Skip to content

Roles dns mgmt#167

Merged
danlavu merged 9 commits intoSSSD:masterfrom
danlavu:roles-dns-mgmt
Sep 19, 2025
Merged

Roles dns mgmt#167
danlavu merged 9 commits intoSSSD:masterfrom
danlavu:roles-dns-mgmt

Conversation

@danlavu
Copy link
Contributor

@danlavu danlavu commented Mar 31, 2025

No description provided.

@danlavu danlavu marked this pull request as draft March 31, 2025 16:45
@andreboscatto andreboscatto requested a review from thalman April 1, 2025 12:42
thalman
thalman previously requested changes Apr 15, 2025
View reviewed changes
@danlavu danlavu force-pushed the roles-dns-mgmt branch 3 times, most recently from b0c2c4f to 299a167 Compare August 7, 2025 12:31
@danlavu danlavu force-pushed the roles-dns-mgmt branch 6 times, most recently from 0eb2baa to f6e83c5 Compare August 14, 2025 20:55
@danlavu
Copy link
Contributor Author

danlavu commented Aug 14, 2025

#197 This PR was going to include the IP utilities but that has since been moved. Removing @thalman as a reviewer in the interim.

@danlavu danlavu dismissed thalman’s stale review August 14, 2025 21:02

The IP utilities has been moved to #197, this PR should only pertain to DNS.

@danlavu danlavu added Enhancement New feature or request Needs testing Needs to be tested labels Aug 14, 2025
@danlavu danlavu force-pushed the roles-dns-mgmt branch 2 times, most recently from da45d5d to a922826 Compare August 15, 2025 04:23
@jakub-vavra-cz jakub-vavra-cz self-assigned this Aug 15, 2025
@jakub-vavra-cz jakub-vavra-cz self-requested a review August 15, 2025 09:06
@justin-stephenson justin-stephenson self-assigned this Aug 15, 2025
justin-stephenson
justin-stephenson reviewed Aug 15, 2025
View reviewed changes
jakub-vavra-cz
jakub-vavra-cz reviewed Aug 18, 2025
View reviewed changes
jakub-vavra-cz
jakub-vavra-cz reviewed Aug 18, 2025
View reviewed changes
jakub-vavra-cz
jakub-vavra-cz reviewed Aug 18, 2025
View reviewed changes
jakub-vavra-cz
jakub-vavra-cz reviewed Aug 18, 2025
View reviewed changes
@danlavu danlavu force-pushed the roles-dns-mgmt branch 2 times, most recently from 3ef03c2 to 0cc70d0 Compare August 20, 2025 18:49
@danlavu
Copy link
Contributor Author

danlavu commented Sep 14, 2025

Okay, this is ready for review again.

output, the output is from a slightly older run, they may be some minor inconsistencies. Please this PR should be tested by the reviewer.

