mirror of
https://github.com/go-acme/lego
synced 2026-03-14 14:35:48 +01:00
chore: cleaning
- remove deprecated elements - handle TODOs - rename some methods
This commit is contained in:
Fernandez Ludovic
parent
dd80d8b77b
commit
04e161a3ac
20 changed files with 40 additions and 104 deletions
|
|
@ -30,12 +30,7 @@ type OrderOptions struct {
|
|||
type OrderService service
|
||||
|
||||
// New Creates a new order.
|
||||
func (o *OrderService) New(ctx context.Context, domains []string) (acme.ExtendedOrder, error) {
|
||||
return o.NewWithOptions(ctx, domains, nil)
|
||||
}
|
||||
|
||||
// NewWithOptions Creates a new order.
|
||||
func (o *OrderService) NewWithOptions(ctx context.Context, domains []string, opts *OrderOptions) (acme.ExtendedOrder, error) {
|
||||
func (o *OrderService) New(ctx context.Context, domains []string, opts *OrderOptions) (acme.ExtendedOrder, error) {
|
||||
orderReq := acme.Order{Identifiers: createIdentifiers(domains)}
|
||||
|
||||
if opts != nil {
|
||||
|
|
|
|||
|
|
@ -93,7 +93,7 @@ func TestOrderService_NewWithOptions(t *testing.T) {
|
|||
t.Run(test.desc, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
order, err := core.Orders.NewWithOptions(t.Context(), []string{"example.com"}, test.opts)
|
||||
order, err := core.Orders.New(t.Context(), []string{"example.com"}, test.opts)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, test.expected, order)
|
||||
|
|
|
|||
|
|
@ -138,15 +138,6 @@ func GeneratePrivateKey(keyType KeyType) (crypto.PrivateKey, error) {
|
|||
return nil, fmt.Errorf("invalid KeyType: %s", keyType)
|
||||
}
|
||||
|
||||
// Deprecated: uses [CreateCSR] instead.
|
||||
func GenerateCSR(privateKey crypto.PrivateKey, domain string, san []string, mustStaple bool) ([]byte, error) {
|
||||
return CreateCSR(privateKey, CSROptions{
|
||||
Domain: domain,
|
||||
SAN: san,
|
||||
MustStaple: mustStaple,
|
||||
})
|
||||
}
|
||||
|
||||
type CSROptions struct {
|
||||
Domain string
|
||||
SAN []string
|
||||
|
|
|
|||
|
|
@ -177,7 +177,7 @@ func (c *Certifier) Obtain(ctx context.Context, request ObtainRequest) (*Resourc
|
|||
ReplacesCertID: request.ReplacesCertID,
|
||||
}
|
||||
|
||||
order, err := c.core.Orders.NewWithOptions(ctx, domains, orderOpts)
|
||||
order, err := c.core.Orders.New(ctx, domains, orderOpts)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -245,7 +245,7 @@ func (c *Certifier) ObtainForCSR(ctx context.Context, request ObtainForCSRReques
|
|||
ReplacesCertID: request.ReplacesCertID,
|
||||
}
|
||||
|
||||
order, err := c.core.Orders.NewWithOptions(ctx, domains, orderOpts)
|
||||
order, err := c.core.Orders.New(ctx, domains, orderOpts)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -472,7 +472,7 @@ func (c *Certifier) RevokeWithReason(ctx context.Context, cert []byte, reason *u
|
|||
return c.core.Certificates.Revoke(ctx, revokeMsg)
|
||||
}
|
||||
|
||||
// RenewOptions options used by Certifier.RenewWithOptions.
|
||||
// RenewOptions options used by [Certifier.Renew].
|
||||
type RenewOptions struct {
|
||||
NotBefore time.Time
|
||||
NotAfter time.Time
|
||||
|
|
@ -498,27 +498,7 @@ type RenewOptions struct {
|
|||
// If bundle is true, the []byte contains both the issuer certificate and your issued certificate as a bundle.
|
||||
//
|
||||
// For private key reuse the PrivateKey property of the passed in Resource should be non-nil.
|
||||
//
|
||||
// Deprecated: use RenewWithOptions instead.
|
||||
func (c *Certifier) Renew(ctx context.Context, certRes Resource, bundle, mustStaple bool, preferredChain string) (*Resource, error) {
|
||||
return c.RenewWithOptions(ctx, certRes, &RenewOptions{
|
||||
Bundle: bundle,
|
||||
PreferredChain: preferredChain,
|
||||
MustStaple: mustStaple,
|
||||
})
|
||||
}
|
||||
|
||||
// RenewWithOptions takes a Resource and tries to renew the certificate.
|
||||
//
|
||||
// If the renewal process succeeds, the new certificate will be returned in a new CertResource.
