in pkg/manifests/external_dns.go [184:303]
func NewExternalDNSConfig(conf *config.Config, inputConfig InputExternalDNSConfig) (*ExternalDnsConfig, error) {
// valid values for enums
if inputConfig.IdentityType != IdentityTypeMSI && inputConfig.IdentityType != IdentityTypeWorkloadIdentity {
return nil, fmt.Errorf("invalid identity type: %v", inputConfig.IdentityType)
}
_, containsGateway := inputConfig.ResourceTypes[ResourceTypeGateway]
if containsGateway && inputConfig.IdentityType != IdentityTypeWorkloadIdentity {
return nil, errors.New("gateway resource type can only be used with workload identity")
}
var firstZoneResourceType string
var firstZoneSub string
var firstZoneRg string
var provider Provider
if len(inputConfig.DnsZoneresourceIDs) > 0 {
firstZone, err := azure.ParseResourceID(inputConfig.DnsZoneresourceIDs[0])
if err != nil {
return nil, fmt.Errorf("invalid dns zone resource id: %s", inputConfig.DnsZoneresourceIDs[0])
}
firstZoneResourceType = firstZone.ResourceType
firstZoneSub = firstZone.SubscriptionID
firstZoneRg = firstZone.ResourceGroup
// for some reason this passes tests without the if condition when arr has len 0 or 1, but I still feel weird about not having it
if len(inputConfig.DnsZoneresourceIDs) > 1 {
for _, zone := range inputConfig.DnsZoneresourceIDs[1:] {
parsedZone, err := azure.ParseResourceID(zone)
if err != nil {
return nil, fmt.Errorf("invalid dns zone resource id: %s", zone)
}
if !strings.EqualFold(parsedZone.ResourceType, firstZoneResourceType) {
return nil, fmt.Errorf("all DNS zones must be of the same type, found zones with resourcetypes %s and %s", firstZoneResourceType, parsedZone.ResourceType)
}
if err := config.ValidateProviderSubAndRg(parsedZone, firstZoneSub, firstZoneRg); err != nil {
return nil, err
}
}
}
switch strings.ToLower(firstZoneResourceType) {
case config.PrivateZoneType:
provider = PrivateProvider
case config.PublicZoneType:
provider = PublicProvider
default:
return nil, fmt.Errorf("invalid resource type %s", firstZoneResourceType)
}
} else {
// if no zones provided, this must be coming from the original externalDNS reconciler, in which case, read config from input to determine resources to clean
if inputConfig.Provider == nil {
return nil, errors.New("provider must be specified via inputconfig if no DNS zones are provided")
}
provider = *inputConfig.Provider
}
var resourceName string
switch inputConfig.InputResourceName {
case "":
switch provider {
case PrivateProvider:
resourceName = externalDnsResourceName + "-private"
default:
resourceName = externalDnsResourceName
}
default:
resourceName = inputConfig.InputResourceName + "-" + externalDnsResourceName
}
if inputConfig.IdentityType == IdentityTypeWorkloadIdentity && inputConfig.InputServiceAccount == "" {
return nil, errors.New("workload identity requires a service account name")
}
var serviceAccount string
switch inputConfig.IdentityType {
case IdentityTypeWorkloadIdentity:
serviceAccount = inputConfig.InputServiceAccount
default:
serviceAccount = resourceName
}
ret := &ExternalDnsConfig{
resourceName: resourceName,
tenantId: inputConfig.TenantId,
subscription: firstZoneSub,
resourceGroup: firstZoneRg,
clientId: inputConfig.ClientId,
serviceAccountName: serviceAccount,
namespace: inputConfig.Namespace,
identityType: inputConfig.IdentityType,
resourceTypes: inputConfig.ResourceTypes,
provider: provider,
dnsZoneResourceIDs: inputConfig.DnsZoneresourceIDs,
isNamespaced: inputConfig.IsNamespaced,
}
if inputConfig.Filters != nil {
gatewayLabel, err := parseLabel(inputConfig.Filters.GatewayLabelSelector)
if err != nil {
return nil, fmt.Errorf("parsing gateway label selector: %w", err)
}
routeAndIngressLabel, err := parseLabel(inputConfig.Filters.RouteAndIngressLabelSelector)
if err != nil {
return nil, fmt.Errorf("parsing route and ingress label selector: %w", err)
}
ret.gatewayLabelSelector = gatewayLabel
ret.routeAndIngressLabelSelector = routeAndIngressLabel
}
ret.resources = externalDnsResources(conf, []*ExternalDnsConfig{ret})
ret.labels = externalDNSLabels(ret)
return ret, nil
}