PASSED                      [  3%]['_msdcs.ad.test', '0.in-addr.arpa', '127.in-addr.arpa', '255.in-addr.arpa', 'ad.test', 'example.com']
PASSED                  [  6%]['_msdcs.ad.test', '0.in-addr.arpa', '1.168.192.in-addr.arpa', '127.in-addr.arpa', '255.in-addr.arpa', 'ad.test']
PASSED            [  9%]['fec0:0:0:ffff::3', ' fec0:0:0:ffff::2', ' fec0:0:0:ffff::1', ' 192.168.121.1']
PASSED [ 12%]add ['1.1.1.1', ' fec0:0:0:ffff::3', ' fec0:0:0:ffff::2', ' fec0:0:0:ffff::1']
remove ['192.168.121.1', ' fec0:0:0:ffff::3', ' fec0:0:0:ffff::2', ' fec0:0:0:ffff::1']
add ['1.1.1.1', ' 192.168.121.1', ' fec0:0:0:ffff::3', ' fec0:0:0:ffff::2']
PASSED          [ 16%]['fec0:0:0:ffff::3', ' fec0:0:0:ffff::2', ' fec0:0:0:ffff::1', ' 192.168.121.1']
['']
PASSED              [ 19%]
PASSED                  [ 22%]
PASSED            [ 25%]{'name': 'sssd.io.', 'type': 'A', 'ttl': 2363, 'data': '104.17.33.82', 'all_data': [{...}]}
PASSED [ 29%]name:  sssd.io.
PASSED [ 32%]type:  A
PASSED [ 35%]ttl:  2350
PASSED [ 38%]data:  104.17.33.82
PASSED [ 41%]all_data:  [{'name': 'sssd.io.', 'type': 'A', 'ttl': 2342, 'data': '104.17.33.82', 'all_data': [...]}]
PASSED [ 45%]{'name': 'www.redhat.com.', 'type': 'CNAME', 'ttl': 3299, 'data': 'ds-www.redhat.com.edgekey.net.'}
PASSED [ 48%]{'name': 'sssd.io.', 'type': 'A', 'ttl': 2361, 'data': '104.17.33.82', 'all_data': [{...}]}
PASSED            [ 51%]{'name': '87.87.86.104.in-addr.arpa.', 'type': 'PTR', 'ttl': 25409, 'data': 'a104-86-87-87.deploy.static.akamaitechnologies.com.', 'all_data': [{...}]}
PASSED [ 54%]None
PASSED                     [ 58%]['251.255.10.in-addr.arpa', '100.16.172.in-addr.arpa', 'example.com', 'ipa.test']
PASSED                 [ 61%]['251.255.10.in-addr.arpa', '100.16.172.in-addr.arpa', '1.168.192.in-addr.arpa', 'ipa.test']
PASSED           [ 64%]None
PASSED [ 67%]add ['1.1.1.1']
remove None
add ['1.1.1.1']
PASSED         [ 70%]None
None
PASSED             [ 74%]
PASSED                 [ 77%]
PASSED                   [ 80%]['example.com', 'samba.test', '_msdcs.samba.test']
PASSED               [ 83%]['1.168.192.in-addr.arpa', 'samba.test', '_msdcs.samba.test']
PASSED         [ 87%]['172.16.100.1']
PASSED [ 90%]add ['172.16.100.1', '1.1.1.1']
remove ['172.16.100.1']
add ['172.16.100.1', '1.1.1.1']
PASSED       [ 93%]['172.16.100.1']
['']
PASSED           [ 96%]
PASSED               [100%]

test code

from __future__ import annotations

import pytest
from sssd_test_framework.roles.client import Client
from sssd_test_framework.roles.ipa import IPA
from sssd_test_framework.roles.ad import AD
from sssd_test_framework.roles.samba import Samba
from sssd_test_framework.roles.generic import GenericProvider
from sssd_test_framework.topology import KnownTopology, KnownTopologyGroup

@pytest.mark.topology(KnownTopologyGroup.AnyDC)
def test_dns_create_zone(provider: GenericProvider):
    provider.dns().zone("example.com").create()
    print(provider.dns().list_zones())

@pytest.mark.topology(KnownTopologyGroup.AnyDC)
def test_dns_create_ptr_zone(provider: GenericProvider):
    provider.dns().zone("1.168.192.in-addr.arpa").create()
    print(provider.dns().list_zones())

@pytest.mark.topology(KnownTopologyGroup.AnyDC)
def test_dns_get_global_forwarders(provider: GenericProvider):
    print(provider.dns().get_forwarders())

@pytest.mark.topology(KnownTopologyGroup.AnyDC)
def test_dns_add_and_remove_global_forwarders(provider: GenericProvider):
    provider.dns().add_forwarder("1.1.1.1")
    print("add", provider.dns().get_forwarders())
    provider.dns().remove_forwarder("1.1.1.1")
    print("remove", provider.dns().get_forwarders())
    provider.dns().add_forwarder("1.1.1.1")
    print("add", provider.dns().get_forwarders())

@pytest.mark.topology(KnownTopologyGroup.AnyDC)
def test_dns_clear_global_forwarders(provider: GenericProvider):
    print(provider.dns().get_forwarders())
    provider.dns().clear_forwarders()
    print(provider.dns().get_forwarders())

@pytest.mark.topology(KnownTopologyGroup.AnyDC)
def test_dns_add_forward_records(provider: GenericProvider):
    provider.dns().zone(provider.domain).add_record("test_a_record", "1.2.3.4")

@pytest.mark.topology(KnownTopologyGroup.AnyDC)
def test_dns_add_records(provider: GenericProvider):
    ptr_zone = provider.dns().zone("1.168.192.in-addr.arpa").create()
    ptr_zone.add_record(f"test_a_record.{provider.domain}", 15)

