Create docker-image.yml

2026-01-10 19:25:45 +00:00 · 2024-01-28 23:27:24 +01:00
20 changed files with 101 additions and 423 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,25 +1,7 @@
 ---
 kind: pipeline
 type: docker
-name: Test
-
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-  - name: Run unit tests
-    image: python:3.10-alpine
-    commands:
-      - pip install -r requirements.txt
-      - pip install -r requirements-test.txt
-      - python3 -m unittest tests/test_*.py -v
-
---
-kind: pipeline
-type: docker
-name: Publish
+name: Build

 platform:
  os: linux
@@ -30,27 +12,23 @@ steps:
    image: plugins/docker
    settings:
      registry: ghcr.io
-      repo: ghcr.io/kevinmidboe/${DRONE_REPO_NAME}
+      repo: ghcr.io/kevinmidboe/cloudflare-ddns
      dockerfile: Dockerfile
      username:
        from_secret: GITHUB_USERNAME
      password:
-        from_secret: GHCR_UPLOAD_TOKEN
+        from_secret: GITHUB_PASSWORD
      tags:
        - latest
        - ${DRONE_COMMIT_SHA}
-
-trigger:
-  event:
-    include:
-      - push
-    exclude:
-      - pull_request
-  branch:
-    - main
-
-depends_on:
-  - Test
+    when:
+      event:
+        include:
+          - push
+        exclude:
+          - pull_request
+      branch:
+        - main

 ---
 kind: pipeline
@@ -62,65 +40,26 @@ platform:
  arch: amd64

 steps:
-  - name: Prepare kubernetes environment
-    image: alpine/k8s:1.25.15
-    environment:
-      VAULT_TOKEN:
-        from_secret: VAULT_TOKEN
-      VAULT_HOST:
-        from_secret: VAULT_HOST
-    commands:
-      - mkdir -p /root/.kube
-      - echo "IMAGE=ghcr.io/kevinmidboe/${DRONE_REPO_NAME}:${DRONE_COMMIT_SHA}" > /root/.kube/.env
-      - echo "NAMESPACE=${DRONE_REPO_NAME}" >> /root/.kube/.env
-      - 'curl -s
-        -H "X-Vault-Token: $VAULT_TOKEN"
-        $VAULT_HOST/v1/schleppe/data/kazan/_infra
-        | jq -r ".data.data.KUBE_CONFIG" > /root/.kube/config'
-      - 'curl -s
-        -H "X-Vault-Token: $VAULT_TOKEN"
-        $VAULT_HOST/v1/schleppe/data/kazan/_infra
-        | jq -cr ".data.data | .[\"ghcr-login-secret\"] | @base64" > /root/.kube/dockerconfig.json'
-      - echo "DOCKER_CONFIG=$(cat /root/.kube/dockerconfig.json)" >> /root/.kube/.env
-      - 'curl -s
-        -H "X-Vault-Token: $VAULT_TOKEN"
-        $VAULT_HOST/v1/schleppe/data/kazan/${DRONE_REPO_NAME}
-        | jq -cr ".data.data | to_entries[] | .key + \"=\" + (.value | @base64)" >> /root/.kube/.env'
-      - sed -i '/^$/!s/^/export /' /root/.kube/.env
-    volumes:
-    - name: kube-config
-      path: /root/.kube
-
  - name: Deploy to kubernetes
    image: alpine/k8s:1.25.15
    commands:
-      - source /root/.kube/.env > /dev/null 2>&1
+      - mkdir -p /root/.kube
+      - echo $KUBE_CONFIG | base64 -di > /root/.kube/config
+      - export IMAGE=ghcr.io/kevinmidboe/cloudflare-ddns:${DRONE_COMMIT_SHA}
      - cat .kubernetes/*.yml
        | envsubst
        | kubectl --kubeconfig=/root/.kube/config apply -f -
-    volumes:
-    - name: kube-config
-      path: /root/.kube
-
-trigger:
-  event:
-    include:
-      - push
-    exclude:
-      - pull_request
-  branch:
-    - main
+    environment:
+      KUBE_CONFIG:
+        from_secret: KUBE_CONFIG
+    when:
+      event:
+        include:
+          - push
+        exclude:
+          - pull_request
+      branch:
+        - main

 depends_on:
-  - Test
-  - Publish
-
-volumes:
- name: kube-config
-  temp: {}
-
---
-kind: signature
-hmac: 2fb50ffa037eb368bcf6d596ced4c0ef42cfde413781ee39dd42b5f695396132
-
-...
