Move solvahol.org to openbsd.amsterdam

.github/workflows/octodns-deploy.yml

@@ -11,10 +11,6 @@ on:
         required: true
         default: 'No'
 
-  # Run when an issue comment is created
-  issue_comment:
-    types: [created]
-
 permissions:
   actions: read
   checks: write
@@ -36,25 +32,8 @@ env:
 
 jobs:
 
-  slashcom:
-    name: Check comment for slash commands
-    runs-on: ubuntu-20.04
-    outputs:
-      command: ${{ steps.command.outputs.command-name }}
-    steps:
-      - name: Check comments for /deploy
-        id: command
-        uses: xt0rted/slash-command-action@v1
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          command: deploy
-          reaction-type: rocket
-          allow-edits: "false"
-          permission-level: admin
-
   meta:
     name: Parse event data into outputs
-    needs: slashcom
     runs-on: ubuntu-20.04
     outputs:
       config: ${{ steps.which-config.outputs.config }}
@@ -108,30 +87,18 @@ jobs:
     steps:
       - name: Checkout ${{ github.repository }}:${{ github.ref }}
         uses: actions/checkout@v3
-      - name: Checkout config files from ${{ needs.meta.outputs.ref }}
-        if: ${{ github.ref != needs.meta.outputs.ref }}
-        run: |
-          # Fetch ref
-          git fetch origin ${{ needs.meta.outputs.ref }}
-          # List changed config files in ref
-          _files="$(git diff --name-only HEAD FETCH_HEAD | \
-                  grep "\.yaml$" | \
-                  grep -v "^.github/")"
-          # Checkout config files from ref
-          if [ -n "$_files" ]; then
-            # Note: If no .yaml files were changed, this will not run
-            git checkout FETCH_HEAD -- $_files
-          fi
+      - uses: actions/setup-python@v4
+        with:
+          python-version: '3.10'
+          cache: 'pip'
+      - run: pip install -r requirements.txt
       - name: Run `octodns-sync` to deploy ${{ needs.meta.outputs.config }}
         id: octodns-sync
-        uses: solvaholic/octodns-sync@main
+        uses: solvaholic/octodns-sync@issue86
         with:
           config_path: ${{ needs.meta.outputs.config }}
           doit: --doit
-          octodns_ref: v0.9.14
         env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.route53_aws_key_id }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.route53_aws_secret_access_key }}
           AZURE_APPLICATION_ID: ${{ secrets.azure_application_id }}
           AZURE_AUTHENTICATION_KEY: ${{ secrets.azure_authentication_key }}
           AZURE_DIRECTORY_ID: ${{ secrets.azure_directory_id }}

.github/workflows/octodns-validate.yml

@@ -2,7 +2,7 @@ name: octodns-sync
 
 on:
   # Run when changes are pushed to any pull request
-  pull_request_target:
+  pull_request:
     paths:
       - '*.yaml'
   # Note: Running workflows on pull_request_target can be dangerous!
@@ -51,7 +51,7 @@ jobs:
         id: get-ref
         run: |
           case "${{ github.event_name }}" in
-            "pull_request_target")
+            "pull_request")
               _ref=refs/pull/${{ github.event.pull_request.number }}/merge ;;
             "issue_comment")
               _ref=refs/pull/${{ github.event.issue.number }}/merge ;;
@@ -74,37 +74,22 @@ jobs:
     outputs:
       plan: ${{ steps.octodns-sync.outputs.plan }}
     steps:
-      - name: Checkout ${{ github.repository }}:${{ github.ref }}
+      - name: Checkout ${{ github.repository }}:${{ needs.meta.outputs.ref }}
         uses: actions/checkout@v3
-      - name: Checkout config files from ${{ needs.meta.outputs.ref }}
-        if: ${{ github.ref != needs.meta.outputs.ref }}
-        run: |
-          # Fetch ref
-          _ref=${{ needs.meta.outputs.ref }}
-          git fetch origin ${_ref}
-          # List changed config files in ref
-          if _files="$(git diff --name-only HEAD FETCH_HEAD | \
-                  grep "\.yaml$" | \
-                  grep -v "^.github/")"; then
-            # Checkout config files from ref
-            git checkout FETCH_HEAD -- $_files
-          else
-            echo "SKIP: No config files changed, in ${_ref}."
-          fi
+        with:
+          ref: ${{ needs.meta.outputs.ref }}
       - uses: actions/setup-python@v4
         with:
           python-version: '3.10'
           cache: 'pip'
       - run: pip install -r requirements.txt
       - name: Run `octodns-sync` with ${{ needs.meta.outputs.config }}
         id: octodns-sync
-        uses: solvaholic/octodns-sync@main
+        uses: solvaholic/octodns-sync@issue86
         # TODO: When no changes, skip the rest of this workflow?
         with:
           config_path: ${{ needs.meta.outputs.config }}
         env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.route53_aws_key_id }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.route53_aws_secret_access_key }}
           AZURE_APPLICATION_ID: ${{ secrets.azure_application_id }}
           AZURE_AUTHENTICATION_KEY: ${{ secrets.azure_authentication_key }}
           AZURE_DIRECTORY_ID: ${{ secrets.azure_directory_id }}
@@ -113,7 +98,7 @@ jobs:
   comment:
     name: Add ${{ needs.meta.outputs.config }} plan to PR comment
     needs: [meta, validate]
-    if: ${{ github.event_name == 'pull_request_target' }}
+    if: ${{ github.event_name == 'pull_request' }}
     runs-on: ubuntu-20.04
     steps:
       - name: Find previous comment, if present

public.yaml

@@ -8,10 +8,6 @@ providers:
   config:
     class: octodns.provider.yaml.YamlProvider
     directory: .
-  route53:
-    class: octodns_route53.Route53Provider
-    access_key_id: env/AWS_ACCESS_KEY_ID
-    secret_access_key: env/AWS_SECRET_ACCESS_KEY
   azuredns:
     class: octodns.provider.azuredns.AzureProvider
     client_id: env/AZURE_APPLICATION_ID
@@ -25,5 +21,4 @@ zones:
     sources:
       - config
     targets:
-      - route53
       - azuredns

requirements.txt

@@ -1,5 +1,2 @@
-octodns==0.9.14
-octodns_azure==0.0.2
-octodns_route53==0.0.2
-# Remove boto3 when octodns/octodns-route53 # 8 ships
-boto3==1.20.26
+octodns==0.9.17
+octodns_azure==0.0.3

solvahol.org.yaml

@@ -2,7 +2,7 @@
 '':
   - type: A
     values:
-      - 34.239.233.24
+      - 46.23.89.146
   - type: CAA
     values:
       - flags: 0
@@ -12,18 +12,18 @@
     values:
       - priority: 10
         value: mail.solvahol.org.
-mail:
-  type: CNAME
-  value: us64.solvahol.org.
-us64:
+ams01:
   - type: A
     values:
-      - 34.239.233.24
+      - 46.23.89.146
   - type: CAA
     values:
       - flags: 0
         tag: issue
         value: letsencrypt.org
+mail:
+  type: CNAME
+  value: ams01.solvahol.org.
 www:
   type: CNAME
-  value: us64.solvahol.org.
+  value: ams01.solvahol.org.