Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add DNS provider for Spaceship #2406

Merged
merged 4 commits into from
Feb 9, 2025
Merged

Add DNS provider for Spaceship #2406

merged 4 commits into from
Feb 9, 2025

Conversation

ldez
Copy link
Member

@ldez ldez commented Jan 22, 2025
edited
Loading

  • adds a description to your PR
  • have a homogeneous design with the other providers
  • add tests (units)
  • add tests ("live")
  • add a provider descriptor
  • generate CLI help, documentation, and readme.
  • be able to do: (and put the output of this command to a comment) 
    make build
rm -rf .lego

SPACESHIP_API_KEY=xxx \
SPACESHIP_API_SECRET=xxx \
./dist/lego -m [email protected] --dns spaceship -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run
    Note the wildcard domain is important.
  • pass the linter
  • do go mod tidy

Ping @caoyuekun123 & @aijumpx, can you run the command (with your domain, email, credentials, etc.)?

Closes #2401

How to test this PR?
  1. You need Go
  2. Checkout the PR: 
    git clone https://github.com/ldez/lego.git
cd lego
git checkout wip/spaceship
  3. Compile lego:
    • if you have make: make build
    • if you don't make make: go build -o dist/lego ./cmd/lego
  4. Run the following command with your information (email, domain, credentials): 
    SPACESHIP_API_KEY=xxx \
SPACESHIP_API_SECRET=xxx \
./dist/lego -m [email protected] --dns spaceship -d ''*.example.com' -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run
    The wildcard domain is important
  5. Before each run of the command, you should clean your local environment: 
    rm -rf .lego

@ldez
Copy link
Member Author

ldez commented Jan 27, 2025

Ping @caoyuekun123 & @aijumpx

@ldez ldez marked this pull request as draft January 27, 2025 22:46
@ldez ldez mentioned this pull request Feb 5, 2025
Closed
5 tasks
jerdfelt
jerdfelt reviewed Feb 9, 2025
View reviewed changes
Copy link

@jerdfelt jerdfelt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With the UnFqdn changes in the comments, this branch successfully provisions a certificate for me using the Spaceship API. Thanks!

providers/dns/spaceship/spaceship.go Show resolved Hide resolved
providers/dns/spaceship/spaceship.go Show resolved Hide resolved
@ldez
Copy link
Member Author

ldez commented Feb 9, 2025
edited
Loading

@jerdfelt can you put the output of this command into a comment:

make build
rm -rf .lego

SPACESHIP_API_KEY=xxx \
SPACESHIP_API_SECRET=xxx \
./dist/lego -m [email protected] --dns spaceship -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

Note the wildcard domain is important.

The email, domain, and credentials should be replaced with your information and redacted before posting the output.

@jerdfelt
Copy link

jerdfelt commented Feb 9, 2025

This output also included the base name as a SAN, but I think it should be what you're looking for

+ lego --accept-tos --path . -d '*.example.com' --email [email protected] --key-type ec256 --dns spaceship --server https://acme-v02.api.letsencrypt.org/directory -d example.com run
[DEBUG] GET https://acme-v02.api.letsencrypt.org/directory
[INFO] [*.example.com, example.com] acme: Obtaining bundled SAN certificate
[DEBUG] HEAD https://acme-v02.api.letsencrypt.org/acme/new-nonce
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/new-order
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[DEBUG] HEAD https://acme-v02.api.letsencrypt.org/acme/new-nonce
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[INFO] [*.example.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[INFO] [example.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[INFO] [*.example.com] acme: use dns-01 solver
[INFO] [example.com] acme: Could not find solver for: tls-alpn-01
[INFO] [example.com] acme: Could not find solver for: http-01
[INFO] [example.com] acme: use dns-01 solver 
[INFO] [*.example.com] acme: Preparing to solve DNS-01
[INFO] [example.com] acme: Preparing to solve DNS-01
[INFO] [*.example.com] acme: Trying to solve DNS-01
[INFO] [*.example.com] acme: Checking DNS record propagation. [nameservers=8.8.8.8:53]
[INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/chall/0000000000/000000000000/aaaaaa
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[INFO] [*.example.com] The server validated our request
[INFO] [example.com] acme: Trying to solve DNS-01
[INFO] [example.com] acme: Checking DNS record propagation. [nameservers=8.8.8.8:53]
[INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/chall/0000000000/000000000000/aaaaaa
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/authz/0000000000/000000000000
[INFO] [example.com] The server validated our request
[INFO] [*.example.com] acme: Cleaning DNS-01 challenge
[INFO] [example.com] acme: Cleaning DNS-01 challenge
[INFO] [*.example.com, example.com] acme: Validations succeeded; requesting certificates
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/finalize/0000000000/000000000000
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/cert/000000000000000000000000000000000000
[DEBUG] POST https://acme-v02.api.letsencrypt.org/acme/cert/000000000000000000000000000000000000/1
[INFO] [*.example.com] Server responded with a certificate.

@ldez ldez removed the state/need-user-tests Need users to test functionality label Feb 9, 2025
@ldez ldez marked this pull request as ready for review February 9, 2025 16:55
@ldez
Copy link
Member Author

ldez commented Feb 9, 2025

This output also included the base name as a SAN, but I think it should be what you're looking for

Yes it's exactly what I looking for, thank you 👍

@ldez ldez requested a review from dmke February 9, 2025 16:57
@ldez ldez added this to the unreleased milestone Feb 9, 2025
@ldez ldez merged commit a25218d into go-acme:master Feb 9, 2025
7 checks passed
@ldez ldez deleted the wip/spaceship branch February 9, 2025 21:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jerdfelt jerdfelt jerdfelt left review comments

@dmke dmke dmke approved these changes

Assignees
No one assigned
Labels
area/dnsprovider enhancement
Milestone
unreleased
Development

Successfully merging this pull request may close these issues.

Support for provider: spaceship
3 participants
@ldez @jerdfelt @dmke