+  - Build
--- a/.env.example
+++ b/.env.example
@@ -1,5 +0,0 @@
-API_KEY=
-DDNS_ZONE=
-
-SMS_API_KEY=
-SMS_RECIPIENT=
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@@ -0,0 +1,16 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Build the Docker image
+      run: docker build . --file Dockerfile --tag cloudflare-ddns:$(github.sha)
--- a/.kubernetes/1-secret.yml
+++ b/.kubernetes/1-secret.yml
@@ -1,12 +0,0 @@
---
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
-  name: secret-env-values
-  namespace: cloudflare-ddns
-data:
-  DDNS_ZONE: ${DDNS_ZONE}
-  API_KEY: ${API_KEY}
-  SMS_API_KEY: ${SMS_API_KEY}
-  SMS_RECIPIENT: ${SMS_RECIPIENT}
--- a/.kubernetes/cronjob.yml
+++ b/.kubernetes/cronjob.yml
@@ -1,4 +1,3 @@
---
 apiVersion: batch/v1
 kind: CronJob
 metadata:
--- a/.kubernetes/ghcr-token-secret.yml
+++ b/.kubernetes/ghcr-token-secret.yml
@@ -1,9 +0,0 @@
---
-apiVersion: v1
-kind: Secret
-metadata:
-  name: ghcr-login-secret
-  namespace: ${NAMESPACE}
-data:
-  .dockerconfigjson: ${DOCKER_CONFIG}
-type: kubernetes.io/dockerconfigjson
--- a/5
+++ b/5
@@ -1,7 +1,6 @@
 FROM python:3.10-alpine

-COPY requirements.txt .
-COPY src/*.py ./
+COPY *.py ./

-RUN pip install -r requirements.txt
+RUN pip install requests python-dotenv
 CMD python3 main.py
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ virtualenv
 source -p $(which python3) env/bin/activate

 pip install -r requirements.txt
-python src/main.py
+python main.py
 ```

 ## Kubernetes
@@ -46,14 +46,8 @@ metadata:
  namespace: cloudflare-ddns
 type: Opaque
 data:
-  API_KEY: CLOUDFLARE_API_KEY
-  DDNS_ZONE: CLOUDFLARE_ZONE_ID
-```
-
-(Optional: receive a SMS from gateway API by appending to secrets data)
-```yaml
-  SMS_API_KEY: GATEWAY_API_API_KEY
-  SMS_RECIPIENT: PHONE_NUMBER_TO_RECEIVE
+  API_KEY: BASE_64_ENCODED_CLOUDFLARE_API_KEY
+  DDNS_ZONE: BASE64_ENCODED_CLOUDFLARE_ZONE_ID
 ```

 ```
--- a/src/bulk_dns_update.py
+++ b/src/bulk_dns_update.py
@@ -63,11 +63,6 @@ def getZones():
    url = 'https://api.cloudflare.com/client/v4/zones'
    data = cloudflareRequest(url)

-    if 'success' not in data and 'errors' not in data:
-        logger.info("Unexpected cloudflare error when getting zones, no response!")
-        logger.info("data:" + str(data))
-        raise Exception('Unexpected Cloudflare error, missing response! Check logs.')
-
    if data['success'] is False:
        logger.info('Request to cloudflare was unsuccessful, error:')
        logger.info(data['errors'])
@@ -82,15 +77,9 @@ def getZones():


 def getRecordsForZone(zoneId):
-    url = 'https://api.cloudflare.com/client/v4/zones/{}/dns_records?type=A'.format(
-        zoneId)
+    url = 'https://api.cloudflare.com/client/v4/zones/{}/dns_records?type=A'.format(zoneId)
    data = cloudflareRequest(url)

-    if 'success' not in data and 'errors' not in data:
-        logger.info("Unexpected cloudflare error when getting records, no response!")
-        logger.info("data:" + str(data))
-        raise Exception('Unexpected Cloudflare error, missing response! Check logs.')
