list the DNS Zones when running in AWS

.github/workflows/main.yml

@@ -7,7 +7,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Install kind
-        uses: helm/kind-action@v1.9.0
+        uses: helm/kind-action@v1.10.0
         with:
           # renovate: datasource=github-releases depName=kubernetes-sigs/kind
           version: v0.22.0

.vscode/settings.json

@@ -0,0 +1,16 @@
+{
+    "cSpell.words": [
+        "apimachinery",
+        "armdns",
+        "AWSDNS",
+        "azidentity",
+        "bmatcuk",
+        "cgroups",
+        "doublestar",
+        "metav",
+        "OIDC",
+        "resourcemanager",
+        "tbody",
+        "terramate"
+    ]
+}

README.md

@@ -25,11 +25,16 @@ It will:
 
 When running in Azure Kubernetes Service (AKS), it will also:
 
-* List the Azure DNS Zones using the [Azure Workload Identity authentication](https://azure.github.io/azure-workload-identity/docs/) (see the [rgl/terraform-azure-aks-example repository](https://github.com/rgl/terraform-azure-aks-example)).
+* List the DNS Zones hosted in [Azure DNS](https://azure.microsoft.com/en-us/products/dns) using the [Azure Workload Identity authentication](https://azure.github.io/azure-workload-identity/docs/) (see the [rgl/terraform-azure-aks-example repository](https://github.com/rgl/terraform-azure-aks-example)).
+
+When running in Amazon Elastic Kubernetes Service (EKS), it will also:
+
+* List the DNS Zones hosted in [AWS Route 53](https://aws.amazon.com/route53/) using the [EKS Pod Identities authentication](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html) (see the [rgl/terramate-aws-eks-example repository](https://github.com/rgl/terramate-aws-eks-example)).
 
 This is used in:
 
 * [rgl/terraform-azure-aks-example](https://github.com/rgl/terraform-azure-aks-example)
+* [rgl/terramate-aws-eks-example](https://github.com/rgl/terramate-aws-eks-example)
 * [rgl/rancher-single-node-ubuntu-vagrant](https://github.com/rgl/rancher-single-node-ubuntu-vagrant)
 
 # Usage

aws_dns.go

@@ -0,0 +1,48 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"sort"
+	"strings"
+
+	"github.com/aws/aws-sdk-go-v2/config"
+	"github.com/aws/aws-sdk-go-v2/service/route53"
+)
+
+func getAWSDNSZones(ctx context.Context) []nameValuePair {
+	// bail when not running in aws.
+	// see https://docs.aws.amazon.com/eks/latest/userguide/pod-id-how-it-works.html
+	if os.Getenv("AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE") == "" {
+		return []nameValuePair{}
+	}
+
+	var zones nameValuePairs
+
+	cfg, err := config.LoadDefaultConfig(ctx)
+	if err != nil {
+		return []nameValuePair{{"ERROR", fmt.Sprintf("%v", err)}}
+	}
+
+	client := route53.NewFromConfig(cfg)
+
+	response, err := client.ListHostedZones(ctx, nil)
+	if err != nil {
+		return []nameValuePair{{"ERROR", fmt.Sprintf("%v", err)}}
+	}
+
+	for _, hostedZone := range response.HostedZones {
+		zone, err := client.GetHostedZone(ctx, &route53.GetHostedZoneInput{Id: hostedZone.Id})
+		if err != nil {
+			return []nameValuePair{{"ERROR", fmt.Sprintf("%v", err)}}
+		}
+		zones = append(zones, nameValuePair{
+			Name:  *zone.HostedZone.Name,
+			Value: strings.Join(zone.DelegationSet.NameServers, "\n")})
+	}
+
+	sort.Sort(zones)
+
+	return zones
+}

azure_dns.go

@@ -11,7 +11,8 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns"
 )
 
-func getAzureDNSZones() []nameValuePair {
+func getAzureDNSZones(ctx context.Context) []nameValuePair {
+	// bail when not running in azure.
 	subscriptionID := os.Getenv("AZURE_SUBSCRIPTION_ID")
 	if subscriptionID == "" {
 		return []nameValuePair{}
@@ -48,7 +49,7 @@ func getAzureDNSZones() []nameValuePair {
 	var zones nameValuePairs
 
 	for pager := client.NewListPager(nil); pager.More(); {
-		page, err := pager.NextPage(context.TODO())
+		page, err := pager.NextPage(ctx)
 		if err != nil {
 			return []nameValuePair{{"ERROR", fmt.Sprintf("%v", err)}}
 		}

go.mod

@@ -1,19 +1,33 @@
 module kubernetes-hello
 
-go 1.22
+go 1.22.2
 
 require (
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0
+	github.com/aws/aws-sdk-go-v2/config v1.27.11
+	github.com/aws/aws-sdk-go-v2/service/route53 v1.40.4
 	github.com/bmatcuk/doublestar v1.3.4
-	k8s.io/apimachinery v0.29.3
-	k8s.io/client-go v0.29.3
+	k8s.io/apimachinery v0.30.0
+	k8s.io/client-go v0.30.0
 )
 
 require (
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.6.0 // indirect
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.26.1 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.11 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.20.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.28.6 // indirect
+	github.com/aws/smithy-go v1.20.2 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/emicklei/go-restful/v3 v3.12.0 // indirect
 	github.com/go-logr/logr v1.4.1 // indirect
@@ -26,6 +40,7 @@ require (
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
@@ -34,22 +49,21 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
-	golang.org/x/crypto v0.21.0 // indirect
-	golang.org/x/net v0.22.0 // indirect
-	golang.org/x/oauth2 v0.18.0 // indirect
-	golang.org/x/sys v0.18.0 // indirect
-	golang.org/x/term v0.18.0 // indirect
+	golang.org/x/crypto v0.22.0 // indirect
+	golang.org/x/net v0.24.0 // indirect
+	golang.org/x/oauth2 v0.19.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/term v0.19.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
-	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/api v0.29.3 // indirect
+	k8s.io/api v0.30.0 // indirect
 	k8s.io/klog/v2 v2.120.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
-	k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect
+	k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 // indirect
+	k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect