Additional provider PowerDNS

Dockerfile

@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 #############      builder       #############
-FROM golang:1.22.5 AS builder
+FROM golang:1.23.0 AS builder
 
 WORKDIR /build
 

Makefile

@@ -60,14 +60,6 @@ build-local:
 	    -ldflags "-X main.Version=$(VERSION)-$(shell git rev-parse HEAD)"\
 	    ./cmd/compound
 
-.PHONY: build-local-dedicated
-build-local-dedicated:
-	@CGO_ENABLED=1 go build -o $(EXECUTABLE)-dedicated \
-	    -race \
-	    -gcflags="all=-N -l" \
-	    -ldflags "-X main.Version=$(VERSION)-$(shell git rev-parse HEAD)"\
-	    ./cmd/dedicated
-
 .PHONY: release
 release:
 	@CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o $(EXECUTABLE) \

README.md

@@ -15,6 +15,7 @@ It contains provisioning controllers for creating DNS records in one of the DNS
   - [_Netlify DNS_](docs/netlify/README.md),
   - [_remote_](docs/remote/README.md),
   - [_DNS servers supporting RFC 2136 (DNS Update)_](docs/rfc2136/README.md) *(alpha - not recommended for productive usage)*,
+  - [_powerdns_](docs/powerdns/README.md),
 
 and source controllers for services and ingresses to create DNS entries by annotations.
 
@@ -528,6 +529,7 @@ The following provider types can be selected (comma separated):
 - `infoblox-dns`: Infoblox DNS provider
 - `netlify-dns`: Netlify DNS provider
 - `remote`: Remote DNS provider (a dns-controller-manager with enabled remote access service)
+- `powerdns`: PowerDNS provider
 
 If the compound DNS Provisioning Controller is enabled it is important to specify a
 unique controller identity using the `--identifier` option.

VERSION

@@ -1 +1 @@
-v0.20.2-dev
+v0.21.1-dev

charts/external-dns-management/templates/clusterrole.yaml

@@ -63,10 +63,6 @@ rules:
   - dnsowners/status
   - dnshostedzonepolicies
   - dnshostedzonepolicies/status
-  - dnslocks
-  - dnslocks/status
-  - remoteaccesscertificates
-  - remoteaccesscertificates/status
   verbs:
   - get
   - list
@@ -91,6 +87,15 @@ rules:
   - update
   - create
   - watch
+- apiGroups:
+    - apiextensions.k8s.io
+  resources:
+    - customresourcedefinitions
+  verbs:
+    - delete
+  resourceNames:
+  - "dnslocks.dns.gardener.cloud"
+  - "remoteaccesscertificates.dns.gardener.cloud"
 {{- if semverCompare "<1.24-0" .Capabilities.KubeVersion.GitVersion }}
 - apiGroups:
   - policy