@pytest.mark.topology(KnownTopology.AD)
def test_dig_forward_record_lookup(client: Client, provider: GenericProvider):
    print(client.net.dig("sssd.io"))

@pytest.mark.parametrize("key", ["name", "type", "ttl", "data", "all_data"])
@pytest.mark.topology(KnownTopology.AD)
def test_dig_forward_record_lookup_get_attr(client: Client, provider: GenericProvider, key: str):
    result = client.net.dig("sssd.io")
    print(f"{key}: ", result.get(key))

@pytest.mark.topology(KnownTopology.AD)
def test_dig_forward_record_lookup_with_multiple_records(client:Client, provider: GenericProvider):
    print(client.net.dig("www.redhat.com"))

@pytest.mark.topology(KnownTopology.AD)
def test_dig_forward_record_lookup_with_server_specified(client: Client, provider: GenericProvider):
    print(client.net.dig("sssd.io", server="192.168.50.2"))

@pytest.mark.topology(KnownTopology.AD)
def test_dig_reverse_record_lookup(client: Client, provider: GenericProvider):
    print(client.net.dig("104.86.87.87", reverse = True))

@pytest.mark.topology(KnownTopology.AD)
def test_dig_forward_record_lookup_bad_record(client: Client, provider: GenericProvider):
    print(client.net.dig("ssssssssssssssssssssd.io"))

jakub-vavra-cz
jakub-vavra-cz previously approved these changes Sep 15, 2025
View reviewed changes
Copy link
Contributor

@jakub-vavra-cz jakub-vavra-cz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

justin-stephenson
justin-stephenson reviewed Sep 15, 2025
View reviewed changes
@danlavu danlavu marked this pull request as ready for review September 15, 2025 13:49
@justin-stephenson
Copy link
Contributor

justin-stephenson commented Sep 17, 2025

Can you rebase to include commit from #202 ? It should trigger a SSSD run of system tests, to ensure there is no breakage.

Dan Lavu added 9 commits September 17, 2025 10:33
added ip functions and tests
a6a33c7 
* ip_to_ptr, covert an ipv4/ipv6 address to the ptr zone name, i.e.
  1.168.192.in-addr.arpa
* ip_version, validates ipv4/ipv6 address
improved dig command utility
cce1963 
* flattens dig results into one dict, making values easier to access
* if the result contains multiple entries, raw data is added to the
  all_data key, only the first result is easily accessible
extended backup and restore to cover dns objects, forwarders and records
fd40db1
adding dns server and zone utilities to the generic role
97be324
adding dns server and zone utilities to the generic role
5779ba4
adding dns server and zone utilities to the ipa role
0051454
adding dns server and zone utilities to the ipa role
815ebd0
adding dns server and zone utilities to the samba role
5bacb2b
adding dns server and zone utilities to the ad role
6e754a3
@danlavu
Copy link
Contributor Author

danlavu commented Sep 17, 2025

@justin-stephenson done.

@justin-stephenson
Copy link
Contributor

justin-stephenson commented Sep 17, 2025

@justin-stephenson done.

Once CI completes I will ack.

justin-stephenson
justin-stephenson approved these changes Sep 17, 2025
View reviewed changes
Copy link
Contributor

@justin-stephenson justin-stephenson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ack, thank you.

jakub-vavra-cz
jakub-vavra-cz approved these changes Sep 18, 2025
View reviewed changes
Copy link
Contributor

@jakub-vavra-cz jakub-vavra-cz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@danlavu danlavu added Accepted and removed Waiting for review Needs testing Needs to be tested labels Sep 19, 2025
@danlavu danlavu removed the request for review from thalman September 19, 2025 13:17
@danlavu danlavu merged commit 936bc82 into SSSD:master Sep 19, 2025
6 checks passed
@danlavu danlavu deleted the roles-dns-mgmt branch December 1, 2025 17:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@justin-stephenson justin-stephenson justin-stephenson approved these changes

@jakub-vavra-cz jakub-vavra-cz jakub-vavra-cz approved these changes

@thalman thalman thalman left review comments

Assignees

@justin-stephenson justin-stephenson

@jakub-vavra-cz jakub-vavra-cz

Labels

Accepted Enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@danlavu @justin-stephenson @thalman @jakub-vavra-cz