weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #746 from euank/route53-invalid-change-batch

Browse Source 
issuer/route53: fix delete for 'NotExist' errors
This commit is contained in:
jetstack-bot 2018-07-20 18:36:59 +01:00 committed by GitHub
commit b15a18be98
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gopkg.lock generated
View File

@ -931,6 +931,6 @@
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
inputs-digest = "d792bbf24d87653ea8f00046b922dca780a50fdd60e8ea9540c9f34c9a28e675"
inputs-digest = "06281eceaf33428082bf511ba2b6f50c05b0211704689672b1a74c8f1d615a04"
solver-name = "gps-cdcl"
solver-version = 1

18
pkg/issuer/acme/dns/route53/route53.go
View File

@ -9,6 +9,7 @@ import (
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/client"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/request"
@ -113,14 +114,14 @@ func (*DNSProvider) Timeout() (timeout, interval time.Duration) {
func (r *DNSProvider) Present(domain, token, keyAuth string) error {
fqdn, value, _ := util.DNS01Record(domain, keyAuth)
value = `"` + value + `"`
return r.changeRecord("UPSERT", fqdn, value, route53TTL)
return r.changeRecord(route53.ChangeActionUpsert, fqdn, value, route53TTL)
}
// CleanUp removes the TXT record matching the specified parameters
func (r *DNSProvider) CleanUp(domain, token, keyAuth string) error {
fqdn, value, _ := util.DNS01Record(domain, keyAuth)
value = `"` + value + `"`
return r.changeRecord("DELETE", fqdn, value, route53TTL)
return r.changeRecord(route53.ChangeActionDelete, fqdn, value, route53TTL)
}
func (r *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error {
@ -136,7 +137,7 @@ func (r *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error {
Comment: aws.String("Managed by cert-manager"),
Changes: []*route53.Change{
{
Action: aws.String(action),
Action: &action,
ResourceRecordSet: recordSet,
},
},
@ -145,7 +146,16 @@ func (r *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error {
resp, err := r.client.ChangeResourceRecordSets(reqParams)
if err != nil {
if awserr, ok := err.(awserr.Error); ok {
if action == route53.ChangeActionDelete && awserr.Code() == route53.ErrCodeInvalidChangeBatch {
glog.V(5).Infof("ignoring InvalidChangeBatch error: %v", err)
// If we try to delete something and get a 'InvalidChangeBatch' that
// means it's already deleted, no need to consider it an error.
return nil
}
}
return fmt.Errorf("Failed to change Route 53 record set: %v", err)
}
statusID := resp.ChangeInfo.Id
@ -207,7 +217,7 @@ func (r *DNSProvider) getHostedZoneID(fqdn string) (string, error) {
func newTXTRecordSet(fqdn, value string, ttl int) *route53.ResourceRecordSet {
return &route53.ResourceRecordSet{
Name: aws.String(fqdn),
Type: aws.String("TXT"),
Type: aws.String(route53.RRTypeTxt),
TTL: aws.Int64(int64(ttl)),
ResourceRecords: []*route53.ResourceRecord{
{Value: aws.String(value)},