charts/external-dns-management/templates/crds.yaml

@@ -403,30 +403,9 @@ spec:
                 description: state of the ownerid for the DNS controller observing
                   entry using this owner id (default:true)
                 type: boolean
-              dnsActivation:
-                description: Optional activation info for controlling the owner activation
-                  remotely via DNS TXT record
-                properties:
-                  dnsName:
-                    description: DNS name for controlling the owner activation remotely
-                      via DNS TXT record
-                    type: string
-                  value:
-                    description: Optional value for the DNS activation record used
-                      to activate this owner The default is the id of the cluster
-                      used to read the owner object
-                    type: string
-                required:
-                - dnsName
-                type: object
               ownerId:
                 description: owner id used to tag entries in external DNS system
                 type: string
-              validUntil:
-                description: optional time this owner should be active if active flag
-                  is not false
-                format: date-time
-                type: string
             required:
             - ownerId
             type: object
@@ -793,163 +772,4 @@ spec:
     storage: true
     subresources:
       status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  labels:
-    helm.sh/chart: {{ include "external-dns-management.chart" . }}
-    app.kubernetes.io/name: {{ include "external-dns-management.name" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
-  name: dnslocks.dns.gardener.cloud
-spec:
-  group: dns.gardener.cloud
-  names:
-    kind: DNSLock
-    listKind: DNSLockList
-    plural: dnslocks
-    shortNames:
-    - dnsl
-    singular: dnslock
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - description: FQDN of DNS Entry
-      jsonPath: .spec.dnsName
-      name: DNS
-      type: string
-    - description: provider type
-      jsonPath: .status.providerType
-      name: TYPE
-      type: string
-    - description: assigned provider (namespace/name)
-      jsonPath: .status.provider
-      name: PROVIDER
-      type: string
-    - description: entry status
-      jsonPath: .status.state
-      name: STATUS
-      type: string
-    - description: entry creation timestamp
-      jsonPath: .metadata.creationTimestamp
-      name: AGE
-      type: date
-    - description: owner group id used to tag entries in external DNS system
-      jsonPath: .spec.ownerGroupId
-      name: OWNERID
-      type: string
-    - description: time to live
-      jsonPath: .status.ttl
-      name: TTL
-      priority: 2000
-      type: integer
-    - description: zone id
-      jsonPath: .status.zone
-      name: ZONE
-      priority: 2000
-      type: string
-    - description: message describing the reason for the state
-      jsonPath: .status.message
-      name: MESSAGE
-      priority: 2000
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              attributes:
-                additionalProperties:
-                  type: string
-                description: attribute values (must be compatible with DNS TXT records)
-                type: object
-              dnsName:
-                description: full qualified domain name
-                type: string
-              lockId:
-                description: owner group for collaboration of multiple controller
-                type: string
-              timestamp:
-                description: Activation time stamp
-                format: date-time
-                type: string
-              ttl:
-                description: time to live for records in external DNS system
-                format: int64
-                type: integer
-            required:
-            - dnsName
-            - timestamp
-            - ttl
-            type: object
-          status:
-            properties:
-              attributes:
-                additionalProperties:
-                  type: string
-                description: attribute values found in DNS
-                type: object
-              firstFailedDNSLookup:
-                description: First failed DNS looup
-                format: date-time
-                type: string
-              lastUpdateTime:
-                description: lastUpdateTime contains the timestamp of the last status
-                  update
-                format: date-time
-                type: string
-              lockId:
-                description: owner group for collaboration of multiple controller
-                  found in DNS
-                type: string
-              message:
-                description: message describing the reason for the state
-                type: string
-              observedGeneration:
-                format: int64
-                type: integer
-              provider:
-                description: assigned provider
-                type: string
-              providerType:
-                description: provider type used for the entry
-                type: string
-              state:
-                description: entry state
-                type: string
-              timestamp:
-                description: Activation time stamp found in DNS
-                format: date-time
-                type: string
-              ttl:
-                description: time to live used for the entry
-                format: int64
-                type: integer
-              zone:
-                description: zone used for the entry
-                type: string
-            type: object
-        required:
-        - spec
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
 {{- end }}

charts/external-dns-management/templates/deployment.yaml

@@ -897,12 +897,6 @@ spec:
         {{- if .Values.configuration.remoteRatelimiterQps }}
         - --remote.ratelimiter.qps={{ .Values.configuration.remoteRatelimiterQps }}
         {{- end }}
-        {{- if .Values.configuration.remoteaccesscertificatesDefaultPoolSize }}
-        - --remoteaccesscertificates.default.pool.size={{ .Values.configuration.remoteaccesscertificatesDefaultPoolSize }}
-        {{- end }}
-        {{- if .Values.configuration.remoteaccesscertificatesPoolSize }}
-        - --remoteaccesscertificates.pool.size={{ .Values.configuration.remoteaccesscertificatesPoolSize }}
-        {{- end }}
         {{- if .Values.configuration.rescheduleDelay }}
         - --reschedule-delay={{ .Values.configuration.rescheduleDelay }}
         {{- end }}

charts/external-dns-management/templates/secret-remoteaccess.yaml

@@ -8,9 +8,6 @@ metadata:
 type: Opaque
 data:
   ca.crt: {{ .Values.remoteaccess.certs.ca.cert }}
-{{- if .Values.remoteaccess.certs.ca.key }}
-  ca.key: {{ .Values.remoteaccess.certs.ca.key }}
-{{- end }}
 {{- if not .Values.remoteaccess.certs.server.secretName }}
 ---
 apiVersion: v1

