Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add canary test record sets #81

Merged
merged 9 commits into from
Jun 11, 2024
Merged

Add canary test record sets #81

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
5b5f1a4
feat: add command to create ip address
vedantthapa Jun 11, 2024
768a781
feat: remove ip address command and add permissions for sa to create …
vedantthapa Jun 11, 2024
b152d1e
feat: add canary-ip resource
vedantthapa Jun 11, 2024
10b246c
feat: add canary record sets
vedantthapa Jun 11, 2024
59453de
fix: add required labels and annotations
vedantthapa Jun 11, 2024
c9d5517
fix: remove blank lines for yamllint
vedantthapa Jun 11, 2024
41018dc
fix: update managedZoneRef to be external
vedantthapa Jun 11, 2024
dd1360e
fix: file name in kustomization
vedantthapa Jun 11, 2024
15418f7
feat: move canary-gc-ca.yaml to ./k8s/components/infrastructure
vedantthapa Jun 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions infra-deployment-scripts/cloud-shell-infra-init.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,12 @@ gcloud projects add-iam-policy-binding "${GOOGLE_CLOUD_PROJECT}" \
--role "roles/dns.admin" \
--project "${GOOGLE_CLOUD_PROJECT}"

# Add IAM policy binding for managing compute ips
gcloud projects add-iam-policy-binding "${GOOGLE_CLOUD_PROJECT}" \
--member "serviceAccount:sa-${GOOGLE_CLOUD_PROJECT}-phac-dns@${GOOGLE_CLOUD_PROJECT}.iam.gserviceaccount.com" \
--role "roles/compute.publicIpAdmin" \
--project "${GOOGLE_CLOUD_PROJECT}"

gcloud iam service-accounts add-iam-policy-binding \ py base gcloud pht-scienceportal
"sa-${GOOGLE_CLOUD_PROJECT}-phac-dns@${GOOGLE_CLOUD_PROJECT}.iam.gserviceaccount.com" \
--member="serviceAccount:${GOOGLE_CLOUD_PROJECT}.svc.id.goog[cnrm-system/cnrm-controller-manager-dns]" \
Expand Down Expand Up @@ -84,3 +90,4 @@ gcloud container clusters create-auto "${GOOGLE_CLOUD_PROJECT}-phac-dns" \
--subnetwork="projects/${GOOGLE_CLOUD_PROJECT}/regions/northamerica-northeast1/subnetworks/${GOOGLE_CLOUD_PROJECT}-vpc-01-sub-01" \
--project=${GOOGLE_CLOUD_PROJECT} \
--service-account="sa-${GOOGLE_CLOUD_PROJECT}-gke@${GOOGLE_CLOUD_PROJECT}.iam.gserviceaccount.com"

333 changes: 333 additions & 0 deletions k8s/components/infrastructure/canary-gc-ca.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,333 @@
# These record sets are meant for internally testing domains
# _
# _ __ | |__ __ _ ___ __ _ ___ _ __ ___
# | '_ \| '_ \ / _` |/ __|____ / _` / __| '_ \ / __|
# | |_) | | | | (_| | (_|_____| (_| \__ \ |_) | (__
# | .__/|_| |_|\__,_|\___| \__,_|___/ .__/ \___|
# |_| |_|
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-beta-phac-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.beta.phac-aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: beta-phac-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-alpha-phac-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.alpha.phac-aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: alpha-phac-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-api-ipa-phac-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.api-ipa.phac-aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: api-ipa-phac-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-data-donnees-phac-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.data-donnees.phac-aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: data-donnees-phac-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-open-ouvert-phac-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.open-ouvert.phac-aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: open-ouvert-phac-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
# _
# _ __ | |__ __ _ ___
# | '_ \| '_ \ / _` |/ __|
# | |_) | | | | (_| | (__
# | .__/|_| |_|\__,_|\___|
# |_|
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-beta-phac
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.beta.phac.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: beta-phac-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-alpha-phac
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.alpha.phac.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: alpha-phac-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-api-phac
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.api.phac.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: api-phac-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-data-phac
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.data.phac.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: data-phac-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-open-phac
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.open.phac.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: open-phac-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
# __ _ ___ _ __ ___
# / _` / __| '_ \ / __|
# | (_| \__ \ |_) | (__
# \__,_|___/ .__/ \___|
# |_|
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-beta-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.beta.aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: beta-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-alpha-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.alpha.aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: alpha-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-ipa-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.ipa.aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: ipa-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-donnees-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.donnees.aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: donnees-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
name: canary-ouvert-aspc
namespace: dns
annotations:
sourceCodeRepository: "https://github.com/PHACDataHub/phac-dns"
labels:
controlled-by: "phac-dns"
project-name: "phac-dns"
project-id: "php-01hhmj81fhp"
spec:
name: "canary.ouvert.aspc.gc.ca."
type: A
ttl: 300
managedZoneRef:
external: ouvert-aspc-gc-ca
rrdatasRefs:
- name: canary-ip
kind: ComputeAddress
---
12 changes: 12 additions & 0 deletions k8s/components/infrastructure/canary-ip.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
name: canary-ip
namespace: dns
annotations:
cnrm.cloud.google.com/state-into-spec: merge
spec:
description: Static external ip address to test domains internally via nslookup
addressType: EXTERNAL
location: northamerica-northeast1
networkTier: STANDARD
2 changes: 2 additions & 0 deletions k8s/components/infrastructure/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ resources:
- open-ouvert-phac-aspc-gc-ca.yaml
- open-phac-gc-ca.yaml
- ouvert-aspc-gc-ca.yaml
- canary-ip.yaml
- canary-gc-ca.yaml
commonLabels:
controlled-by: "phac-dns"
commonAnnotations:
Expand Down
Loading