},
{"AAAA: all zeros", "::", AAAA, "::", false},
{"AAAA: whitespace", " 2001:db8::1 ", AAAA, "2001:db8::1", false},

{"AAAA: IPv4 rejected", "93.184.216.34", AAAA, null, true},
{"AAAA: domain rejected", "example.com", AAAA, null, true},
{"AAAA: invalid hex rejected", "2001:db8::xyz", AAAA, null, true},

// ----------------------------------------------------------------
// CNAME record
// ----------------------------------------------------------------
{"CNAME: basic", "target.example.com", CNAME, "target.example.com.", false},
{"CNAME: uppercase", "TARGET.EXAMPLE.COM", CNAME, "target.example.com.", false},
{"CNAME: trailing dot", "target.example.com.", CNAME, "target.example.com.", false},
{"CNAME: whitespace", " target.example.com ", CNAME, "target.example.com.", false},
{"CNAME: subdomain", "sub.target.example.com", CNAME, "sub.target.example.com.", false},

{"CNAME: IP rejected", "192.168.1.1", CNAME, null, true},
{"CNAME: invalid label", "-bad.example.com", CNAME, null, true},

// ----------------------------------------------------------------
// NS record
// ----------------------------------------------------------------
{"NS: basic", "ns1.example.com", NS, "ns1.example.com.", false},
{"NS: uppercase", "NS1.EXAMPLE.COM", NS, "ns1.example.com.", false},
{"NS: trailing dot", "ns1.example.com.", NS, "ns1.example.com.", false},
{"NS: subdomain", "ns1.sub.example.com", NS, "ns1.sub.example.com.", false},

{"NS: IP rejected", "8.8.8.8", NS, null, true},
{"NS: invalid label", "ns1-.example.com", NS, null, true},

// ----------------------------------------------------------------
// PTR record
// ----------------------------------------------------------------
{"PTR: basic", "host.example.com", PTR, "host.example.com.", false},
{"PTR: in-addr.arpa", "1.168.192.in-addr.arpa", PTR, "1.168.192.in-addr.arpa.", false},
{"PTR: uppercase", "HOST.EXAMPLE.COM", PTR, "host.example.com.", false},
{"PTR: trailing dot", "host.example.com.", PTR, "host.example.com.", false},

{"PTR: IP rejected", "192.168.1.1", PTR, null, true},
{"PTR: invalid label", "-host.example.com", PTR, null, true},

// ----------------------------------------------------------------
// MX record
// ----------------------------------------------------------------
{"MX: standard", "10 mail.example.com", MX, "10 mail.example.com.", false},
{"MX: zero priority", "0 mail.example.com", MX, "0 mail.example.com.", false},
{"MX: max priority", "65535 mail.example.com", MX, "65535 mail.example.com.", false},
{"MX: uppercase", "10 MAIL.EXAMPLE.COM", MX, "10 mail.example.com.", false},
{"MX: trailing dot", "10 mail.example.com.", MX, "10 mail.example.com.", false},
{"MX: extra whitespace", "10 mail.example.com", MX, "10 mail.example.com.", false},

{"MX: missing domain", "10", MX, null, true},
{"MX: priority out of range", "65536 mail.example.com", MX, null, true},
{"MX: non-numeric priority", "abc mail.example.com", MX, null, true},
{"MX: IP rejected", "10 192.168.1.1", MX, null, true},

// ----------------------------------------------------------------
// SRV record
// ----------------------------------------------------------------
{"SRV: standard", "10 20 443 target.example.com", SRV, "10 20 443 target.example.com.", false},
{"SRV: zeros", "0 0 1 target.example.com", SRV, "0 0 1 target.example.com.", false},
{"SRV: max values", "65535 65535 65535 target.example.com", SRV, "65535 65535 65535 target.example.com.", false},
{"SRV: uppercase", "10 20 443 TARGET.EXAMPLE.COM", SRV, "10 20 443 target.example.com.", false},
{"SRV: trailing dot", "10 20 443 target.example.com.", SRV, "10 20 443 target.example.com.", false},

{"SRV: missing target", "10 20 443", SRV, null, true},
{"SRV: port 0", "10 20 0 target.example.com", SRV, null, true},
{"SRV: priority out of range", "65536 20 443 target.example.com", SRV, null, true},
{"SRV: IP rejected", "10 20 443 192.168.1.1", SRV, null, true},

// ----------------------------------------------------------------
// TXT record
// ----------------------------------------------------------------
{"TXT: trim", " hello world ", TXT, "hello world", false},
{"TXT: already clean", "v=spf1 include:example.com ~all", TXT, "v=spf1 include:example.com ~all", false},
{"TXT: special chars", "v=DKIM1; k=rsa; p=MIGf", TXT, "v=DKIM1; k=rsa; p=MIGf", false},
{"TXT: unicode", "héllo wörld", TXT, "héllo wörld", false},
{"TXT: multiple spaces", "key=value with spaces", TXT, "key=value with spaces", false},
{"TXT: quoted", "\"quoted value\"", TXT, "\"quoted value\"", false},
{"TXT: blank", " ", TXT, null, true},
{"TXT: newline", "\n", TXT, null, true},
});
}

@Test
public void testNormalizeDnsRecordValue() {
if (expectException) {
try {
DnsProviderUtil.normalizeDnsRecordValue(input, recordType);
fail("Expected IllegalArgumentException for [" + description + "] input='" + input + "'");
} catch (IllegalArgumentException ignored) {}
} else {
String result = DnsProviderUtil.normalizeDnsRecordValue(input, recordType);
assertEquals(description, expected, result);
}
}
}
6 changes: 3 additions & 3 deletions server/src/main/java/org/apache/cloudstack/dns/DnsProviderManagerImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ public DnsServer addDnsServer(AddDnsServerCmd cmd) {
}

if (StringUtils.isNotBlank(publicDomainSuffix)) {
publicDomainSuffix = DnsProviderUtil.normalizeDomain(publicDomainSuffix);
publicDomainSuffix = DnsProviderUtil.normalizeDomainForDb(publicDomainSuffix);
}

DnsProviderType type = cmd.getProvider();
Expand Down Expand Up @@ -263,7 +263,7 @@ public DnsServer updateDnsServer(UpdateDnsServerCmd cmd) {
}

if (cmd.getPublicDomainSuffix() != null) {
dnsServer.setPublicDomainSuffix(DnsProviderUtil.normalizeDomain(cmd.getPublicDomainSuffix()));
dnsServer.setPublicDomainSuffix(DnsProviderUtil.normalizeDomainForDb(cmd.getPublicDomainSuffix()));
}

if (cmd.getNameServers() != null) {
Expand Down Expand Up @@ -552,7 +552,7 @@ public DnsZone allocateDnsZone(CreateDnsZoneCmd cmd) {
throw new InvalidParameterValueException("DNS zone name cannot be empty");
}

String dnsZoneName = DnsProviderUtil.normalizeDomain(cmd.getName());
String dnsZoneName = DnsProviderUtil.normalizeDomainForDb(cmd.getName());
DnsServerVO server = dnsServerDao.findById(cmd.getDnsServerId());
if (server == null) {
throw new InvalidParameterValueException(String.format("DNS server not found for the given ID: %s", cmd.getDnsServerId()));
Expand Down
Loading
Loading