-
    if data['success'] is False:
        logger.info('Request from cloudflare was unsuccessful, error:')
        logger.info(data['errors'])
@@ -116,8 +105,7 @@ def getDDNSAddresszoneId(ddnsZone):


 def updateRecord(zoneId, recordId, name, newIP, ttl, proxied):
-    url = 'https://api.cloudflare.com/client/v4/zones/{}/dns_records/{}'.format(
-        zoneId, recordId)
+    url = 'https://api.cloudflare.com/client/v4/zones/{}/dns_records/{}'.format(zoneId, recordId)
    data = {
        'type': 'A',
        'name': name,
@@ -127,8 +115,7 @@ def updateRecord(zoneId, recordId, name, newIP, ttl, proxied):
    }

    response = cloudflareUpdateRequest(url, data)
-    logger.info('\tRecord updated: {}'.format(
-        '✅' if response['success'] is True else '❌'))
+    logger.info('\tRecord updated: {}'.format('✅' if response['success'] is True else '❌'))


 def getMatchingRecordsForZone(zoneId, oldIP):
@@ -144,10 +131,8 @@ def updateZone(zone, oldIP, newIP):
        return

    for record in records:
-        logger.info(
-            '\tRecord {}: {} -> {}'.format(record['name'], record['content'], newIP))
-        updateRecord(zone['id'], record['id'], record['name'],
-                     newIP, record['ttl'], record['proxied'])
+        logger.info('\tRecord {}: {} -> {}'.format(record['name'], record['content'], newIP))
+        updateRecord(zone['id'], record['id'], record['name'], newIP, record['ttl'], record['proxied'])


 def updateAllZones(oldIP, newIP):
--- a/src/logger.py
+++ b/src/logger.py
--- a/main.py
+++ b/main.py
@@ -0,0 +1,49 @@
+import os
+import requests
+from bulk_dns_update import updateAllZones, setAPIKey, getDDNSAddresszoneId
+from dotenv import load_dotenv
+from logger import logger
+
+load_dotenv()
+
+currentIP = None
+DDNS_ZONE = os.getenv('DDNS_ZONE')
+
+
+def publicAddress():
+    global currentIP
+    logger.info('Getting public IP from ifconfg.me...')
+
+    r = requests.get('https://ifconfig.me')
+    currentIP = r.text
+    logger.info('Public IP: {}'.format(currentIP))
+
+
+def cloudflareDDNS():
+    logger.info('Checking IP recorded in Cloudflare...')
+    ddnsRecord = getDDNSAddresszoneId(DDNS_ZONE)
+    recordedIP = ddnsRecord['content']
+    logger.info('Found ddns recorded IP: {}'.format(recordedIP))
+
+    if currentIP != recordedIP:
+        logger.info('Public IP has changed, updating all A records.')
+        updateAllZones(recordedIP, currentIP)
+    else:
+        logger.info('is same, exiting')
+
+
+def main():
+    apiKey = os.getenv('API_KEY')
+    if apiKey is None:
+        raise Exception('In .env file or environment set Cloudflare variable: API_KEY')
+    if DDNS_ZONE is None:
+        raise Exception('In .env file or environment; set Cloudflare zone where addr. points to current IP.')
+
+    setAPIKey(apiKey)
+
+    publicAddress()
+    cloudflareDDNS()
+
+
+if __name__ == '__main__':
+    main()
--- a/requirements-test.txt
+++ b/requirements-test.txt
@@ -1 +0,0 @@
-responses==0.24.1
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +0,0 @@
-requests==2.31.0
-python-dotenv==1.0.1
--- a/src/init.py
+++ b/src/init.py
@@ -1,7 +0,0 @@
-import os
-import sys
-PROJECT_PATH = os.getcwd()
-SOURCE_PATH = os.path.join(
-    PROJECT_PATH, "src"
-)
-sys.path.append(SOURCE_PATH)
--- a/src/main.py
+++ b/src/main.py
@@ -1,70 +0,0 @@
-import os
-import re
-import requests
-from bulk_dns_update import updateAllZones, setAPIKey, getDDNSAddresszoneId
-from notify import notify
-from dotenv import load_dotenv
-from logger import logger
-
-load_dotenv()
-
-DDNS_ZONE = os.getenv('DDNS_ZONE')
-
-
-def validIP(ipString):
-    ipRegex = '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
-    return bool(re.search(ipRegex, str(ipString)))
-
-
-def publicAddress():
-    logger.info('Getting public IP from ifconfg.me...')
