labbsr0x / bindman-dns-bind9 Goto Github PK

Bindman should have it's go mod configured.

Service to list records returns 200 response status code and string null on response body when there are no records found.

curl -v http://localhost:7070/records
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 7070 (#0)
> GET /records HTTP/1.1
> Host: localhost:7070
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: application/json
< Date: Tue, 19 Mar 2019 21:51:51 GMT
< Content-Length: 5
<
null

What the correct response body I must expect?

I can PR with the expected behavior.

Response status code 500
Response body Not possible to get the DNS Record 'hello.test.com'

$ curl -v http://localhost:7070/records/hello.test.com/A
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 7070 (#0)
> GET /records/hello.test.com/A HTTP/1.1
> Host: localhost:7070
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 500 Internal Server Error
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Tue, 19 Mar 2019 21:57:26 GMT
< Content-Length: 52
<
Not possible to get the DNS Record 'hello.test.com'
* Connection #0 to host localhost left intact

The regex applied to the KEYFILE param restricts the usage of Bindman to other Bind9 setups in regards to the Key generation algorithm.

If one would generate a Key with the following perfectly fine example, he/she would not be able to use Bindman:

dnssec-keygen -a DSA -b 768 -n ZONE test.com

Since, as result of this command, the key files generated would be:

Ktest.com.+003+06286.key
Ktest.com.+003+06286.private

Which, at the current implementation, are denied as valid key files.

In postman_collection file (bindman-dns-bind9.postman_collection.json), don't have a request do Update(PUT).
We need to add an update request in postman_collection

We should add more unit tests to improve our confidence in what is being shipped as a valid product.

Delete service returns success even when the requested resource does not exists.

Response status code 200
Response body true

 curl -vvv -X DELETE http://localhost:7070/records/asdf/asdf
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 7070 (#0)
> DELETE /records/asdf/asdf HTTP/1.1
> Host: localhost:7070
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: application/json
< Date: Mon, 25 Mar 2019 18:16:39 GMT
< Content-Length: 5
<
true
* Connection #0 to host localhost left intact

A suggested improvement is the ability to write/update multiple zones, e.g. test.com and test.co.

Likely would need an revamp of the configuration management of the system, reading from a configuration file (in addition to) CLI arguments.

A CD pipeline should be defined using Github Actions, where:

• 1. Tests and build will be done on every commit;
• 2. New docker image will be shipped to hub.docker.com on every new release;