|
||||
// Please be aware that this function will return a new certificate in ANY case that is not an error.
|
||||
// If the server does not provide us with a new cert on a GET request to the CertURL
|
||||
// this function will start a new-cert flow where a new certificate gets generated.
|
||||
//
|
||||
// If bundle is true, the []byte contains both the issuer certificate and your issued certificate as a bundle.
|
||||
//
|
||||
// For private key reuse the PrivateKey property of the passed in Resource should be non-nil.
|
||||
func (c *Certifier) RenewWithOptions(ctx context.Context, certRes Resource, options *RenewOptions) (*Resource, error) {
|
||||
func (c *Certifier) Renew(ctx context.Context, certRes Resource, options *RenewOptions) (*Resource, error) {
|
||||
// Input certificate is PEM encoded.
|
||||
// Decode it here as we may need the decoded cert later on in the renewal process.
|
||||
// The input may be a bundle or a single certificate.
|
||||
|
|
|
|||
|
|
@ -15,9 +15,17 @@ func (c *Client) lookupCNAME(ctx context.Context, fqdn string) string {
|
|||
for range 50 {
|
||||
// Keep following CNAMEs
|
||||
r, err := c.sendQuery(ctx, fqdn, dns.TypeCNAME, true)
|
||||
if err != nil {
|
||||
log.Debug("Lookup CNAME.",
|
||||
slog.String("fqdn", fqdn),
|
||||
log.ErrorAttr(err),
|
||||
)
|
||||
|
||||
if err != nil || r.Rcode != dns.RcodeSuccess {
|
||||
// TODO(ldez): logs the error in v5
|
||||
// No more CNAME records to follow, exit
|
||||
break
|
||||
}
|
||||
|
||||
if r.Rcode != dns.RcodeSuccess {
|
||||
// No more CNAME records to follow, exit
|
||||
break
|
||||
}
|
||||
|
|
|
|||
|
|
@ -113,25 +113,6 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
// NewDNSProviderClient creates an ACME-DNS DNSProvider with the given acmeDNSClient and [goacmedns.Storage].
|
||||
//
|
||||
// Deprecated: use [NewDNSProviderConfig] instead.
|
||||
func NewDNSProviderClient(client acmeDNSClient, store goacmedns.Storage) (*DNSProvider, error) {
|
||||
if client == nil {
|
||||
return nil, errors.New("acme-dns: Client must be not nil")
|
||||
}
|
||||
|
||||
if store == nil {
|
||||
return nil, errors.New("acme-dns: Storage must be not nil")
|
||||
}
|
||||
|
||||
return &DNSProvider{
|
||||
config: NewDefaultConfig(),
|
||||
client: client,
|
||||
storage: store,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// ErrCNAMERequired is returned by Present when the Domain indicated had no
|
||||
// existing ACME-DNS account in the Storage and additional setup is required.
|
||||
// The user must create a CNAME in the DNS zone for Domain that aliases FQDN
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
Name = "Joohoi's ACME-DNS"
|
||||
Description = ''''''
|
||||
URL = "https://github.com/joohoi/acme-dns"
|
||||
Code = "acme-dns"
|
||||
Aliases = ["acmedns"] # TODO(ldez): remove "-" in v5
|
||||
Code = "acmedns"
|
||||
Aliases = ["acme-dns"]
|
||||
Since = "v1.1.0"
|
||||
|
||||
Example = '''
|
||||
|
|
|
|||
|
|
@ -31,8 +31,8 @@ const (
|
|||
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
||||
)
|
||||
|
||||
// Test Environment variables names (unused).
|
||||
// TODO(ldez): must be moved into test files.
|
||||
// Managed by the Akamai EdgeGrid client.
|
||||
// The constants are only helpers.
|
||||
const (
|
||||
EnvHost = envNamespace + "HOST"
|
||||
EnvClientToken = envNamespace + "CLIENT_TOKEN"
|
||||
|
|
|
|||
|
|
@ -26,9 +26,6 @@ type Config struct {
|
|||
PollingInterval time.Duration
|
||||
TTL int
|
||||
HTTPClient *http.Client
|
||||
|
||||
// TODO(ldez): remove in v5?
|
||||
BaseURL string
|
||||
}
|
||||
|
||||
// DNSProvider implements the challenge.Provider interface.
|
||||
|
|
@ -38,7 +35,7 @@ type DNSProvider struct {
|
|||
}
|
||||
|
||||
// NewDNSProviderConfig return a DNSProvider instance configured for selectel.