-
-    r = requests.get('https://ifconfig.me')
-    if r.status_code != 200:
-        return
-
-    ip = r.text
-    if not validIP(ip):
-        return
-
-    logger.info('Public IP: {}'.format(ip))
-    return ip
-
-
-def cloudflareDDNS():
-    logger.info('Checking IP recorded in Cloudflare...')
-    ddnsRecord = getDDNSAddresszoneId(DDNS_ZONE)
-    ip = ddnsRecord['content']
-    logger.info('Found ddns recorded IP: {}'.format(ip))
-
-    if not validIP(ip):
-        return
-
-    return ip
-
-
-def main():
-    apiKey = os.getenv('API_KEY')
-    if apiKey is None:
-        raise Exception(
-            'In .env file or environment set Cloudflare variable: API_KEY')
-    if DDNS_ZONE is None:
-        raise Exception(
-            'In .env file or environment; set Cloudflare zone where addr. points to current IP.')
-
-    setAPIKey(apiKey)
-
-    currentIP = publicAddress()
-    recordedIP = cloudflareDDNS()
-
-    if currentIP == recordedIP or None in [currentIP, recordedIP]:
-        logger.info('is same, exiting')
-        return
-
-    logger.info('Public IP has changed, updating all A records.')
-    notify("IP changed to: {}. Updating all cloudflare zones!".format(currentIP))
-    updateAllZones(recordedIP, currentIP)
-
-
-if __name__ == '__main__':
-    main()
--- a/src/notify.py
+++ b/src/notify.py
@@ -1,42 +0,0 @@
-import base64
-import requests
-from os import getenv
-from json import dumps
-from logger import logger
-
-
-def notify(message):
-    SMS_API_KEY = getenv('SMS_API_KEY')
-    SMS_RECIPIENT = getenv('SMS_RECIPIENT')
-
-    if not SMS_API_KEY:
-        logger.info("No SMS API key found, not notifying")
-        return
-
-    if not SMS_RECIPIENT:
-        logger.info("No SMS recipient found, not notifying")
-        return
-
-    recipient = "47{}".format(SMS_RECIPIENT)
-    apiKey = base64.b64encode(SMS_API_KEY.encode("utf-8")).decode("utf-8")
-
-    logger.info("Notifying of IP change over SMS")
-    url = "https://gatewayapi.com/rest/mtsms"
-    payload = {
-        "sender": "Dynamic DNS",
-        "message": message,
-        "recipients": [{"msisdn": recipient}]
-    }
-    headers = {
-        "Host": "gatewayapi.com",
-        "Authorization": "Basic " + apiKey,
-        "Accept": "application/json",
-        "Content-Type": "application/json"
-    }
-
-    r = requests.post(url, data=dumps(payload), headers=headers)
-    response = r.json()
-
-    logger.info("Response from SMS api")
-    logger.info("Status: {} {}".format(str(r.status_code), str(r.reason)))
-    logger.info(response)
--- a/tests/init.py
+++ b/tests/init.py
@@ -1,2 +0,0 @@
-from src.logger import logger
-logger.setLevel('WARNING')
--- a/tests/test_cloudflare_dns_record_ip.py
+++ b/tests/test_cloudflare_dns_record_ip.py
@@ -1,80 +0,0 @@
-import re
-import unittest
-import responses
-from src.main import cloudflareDDNS
-
-MOCK_IP = '44.208.147.61'
-CLOUDFLARE_GET_RECORDS_URL = re.compile(
-    r"https\:\/\/api.cloudflare.com\/client\/v4\/zones\/\w*\/dns_records\?type\=A")
-CLOUDFLARE_ADDR_RECORD_EXISTS_RESPONSE = {
-    'success': True,
-    'result': [{
-        'content': MOCK_IP,
-        'name': 'addr.',
-        'id': 'id',
-        'ttl': 86400,
-        'proxied': True
-    }]
-}
-CLOUDFLARE_ADDR_RECORD_NONEXISTANT_RESPONSE = {
-    'success': True,
-    'result': [{
-        'content': MOCK_IP,
-        'name': None,
-        'id': 'id',
-        'ttl': 86400,
-        'proxied': True
-    }]
-}
-CLOUDFLARE_500_RESPONSE = {
-    'success': False,
-    'errors': 'someerror'
