Revert authoritative DNS changes, keep only internal CoreDNS CI
This commit is contained in:
parent
68ad8415d5
commit
40eac49ea3
@ -2,9 +2,7 @@ name: Deploy DNS Records
|
|||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: [main]
|
branches: [main]
|
||||||
paths:
|
paths: [records.yaml]
|
||||||
- records.yaml
|
|
||||||
- svc-records.yaml
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
deploy:
|
deploy:
|
||||||
@ -30,7 +28,7 @@ jobs:
|
|||||||
sudo install kubectl /usr/local/bin/kubectl
|
sudo install kubectl /usr/local/bin/kubectl
|
||||||
fi
|
fi
|
||||||
|
|
||||||
- name: Apply internal CoreDNS records
|
- name: Generate and apply CoreDNS configmap
|
||||||
run: |
|
run: |
|
||||||
cd dns-records
|
cd dns-records
|
||||||
chmod +x generate.sh
|
chmod +x generate.sh
|
||||||
@ -39,15 +37,4 @@ jobs:
|
|||||||
kubectl apply -f /tmp/coredns-custom.yaml
|
kubectl apply -f /tmp/coredns-custom.yaml
|
||||||
kubectl rollout restart deployment/coredns -n kube-system
|
kubectl rollout restart deployment/coredns -n kube-system
|
||||||
kubectl rollout status deployment/coredns -n kube-system --timeout=60s
|
kubectl rollout status deployment/coredns -n kube-system --timeout=60s
|
||||||
echo "Internal DNS records applied"
|
echo "DNS records applied successfully"
|
||||||
|
|
||||||
- name: Apply authoritative zone records
|
|
||||||
run: |
|
|
||||||
cd dns-records
|
|
||||||
chmod +x generate-zone.sh
|
|
||||||
./generate-zone.sh svc-records.yaml > /tmp/coredns-auth-zone.yaml
|
|
||||||
cat /tmp/coredns-auth-zone.yaml
|
|
||||||
kubectl apply -f /tmp/coredns-auth-zone.yaml
|
|
||||||
kubectl rollout restart deployment/coredns-auth -n authoritative-dns
|
|
||||||
kubectl rollout status deployment/coredns-auth -n authoritative-dns --timeout=60s
|
|
||||||
echo "Authoritative zone records applied"
|
|
||||||
|
|||||||
@ -1,33 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
# Generates authoritative zone ConfigMap for svc.n0ball.tw from svc-records.yaml
|
|
||||||
# Usage: ./generate-zone.sh svc-records.yaml > coredns-auth-zone.yaml
|
|
||||||
set -e
|
|
||||||
|
|
||||||
RECORDS_FILE="${1:-svc-records.yaml}"
|
|
||||||
SERIAL=$(date +%Y%m%d%H)
|
|
||||||
|
|
||||||
cat <<EOF
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: coredns-auth-zone
|
|
||||||
namespace: authoritative-dns
|
|
||||||
data:
|
|
||||||
svc.n0ball.tw.zone: |
|
|
||||||
\$ORIGIN svc.n0ball.tw.
|
|
||||||
@ 3600 IN SOA ns1.n0ball.tw. admin.n0ball.tw. (
|
|
||||||
${SERIAL} ; serial
|
|
||||||
3600 ; refresh
|
|
||||||
600 ; retry
|
|
||||||
86400 ; expire
|
|
||||||
60 ; minimum
|
|
||||||
)
|
|
||||||
@ 3600 IN NS ns1.n0ball.tw.
|
|
||||||
@ 3600 IN NS ns2.n0ball.tw.
|
|
||||||
EOF
|
|
||||||
|
|
||||||
awk '
|
|
||||||
/^[a-zA-Z0-9]/ && / IN / {
|
|
||||||
printf " %s\n", $0
|
|
||||||
}
|
|
||||||
' "$RECORDS_FILE"
|
|
||||||
@ -1,7 +0,0 @@
|
|||||||
## External DNS Records for svc.n0ball.tw zone
|
|
||||||
## Format: name: IP
|
|
||||||
## These are served authoritatively to the internet.
|
|
||||||
## Push to main to apply changes automatically.
|
|
||||||
|
|
||||||
# Example:
|
|
||||||
# test 60 IN A 140.115.16.135
|
|
||||||
Loading…
x
Reference in New Issue
Block a user