charts/external-dns-management/values.yaml

@@ -5,7 +5,7 @@ replicaCount: 1
 
 image:
   repository: europe-docker.pkg.dev/gardener-project/public/dns-controller-manager
-  tag: v0.20.2-master
+  tag: v0.21.1-master
   pullPolicy: IfNotPresent
 
 env: []
@@ -323,8 +323,6 @@ configuration:
   # remoteRatelimiterBurst:
   # remoteRatelimiterEnabled:
   # remoteRatelimiterQps:
-  # remoteaccesscertificatesDefaultPoolSize:
-  # remoteaccesscertificatesPoolSize:
   # rescheduleDelay: 120s
   # rfc2136AdvancedBatchSize:
   # rfc2136AdvancedMaxRetries:
@@ -412,7 +410,6 @@ remoteaccess:
 #  certs:
 #    ca:
 #      cert: LS0t... # CA used for client certs
-#      #key: LS0t... # only needed if remoteaccesscertificates controller is enabled
 #    server:
 #      #secretName: remoteaccess-service # if managed server certificate is used
 #      cert: LS0t... # only needed if certificate is not managed

cmd/compound/main.go

@@ -14,6 +14,7 @@ import (
 	"github.com/gardener/controller-manager-library/pkg/controllermanager/controller/mappings"
 	"github.com/gardener/controller-manager-library/pkg/resources"
 	"github.com/gardener/controller-manager-library/pkg/utils"
+	resourcesv1alpha1 "github.com/gardener/gardener/pkg/apis/resources/v1alpha1"
 	_ "go.uber.org/automaxprocs"
 	istionetworkingv1 "istio.io/client-go/pkg/apis/networking/v1"
 	istionetworkingv1alpha3 "istio.io/client-go/pkg/apis/networking/v1alpha3"
@@ -38,9 +39,9 @@ import (
 	_ "github.com/gardener/external-dns-management/pkg/controller/provider/infoblox"
 	_ "github.com/gardener/external-dns-management/pkg/controller/provider/netlify"
 	_ "github.com/gardener/external-dns-management/pkg/controller/provider/openstack"
+	_ "github.com/gardener/external-dns-management/pkg/controller/provider/powerdns"
 	_ "github.com/gardener/external-dns-management/pkg/controller/provider/remote"
 	_ "github.com/gardener/external-dns-management/pkg/controller/provider/rfc2136"
-	_ "github.com/gardener/external-dns-management/pkg/controller/remoteaccesscertificates"
 	_ "github.com/gardener/external-dns-management/pkg/controller/replication/dnsprovider"
 	_ "github.com/gardener/external-dns-management/pkg/controller/source/dnsentry"
 	_ "github.com/gardener/external-dns-management/pkg/controller/source/gateways/crdwatch"
@@ -76,19 +77,15 @@ func init() {
 	utils.Must(resources.Register(gatewayapisv1alpha2.SchemeBuilder))
 	utils.Must(resources.Register(gatewayapisv1beta1.SchemeBuilder))
 	utils.Must(resources.Register(gatewayapisv1.SchemeBuilder))
+	utils.Must(resources.Register(resourcesv1alpha1.SchemeBuilder))
 
 	embed.RegisterCreateServerFunc(remote.CreateServer)
 }
 
-func migrateExtensionsIngress(c controllermanager.Configuration) controllermanager.Configuration {
-	return c.GlobalGroupKindMigrations(resources.NewGroupKind("extensions", "Ingress"),
-		resources.NewGroupKind("networking.k8s.io", "Ingress"))
-}
-
 func main() {
 	if len(os.Args) == 2 && os.Args[1] == "version" {
 		fmt.Println(Version)
 		os.Exit(0)
 	}
-	controllermanager.Start("dns-controller-manager", "dns controller manager", "nothing", migrateExtensionsIngress)
+	controllermanager.Start("dns-controller-manager", "dns controller manager", "nothing")
 }