-}
-
-
-class TestCloudflareDNSRecordIP(unittest.TestCase):
-
-    @responses.activate
-    def test_successfull_response(self):
-        responses.add(responses.GET, CLOUDFLARE_GET_RECORDS_URL,
-                      json=CLOUDFLARE_ADDR_RECORD_EXISTS_RESPONSE, status=200)
-
-        ip = cloudflareDDNS()
-
-        self.assertEqual(MOCK_IP, ip)
-
-    @responses.activate
-    def test_addr_record_exists(self):
-        responses.add(responses.GET, CLOUDFLARE_GET_RECORDS_URL,
-                      json=CLOUDFLARE_ADDR_RECORD_NONEXISTANT_RESPONSE,
-                      status=200)
-
-        self.assertRaises(Exception, cloudflareDDNS)
-
-    @responses.activate
-    def test_cloudflare_500_response(self):
-        responses.add(responses.GET, CLOUDFLARE_GET_RECORDS_URL,
-                      json=CLOUDFLARE_500_RESPONSE,
-                      status=500)
-
-        self.assertRaises(Exception, cloudflareDDNS)
-
-    @responses.activate
-    def test_cloudflare_empty_200_response(self):
-        responses.add(responses.GET, CLOUDFLARE_GET_RECORDS_URL,
-                      json={},
-                      status=500)
-
-        self.assertRaises(Exception, cloudflareDDNS)
-
-    @responses.activate
-    def test_cloudflare_empty_500_response(self):
-        responses.add(responses.GET, CLOUDFLARE_GET_RECORDS_URL,
-                      json={},
-                      status=500)
-
-        self.assertRaises(Exception, cloudflareDDNS)
-
-
-if __name__ == '__main__':
-    unittest.main()
--- a/tests/test_ip_address.py
+++ b/tests/test_ip_address.py
@@ -1,33 +0,0 @@
-import unittest
-from src.main import validIP
-
-MOCK_IP = "44.208.147.61"
-
-
-class TestIPAddress(unittest.TestCase):
-    def test_valid_ip(self):
-        self.assertTrue(validIP(MOCK_IP))
-
-    def test_invalid_ip(self):
-        ip = "256.0.0.1"
-        self.assertFalse(validIP(ip))
-
-    def test_invalid_format(self):
-        ip = "192.168.1"
-        self.assertFalse(validIP(ip))
-
-    def test_empty_string(self):
-        ip = ""
-        self.assertFalse(validIP(ip))
-
-    def test_error_looking_string(self):
-        ip = "upstream connect error or disconnect/reset before headers. reset reason: connection timeout."
-        self.assertFalse(validIP(ip))
-
-    def test_none(self):
-        ip = None
-        self.assertFalse(validIP(ip))
-
-
-if __name__ == "__main__":
-    unittest.main()
--- a/tests/test_public_ip.py
+++ b/tests/test_public_ip.py
@@ -1,40 +0,0 @@
-import unittest
-import responses
-from src.main import publicAddress
-
-MOCK_IP = '44.208.147.61'
-MOCK_TIMEOUT = 'upstream connect error or disconnect/reset before headers. reset reason: connection timeout.'
-
-
-class TestPublicAddress(unittest.TestCase):
-
-    @responses.activate
-    def test_successfull_response(self):
-        responses.add(responses.GET, 'https://ifconfig.me',
-                      body=MOCK_IP, status=200)
-
-        ip = publicAddress()
-
-        self.assertEqual(MOCK_IP, ip)
-
-    @responses.activate
-    def test_timeout_response(self):
-        responses.add(responses.GET, 'https://ifconfig.me',
-                      body=MOCK_TIMEOUT, status=500)
-
-        ip = publicAddress()
-
-        self.assertIsNone(ip)
-
-    @responses.activate
-    def test_mangled_response(self):
-        responses.add(responses.GET, 'https://ifconfig.me',
-                      body='123.22', status=200)
-
-        ip = publicAddress()
-
-        self.assertIsNone(ip)
-
-
-if __name__ == '__main__':
-    unittest.main()