|
||||
func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
||||
func NewDNSProviderConfig(config *Config, baseURL string) (*DNSProvider, error) {
|
||||
if config == nil {
|
||||
return nil, errors.New("the configuration of the DNS provider is nil")
|
||||
}
|
||||
|
|
@ -59,11 +56,13 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
|
||||
client.HTTPClient = clientdebug.Wrap(client.HTTPClient)
|
||||
|
||||
var err error
|
||||
if baseURL != "" {
|
||||
var err error
|
||||
|
||||
client.BaseURL, err = url.Parse(config.BaseURL)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("%w", err)
|
||||
client.BaseURL, err = url.Parse(baseURL)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return &DNSProvider{config: config, client: client}, nil
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ func TestNewDNSProviderConfig(t *testing.T) {
|
|||
config.TTL = test.ttl
|
||||
config.Token = test.token
|
||||
|
||||
p, err := NewDNSProviderConfig(config)
|
||||
p, err := NewDNSProviderConfig(config, "")
|
||||
|
||||
if test.expected == "" {
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -36,7 +36,6 @@ type Config struct {
|
|||
PropagationTimeout time.Duration
|
||||
PollingInterval time.Duration
|
||||
HTTPClient *http.Client
|
||||
SequenceInterval time.Duration // Deprecated: unused, will be removed in v5.
|
||||
}
|
||||
|
||||
// NewDefaultConfig returns a default configuration for the DNSProvider.
|
||||
|
|
|
|||
|
|
@ -26,9 +26,6 @@ const (
|
|||
EnvAPIKey = envNamespace + "API_KEY"
|
||||
EnvAPIPassword = envNamespace + "API_PASSWORD"
|
||||
|
||||
// Deprecated: the TTL is not configurable on record.
|
||||
EnvTTL = envNamespace + "TTL"
|
||||
|
||||
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
|
||||
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
||||
EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
|
||||
|
|
@ -44,9 +41,6 @@ type Config struct {
|
|||
PropagationTimeout time.Duration
|
||||
PollingInterval time.Duration
|
||||
HTTPClient *http.Client
|
||||
|
||||
// Deprecated: the TTL is not configurable on record.
|
||||
TTL int
|
||||
}
|
||||
|
||||
// NewDefaultConfig returns a default configuration for the DNSProvider.
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ var _ challenge.ProviderTimeout = (*DNSProvider)(nil)
|
|||
// Config is used to configure the creation of the DNSProvider.
|
||||
type Config struct {
|
||||
ProjectID string
|
||||
Token string // TODO(ldez) rename to SecretKey in the next major.
|
||||
SecretKey string
|
||||
AccessKey string
|
||||
|
||||
PropagationTimeout time.Duration
|
||||
|
|
@ -90,7 +90,7 @@ func NewDNSProvider() (*DNSProvider, error) {
|
|||
}
|
||||
|
||||
config := NewDefaultConfig()
|
||||
config.Token = values[EnvSecretKey]
|
||||
config.SecretKey = values[EnvSecretKey]
|
||||
config.AccessKey = env.GetOrDefaultString(EnvAccessKey, dumpAccessKey)
|
||||
config.ProjectID = env.GetOrFile(EnvProjectID)
|
||||
|
||||
|
|
@ -103,7 +103,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, errors.New("scaleway: the configuration of the DNS provider is nil")
|
||||
}
|
||||
|
||||
if config.Token == "" {
|
||||
if config.SecretKey == "" {
|
||||
return nil, errors.New("scaleway: credentials missing")
|
||||
}
|
||||
|
||||
|
|
@ -112,7 +112,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
}
|
||||
|
||||
configuration := []scw.ClientOption{
|
||||
scw.WithAuth(config.AccessKey, config.Token),
|
||||
scw.WithAuth(config.AccessKey, config.SecretKey),
|
||||
scw.WithUserAgent(useragent.Get()),
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ func TestNewDNSProviderConfig(t *testing.T) {
|
|||
t.Run(test.desc, func(t *testing.T) {
|
||||
config := NewDefaultConfig()
|
||||
config.TTL = test.ttl
|
||||
config.Token = test.token
|
||||
config.SecretKey = test.token
|
||||
|
||||
p, err := NewDNSProviderConfig(config)
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ import (
|
|||
const (
|
||||
envNamespace = "SELECTEL_"
|
||||
|
||||
EnvBaseURL = envNamespace + "BASE_URL"
|
||||
EnvAPIToken = envNamespace + "API_TOKEN"
|
||||
|
||||
EnvTTL = envNamespace + "TTL"
|
||||
|
|
@ -29,6 +28,8 @@ const (
|
|||
EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
|
||||
)
|
||||
|
||||
const defaultBaseURL = "https://api.selectel.ru/domains/v1"
|
||||
|
||||
var _ challenge.ProviderTimeout = (*DNSProvider)(nil)
|
||||
|
||||
// Config is used to configure the creation of the DNSProvider.
|
||||
|
|
@ -37,7 +38,6 @@ type Config = selectel.Config
|
|||
// NewDefaultConfig returns a default configuration for the DNSProvider.
|
||||
func NewDefaultConfig() *Config {
|
||||
return &Config{
|
||||
BaseURL: env.GetOrDefaultString(EnvBaseURL, ""),
|
||||
TTL: env.GetOrDefaultInt(EnvTTL, selectel.MinTTL),
|
||||
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 120*time.Second),
|
||||
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
|
||||
|
|
@ -72,7 +72,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, errors.New("selectel: the configuration of the DNS provider is nil")
|
||||
}
|
||||
|
||||
provider, err := selectel.NewDNSProviderConfig(config)
|
||||
provider, err := selectel.NewDNSProviderConfig(config, defaultBaseURL)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("selectel: %w", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ lego --dns selectel -d '*.example.com' -d example.com run
|
|||
[Configuration.Credentials]
|
||||
SELECTEL_API_TOKEN = "API token"
|
||||
[Configuration.Additional]
|
||||
SELECTEL_BASE_URL = "API endpoint URL"
|
||||
SELECTEL_POLLING_INTERVAL = "Time between DNS propagation check in seconds (Default: 2)"
|
||||
SELECTEL_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation in seconds (Default: 120)"
|
||||
SELECTEL_TTL = "The TTL of the TXT record used for the DNS challenge in seconds (Default: 60)"
|
||||
|
|
|
|||
|
|
@ -106,9 +106,6 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
|
||||
if config.HTTPClient != nil {
|
||||
client.HTTPClient = config.HTTPClient
|
||||
} else {
|
||||
// For compatibility, it should be removed in v5.
|
||||
client.HTTPClient.Timeout = 30 * time.Second
|
||||
}
|
||||
|
||||
client.HTTPClient = clientdebug.Wrap(client.HTTPClient)
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ import (
|
|||
const (
|
||||
envNamespace = "VSCALE_"
|
||||
|
||||
EnvBaseURL = envNamespace + "BASE_URL"
|
||||
EnvAPIToken = envNamespace + "API_TOKEN"
|
||||
|
||||
EnvTTL = envNamespace + "TTL"
|
||||
|
|
@ -39,7 +38,6 @@ type Config = selectel.Config
|
|||
// NewDefaultConfig returns a default configuration for the DNSProvider.
|
||||
func NewDefaultConfig() *Config {
|
||||
return &Config{
|
||||
BaseURL: env.GetOrDefaultString(EnvBaseURL, defaultBaseURL),
|
||||
TTL: env.GetOrDefaultInt(EnvTTL, selectel.MinTTL),
|
||||
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 120*time.Second),
|
||||
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
|
||||
|
|
@ -74,11 +72,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, errors.New("vscale: the configuration of the DNS provider is nil")
|
||||
}
|
||||
|
||||
if config.BaseURL == "" {
|
||||
config.BaseURL = defaultBaseURL
|
||||
}
|
||||
|
||||
provider, err := selectel.NewDNSProviderConfig(config)
|
||||
provider, err := selectel.NewDNSProviderConfig(config, defaultBaseURL)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("vscale: %w", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ lego --dns vscale -d '*.example.com' -d example.com run
|
|||
[Configuration.Credentials]
|
||||
VSCALE_API_TOKEN = "API token"
|
||||
[Configuration.Additional]
|
||||
VSCALE_BASE_URL = "API endpoint URL"
|
||||
VSCALE_POLLING_INTERVAL = "Time between DNS propagation check in seconds (Default: 2)"
|
||||
VSCALE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation in seconds (Default: 120)"
|
||||
VSCALE_TTL = "The TTL of the TXT record used for the DNS challenge in seconds (Default: 60)"
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ type Config struct {
|
|||
PollingInterval time.Duration
|
||||
TTL int
|
||||
HTTPClient *http.Client
|
||||
HTTPTimeout time.Duration // TODO(ldez): remove in v5
|
||||
}
|
||||
|
||||
// NewDefaultConfig returns a default configuration for the DNSProvider.
|
||||
|
|
@ -48,7 +47,9 @@ func NewDefaultConfig() *Config {
|
|||
TTL: env.GetOrDefaultInt(EnvTTL, dns01.DefaultTTL),
|
||||
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout),
|
||||
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
|
||||
HTTPTimeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
|
||||
HTTPClient: &http.Client{
|
||||
Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -83,7 +84,6 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
}
|
||||
|
||||
authClient := OAuthStaticAccessToken(config.HTTPClient, config.APIKey)
|
||||
authClient.Timeout = config.HTTPTimeout
|
||||
|
||||
client := govultr.NewClient(clientdebug.Wrap(authClient))
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue